Jump to content
preconmanager

Virus attacking my graphics

Recommended Posts

I have been trying to resolve an issue with what appears to be a malware virus affecting my graphics (monitor acts up when I visit anti-malware sites) using various self-help processes to no avail. The virus really acted up when I came to this site to register then re-enter to post.

I have tried to install and have run a few anti-malware programs; MSE, MBAM, MBAR, Comodo (religiously each day for the past few weeks since deciding to resolve my issue) which have cleaned various malware and currently show no infections. I have since uninstalled Comodo and Norton (original which I uninstalled years ago but I see it still resides in some places on my computer).

I have read the pinned articles and per instruction, downloaded and ran the dds program and have the notepad results available on my desktop. I am a novice and will need special instruction on how to attach the results in this post and how to remain available to discuss this topic.

Any assistance would be greatly appreciated.

Share this post


Link to post
Share on other sites

:welcome: I am TheDarkKnight and will be assisting you. Please ask questions if anything is unclear. :)

To follow this thread, please go to the top of this topic and to the right you will see Follow this topic. Click that and then click Follow this topic when prompted.

Please download OTL.exe by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe.
  • In the "Custom Scans/Fixes" window (under the light green bar) paste the following in bold:
    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  • Click Run Scan and let the program run uninterrupted.
  • When the scan completes, it will open two Notepad windows. OTL.txt and Extras.txt. These are saved in the same location as OTL. Copy and paste the contents of both logs in this thread.
  • You may need to use two posts to get it all.

Share this post


Link to post
Share on other sites

OTL Extras logfile created on: 1/10/2013 9:18:09 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Program Files\Malwarebytes' Anti-Malware

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 454.42 Mb Available Physical Memory | 47.41% Memory free

2.26 Gb Paging File | 1.82 Gb Available in Paging File | 80.53% Paging File free

Paging file location(s): C:\pagefile.sys 1437 1437 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 177.81 Gb Total Space | 155.21 Gb Free Space | 87.29% Space Free | Partition Type: NTFS

Drive D: | 8.49 Gb Total Space | 0.40 Gb Free Space | 4.75% Space Free | Partition Type: FAT32

Drive E: | 656.63 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Drive K: | 7.26 Gb Total Space | 7.23 Gb Free Space | 99.58% Space Free | Partition Type: FAT32

Computer Name: CORNHSKRS1 | User Name: HP_Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

"ANTIVIRUSDISABLENOTIFY" = 0

"FIREWALLDISABLENOTIFY" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping

"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)

"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping

"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)

"5985:TCP" = 5985:TCP:*:Enabled:Windows Remote Management

"80:TCP" = 80:TCP:*:Enabled:Windows Remote Management - Compatibility Mode (HTTP-In)

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)

"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()

"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )

"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)

"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Disabled:AVG Installer

"E:\Common\EpsonNet Setup\ENEasyApp.exe" = E:\Common\EpsonNet Setup\ENEasyApp.exe:*:Disabled:EpsonNet Setup

"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)

"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)

"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)

"C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)

"C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe" = C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe:127.0.0.1/255.255.255.255:Enabled:GeekBuddy RSP

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR

"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data

"{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus

"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations

"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10

"{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}" = HP Deskjet Printer Preload

"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager

"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp

"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support

"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant

"{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer

"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 1.0

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4F38594F-2C4A-4C42-B2C4-505E225F6F80}" = HP Product Detection

"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler

"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder

"{80BF3273-80FD-4A24-8E60-E07356F2DB31}" = Axis & Allies Demo

"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support

"{89D64BBC-D8F9-4B77-B321-0DB1129540A2}" = Box Sync

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor

"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)

"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.81

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.81

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone

"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center

"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C2425F91-1F7B-4037-9A05-9F290184798D}" = NETGEAR WNA3100 wireless USB 2.0 adapter

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper

"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp

"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX

"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant

"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status

"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes

"{F80239D8-7811-4D5E-B033-0D0BBFE32920}" = HP DigitalMedia Archive

"{FD71E2F7-B9FC-4072-88DB-AC19E2464D82}" = LightScribe System Software

"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem

"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto

"CAL" = Canon Camera Access Library

"CameraUserGuide-PSSD1300IS_IXUS105" = Canon PowerShot SD1300 IS_IXUS 105 Camera User Guide

"CameraWindowDC8" = Canon Utilities CameraWindow DC 8

"CameraWindowLauncher" = Canon Utilities CameraWindow

"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX

"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX

"CCleaner" = CCleaner

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"FileASSASSIN" = FileASSASSIN

"HP Document Viewer" = HP Document Viewer 5.3

"HP Imaging Device Functions" = HP Imaging Device Functions 6.0

"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft Security Client" = Microsoft Security Essentials

"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX

"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube

"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MSNINST" = MSN

"MyCamera" = Canon Utilities MyCamera

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"NVIDIA Drivers" = NVIDIA Drivers

"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows

"Personal Printing Guide" = Canon Personal Printing Guide

"PhotoStitch" = Canon Utilities PhotoStitch

"PS2" = PS2

"Software Guide" = Canon DIGITAL CAMERA Solution Disk Software Guide

"WildTangent hp Master Uninstall" = HP Games

"Windows Media Format Runtime" = Windows Media Format Runtime

"Windows XP Service Pack" = Windows XP Service Pack 3

"WTA-087949e2-a828-4a4b-8e5c-f1196a174a8f" = Polar Bowler

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 1/10/2013 5:20:54 AM | Computer Name = CORNHSKRS1 | Source = Media Center Extender Services | ID = 36864

Description = ERROR: Device Service Initialization - Unable to create or initialize

Device Table. Error code 0x80004005.

Error - 1/10/2013 6:36:17 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262147

Description = The MATS service encountered a web service failure. hr=0xC004F018

Error - 1/10/2013 6:36:17 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262148

Description = The MATS service encountered a failure when uploading data. hr=0xC004F018

Error - 1/10/2013 6:41:02 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262147

Description = The MATS service encountered a web service failure. hr=0xC004F018

Error - 1/10/2013 6:41:02 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262148

Description = The MATS service encountered a failure when uploading data. hr=0xC004F018

Error - 1/10/2013 10:36:14 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262147

Description = The MATS service encountered a web service failure. hr=0xC004F018

Error - 1/10/2013 10:36:14 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262148

Description = The MATS service encountered a failure when uploading data. hr=0xC004F018

Error - 1/10/2013 10:41:01 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262147

Description = The MATS service encountered a web service failure. hr=0xC004F018

Error - 1/10/2013 10:41:01 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262148

Description = The MATS service encountered a failure when uploading data. hr=0xC004F018

Error - 1/10/2013 12:46:48 PM | Computer Name = CORNHSKRS1 | Source = Media Center Extender Services | ID = 36864

Description = ERROR: Device Service Initialization - Unable to create or initialize

Device Table. Error code 0x80004005.

[ System Events ]

Error - 1/10/2013 5:20:56 AM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7024

Description = The Media Center Extender Service service terminated with service-specific

error 2147500037 (0x80004005).

Error - 1/10/2013 5:21:00 AM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

avgtp

Error - 1/10/2013 12:46:44 PM | Computer Name = CORNHSKRS1 | Source = NETLOGON | ID = 3095

Description = This computer is configured as a member of a workgroup, not as a member

of a domain. The Netlogon service does not need to run in this configuration.

Error - 1/10/2013 12:46:50 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7000

Description = The PCASp50 NDIS Protocol Driver service failed to start due to the

following error: %%2

Error - 1/10/2013 12:46:50 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7023

Description = The Human Interface Device Access service terminated with the following

error: %%126

Error - 1/10/2013 12:46:50 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7038

Description = The nvUpdatusService service was unable to log on as .\UpdatusUser

with the currently configured password due to the following error: %%1385 To ensure

that the service is configured properly, use the Services snap-in in Microsoft Management

Console

(MMC).

Error - 1/10/2013 12:46:50 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7000

Description = The NVIDIA Update Service Daemon service failed to start due to the

following error: %%1069

Error - 1/10/2013 12:46:50 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7000

Description = The vToolbarUpdater13.3.2 service failed to start due to the following

error: %%2

Error - 1/10/2013 12:46:50 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7024

Description = The Media Center Extender Service service terminated with service-specific

error 2147500037 (0x80004005).

Error - 1/10/2013 12:46:56 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

avgtp

< End of report >

Share this post


Link to post
Share on other sites

OTL logfile created on: 1/10/2013 9:18:09 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Program Files\Malwarebytes' Anti-Malware

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 454.42 Mb Available Physical Memory | 47.41% Memory free

2.26 Gb Paging File | 1.82 Gb Available in Paging File | 80.53% Paging File free

Paging file location(s): C:\pagefile.sys 1437 1437 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 177.81 Gb Total Space | 155.21 Gb Free Space | 87.29% Space Free | Partition Type: NTFS

Drive D: | 8.49 Gb Total Space | 0.40 Gb Free Space | 4.75% Space Free | Partition Type: FAT32

Drive E: | 656.63 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Drive K: | 7.26 Gb Total Space | 7.23 Gb Free Space | 99.58% Space Free | Partition Type: FAT32

Computer Name: CORNHSKRS1 | User Name: HP_Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/10 08:38:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Program Files\Malwarebytes' Anti-Malware\CAN.exe

PRC - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe

PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe

PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe

PRC - [2010/08/26 16:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exe

PRC - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe

PRC - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe

PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2005/12/20 10:34:28 | 000,368,640 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe

PRC - [2005/11/01 09:01:00 | 000,090,112 | ---- | M] (Sonic Solutions) -- C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe

PRC - [2005/08/02 23:19:16 | 000,077,312 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exe

PRC - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/09 01:22:56 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\e111a71c3241227f928b484f57ffa827\System.IdentityModel.Selectors.ni.dll

MOD - [2013/01/09 01:22:50 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\64bfc7fc01a4a79ce6b2c433c2e6e1a9\SMDiagnostics.ni.dll

MOD - [2013/01/09 01:22:19 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll

MOD - [2013/01/09 01:22:14 | 001,071,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\91442e74da926f6b2c33b5754014940d\System.IdentityModel.ni.dll

MOD - [2013/01/09 01:20:34 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll

MOD - [2013/01/09 01:17:38 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll

MOD - [2013/01/09 01:17:25 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll

MOD - [2013/01/09 01:17:08 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll

MOD - [2013/01/09 01:15:18 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

MOD - [2013/01/09 01:15:17 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

MOD - [2013/01/09 01:15:12 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll

MOD - [2013/01/09 01:15:00 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

MOD - [2011/11/03 07:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll

MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011/02/04 16:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll

MOD - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe

MOD - [2010/08/26 16:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exe

MOD - [2010/07/09 16:38:00 | 000,286,720 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiLib.dll

MOD - [2010/02/03 11:31:02 | 000,282,624 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll

MOD - [2008/04/13 16:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2008/04/13 16:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll

MOD - [2006/05/09 15:50:00 | 001,466,368 | ---- | M] () -- C:\WINDOWS\system32\nview.dll

MOD - [2006/05/09 15:50:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll

MOD - [2005/12/20 10:34:28 | 000,368,640 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe

MOD - [2005/11/21 16:27:15 | 000,110,592 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Pcd5Services.dll

MOD - [2005/11/21 16:27:15 | 000,065,536 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\ProgressTrace.dll

MOD - [2005/11/21 16:27:06 | 000,916,480 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Dapi5.dll

MOD - [2005/11/21 16:26:02 | 000,123,904 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Http.dll

MOD - [2005/11/21 16:26:00 | 000,164,864 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\IPC.dll

MOD - [2005/11/21 16:25:53 | 000,058,880 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Enumerator.dll

MOD - [2005/11/21 16:25:51 | 000,017,920 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\SharedAll.dll

MOD - [2005/11/21 16:25:47 | 001,341,952 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Matrix.dll

MOD - [2005/11/21 16:23:46 | 001,094,656 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Common.dll

MOD - [2005/11/18 19:06:42 | 000,016,384 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\pcdrindicator.dll

MOD - [2005/11/18 19:06:41 | 000,067,584 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Smart.dll

MOD - [2005/11/18 19:06:41 | 000,035,840 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Scsi.dll

MOD - [2005/11/18 19:06:37 | 000,186,368 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Lsapi.dll

MOD - [2005/08/02 23:19:16 | 000,050,176 | ---- | M] () -- C:\WINDOWS\armcex.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe -- (vToolbarUpdater13.3.2)

SRV - File not found [Auto | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2012/12/30 11:31:11 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/09/23 06:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)

SRV - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)

SRV - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)

SRV - [2008/04/13 16:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)

SRV - [2008/04/13 16:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)

SRV - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SjyPkt.sys -- (SjyPkt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\MFWCtwl.sys -- (SamsungMonitorFirmware)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8192su.sys -- (RTL8192su)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)

DRV - [2013/01/10 08:47:43 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E5F26C5-78F5-403C-B378-2B1632219A9D}\MpKslb8b9f366.sys -- (MpKslb8b9f366)

DRV - [2010/02/11 04:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)

DRV - [2010/02/03 11:21:56 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)

DRV - [2009/11/06 08:26:36 | 000,642,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwlhigh5.sys -- (BCMH43XX)

DRV - [2009/06/22 03:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)

DRV - [2009/02/11 12:40:40 | 005,028,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2008/12/04 05:17:15 | 000,627,072 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB54GCv3.sys -- (WUSB54GCv3)

DRV - [2008/05/08 06:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)

DRV - [2008/04/13 10:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)

DRV - [2008/04/13 10:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)

DRV - [2005/12/12 15:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)

DRV - [2005/11/21 16:27:15 | 000,021,120 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\PC-Doctor 5 for Windows\pcd5srvc.pkms -- (PCD5SRVC{085326CB-51A3560A-05010003})

DRV - [2005/10/20 15:01:56 | 001,095,009 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2005/07/29 16:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2005/07/29 16:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2005/06/29 16:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)

DRV - [2005/03/09 12:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - [2004/08/09 20:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)

DRV - [2004/08/09 20:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)

DRV - [2004/08/03 13:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)

DRV - [2003/11/05 06:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\..\SearchScopes,DefaultScope = {580E20EE-5EC3-480C-8BB1-8065078D64D7}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\..\SearchScopes,DefaultScope = {8EEAC88A-079B-4b2c-80C1-7836F79EB40A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{11DBEFBC-BDD6-450B-836B-726914EE0A20}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ARCD&o=102810&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=8W&apn_dtid=YYYYYYT2US&apn_uid=7180f432-45bd-4b15-8dc2-2f441849a123&apn_sauid=FC0FEDBC-D4B3-4DC5-B80B-29957050ED6A

IE - HKCU\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SAVJ_enUS516

IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={8ED78D72-5185-4E7A-BA8A-14F96E679640}&mid=dd84e028671247d19312d15e77eb6dc2-77ed74525ca4a002ea35700d50ae21a03af7db95〈=en&ds=AVG&pr=pr&d=2012-12-09 14:18:08&v=13.3.0.17&sap=dsp&q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"

FF - prefs.js..browser.search.selectedEngine: "Yahoo"

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1

FF - prefs.js..keyword.URL: "http://us.search.yahoo.com/search?fr=ytff-comodo&p="

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.3.2\\npsitesafety.dll File not found

FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/30 11:31:13 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/01/21 13:24:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions

[2012/12/12 21:56:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\nwhnc90v.default\extensions

[2012/03/23 10:23:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012/12/30 11:31:13 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/12/30 11:31:09 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/12/30 11:31:09 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://us.yahoo.com?fr=fpc-comodo

CHR - homepage: http://us.yahoo.com?fr=fpc-comodo

O1 HOSTS File: ([2004/08/10 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (no name) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - No CLSID value found.

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)

O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [PCDrProfiler] File not found

O4 - HKLM..\Run: [PCDrSmartMonitor] C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe ()

O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()

O4 - HKLM..\RunOnce: [AvgRemover] C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\ANN6AG81\avg_remover_stf_x86_2013_2706[1].exe /run_number=2 /avgdir="C:\Program Files\AVG\AVG2013\" /avgdatadir="C:\Documents and Settings\All Users\Application Data\AVG2013\" File not found

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\cardisabled [2012/12/31 14:00:19 | 000,000,000 | -H-D | M]

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk = C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab (Reg Error: Key error.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340928547156 (MUWebControl Class)

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab (GMNRev Class)

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)

O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} https://wimpro2.cce.hp.com/ChatEntry/downloads/sysinfo.cab (LogData Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C5CA750-5982-45CA-9B80-6BC46A8AB7FA}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D47F4194-5414-4073-8BEA-893845CB8ED2}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E518782A-6667-464A-9A06-0CE54C8FA163}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\viprotocol - No CLSID value found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/03/09 16:17:46 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O32 - AutoRun File - [2011/04/11 09:57:32 | 000,000,090 | ---- | M] () - D:\Autorun.inf -- [ FAT32 ]

O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\AUTORUN.FCB -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)

NetSvcs: Irmon - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/01/07 10:42:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\FixItCenter

[2013/01/07 10:32:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS

[2013/01/07 09:15:45 | 000,000,000 | ---D | C] -- C:\MBAR-1.01.0.1011

[2013/01/07 08:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileASSASSIN

[2013/01/07 08:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\FileASSASSIN

[2013/01/06 20:29:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Recent

[2013/01/06 16:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Boot.ini File Copy

[2013/01/06 11:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client

[2013/01/06 00:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData

[2013/01/06 00:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LightScribe Direct Disc Labeling

[2013/01/06 00:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LS Getting Started

[2013/01/06 00:17:46 | 000,000,000 | ---D | C] -- C:\swsetup

[2013/01/05 17:37:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Sonic

[2013/01/05 15:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\LUA Protocol

[2013/01/05 14:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads

[2013/01/04 18:46:01 | 000,450,352 | ---- | C] (Microsoft Corporation) -- C:\FixitCenter_Run.exe

[2013/01/04 18:39:35 | 000,000,000 | ---D | C] -- C:\MATS

[2013/01/04 09:58:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2013/01/04 09:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2013/01/04 09:58:33 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2013/01/04 09:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2013/01/03 10:55:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm

[2013/01/03 10:54:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$

[2013/01/03 10:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\WinUpdates

[2013/01/02 20:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\A&ADemo

[2013/01/02 20:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\Atari

[2013/01/02 20:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Atari

[2013/01/02 10:58:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\GeekBuddyRSP

[2013/01/01 21:45:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer

[2012/12/31 23:20:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Sun

[2012/12/31 21:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2012/12/31 21:22:30 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll

[2012/12/31 21:22:30 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2012/12/31 21:22:30 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl

[2012/12/31 21:22:19 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2012/12/31 21:22:19 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[2012/12/31 21:22:19 | 000,093,640 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll

[2012/12/31 21:19:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee

[2012/12/31 14:00:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\cardisabled

[2012/12/30 11:46:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Favorites

[2012/12/29 18:16:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO

[2012/12/29 18:16:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\COMODO

[2012/12/29 18:16:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\GeekBuddyRSP

[2012/12/29 18:16:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\COMODO

[2012/12/29 18:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo

[2012/12/29 18:01:07 | 000,000,000 | ---D | C] -- C:\CCE_Quarantine

[2012/12/27 19:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\IsolatedStorage

[2012/12/27 19:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\HP

[2012/12/27 15:53:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes

[2012/12/27 14:28:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\SecurityScans

[2012/12/27 14:04:10 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC

[2012/12/27 09:59:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Security

[2012/12/25 18:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google

[2012/07/08 20:42:18 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.61.0.1400.exe

[2011/11/25 12:52:11 | 068,771,184 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe

[2011/04/29 20:21:39 | 016,883,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-ENU.exe

[2011/04/14 07:24:16 | 038,808,920 | ---- | C] (Microsoft Corporation) -- C:\Program Files\FileFormatConverters.exe

[2011/04/04 11:25:21 | 287,796,859 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\aa_demo_setup.exe

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/10 09:02:59 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to CAN.exe.lnk

[2013/01/10 08:56:38 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2013/01/10 08:50:29 | 000,000,186 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT

[2013/01/10 08:47:38 | 000,038,400 | ---- | M] () -- C:\WINDOWS\System32\pcdhdm.cpl

[2013/01/10 08:47:01 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2013/01/10 08:46:52 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job

[2013/01/10 08:46:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/01/10 06:36:00 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job

[2013/01/09 06:29:29 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Excel 2003.lnk

[2013/01/09 01:15:59 | 000,566,996 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/01/09 01:15:59 | 000,112,256 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013/01/09 01:07:27 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/01/08 20:57:53 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to RogueKiller.exe.lnk

[2013/01/08 19:40:09 | 000,218,184 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\É (2).pif

[2013/01/08 19:39:28 | 000,218,184 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\É.pif

[2013/01/08 14:28:05 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif

[2013/01/08 09:07:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2013/01/08 07:32:44 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Word 2003.lnk

[2013/01/07 15:08:07 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk

[2013/01/07 15:05:38 | 000,001,917 | ---- | M] () -- C:\WINDOWS\epplauncher.mif

[2013/01/07 10:32:23 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk

[2013/01/07 09:25:28 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to mbar.exe.lnk

[2013/01/07 08:07:09 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk

[2013/01/06 22:28:02 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/01/06 20:50:04 | 000,211,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/01/06 19:44:12 | 003,153,920 | ---- | M] () -- C:\WINDOWS\System32\secsetup.sdb

[2013/01/06 11:04:58 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat

[2013/01/06 11:04:57 | 000,011,892 | ---- | M] () -- C:\WINDOWS\CUAppUsage.Dat

[2013/01/05 15:51:11 | 000,001,324 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk

[2013/01/04 18:46:01 | 000,450,352 | ---- | M] (Microsoft Corporation) -- C:\FixitCenter_Run.exe

[2013/01/04 09:58:35 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013/01/03 22:32:49 | 000,027,678 | ---- | M] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip

[2013/01/02 20:31:36 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk

[2013/01/02 08:13:50 | 000,008,404 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip

[2013/01/02 05:34:21 | 000,007,221 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip

[2013/01/01 20:24:14 | 000,007,215 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip

[2012/12/31 21:21:48 | 000,093,640 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll

[2012/12/31 21:21:46 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll

[2012/12/31 21:21:46 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll

[2012/12/31 21:21:46 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2012/12/31 21:21:46 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2012/12/31 21:21:46 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[2012/12/31 21:21:46 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl

[2012/12/31 19:32:23 | 000,000,004 | ---- | M] () -- C:\WINDOWS\CSCCompactState

[2012/12/31 18:26:24 | 000,000,280 | -HS- | M] () -- C:\boot.ini

[2012/12/31 14:05:00 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Solitaire.lnk

[2012/12/30 12:44:10 | 000,000,057 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf

[2012/12/30 11:48:23 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/12/28 15:49:52 | 000,005,956 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/12/27 13:15:43 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Hearts.lnk

[2012/12/27 11:10:52 | 000,000,852 | RHS- | M] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol

[2012/12/26 12:32:00 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2012/12/16 08:07:16 | 000,125,967 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Lacey Room 2.PRO

[2012/12/16 04:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll

[2012/12/16 04:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll

[2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/10 09:02:59 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to CAN.exe.lnk

[2013/01/08 20:57:53 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to RogueKiller.exe.lnk

[2013/01/08 19:40:09 | 000,218,184 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\É (2).pif

[2013/01/08 19:39:28 | 000,218,184 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\É.pif

[2013/01/08 14:28:05 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif

[2013/01/07 15:08:07 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk

[2013/01/07 10:36:06 | 000,000,580 | -H-- | C] () -- C:\WINDOWS\tasks\DataUpload.job

[2013/01/07 10:36:04 | 000,000,616 | -H-- | C] () -- C:\WINDOWS\tasks\ConfigExec.job

[2013/01/07 10:32:23 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk

[2013/01/07 10:32:23 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk

[2013/01/07 09:25:28 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to mbar.exe.lnk

[2013/01/07 08:07:09 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk

[2013/01/06 19:44:11 | 003,153,920 | ---- | C] () -- C:\WINDOWS\System32\secsetup.sdb

[2013/01/06 11:19:51 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2013/01/06 11:09:53 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk

[2013/01/06 06:34:14 | 000,043,609 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb

[2013/01/05 15:47:22 | 000,001,324 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk

[2013/01/04 09:58:35 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013/01/03 22:32:47 | 000,027,678 | ---- | C] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip

[2013/01/03 10:58:18 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb

[2013/01/02 20:31:36 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk

[2013/01/02 08:13:49 | 000,008,404 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip

[2013/01/02 05:34:20 | 000,007,221 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip

[2013/01/01 20:24:13 | 000,007,215 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip

[2013/01/01 19:59:44 | 000,011,892 | ---- | C] () -- C:\WINDOWS\CUAppUsage.Dat

[2012/12/31 19:27:27 | 000,000,004 | ---- | C] () -- C:\WINDOWS\CSCCompactState

[2012/12/30 11:48:23 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/12/30 11:48:23 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Internet Explorer.lnk

[2012/12/29 18:23:15 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat

[2012/12/28 15:49:52 | 000,005,956 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/12/26 23:07:26 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

[2012/12/26 23:07:26 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk

[2012/12/15 22:23:13 | 000,125,967 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Lacey Room 2.PRO

[2012/12/09 20:12:42 | 000,000,126 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config

[2012/12/09 10:12:29 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2012/12/06 16:39:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2012/12/06 16:38:32 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data

[2012/02/15 16:30:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012/01/26 19:46:24 | 000,000,448 | ---- | C] () -- C:\Program Files\0126201219462482.bat

[2012/01/24 04:36:47 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll

[2012/01/06 17:22:47 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EWF645.ini

[2011/11/25 19:49:45 | 000,000,458 | ---- | C] () -- C:\Program Files\1125201119494514.bat

[2011/11/25 13:33:00 | 000,042,836 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2011/05/17 09:29:13 | 000,000,852 | RHS- | C] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol

[2011/05/15 19:10:29 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini

[2011/05/15 19:10:29 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini

[2011/05/15 19:10:28 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini

[2011/05/15 19:10:28 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini

[2011/05/15 19:10:28 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini

[2011/05/15 19:10:28 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini

[2011/04/16 13:59:30 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini

[2011/04/16 13:59:15 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini

[2011/04/16 13:58:13 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini

[2009/05/23 15:06:03 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/05/23 14:55:22 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2005/08/30 19:58:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 16:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 04:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 16:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2006/03/09 16:17:46 | 000,000,100 | ---- | M] () -- C:\AUTOEXEC.BAT

[2009/05/23 14:53:49 | 000,000,211 | RHS- | M] () -- C:\BOOT.BAK

[2012/12/31 18:26:24 | 000,000,280 | -HS- | M] () -- C:\boot.ini

[2004/08/09 13:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr

[2005/08/30 20:02:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2013/01/04 18:46:01 | 000,450,352 | ---- | M] (Microsoft Corporation) -- C:\FixitCenter_Run.exe

[2012/01/07 20:53:06 | 069,744,132 | ---- | M] () -- C:\hpWebHelper.log

[2005/08/30 20:02:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2005/08/30 20:02:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004/08/09 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2011/04/04 15:52:22 | 000,250,048 | RHS- | M] () -- C:\ntldr

[2013/01/10 08:46:27 | 1506,803,712 | -HS- | M] () -- C:\pagefile.sys

[2011/05/16 10:10:33 | 000,003,210 | ---- | M] () -- C:\resetlog.txt

[2013/01/06 21:31:56 | 000,093,816 | ---- | M] () -- C:\TDSSKiller.2.8.15.0_06.01.2013_21.31.19_log.txt

< %systemroot%\*. /mp /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-01-10 09:03:36

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\drivers\volsnap.sys:SummaryInformation

@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2615F08

@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAF232F8

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BC95BE9

@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A980FC5D

@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCADFB80

@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CC37CE3

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C5A503E

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D0C22DC

< End of report >

Share this post


Link to post
Share on other sites

Good morning preconmanager. :)

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    :OTL
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
    @Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2615F08
    @Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAF232F8
    @Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BC95BE9
    @Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A980FC5D
    @Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCADFB80
    @Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CC37CE3
    @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
    @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E
    @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C5A503E
    @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D0C22DC
    :Commands
    [EmptyTemp]
  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

=====

Then, please follow these instructions to run ComboFix.exe. Please visit this webpage for download links and instructions for running this tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix (CF).

Please go here to see a list of programs that need to be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall.**

**Note 2: If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.**

Please include the C:\ComboFix.txt in your next reply for further review.

=====

In your reply please provide the contents of these logs:

  • OTL fix log.
  • ComboFix.txt.

What issues remain?

Share this post


Link to post
Share on other sites

DarkKnight,

When running ComboFix, the following message popped up..."This machine does not have the 'Microsoft Windows recovery console' installed....

Do I click yes? and do I have an Internet Connection when running ComboFix?

If I do not continue with this post....I am off to school....

Share this post


Link to post
Share on other sites

DarkKnight,

When running ComboFix, the following message popped up..."This machine does not have the 'Microsoft Windows recovery console' installed....

Do I click yes? and do I have an Internet Connection when running ComboFix?

If I do not continue with this post....I am off to school....

OTL logfile created on: 1/10/2013 12:56:57 PM - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Program Files\Malwarebytes' Anti-Malware

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 356.43 Mb Available Physical Memory | 37.19% Memory free

2.26 Gb Paging File | 1.72 Gb Available in Paging File | 76.11% Paging File free

Paging file location(s): C:\pagefile.sys 1437 1437 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 177.81 Gb Total Space | 155.17 Gb Free Space | 87.27% Space Free | Partition Type: NTFS

Drive D: | 8.49 Gb Total Space | 0.40 Gb Free Space | 4.75% Space Free | Partition Type: FAT32

Drive E: | 656.63 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: CORNHSKRS1 | User Name: HP_Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/10 08:38:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Program Files\Malwarebytes' Anti-Malware\CAN.exe

PRC - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe

PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe

PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe

PRC - [2010/08/26 16:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exe

PRC - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe

PRC - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe

PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2005/12/20 10:34:28 | 000,368,640 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe

PRC - [2005/11/01 09:01:00 | 000,090,112 | ---- | M] (Sonic Solutions) -- C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe

PRC - [2005/08/02 23:19:16 | 000,077,312 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exe

PRC - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/09 01:17:38 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll

MOD - [2013/01/09 01:17:25 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll

MOD - [2013/01/09 01:17:08 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll

MOD - [2013/01/09 01:15:18 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

MOD - [2013/01/09 01:15:17 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

MOD - [2013/01/09 01:15:12 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll

MOD - [2013/01/09 01:15:00 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

MOD - [2011/11/03 07:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll

MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011/02/04 16:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll

MOD - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe

MOD - [2010/08/26 16:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exe

MOD - [2010/07/09 16:38:00 | 000,286,720 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiLib.dll

MOD - [2010/02/03 11:31:02 | 000,282,624 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll

MOD - [2008/04/13 16:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2008/04/13 16:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll

MOD - [2006/05/09 15:50:00 | 001,466,368 | ---- | M] () -- C:\WINDOWS\system32\nview.dll

MOD - [2006/05/09 15:50:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll

MOD - [2005/12/20 10:34:28 | 000,368,640 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe

MOD - [2005/11/21 16:27:15 | 000,110,592 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Pcd5Services.dll

MOD - [2005/11/21 16:27:15 | 000,065,536 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\ProgressTrace.dll

MOD - [2005/11/21 16:27:06 | 000,916,480 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Dapi5.dll

MOD - [2005/11/21 16:26:02 | 000,123,904 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Http.dll

MOD - [2005/11/21 16:26:00 | 000,164,864 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\IPC.dll

MOD - [2005/11/21 16:25:53 | 000,058,880 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Enumerator.dll

MOD - [2005/11/21 16:25:51 | 000,017,920 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\SharedAll.dll

MOD - [2005/11/21 16:25:47 | 001,341,952 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Matrix.dll

MOD - [2005/11/21 16:23:46 | 001,094,656 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Common.dll

MOD - [2005/11/18 19:06:42 | 000,016,384 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\pcdrindicator.dll

MOD - [2005/11/18 19:06:41 | 000,067,584 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Smart.dll

MOD - [2005/11/18 19:06:41 | 000,035,840 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Scsi.dll

MOD - [2005/11/18 19:06:37 | 000,186,368 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Lsapi.dll

MOD - [2005/08/02 23:19:16 | 000,050,176 | ---- | M] () -- C:\WINDOWS\armcex.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe -- (vToolbarUpdater13.3.2)

SRV - File not found [Auto | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2012/12/30 11:31:11 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/09/23 06:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)

SRV - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)

SRV - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)

SRV - [2008/04/13 16:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)

SRV - [2008/04/13 16:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)

SRV - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SjyPkt.sys -- (SjyPkt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\MFWCtwl.sys -- (SamsungMonitorFirmware)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8192su.sys -- (RTL8192su)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)

DRV - [2013/01/10 08:47:43 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E5F26C5-78F5-403C-B378-2B1632219A9D}\MpKslb8b9f366.sys -- (MpKslb8b9f366)

DRV - [2010/02/11 04:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)

DRV - [2010/02/03 11:21:56 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)

DRV - [2009/11/06 08:26:36 | 000,642,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwlhigh5.sys -- (BCMH43XX)

DRV - [2009/06/22 03:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)

DRV - [2009/02/11 12:40:40 | 005,028,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2008/12/04 05:17:15 | 000,627,072 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB54GCv3.sys -- (WUSB54GCv3)

DRV - [2008/05/08 06:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)

DRV - [2008/04/13 10:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)

DRV - [2008/04/13 10:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)

DRV - [2005/12/12 15:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)

DRV - [2005/11/21 16:27:15 | 000,021,120 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\PC-Doctor 5 for Windows\pcd5srvc.pkms -- (PCD5SRVC{085326CB-51A3560A-05010003})

DRV - [2005/10/20 15:01:56 | 001,095,009 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2005/07/29 16:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2005/07/29 16:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2005/06/29 16:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)

DRV - [2005/03/09 12:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - [2004/08/09 20:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)

DRV - [2004/08/09 20:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)

DRV - [2004/08/03 13:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)

DRV - [2003/11/05 06:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\..\SearchScopes,DefaultScope = {580E20EE-5EC3-480C-8BB1-8065078D64D7}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\..\SearchScopes,DefaultScope = {8EEAC88A-079B-4b2c-80C1-7836F79EB40A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{11DBEFBC-BDD6-450B-836B-726914EE0A20}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ARCD&o=102810&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=8W&apn_dtid=YYYYYYT2US&apn_uid=7180f432-45bd-4b15-8dc2-2f441849a123&apn_sauid=FC0FEDBC-D4B3-4DC5-B80B-29957050ED6A

IE - HKCU\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SAVJ_enUS516

IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={8ED78D72-5185-4E7A-BA8A-14F96E679640}&mid=dd84e028671247d19312d15e77eb6dc2-77ed74525ca4a002ea35700d50ae21a03af7db95〈=en&ds=AVG&pr=pr&d=2012-12-09 14:18:08&v=13.3.0.17&sap=dsp&q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"

FF - prefs.js..browser.search.selectedEngine: "Yahoo"

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1

FF - prefs.js..keyword.URL: "http://us.search.yahoo.com/search?fr=ytff-comodo&p="

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.3.2\\npsitesafety.dll File not found

FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/30 11:31:13 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/01/21 13:24:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions

[2012/12/12 21:56:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\nwhnc90v.default\extensions

[2012/03/23 10:23:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012/12/30 11:31:13 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/12/30 11:31:09 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/12/30 11:31:09 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://us.yahoo.com?fr=fpc-comodo

CHR - homepage: http://us.yahoo.com?fr=fpc-comodo

O1 HOSTS File: ([2004/08/10 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (no name) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - No CLSID value found.

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)

O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [PCDrProfiler] File not found

O4 - HKLM..\Run: [PCDrSmartMonitor] C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe ()

O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()

O4 - HKLM..\RunOnce: [AvgRemover] C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\ANN6AG81\avg_remover_stf_x86_2013_2706[1].exe /run_number=2 /avgdir="C:\Program Files\AVG\AVG2013\" /avgdatadir="C:\Documents and Settings\All Users\Application Data\AVG2013\" File not found

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\cardisabled [2012/12/31 14:00:19 | 000,000,000 | -H-D | M]

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk = C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab (Reg Error: Key error.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340928547156 (MUWebControl Class)

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab (GMNRev Class)

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)

O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} https://wimpro2.cce.hp.com/ChatEntry/downloads/sysinfo.cab (LogData Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C5CA750-5982-45CA-9B80-6BC46A8AB7FA}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D47F4194-5414-4073-8BEA-893845CB8ED2}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E518782A-6667-464A-9A06-0CE54C8FA163}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\viprotocol - No CLSID value found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/03/09 16:17:46 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O32 - AutoRun File - [2011/04/11 09:57:32 | 000,000,090 | ---- | M] () - D:\Autorun.inf -- [ FAT32 ]

O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\AUTORUN.FCB -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/07 10:42:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\FixItCenter

[2013/01/07 10:32:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS

[2013/01/07 09:15:45 | 000,000,000 | ---D | C] -- C:\MBAR-1.01.0.1011

[2013/01/07 08:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileASSASSIN

[2013/01/07 08:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\FileASSASSIN

[2013/01/06 20:29:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Recent

[2013/01/06 16:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Boot.ini File Copy

[2013/01/06 11:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client

[2013/01/06 00:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData

[2013/01/06 00:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LightScribe Direct Disc Labeling

[2013/01/06 00:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LS Getting Started

[2013/01/06 00:17:46 | 000,000,000 | ---D | C] -- C:\swsetup

[2013/01/05 17:37:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Sonic

[2013/01/05 15:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\LUA Protocol

[2013/01/05 14:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads

[2013/01/04 18:46:01 | 000,450,352 | ---- | C] (Microsoft Corporation) -- C:\FixitCenter_Run.exe

[2013/01/04 18:39:35 | 000,000,000 | ---D | C] -- C:\MATS

[2013/01/04 09:58:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2013/01/04 09:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2013/01/04 09:58:33 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2013/01/04 09:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2013/01/03 10:55:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm

[2013/01/03 10:54:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$

[2013/01/03 10:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\WinUpdates

[2013/01/02 20:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\A&ADemo

[2013/01/02 20:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\Atari

[2013/01/02 20:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Atari

[2013/01/02 10:58:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\GeekBuddyRSP

[2013/01/01 21:45:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer

[2012/12/31 23:20:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Sun

[2012/12/31 21:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2012/12/31 21:22:30 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll

[2012/12/31 21:22:30 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2012/12/31 21:22:30 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl

[2012/12/31 21:22:19 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2012/12/31 21:22:19 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[2012/12/31 21:22:19 | 000,093,640 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll

[2012/12/31 21:19:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee

[2012/12/31 14:00:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\cardisabled

[2012/12/30 11:46:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Favorites

[2012/12/29 18:16:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO

[2012/12/29 18:16:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\COMODO

[2012/12/29 18:16:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\GeekBuddyRSP

[2012/12/29 18:16:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\COMODO

[2012/12/29 18:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo

[2012/12/29 18:01:07 | 000,000,000 | ---D | C] -- C:\CCE_Quarantine

[2012/12/27 19:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\IsolatedStorage

[2012/12/27 19:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\HP

[2012/12/27 15:53:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes

[2012/12/27 14:28:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\SecurityScans

[2012/12/27 14:04:10 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC

[2012/12/27 09:59:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Security

[2012/12/25 18:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google

[2012/07/08 20:42:18 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.61.0.1400.exe

[2011/11/25 12:52:11 | 068,771,184 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe

[2011/04/29 20:21:39 | 016,883,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-ENU.exe

[2011/04/14 07:24:16 | 038,808,920 | ---- | C] (Microsoft Corporation) -- C:\Program Files\FileFormatConverters.exe

[2011/04/04 11:25:21 | 287,796,859 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\aa_demo_setup.exe

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/10 10:36:01 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job

[2013/01/10 09:02:59 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to CAN.exe.lnk

[2013/01/10 08:56:38 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2013/01/10 08:50:29 | 000,000,186 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT

[2013/01/10 08:47:38 | 000,038,400 | ---- | M] () -- C:\WINDOWS\System32\pcdhdm.cpl

[2013/01/10 08:47:01 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2013/01/10 08:46:52 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job

[2013/01/10 08:46:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/01/09 06:29:29 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Excel 2003.lnk

[2013/01/09 01:15:59 | 000,566,996 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/01/09 01:15:59 | 000,112,256 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013/01/09 01:07:27 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/01/08 20:57:53 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to RogueKiller.exe.lnk

[2013/01/08 19:40:09 | 000,218,184 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\É (2).pif

[2013/01/08 19:39:28 | 000,218,184 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\É.pif

[2013/01/08 14:28:05 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif

[2013/01/08 09:07:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2013/01/08 07:32:44 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Word 2003.lnk

[2013/01/07 15:08:07 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk

[2013/01/07 15:05:38 | 000,001,917 | ---- | M] () -- C:\WINDOWS\epplauncher.mif

[2013/01/07 10:32:23 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk

[2013/01/07 09:25:28 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to mbar.exe.lnk

[2013/01/07 08:07:09 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk

[2013/01/06 22:28:02 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/01/06 20:50:04 | 000,211,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/01/06 19:44:12 | 003,153,920 | ---- | M] () -- C:\WINDOWS\System32\secsetup.sdb

[2013/01/06 11:04:58 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat

[2013/01/06 11:04:57 | 000,011,892 | ---- | M] () -- C:\WINDOWS\CUAppUsage.Dat

[2013/01/05 15:51:11 | 000,001,324 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk

[2013/01/04 18:46:01 | 000,450,352 | ---- | M] (Microsoft Corporation) -- C:\FixitCenter_Run.exe

[2013/01/04 09:58:35 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013/01/03 22:32:49 | 000,027,678 | ---- | M] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip

[2013/01/02 20:31:36 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk

[2013/01/02 08:13:50 | 000,008,404 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip

[2013/01/02 05:34:21 | 000,007,221 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip

[2013/01/01 20:24:14 | 000,007,215 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip

[2012/12/31 21:21:48 | 000,093,640 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll

[2012/12/31 21:21:46 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll

[2012/12/31 21:21:46 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll

[2012/12/31 21:21:46 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2012/12/31 21:21:46 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2012/12/31 21:21:46 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[2012/12/31 21:21:46 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl

[2012/12/31 19:32:23 | 000,000,004 | ---- | M] () -- C:\WINDOWS\CSCCompactState

[2012/12/31 18:26:24 | 000,000,280 | -HS- | M] () -- C:\boot.ini

[2012/12/31 14:05:00 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Solitaire.lnk

[2012/12/30 12:44:10 | 000,000,057 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf

[2012/12/30 11:48:23 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/12/28 15:49:52 | 000,005,956 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/12/27 13:15:43 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Hearts.lnk

[2012/12/27 11:10:52 | 000,000,852 | RHS- | M] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol

[2012/12/26 12:32:00 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2012/12/16 08:07:16 | 000,125,967 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Lacey Room 2.PRO

[2012/12/16 04:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll

[2012/12/16 04:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll

[2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/10 09:02:59 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to CAN.exe.lnk

[2013/01/08 20:57:53 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to RogueKiller.exe.lnk

[2013/01/08 19:40:09 | 000,218,184 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\É (2).pif

[2013/01/08 19:39:28 | 000,218,184 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\É.pif

[2013/01/08 14:28:05 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif

[2013/01/07 15:08:07 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk

[2013/01/07 10:36:06 | 000,000,580 | -H-- | C] () -- C:\WINDOWS\tasks\DataUpload.job

[2013/01/07 10:36:04 | 000,000,616 | -H-- | C] () -- C:\WINDOWS\tasks\ConfigExec.job

[2013/01/07 10:32:23 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk

[2013/01/07 10:32:23 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk

[2013/01/07 09:25:28 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to mbar.exe.lnk

[2013/01/07 08:07:09 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk

[2013/01/06 19:44:11 | 003,153,920 | ---- | C] () -- C:\WINDOWS\System32\secsetup.sdb

[2013/01/06 11:19:51 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2013/01/06 11:09:53 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk

[2013/01/06 06:34:14 | 000,043,609 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb

[2013/01/05 15:47:22 | 000,001,324 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk

[2013/01/04 09:58:35 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013/01/03 22:32:47 | 000,027,678 | ---- | C] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip

[2013/01/03 10:58:18 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb

[2013/01/02 20:31:36 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk

[2013/01/02 08:13:49 | 000,008,404 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip

[2013/01/02 05:34:20 | 000,007,221 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip

[2013/01/01 20:24:13 | 000,007,215 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip

[2013/01/01 19:59:44 | 000,011,892 | ---- | C] () -- C:\WINDOWS\CUAppUsage.Dat

[2012/12/31 19:27:27 | 000,000,004 | ---- | C] () -- C:\WINDOWS\CSCCompactState

[2012/12/30 11:48:23 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/12/30 11:48:23 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Internet Explorer.lnk

[2012/12/29 18:23:15 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat

[2012/12/28 15:49:52 | 000,005,956 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/12/26 23:07:26 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

[2012/12/26 23:07:26 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk

[2012/12/15 22:23:13 | 000,125,967 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Lacey Room 2.PRO

[2012/12/09 20:12:42 | 000,000,126 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config

[2012/12/09 10:12:29 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2012/12/06 16:39:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2012/12/06 16:38:32 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data

[2012/02/15 16:30:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012/01/26 19:46:24 | 000,000,448 | ---- | C] () -- C:\Program Files\0126201219462482.bat

[2012/01/24 04:36:47 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll

[2012/01/06 17:22:47 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EWF645.ini

[2011/11/25 19:49:45 | 000,000,458 | ---- | C] () -- C:\Program Files\1125201119494514.bat

[2011/11/25 13:33:00 | 000,042,836 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2011/05/17 09:29:13 | 000,000,852 | RHS- | C] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol

[2011/05/15 19:10:29 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini

[2011/05/15 19:10:29 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini

[2011/05/15 19:10:28 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini

[2011/05/15 19:10:28 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini

[2011/05/15 19:10:28 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini

[2011/05/15 19:10:28 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini

[2011/04/16 13:59:30 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini

[2011/04/16 13:59:15 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini

[2011/04/16 13:58:13 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini

[2009/05/23 15:06:03 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/05/23 14:55:22 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2005/08/30 19:58:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 16:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 04:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 16:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== Custom Scans ==========

< :OTL >

< O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. >

< O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present >

< @Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2615F08 >

< @Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAF232F8 >

< @Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BC95BE9 >

< @Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A980FC5D >

< @Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCADFB80 >

< @Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CC37CE3 >

< @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 >

< @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E >

< @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C5A503E >

< @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D0C22DC >

< >

< :Commands >

< [EmptyTemp] >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\drivers\volsnap.sys:SummaryInformation

@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2615F08

@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAF232F8

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BC95BE9

@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A980FC5D

@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCADFB80

@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CC37CE3

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C5A503E

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D0C22DC

< End of report >

Share this post


Link to post
Share on other sites

Hey preconmanager,

You posted a log from OTL, not ComboFix. :)

Share this post


Link to post
Share on other sites

OTL logfile created on: 1/10/2013 12:56:57 PM - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Program Files\Malwarebytes' Anti-Malware

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 356.43 Mb Available Physical Memory | 37.19% Memory free

2.26 Gb Paging File | 1.72 Gb Available in Paging File | 76.11% Paging File free

Paging file location(s): C:\pagefile.sys 1437 1437 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 177.81 Gb Total Space | 155.17 Gb Free Space | 87.27% Space Free | Partition Type: NTFS

Drive D: | 8.49 Gb Total Space | 0.40 Gb Free Space | 4.75% Space Free | Partition Type: FAT32

Drive E: | 656.63 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: CORNHSKRS1 | User Name: HP_Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/10 08:38:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Program Files\Malwarebytes' Anti-Malware\CAN.exe

PRC - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe

PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe

PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe

PRC - [2010/08/26 16:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exe

PRC - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe

PRC - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe

PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2005/12/20 10:34:28 | 000,368,640 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe

PRC - [2005/11/01 09:01:00 | 000,090,112 | ---- | M] (Sonic Solutions) -- C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe

PRC - [2005/08/02 23:19:16 | 000,077,312 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exe

PRC - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/09 01:17:38 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll

MOD - [2013/01/09 01:17:25 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll

MOD - [2013/01/09 01:17:08 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll

MOD - [2013/01/09 01:15:18 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

MOD - [2013/01/09 01:15:17 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

MOD - [2013/01/09 01:15:12 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll

MOD - [2013/01/09 01:15:00 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

MOD - [2011/11/03 07:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll

MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011/02/04 16:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll

MOD - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe

MOD - [2010/08/26 16:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exe

MOD - [2010/07/09 16:38:00 | 000,286,720 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiLib.dll

MOD - [2010/02/03 11:31:02 | 000,282,624 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll

MOD - [2008/04/13 16:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2008/04/13 16:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll

MOD - [2006/05/09 15:50:00 | 001,466,368 | ---- | M] () -- C:\WINDOWS\system32\nview.dll

MOD - [2006/05/09 15:50:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll

MOD - [2005/12/20 10:34:28 | 000,368,640 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe

MOD - [2005/11/21 16:27:15 | 000,110,592 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Pcd5Services.dll

MOD - [2005/11/21 16:27:15 | 000,065,536 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\ProgressTrace.dll

MOD - [2005/11/21 16:27:06 | 000,916,480 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Dapi5.dll

MOD - [2005/11/21 16:26:02 | 000,123,904 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Http.dll

MOD - [2005/11/21 16:26:00 | 000,164,864 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\IPC.dll

MOD - [2005/11/21 16:25:53 | 000,058,880 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Enumerator.dll

MOD - [2005/11/21 16:25:51 | 000,017,920 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\SharedAll.dll

MOD - [2005/11/21 16:25:47 | 001,341,952 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Matrix.dll

MOD - [2005/11/21 16:23:46 | 001,094,656 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Common.dll

MOD - [2005/11/18 19:06:42 | 000,016,384 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\pcdrindicator.dll

MOD - [2005/11/18 19:06:41 | 000,067,584 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Smart.dll

MOD - [2005/11/18 19:06:41 | 000,035,840 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Scsi.dll

MOD - [2005/11/18 19:06:37 | 000,186,368 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Lsapi.dll

MOD - [2005/08/02 23:19:16 | 000,050,176 | ---- | M] () -- C:\WINDOWS\armcex.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe -- (vToolbarUpdater13.3.2)

SRV - File not found [Auto | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2012/12/30 11:31:11 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/09/23 06:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)

SRV - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)

SRV - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)

SRV - [2008/04/13 16:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)

SRV - [2008/04/13 16:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)

SRV - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SjyPkt.sys -- (SjyPkt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\MFWCtwl.sys -- (SamsungMonitorFirmware)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8192su.sys -- (RTL8192su)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)

DRV - [2013/01/10 08:47:43 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E5F26C5-78F5-403C-B378-2B1632219A9D}\MpKslb8b9f366.sys -- (MpKslb8b9f366)

DRV - [2010/02/11 04:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)

DRV - [2010/02/03 11:21:56 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)

DRV - [2009/11/06 08:26:36 | 000,642,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwlhigh5.sys -- (BCMH43XX)

DRV - [2009/06/22 03:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)

DRV - [2009/02/11 12:40:40 | 005,028,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2008/12/04 05:17:15 | 000,627,072 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB54GCv3.sys -- (WUSB54GCv3)

DRV - [2008/05/08 06:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)

DRV - [2008/04/13 10:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)

DRV - [2008/04/13 10:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)

DRV - [2005/12/12 15:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)

DRV - [2005/11/21 16:27:15 | 000,021,120 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\PC-Doctor 5 for Windows\pcd5srvc.pkms -- (PCD5SRVC{085326CB-51A3560A-05010003})

DRV - [2005/10/20 15:01:56 | 001,095,009 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2005/07/29 16:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2005/07/29 16:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2005/06/29 16:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)

DRV - [2005/03/09 12:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - [2004/08/09 20:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)

DRV - [2004/08/09 20:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)

DRV - [2004/08/03 13:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)

DRV - [2003/11/05 06:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...lion&pf=desktop

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\..\SearchScopes,DefaultScope = {580E20EE-5EC3-480C-8BB1-8065078D64D7}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKLM\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...lion&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...lion&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\..\SearchScopes,DefaultScope = {8EEAC88A-079B-4b2c-80C1-7836F79EB40A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{11DBEFBC-BDD6-450B-836B-726914EE0A20}: "URL" = http://websearch.ask...0B-29957050ED6A

IE - HKCU\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.co...1I7SAVJ_enUS516

IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yah...}&fr=chr-comodo

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...pr&d=2012-12-09 14:18:08&v=13.3.0.17&sap=dsp&q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"

FF - prefs.js..browser.search.selectedEngine: "Yahoo"

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1

FF - prefs.js..keyword.URL: "http://us.search.yahoo.com/search?fr=ytff-comodo&p="

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.3.2\\npsitesafety.dll File not found

FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/30 11:31:13 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/01/21 13:24:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions

[2012/12/12 21:56:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\nwhnc90v.default\extensions

[2012/03/23 10:23:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012/12/30 11:31:13 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/12/30 11:31:09 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/12/30 11:31:09 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://us.yahoo.com?fr=fpc-comodo

CHR - homepage: http://us.yahoo.com?fr=fpc-comodo

O1 HOSTS File: ([2004/08/10 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (no name) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - No CLSID value found.

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)

O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)

O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [PCDrProfiler] File not found

O4 - HKLM..\Run: [PCDrSmartMonitor] C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe ()

O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()

O4 - HKLM..\RunOnce: [AvgRemover] C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\ANN6AG81\avg_remover_stf_x86_2013_2706[1].exe /run_number=2 /avgdir="C:\Program Files\AVG\AVG2013\" /avgdatadir="C:\Documents and Settings\All Users\Application Data\AVG2013\" File not found

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\cardisabled [2012/12/31 14:00:19 | 000,000,000 | -H-D | M]

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk = C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane..._2.3.10.115.cab (Reg Error: Key error.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1340928547156 (MUWebControl Class)

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...pdetect119b.cab (GMNRev Class)

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)

O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} https://wimpro2.cce....ads/sysinfo.cab (LogData Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C5CA750-5982-45CA-9B80-6BC46A8AB7FA}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D47F4194-5414-4073-8BEA-893845CB8ED2}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E518782A-6667-464A-9A06-0CE54C8FA163}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\viprotocol - No CLSID value found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/03/09 16:17:46 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O32 - AutoRun File - [2011/04/11 09:57:32 | 000,000,090 | ---- | M] () - D:\Autorun.inf -- [ FAT32 ]

O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\AUTORUN.FCB -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/07 10:42:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\FixItCenter

[2013/01/07 10:32:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS

[2013/01/07 09:15:45 | 000,000,000 | ---D | C] -- C:\MBAR-1.01.0.1011

[2013/01/07 08:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileASSASSIN

[2013/01/07 08:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\FileASSASSIN

[2013/01/06 20:29:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Recent

[2013/01/06 16:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Boot.ini File Copy

[2013/01/06 11:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client

[2013/01/06 00:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData

[2013/01/06 00:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LightScribe Direct Disc Labeling

[2013/01/06 00:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LS Getting Started

[2013/01/06 00:17:46 | 000,000,000 | ---D | C] -- C:\swsetup

[2013/01/05 17:37:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Sonic

[2013/01/05 15:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\LUA Protocol

[2013/01/05 14:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads

[2013/01/04 18:46:01 | 000,450,352 | ---- | C] (Microsoft Corporation) -- C:\FixitCenter_Run.exe

[2013/01/04 18:39:35 | 000,000,000 | ---D | C] -- C:\MATS

[2013/01/04 09:58:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2013/01/04 09:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2013/01/04 09:58:33 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2013/01/04 09:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2013/01/03 10:55:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm

[2013/01/03 10:54:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$

[2013/01/03 10:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\WinUpdates

[2013/01/02 20:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\A&ADemo

[2013/01/02 20:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\Atari

[2013/01/02 20:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Atari

[2013/01/02 10:58:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\GeekBuddyRSP

[2013/01/01 21:45:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer

[2012/12/31 23:20:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Sun

[2012/12/31 21:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2012/12/31 21:22:30 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll

[2012/12/31 21:22:30 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2012/12/31 21:22:30 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl

[2012/12/31 21:22:19 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2012/12/31 21:22:19 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[2012/12/31 21:22:19 | 000,093,640 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll

[2012/12/31 21:19:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee

[2012/12/31 14:00:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\cardisabled

[2012/12/30 11:46:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Favorites

[2012/12/29 18:16:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO

[2012/12/29 18:16:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\COMODO

[2012/12/29 18:16:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\GeekBuddyRSP

[2012/12/29 18:16:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\COMODO

[2012/12/29 18:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo

[2012/12/29 18:01:07 | 000,000,000 | ---D | C] -- C:\CCE_Quarantine

[2012/12/27 19:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\IsolatedStorage

[2012/12/27 19:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\HP

[2012/12/27 15:53:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes

[2012/12/27 14:28:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\SecurityScans

[2012/12/27 14:04:10 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC

[2012/12/27 09:59:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Security

[2012/12/25 18:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google

[2012/07/08 20:42:18 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.61.0.1400.exe

[2011/11/25 12:52:11 | 068,771,184 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe

[2011/04/29 20:21:39 | 016,883,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-ENU.exe

[2011/04/14 07:24:16 | 038,808,920 | ---- | C] (Microsoft Corporation) -- C:\Program Files\FileFormatConverters.exe

[2011/04/04 11:25:21 | 287,796,859 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\aa_demo_setup.exe

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/10 10:36:01 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job

[2013/01/10 09:02:59 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to CAN.exe.lnk

[2013/01/10 08:56:38 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2013/01/10 08:50:29 | 000,000,186 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT

[2013/01/10 08:47:38 | 000,038,400 | ---- | M] () -- C:\WINDOWS\System32\pcdhdm.cpl

[2013/01/10 08:47:01 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2013/01/10 08:46:52 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job

[2013/01/10 08:46:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/01/09 06:29:29 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Excel 2003.lnk

[2013/01/09 01:15:59 | 000,566,996 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/01/09 01:15:59 | 000,112,256 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013/01/09 01:07:27 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/01/08 20:57:53 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to RogueKiller.exe.lnk

[2013/01/08 19:40:09 | 000,218,184 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\É (2).pif

[2013/01/08 19:39:28 | 000,218,184 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\É.pif

[2013/01/08 14:28:05 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif

[2013/01/08 09:07:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2013/01/08 07:32:44 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Word 2003.lnk

[2013/01/07 15:08:07 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk

[2013/01/07 15:05:38 | 000,001,917 | ---- | M] () -- C:\WINDOWS\epplauncher.mif

[2013/01/07 10:32:23 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk

[2013/01/07 09:25:28 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to mbar.exe.lnk

[2013/01/07 08:07:09 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk

[2013/01/06 22:28:02 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/01/06 20:50:04 | 000,211,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/01/06 19:44:12 | 003,153,920 | ---- | M] () -- C:\WINDOWS\System32\secsetup.sdb

[2013/01/06 11:04:58 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat

[2013/01/06 11:04:57 | 000,011,892 | ---- | M] () -- C:\WINDOWS\CUAppUsage.Dat

[2013/01/05 15:51:11 | 000,001,324 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk

[2013/01/04 18:46:01 | 000,450,352 | ---- | M] (Microsoft Corporation) -- C:\FixitCenter_Run.exe

[2013/01/04 09:58:35 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013/01/03 22:32:49 | 000,027,678 | ---- | M] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip

[2013/01/02 20:31:36 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk

[2013/01/02 08:13:50 | 000,008,404 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip

[2013/01/02 05:34:21 | 000,007,221 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip

[2013/01/01 20:24:14 | 000,007,215 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip

[2012/12/31 21:21:48 | 000,093,640 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll

[2012/12/31 21:21:46 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll

[2012/12/31 21:21:46 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll

[2012/12/31 21:21:46 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2012/12/31 21:21:46 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2012/12/31 21:21:46 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[2012/12/31 21:21:46 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl

[2012/12/31 19:32:23 | 000,000,004 | ---- | M] () -- C:\WINDOWS\CSCCompactState

[2012/12/31 18:26:24 | 000,000,280 | -HS- | M] () -- C:\boot.ini

[2012/12/31 14:05:00 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Solitaire.lnk

[2012/12/30 12:44:10 | 000,000,057 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf

[2012/12/30 11:48:23 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/12/28 15:49:52 | 000,005,956 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/12/27 13:15:43 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Hearts.lnk

[2012/12/27 11:10:52 | 000,000,852 | RHS- | M] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol

[2012/12/26 12:32:00 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2012/12/16 08:07:16 | 000,125,967 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Lacey Room 2.PRO

[2012/12/16 04:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll

[2012/12/16 04:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll

[2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/10 09:02:59 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to CAN.exe.lnk

[2013/01/08 20:57:53 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to RogueKiller.exe.lnk

[2013/01/08 19:40:09 | 000,218,184 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\É (2).pif

[2013/01/08 19:39:28 | 000,218,184 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\É.pif

[2013/01/08 14:28:05 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif

[2013/01/07 15:08:07 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk

[2013/01/07 10:36:06 | 000,000,580 | -H-- | C] () -- C:\WINDOWS\tasks\DataUpload.job

[2013/01/07 10:36:04 | 000,000,616 | -H-- | C] () -- C:\WINDOWS\tasks\ConfigExec.job

[2013/01/07 10:32:23 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk

[2013/01/07 10:32:23 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk

[2013/01/07 09:25:28 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to mbar.exe.lnk

[2013/01/07 08:07:09 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk

[2013/01/06 19:44:11 | 003,153,920 | ---- | C] () -- C:\WINDOWS\System32\secsetup.sdb

[2013/01/06 11:19:51 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2013/01/06 11:09:53 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk

[2013/01/06 06:34:14 | 000,043,609 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb

[2013/01/05 15:47:22 | 000,001,324 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk

[2013/01/04 09:58:35 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013/01/03 22:32:47 | 000,027,678 | ---- | C] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip

[2013/01/03 10:58:18 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb

[2013/01/02 20:31:36 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk

[2013/01/02 08:13:49 | 000,008,404 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip

[2013/01/02 05:34:20 | 000,007,221 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip

[2013/01/01 20:24:13 | 000,007,215 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip

[2013/01/01 19:59:44 | 000,011,892 | ---- | C] () -- C:\WINDOWS\CUAppUsage.Dat

[2012/12/31 19:27:27 | 000,000,004 | ---- | C] () -- C:\WINDOWS\CSCCompactState

[2012/12/30 11:48:23 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/12/30 11:48:23 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Internet Explorer.lnk

[2012/12/29 18:23:15 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat

[2012/12/28 15:49:52 | 000,005,956 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/12/26 23:07:26 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

[2012/12/26 23:07:26 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk

[2012/12/15 22:23:13 | 000,125,967 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Lacey Room 2.PRO

[2012/12/09 20:12:42 | 000,000,126 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config

[2012/12/09 10:12:29 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2012/12/06 16:39:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2012/12/06 16:38:32 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data

[2012/02/15 16:30:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012/01/26 19:46:24 | 000,000,448 | ---- | C] () -- C:\Program Files\0126201219462482.bat

[2012/01/24 04:36:47 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll

[2012/01/06 17:22:47 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EWF645.ini

[2011/11/25 19:49:45 | 000,000,458 | ---- | C] () -- C:\Program Files\1125201119494514.bat

[2011/11/25 13:33:00 | 000,042,836 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2011/05/17 09:29:13 | 000,000,852 | RHS- | C] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol

[2011/05/15 19:10:29 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini

[2011/05/15 19:10:29 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini

[2011/05/15 19:10:28 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini

[2011/05/15 19:10:28 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini

[2011/05/15 19:10:28 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini

[2011/05/15 19:10:28 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini

[2011/04/16 13:59:30 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini

[2011/04/16 13:59:15 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini

[2011/04/16 13:58:13 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini

[2009/05/23 15:06:03 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/05/23 14:55:22 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2005/08/30 19:58:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 16:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 04:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 16:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== Custom Scans ==========

< :OTL >

< O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. >

< O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present >

< @Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2615F08 >

< @Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAF232F8 >

< @Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BC95BE9 >

< @Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A980FC5D >

< @Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCADFB80 >

< @Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CC37CE3 >

< @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 >

< @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E >

< @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C5A503E >

< @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D0C22DC >

< >

< :Commands >

< [EmptyTemp] >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\drivers\volsnap.sys:SummaryInformation

@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2615F08

@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAF232F8

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BC95BE9

@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A980FC5D

@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCADFB80

@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CC37CE3

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C5A503E

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D0C22DC

< End of report >

ComboFix 13-01-08.01 - HP_Administrator 01/10/2013 21:22:26.1.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.459 [GMT -8:00]

Running from: c:\program files\Malwarebytes' Anti-Malware\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Administrator\WINDOWS

c:\documents and settings\All Users\Application Data\TEMP

c:\documents and settings\All Users\Application Data\TEMP\2D0C22DC.TMP

c:\documents and settings\Default User\WINDOWS

c:\documents and settings\HP_Administrator\WINDOWS

c:\documents and settings\UpdatusUser\WINDOWS

c:\program files\mbam-setup-1.61.0.1400.exe

c:\windows\system32\Cache

c:\windows\system32\config\systemprofile\WINDOWS

c:\windows\system32\Packet.dll

c:\windows\system32\ps2.bat

c:\windows\system32\pthreadVC.dll

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\fusion.dll

c:\windows\system32\URTTemp\mscoree.dll

c:\windows\system32\URTTemp\mscoree.dll.local

c:\windows\system32\URTTemp\mscorsn.dll

c:\windows\system32\URTTemp\mscorwks.dll

c:\windows\system32\URTTemp\msvcr71.dll

c:\windows\system32\URTTemp\regtlib.exe

c:\windows\system32\wpcap.dll

D:\Autorun.inf

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_NPF

.

.

((((((((((((((((((((((((( Files Created from 2012-12-11 to 2013-01-11 )))))))))))))))))))))))))))))))

.

.

2013-01-10 21:03 . 2013-01-10 21:03 -------- d-----w- C:\_OTL

2013-01-10 09:37 . 2012-11-19 09:04 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E5F26C5-78F5-403C-B378-2B1632219A9D}\mpengine.dll

2013-01-10 05:58 . 2012-11-19 09:04 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-01-08 17:07 . 2013-01-08 17:07 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Apple

2013-01-07 18:42 . 2013-01-07 18:42 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\FixItCenter

2013-01-07 18:32 . 2013-01-07 18:32 -------- d-----w- c:\windows\MATS

2013-01-07 17:15 . 2013-01-07 17:15 -------- d-----w- C:\MBAR-1.01.0.1011

2013-01-07 16:07 . 2013-01-07 16:07 -------- d-----w- c:\program files\FileASSASSIN

2013-01-06 19:09 . 2013-01-06 19:09 -------- d-----w- c:\program files\Microsoft Security Client

2013-01-06 16:32 . 2013-01-06 16:32 -------- d-----w- c:\windows\system32\wbem\Repository

2013-01-06 08:21 . 2013-01-06 08:21 -------- d-----w- C:\ProgramData

2013-01-06 08:18 . 2013-01-06 08:18 -------- d---a-w- c:\program files\Common Files\LS Getting Started

2013-01-06 08:17 . 2013-01-06 08:17 -------- d---a-w- C:\swsetup

2013-01-06 01:37 . 2013-01-06 01:37 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Sonic

2013-01-05 02:46 . 2013-01-05 02:46 450352 ----a-w- C:\FixitCenter_Run.exe

2013-01-05 02:39 . 2013-01-05 02:39 -------- d-----w- C:\MATS

2013-01-04 17:58 . 2013-01-04 17:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2013-01-04 17:58 . 2013-01-10 21:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-01-04 17:58 . 2012-12-15 00:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-03 18:55 . 2013-01-03 18:55 -------- d-----w- c:\windows\system32\winrm

2013-01-03 18:54 . 2013-01-03 18:55 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$

2013-01-03 18:54 . 2013-01-03 19:00 -------- d-----w- c:\documents and settings\HP_Administrator\WinUpdates

2013-01-03 04:30 . 2013-01-03 04:30 -------- d-----w- c:\program files\Atari

2013-01-03 04:29 . 2013-01-03 04:29 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll

2013-01-03 04:29 . 2013-01-03 04:29 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll

2013-01-03 01:13 . 2013-01-03 01:13 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\isp2A.tmp\Setup.dll

2013-01-03 01:13 . 2013-01-03 01:13 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\isp2D.tmp\IGdi.dll

2013-01-03 01:13 . 2003-02-28 00:12 696320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll

2013-01-03 01:13 . 2002-12-05 22:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll

2013-01-03 01:13 . 2002-12-02 23:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe

2013-01-03 01:13 . 2002-12-02 21:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll

2013-01-03 01:13 . 2002-12-02 21:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll

2013-01-02 19:13 . 2013-01-02 19:13 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache

2013-01-02 19:12 . 2013-01-02 19:12 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE

2013-01-02 19:12 . 2013-01-02 19:12 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Box Sync

2013-01-02 18:58 . 2013-01-02 18:58 -------- d-----w- c:\documents and settings\NetworkService\Application Data\GeekBuddyRSP

2013-01-02 05:45 . 2013-01-02 05:45 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Apple Computer

2013-01-01 07:20 . 2013-01-01 07:20 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Sun

2013-01-01 05:22 . 2013-01-01 05:22 -------- d-----w- c:\program files\Common Files\Java

2013-01-01 05:22 . 2013-01-01 05:21 859072 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-01-01 05:22 . 2013-01-01 05:21 143872 ----a-w- c:\windows\system32\javacpl.cpl

2013-01-01 05:22 . 2013-01-01 05:21 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-01-01 05:19 . 2013-01-01 05:19 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

2012-12-30 02:23 . 2013-01-06 19:04 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat

2012-12-30 02:16 . 2013-01-02 19:10 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\COMODO

2012-12-30 02:16 . 2013-01-06 19:06 -------- d-----w- c:\documents and settings\All Users\Application Data\COMODO

2012-12-30 02:16 . 2012-12-30 02:16 -------- d-----w- c:\documents and settings\LocalService\Application Data\GeekBuddyRSP

2012-12-30 02:16 . 2013-01-02 19:10 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\COMODO

2012-12-30 02:16 . 2013-01-06 19:06 -------- d-----w- c:\program files\Comodo

2012-12-30 02:01 . 2013-01-04 02:52 -------- d-----w- C:\CCE_Quarantine

2012-12-28 03:39 . 2012-12-28 03:39 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\IsolatedStorage

2012-12-28 03:39 . 2012-12-28 03:39 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\HP

2012-12-27 23:53 . 2012-12-27 23:53 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Malwarebytes

2012-12-27 22:28 . 2012-12-27 22:28 -------- d-----w- c:\documents and settings\HP_Administrator\SecurityScans

2012-12-24 11:08 . 2012-12-30 19:31 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll

2012-12-24 11:08 . 2012-12-30 19:31 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-11 05:50 . 2011-05-13 02:13 38400 ----a-w- c:\windows\system32\pcdhdm.cpl

2013-01-01 05:21 . 2011-12-08 00:52 779704 ----a-w- c:\windows\system32\deployJava1.dll

2012-12-16 12:23 . 2004-08-10 04:00 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-11-13 01:25 . 2004-08-10 04:00 1866368 ----a-w- c:\windows\system32\win32k.sys

2012-11-06 02:01 . 2009-08-20 00:07 1371648 ----a-w- c:\windows\system32\msxml6.dll

2012-11-02 02:02 . 2004-08-10 04:00 375296 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 12:17 . 2004-08-10 04:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:17 . 2004-08-10 04:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-01 12:17 . 2004-08-10 04:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35 . 2004-08-10 04:00 385024 ----a-w- c:\windows\system32\html.iec

2012-01-27 03:46 . 2012-01-27 03:46 448 ----a-w- c:\program files\0126201219462482.bat

2011-11-26 03:49 . 2011-11-26 03:49 458 ----a-w- c:\program files\1125201119494514.bat

2011-11-25 21:13 . 2011-11-25 20:52 68771184 ----a-w- c:\program files\iTunesSetup.exe

2011-04-30 04:22 . 2011-04-30 04:21 16883056 ----a-w- c:\program files\IE8-WindowsXP-x86-ENU.exe

2011-04-14 15:24 . 2011-04-14 15:24 38808920 ----a-w- c:\program files\FileFormatConverters.exe

2011-04-07 22:10 . 2011-04-04 19:25 287796859 ----a-w- c:\program files\aa_demo_setup.exe

2012-12-30 19:31 . 2012-03-23 18:23 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked]

@="{C253B817-3A00-475f-A5A3-6F2DD704B48D}"

[HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}]

2009-11-06 05:17 297808 ----a-w- c:\windows\system32\mscoree.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced]

@="{19ACC806-F7AA-46AA-A80A-726A07CA6637}"

[HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}]

2009-11-06 05:17 297808 ----a-w- c:\windows\system32\mscoree.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs]

@="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}"

[HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}]

2009-11-06 05:17 297808 ----a-w- c:\windows\system32\mscoree.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced]

@="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}"

[HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}]

2009-11-06 05:17 297808 ----a-w- c:\windows\system32\mscoree.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab]

@="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}"

[HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}]

2009-11-06 05:17 297808 ----a-w- c:\windows\system32\mscoree.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]

"PCDrSmartMonitor"="c:\program files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe" [2005-12-20 368640]

"nwiz"="nwiz.exe" [2006-05-09 1519616]

"NvMediaCenter"="NvMCTray.dll" [2006-05-09 86016]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-09 7311360]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-17 421736]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]

"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-10 249856]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]

"DMAScheduler"="c:\program files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe" [2005-11-01 90112]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]

"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 77312]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]

"RTHDCPL"="RTHDCPL.EXE" [2009-02-03 18085888]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 947176]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

c:\documents and settings\Default User\Start Menu\Programs\Startup\

Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-3-9 27136]

.

c:\documents and settings\UpdatusUser\Start Menu\Programs\Startup\

Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-3-9 27136]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]

NETGEAR WNA3100 Smart Wizard.lnk - c:\program files\NETGEAR\WNA3100\WNA3100.exe [2012-1-24 4577760]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\cardisabled

Box Sync.lnk - c:\program files\Box Sync\BoxSync.exe [2012-4-23 8708096]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\WINDOWS\\system32\\mqsvc.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping

"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)

"5985:TCP"= 5985:TCP:Windows Remote Management

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundTimestampRequest"= 1 (0x1)

"AllowInboundMaskRequest"= 1 (0x1)

"AllowInboundRouterRequest"= 1 (0x1)

"AllowOutboundDestinationUnreachable"= 1 (0x1)

"AllowOutboundSourceQuench"= 1 (0x1)

"AllowOutboundParameterProblem"= 1 (0x1)

"AllowOutboundTimeExceeded"= 1 (0x1)

"AllowRedirect"= 1 (0x1)

"AllowOutboundPacketTooBig"= 1 (0x1)

"AllowInboundEchoRequest"= 1 (0x1)

.

R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [10/9/2007 12:13 PM 38144]

R2 Iprip;RIP Listener;c:\windows\System32\svchost.exe -k netsvcs [8/9/2004 8:00 PM 14336]

R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [1/24/2012 4:36 AM 642432]

R3 PCD5SRVC{085326CB-51A3560A-05010003};PCD5SRVC{085326CB-51A3560A-05010003} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\PC-DOC~1\PCD5SRVC.pkms [11/21/2005 4:27 PM 21120]

S1 avgtp;avgtp;\??\c:\windows\system32\drivers\avgtpx86.sys --> c:\windows\system32\drivers\avgtpx86.sys [?]

S1 MpKsl480fd015;MpKsl480fd015;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E5F26C5-78F5-403C-B378-2B1632219A9D}\MpKsl480fd015.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E5F26C5-78F5-403C-B378-2B1632219A9D}\MpKsl480fd015.sys [?]

S2 vToolbarUpdater13.3.2;vToolbarUpdater13.3.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe --> c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe [?]

S2 WSWNA3100;WSWNA3100;c:\program files\NETGEAR\WNA3100\WifiSvc.exe [1/24/2012 4:36 AM 285152]

S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [6/13/2011 10:09 PM 267568]

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys --> c:\windows\system32\DRIVERS\RTL8192su.sys [?]

S3 SamsungMonitorFirmware;SamsungMonitorFirmware;c:\windows\system32\drivers\MFWCtwl.sys --> c:\windows\system32\drivers\MFWCtwl.sys [?]

S3 SjyPkt;SjyPkt;\??\c:\windows\System32\Drivers\SjyPkt.sys --> c:\windows\System32\Drivers\SjyPkt.sys [?]

S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\drivers\WUSB54GCv3.sys [5/23/2009 4:49 PM 627072]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

*Deregistered* - SASKUTIL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

.

Contents of the 'Scheduled Tasks' folder

.

2013-01-08 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 01:57]

.

2013-01-11 c:\windows\Tasks\ConfigExec.job

- c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-14 06:09]

.

2013-01-11 c:\windows\Tasks\DataUpload.job

- c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-14 06:09]

.

2013-01-11 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-13 01:25]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/

uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}

mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\nwhnc90v.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com

FF - prefs.js: keyword.URL - hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-PCDrProfiler - (no file)

HKLM-RunOnce-AvgRemover - c:\documents and settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\ANN6AG81\avg_remover_stf_x86_2013_2706[1].exe

MSConfigStartUp-P0000000000000000 - c:\windows\System32\spool\DRIVERS\W32X86\3\E_TATIHVA.EXE

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-01-10 21:50

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\PCD5SRVC{085326CB-51A3560A-05010003}]

"ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-1652550889-3732101810-2685809735-1008\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

[HKEY_USERS\S-1-5-21-1652550889-3732101810-2685809735-1008\Software\Policies\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (S-1-5-21-1652550889-3732101810-2685809735-1008)

@Allowed: (Read) (S-1-5-21-1652550889-3732101810-2685809735-1008)

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

[HKEY_LOCAL_MACHINE\software\NVIDIA Corporation\Global\NvSvc]

@Denied: (Full) (Administrators)

"BitIndicators"=dword:00000000

.

[HKEY_LOCAL_MACHINE\software\NVIDIA Corporation\Global\NvSvc\State]

"RegistryModesUpdateHasOccurred"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\NVIDIA Corporation\Global\NVTweak\Devices\VEN_10DE&DEV_0241&SUBSYS_2A3A103C&REV_A2&INST00\DisplayModes\Schemes]

@Denied: (Full) (Administrators)

"DEVICE00000100"=hex:00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,

00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

.

[HKEY_LOCAL_MACHINE\software\Skunkstudios]

@Denied: (Full) (Administrators)

.

[HKEY_LOCAL_MACHINE\software\Skunkstudios\G2ks2gbt]

"Num"="217700"

.

[HKEY_LOCAL_MACHINE\software\SUPERAntiSpyware.com]

@Denied: (Full) (Administrators)

.

[HKEY_LOCAL_MACHINE\software\SUPERAntiSpyware.com\SUPERAntiSpyware]

"AppDataPath"="c:\\Documents and Settings\\HP_Administrator\\Application Data\\SUPERAntiSpyware.com\\SUPERAntiSpyware"

.

[HKEY_LOCAL_MACHINE\software\Symantec]

@Denied: (Full) (Administrator)

@SACL=

"Instopts"="c:\\WINDOWS\\system32\\instopts.dat"

.

[HKEY_LOCAL_MACHINE\software\Symantec\CCPD-LC]

@SACL=

.

[HKEY_LOCAL_MACHINE\software\WildTangent\GameChannel]

@Denied: (Full) (Administrator)

@SACL=

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(3080)

c:\windows\system32\WININET.dll

c:\windows\system32\nview.dll

c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll

c:\program files\Box Sync\BoxIconOverlayHandler.dll

c:\program files\Box Sync\BoxUtils.dll

c:\windows\system32\nvwddi.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Microsoft Security Client\MsMpEng.exe

c:\windows\system32\msdtc.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\arservice.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

c:\program files\Google\Update\GoogleUpdate.exe

c:\windows\system32\inetsrv\inetinfo.exe

c:\program files\Java\jre7\bin\jqs.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

c:\windows\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE

c:\windows\System32\snmp.exe

c:\windows\system32\mqsvc.exe

c:\program files\Canon\CAL\CALMAIN.exe

c:\windows\system32\mqtgsvc.exe

c:\windows\system32\dllhost.exe

c:\windows\system32\wscntfy.exe

c:\windows\system32\RunDLL32.exe

c:\windows\system32\rundll32.exe

c:\windows\ARPWRMSG.EXE

c:\windows\eHome\ehmsas.exe

c:\windows\RTHDCPL.EXE

c:\program files\iPod\bin\iPodService.exe

c:\hp\KBD\KBD.EXE

.

**************************************************************************

.

Completion time: 2013-01-10 21:54:34 - machine was rebooted

ComboFix-quarantined-files.txt 2013-01-11 05:54

.

Pre-Run: 166,962,094,080 bytes free

Post-Run: 166,792,482,816 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /fastdetect /NoExecute=OptOut

.

- - End Of File - - A0C42C9827B847F1F4016994C0243C4A

The symptoms continue...when logging into windows at boot up, the monitor screen flickers intermittently. I can see the top of the windows log in which is dimming in and out (blue screen). The bottom portion where I log in is obscured by a darkened "overlay" that also dims in and out making it very difficult to transition to log in. It is hit and miss until I get my password entered and select OK. Once I get to the desktop the blue screen flickers somewhat. Then once I log into the Internet from either IE or Firefox I am fine until I start either Email or search Malwarebytes or other Anti-Virus/Malware sites. The entire screen goes grey and goes in and out to lighter color. Very uncanny activity, as if the virus detects I am searching for a cure.

After ComboFix finished, I received the following error message...'The instruction at "0x77c01e71" referenced memory at "0x00000000". The memory could not be written". Click to Cancel or Click to debug the program. I clicked neither button and closed it [X].

Share this post


Link to post
Share on other sites

Hey preconmanager,

Please download to the Desktop RogueKiller (by tigzy).

  • Please quit all programs.
  • Start RogueKiller.exe.
  • Wait until Prescan has finished.
  • Click on Scan.
  • Click on Report and copy/paste the contents of the report in your next reply.

Share this post


Link to post
Share on other sites

RogueKiller V8.4.3 [Jan 8 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User : HP_Administrator [Admin rights]

Mode : Scan -- Date : 01/11/2013 14:20:11

¤¤¤ Bad processes : 2 ¤¤¤

[sUSP PATH] arservice.exe -- C:\WINDOWS\arservice.exe -> KILLED [TermProc]

[sUSP PATH] arpwrmsg.exe -- C:\WINDOWS\arpwrmsg.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3200826AS +++++

--- User ---

[MBR] 192f06654cfad5b3bda71dcacdd6ab5e

[bSP] 05e3161cf4ce79602881f99911e8893d : Toshiba tatooed MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 182072 Mo

1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 372900780 | Size: 8699 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_01112013_02d1420.txt >>

RKreport[1]_S_01112013_02d1420.txt

RogueKiller is still active and awaiting the kill command.

I did note that the virus does not like your "Unite" logo. When I pass over it anywhere in this post, it affects my monitor.

Share this post


Link to post
Share on other sites

Hello preconmanager,

  • Please re-run RogueKiller.
  • Click on the Delete button.
  • The report has been created on the Desktop. Please post it in your reply.

=====

Also, please download to your Desktop:

  • TDSSKiller.zip from here and extract it (right click on it => "Extract here").

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.

  • Click Change parameters.
  • Make sure you check the box Loaded modules.
  • A window will popup and say Reboot is required. Please click Reboot now.
  • Then click Change parameters again. Check the box Detect TDLFS file system.
  • Click on the Start Scan button.
  • If an infected file is detected, the default action will be Cure. Instead, choose SKIP, then click on Continue. tdsskiller2.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue. tdsskiller3.png
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button.
  • Once the tool has finished, please click Report. Please copy and paste the contents of that log in your reply.
    Note: A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt).

======

In your reply please provide the contents of both logs.

Share this post


Link to post
Share on other sites

RogueKiller V8.4.3 [Jan 8 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User : HP_Administrator [Admin rights]

Mode : Remove -- Date : 01/11/2013 14:49:41

¤¤¤ Bad processes : 2 ¤¤¤

[sUSP PATH] arservice.exe -- C:\WINDOWS\arservice.exe -> KILLED [TermProc]

[sUSP PATH] arpwrmsg.exe -- C:\WINDOWS\arpwrmsg.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3200826AS +++++

--- User ---

[MBR] 192f06654cfad5b3bda71dcacdd6ab5e

[bSP] 05e3161cf4ce79602881f99911e8893d : Toshiba tatooed MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 182072 Mo

1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 372900780 | Size: 8699 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[4]_D_01112013_02d1449.txt >>

RKreport[1]_S_01112013_02d1420.txt ; RKreport[2]_S_01112013_02d1449.txt ; RKreport[3]_S_01112013_02d1449.txt ; RKreport[4]_D_01112013_02d1449.txt

Share this post


Link to post
Share on other sites

14:55:21.0230 3888 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

14:55:21.0777 3888 ============================================================

14:55:21.0777 3888 Current date / time: 2013/01/11 14:55:21.0777

14:55:21.0777 3888 SystemInfo:

14:55:21.0777 3888

14:55:21.0777 3888 OS Version: 5.1.2600 ServicePack: 3.0

14:55:21.0777 3888 Product type: Workstation

14:55:21.0777 3888 ComputerName: CORNHSKRS1

14:55:21.0777 3888 UserName: HP_Administrator

14:55:21.0777 3888 Windows directory: C:\WINDOWS

14:55:21.0777 3888 System windows directory: C:\WINDOWS

14:55:21.0777 3888 Processor architecture: Intel x86

14:55:21.0777 3888 Number of processors: 1

14:55:21.0777 3888 Page size: 0x1000

14:55:21.0777 3888 Boot type: Normal boot

14:55:21.0777 3888 ============================================================

14:55:22.0933 3888 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

14:55:23.0043 3888 ============================================================

14:55:23.0043 3888 \Device\Harddisk0\DR0:

14:55:23.0074 3888 MBR partitions:

14:55:23.0074 3888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1639C4AC

14:55:23.0074 3888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x163A03AC, BlocksNum 0x10FDA15

14:55:23.0074 3888 ============================================================

14:55:23.0136 3888 C: <-> \Device\Harddisk0\DR0\Partition1

14:55:23.0136 3888 D: <-> \Device\Harddisk0\DR0\Partition2

14:55:23.0152 3888 ============================================================

14:55:23.0152 3888 Initialize success

14:55:23.0152 3888 ============================================================

14:55:53.0199 1212 Deinitialize success

Second report to follow

Share this post


Link to post
Share on other sites

Hey preconmanager,

Just break it down into smaller posts. :)

Share this post


Link to post
Share on other sites

15:00:58.0968 2808 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

15:01:01.0031 2808 ============================================================

15:01:01.0031 2808 Current date / time: 2013/01/11 15:01:01.0031

15:01:01.0031 2808 SystemInfo:

15:01:01.0031 2808

15:01:01.0031 2808 OS Version: 5.1.2600 ServicePack: 3.0

15:01:01.0031 2808 Product type: Workstation

15:01:01.0031 2808 ComputerName: CORNHSKRS1

15:01:01.0031 2808 UserName: HP_Administrator

15:01:01.0031 2808 Windows directory: C:\WINDOWS

15:01:01.0031 2808 System windows directory: C:\WINDOWS

15:01:01.0031 2808 Processor architecture: Intel x86

15:01:01.0031 2808 Number of processors: 1

15:01:01.0031 2808 Page size: 0x1000

15:01:01.0031 2808 Boot type: Normal boot

15:01:01.0031 2808 ============================================================

15:01:05.0656 2808 BG loaded

15:01:06.0593 2808 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

15:01:07.0109 2808 ============================================================

15:01:07.0109 2808 \Device\Harddisk0\DR0:

15:01:07.0140 2808 MBR partitions:

15:01:07.0140 2808 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1639C4AC

15:01:07.0140 2808 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x163A03AC, BlocksNum 0x10FDA15

15:01:07.0140 2808 ============================================================

15:01:07.0953 2808 C: <-> \Device\Harddisk0\DR0\Partition1

15:01:08.0031 2808 D: <-> \Device\Harddisk0\DR0\Partition2

15:01:08.0250 2808 ============================================================

15:01:08.0250 2808 Initialize success

15:01:08.0250 2808 ============================================================

15:03:38.0906 3376 ============================================================

15:03:38.0906 3376 Scan started

15:03:38.0906 3376 Mode: Manual; TDLFS;

15:03:38.0906 3376 ============================================================

15:03:39.0640 3376 ================ Scan system memory ========================

15:03:39.0640 3376 System memory - ok

15:03:39.0656 3376 ================ Scan services =============================

15:03:39.0828 3376 [ C07D5197410AAB28D0D93F943F59656D ] 6to4 C:\WINDOWS\System32\6to4svc.dll

15:03:39.0828 3376 6to4 - ok

15:03:39.0859 3376 Abiosdsk - ok

15:03:39.0859 3376 abp480n5 - ok

15:03:39.0906 3376 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

15:03:39.0906 3376 ACPI - ok

15:03:39.0968 3376 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

15:03:39.0968 3376 ACPIEC - ok

15:03:39.0968 3376 adpu160m - ok

15:03:40.0031 3376 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

15:03:40.0031 3376 aec - ok

15:03:40.0093 3376 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

15:03:40.0093 3376 AFD - ok

15:03:40.0140 3376 [ 51A66C689AD9B9A953F75496209AE520 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys

15:03:40.0187 3376 AgereSoftModem - ok

15:03:40.0203 3376 Aha154x - ok

15:03:40.0203 3376 aic78u2 - ok

15:03:40.0218 3376 aic78xx - ok

15:03:40.0265 3376 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

15:03:40.0265 3376 Alerter - ok

15:03:40.0281 3376 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

15:03:40.0281 3376 ALG - ok

15:03:40.0281 3376 AliIde - ok

15:03:40.0296 3376 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys

15:03:40.0296 3376 AmdK8 - ok

15:03:40.0312 3376 amsint - ok

15:03:40.0515 3376 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

15:03:40.0531 3376 Apple Mobile Device - ok

15:03:40.0562 3376 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

15:03:40.0562 3376 AppMgmt - ok

15:03:40.0578 3376 [ 00523019E3579C8F8A94457FE25F0F24 ] aracpi C:\WINDOWS\system32\DRIVERS\aracpi.sys

15:03:40.0578 3376 aracpi - ok

15:03:40.0609 3376 [ 9FEDAA46EB1A572AC4D9EE6B5F123CF2 ] arhidfltr C:\WINDOWS\system32\DRIVERS\arhidfltr.sys

15:03:40.0609 3376 arhidfltr - ok

15:03:40.0625 3376 [ 82969576093CD983DD559F5A86F382B4 ] arkbcfltr C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys

15:03:40.0625 3376 arkbcfltr - ok

15:03:40.0640 3376 [ 9B21791D8A78FAECE999FADBEBDA6C22 ] armoucfltr C:\WINDOWS\system32\DRIVERS\armoucfltr.sys

15:03:40.0640 3376 armoucfltr - ok

15:03:40.0687 3376 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys

15:03:40.0687 3376 Arp1394 - ok

15:03:40.0703 3376 [ 7A2DA7C7B0C524EF26A79F17A5C69FDE ] ARPolicy C:\WINDOWS\system32\DRIVERS\arpolicy.sys

15:03:40.0703 3376 ARPolicy - ok

15:03:40.0750 3376 [ 9A0D9B2E263BEDE80FB79DDBAD240EC1 ] ARSVC C:\WINDOWS\arservice.exe

15:03:41.0218 3376 ARSVC - ok

15:03:41.0218 3376 asc - ok

15:03:41.0234 3376 asc3350p - ok

15:03:41.0234 3376 asc3550 - ok

15:03:41.0406 3376 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

15:03:41.0453 3376 aspnet_state - ok

15:03:41.0484 3376 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

15:03:41.0484 3376 AsyncMac - ok

15:03:41.0531 3376 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

15:03:41.0531 3376 atapi - ok

15:03:41.0546 3376 Atdisk - ok

15:03:41.0593 3376 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

15:03:41.0593 3376 Atmarpc - ok

15:03:41.0656 3376 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

15:03:41.0656 3376 AudioSrv - ok

15:03:41.0656 3376 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

15:03:41.0656 3376 audstub - ok

15:03:41.0671 3376 avgtp - ok

15:03:41.0687 3376 [ 7270D070173B20AC9487EA16BB08B45F ] bb-run C:\WINDOWS\system32\DRIVERS\bb-run.sys

15:03:41.0687 3376 bb-run - ok

15:03:41.0750 3376 [ B770039886598AAB7CF5EAEEC2409E31 ] BCMH43XX C:\WINDOWS\system32\DRIVERS\bcmwlhigh5.sys

15:03:41.0765 3376 BCMH43XX - ok

15:03:41.0781 3376 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

15:03:41.0796 3376 Beep - ok

15:03:41.0859 3376 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

15:03:41.0953 3376 BITS - ok

15:03:42.0046 3376 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

15:03:42.0062 3376 Bonjour Service - ok

15:03:42.0093 3376 [ F934D1B230F84E1D19DD00AC5A7A83ED ] Bridge C:\WINDOWS\system32\DRIVERS\bridge.sys

15:03:42.0109 3376 Bridge - ok

15:03:42.0140 3376 [ F934D1B230F84E1D19DD00AC5A7A83ED ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys

15:03:42.0140 3376 BridgeMP - ok

15:03:42.0171 3376 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

15:03:42.0171 3376 Browser - ok

15:03:42.0187 3376 catchme - ok

15:03:42.0250 3376 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

15:03:42.0250 3376 cbidf2k - ok

15:03:42.0343 3376 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe

15:03:42.0343 3376 CCALib8 - ok

15:03:42.0343 3376 cd20xrnt - ok

15:03:42.0359 3376 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

15:03:42.0359 3376 Cdaudio - ok

15:03:42.0375 3376 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

15:03:42.0390 3376 Cdfs - ok

15:03:42.0406 3376 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

15:03:42.0406 3376 Cdrom - ok

15:03:42.0406 3376 Changer - ok

15:03:42.0468 3376 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\WINDOWS\system32\cisvc.exe

15:03:42.0468 3376 cisvc - ok

15:03:42.0500 3376 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

15:03:42.0500 3376 ClipSrv - ok

15:03:42.0531 3376 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:03:42.0593 3376 clr_optimization_v2.0.50727_32 - ok

15:03:42.0609 3376 CmdIde - ok

15:03:42.0609 3376 COMSysApp - ok

15:03:42.0625 3376 Cpqarray - ok

15:03:42.0687 3376 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

15:03:42.0687 3376 CryptSvc - ok

15:03:42.0718 3376 dac2w2k - ok

15:03:42.0718 3376 dac960nt - ok

15:03:42.0781 3376 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

15:03:42.0796 3376 DcomLaunch - ok

15:03:42.0843 3376 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

15:03:42.0843 3376 Dhcp - ok

15:03:42.0859 3376 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

15:03:42.0859 3376 Disk - ok

15:03:42.0875 3376 dmadmin - ok

15:03:42.0937 3376 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

15:03:42.0968 3376 dmboot - ok

15:03:42.0984 3376 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

15:03:42.0984 3376 dmio - ok

15:03:43.0015 3376 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

15:03:43.0015 3376 dmload - ok

15:03:43.0046 3376 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

15:03:43.0046 3376 dmserver - ok

15:03:43.0062 3376 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

15:03:43.0062 3376 DMusic - ok

15:03:43.0125 3376 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

15:03:43.0125 3376 Dnscache - ok

15:03:43.0171 3376 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

15:03:43.0187 3376 Dot3svc - ok

15:03:43.0187 3376 dpti2o - ok

15:03:43.0203 3376 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

15:03:43.0203 3376 drmkaud - ok

15:03:43.0234 3376 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

15:03:43.0234 3376 EapHost - ok

15:03:43.0265 3376 [ C47E7C5E7410C7DE98F7219E3008C23D ] EAPPkt C:\WINDOWS\system32\DRIVERS\EAPPkt.sys

15:03:43.0265 3376 EAPPkt - ok

15:03:43.0375 3376 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe

15:03:43.0375 3376 ehRecvr - ok

15:03:43.0406 3376 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe

15:03:43.0406 3376 ehSched - ok

15:03:43.0421 3376 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

15:03:43.0421 3376 ERSvc - ok

15:03:43.0453 3376 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

15:03:43.0500 3376 Eventlog - ok

15:03:43.0531 3376 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll

15:03:43.0546 3376 EventSystem - ok

15:03:43.0562 3376 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

15:03:43.0562 3376 Fastfat - ok

15:03:43.0609 3376 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

15:03:43.0625 3376 FastUserSwitchingCompatibility - ok

15:03:43.0671 3376 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys

15:03:43.0671 3376 Fdc - ok

15:03:43.0687 3376 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

15:03:43.0687 3376 Fips - ok

15:03:43.0687 3376 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys

15:03:43.0687 3376 Flpydisk - ok

15:03:43.0718 3376 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

15:03:43.0718 3376 FltMgr - ok

15:03:43.0812 3376 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

15:03:43.0812 3376 FontCache3.0.0.0 - ok

15:03:43.0828 3376 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

15:03:43.0828 3376 Fs_Rec - ok

15:03:43.0843 3376 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

15:03:43.0843 3376 Ftdisk - ok

15:03:43.0859 3376 [ 22399D3CE5840C6082844679CCA5D2FC ] ftsata2 C:\WINDOWS\system32\DRIVERS\ftsata2.sys

15:03:43.0859 3376 ftsata2 - ok

15:03:43.0906 3376 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

15:03:43.0906 3376 GEARAspiWDM - ok

15:03:43.0921 3376 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

15:03:43.0921 3376 Gpc - ok

15:03:44.0015 3376 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

15:03:44.0015 3376 gupdate - ok

15:03:44.0015 3376 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

15:03:44.0031 3376 gupdatem - ok

15:03:44.0078 3376 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

15:03:44.0078 3376 gusvc - ok

15:03:44.0125 3376 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

15:03:44.0125 3376 HDAudBus - ok

15:03:44.0234 3376 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

15:03:44.0234 3376 helpsvc - ok

15:03:44.0250 3376 HidServ - ok

15:03:44.0296 3376 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

15:03:44.0296 3376 HidUsb - ok

15:03:44.0343 3376 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

15:03:44.0343 3376 hkmsvc - ok

15:03:44.0359 3376 hpn - ok

15:03:44.0390 3376 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

15:03:44.0390 3376 HTTP - ok

15:03:44.0437 3376 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

15:03:44.0437 3376 HTTPFilter - ok

15:03:44.0453 3376 i2omgmt - ok

15:03:44.0453 3376 i2omp - ok

15:03:44.0515 3376 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

15:03:44.0515 3376 i8042prt - ok

15:03:44.0593 3376 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys

15:03:44.0625 3376 iaStor - ok

15:03:44.0718 3376 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

15:03:44.0718 3376 IDriverT - ok

15:03:44.0828 3376 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

15:03:44.0843 3376 idsvc - ok

15:03:44.0937 3376 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] IISADMIN C:\WINDOWS\system32\inetsrv\inetinfo.exe

15:03:44.0968 3376 IISADMIN - ok

15:03:45.0015 3376 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

15:03:45.0015 3376 Imapi - ok

15:03:45.0062 3376 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

15:03:45.0062 3376 ImapiService - ok

15:03:45.0078 3376 ini910u - ok

15:03:45.0296 3376 [ 14B48553BE78472D2BD3A518658A1710 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

15:03:45.0640 3376 IntcAzAudAddService - ok

15:03:45.0671 3376 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys

15:03:45.0671 3376 IntelIde - ok

15:03:45.0718 3376 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

15:03:45.0718 3376 intelppm - ok

15:03:45.0750 3376 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

15:03:45.0750 3376 Ip6Fw - ok

15:03:45.0781 3376 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

15:03:45.0781 3376 IpFilterDriver - ok

15:03:45.0781 3376 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

15:03:45.0781 3376 IpInIp - ok

15:03:45.0796 3376 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

15:03:45.0796 3376 IpNat - ok

15:03:45.0859 3376 [ 49918803B661367023BF325CF602AFDC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

15:03:45.0875 3376 iPod Service - ok

15:03:45.0937 3376 [ F08D74EC300B8BA60CA953C58A24D19E ] Iprip C:\WINDOWS\System32\iprip.dll

15:03:45.0937 3376 Iprip - ok

15:03:45.0953 3376 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

15:03:45.0953 3376 IPSec - ok

15:03:46.0000 3376 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

15:03:46.0000 3376 IRENUM - ok

15:03:46.0015 3376 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

15:03:46.0015 3376 isapnp - ok

15:03:46.0171 3376 [ 6F9AE59017FAE7E111265394967E846E ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

15:03:46.0171 3376 JavaQuickStarterService - ok

15:03:46.0187 3376 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

15:03:46.0187 3376 Kbdclass - ok

15:03:46.0203 3376 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

15:03:46.0203 3376 kmixer - ok

15:03:46.0234 3376 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

15:03:46.0234 3376 KSecDD - ok

15:03:46.0281 3376 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

15:03:46.0281 3376 lanmanserver - ok

15:03:46.0296 3376 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

15:03:46.0296 3376 lanmanworkstation - ok

15:03:46.0312 3376 lbrtfdc - ok

15:03:46.0453 3376 [ B1E1C8BB1392537E4D415FCDCB93B1D3 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe

15:03:46.0453 3376 LightScribeService - ok

15:03:46.0500 3376 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

15:03:46.0500 3376 LmHosts - ok

15:03:46.0593 3376 [ DDF15A42E27E8EFE27B18FD403151A86 ] MatSvc C:\Program Files\Microsoft Fix it Center\Matsvc.exe

15:03:46.0609 3376 MatSvc - ok

15:03:46.0656 3376 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe

15:03:46.0656 3376 McrdSvc - ok

15:03:46.0734 3376 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

15:03:46.0734 3376 MDM - ok

15:03:46.0750 3376 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

15:03:46.0750 3376 Messenger - ok

15:03:46.0796 3376 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll

15:03:46.0796 3376 MHN - ok

15:03:46.0828 3376 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys

15:03:46.0828 3376 MHNDRV - ok

15:03:46.0843 3376 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

15:03:46.0843 3376 mnmdd - ok

15:03:46.0890 3376 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

15:03:46.0890 3376 mnmsrvc - ok

15:03:46.0921 3376 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

15:03:46.0921 3376 Modem - ok

15:03:46.0937 3376 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

15:03:46.0937 3376 Mouclass - ok

15:03:47.0000 3376 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

15:03:47.0000 3376 mouhid - ok

15:03:47.0015 3376 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

15:03:47.0015 3376 MountMgr - ok

15:03:47.0093 3376 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

15:03:47.0203 3376 MozillaMaintenance - ok

15:03:47.0234 3376 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys

15:03:47.0234 3376 MpFilter - ok

15:03:47.0406 3376 [ A69630D039C38018689190234F866D77 ] MpKsl4dbbc91e c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\MpKsl4dbbc91e.sys

15:03:47.0406 3376 MpKsl4dbbc91e - ok

15:03:47.0453 3376 [ EEE50BF24CAEEDB515A8F3B22756D3BB ] MQAC C:\WINDOWS\system32\drivers\mqac.sys

15:03:47.0453 3376 MQAC - ok

15:03:47.0453 3376 mraid35x - ok

15:03:47.0484 3376 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

15:03:47.0484 3376 MRxDAV - ok

15:03:47.0546 3376 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

15:03:47.0562 3376 MRxSmb - ok

15:03:47.0609 3376 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe

15:03:47.0609 3376 MSDTC - ok

15:03:47.0625 3376 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

15:03:47.0625 3376 Msfs - ok

15:03:47.0640 3376 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] MSFtpsvc C:\WINDOWS\system32\inetsrv\inetinfo.exe

15:03:47.0640 3376 MSFtpsvc - ok

15:03:47.0656 3376 MSIServer - ok

15:03:47.0671 3376 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

15:03:47.0671 3376 MSKSSRV - ok

15:03:47.0781 3376 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

15:03:47.0781 3376 MsMpSvc - ok

15:03:47.0828 3376 [ E9B5F354AE80325283FD5C1C05217B01 ] MSMQ C:\WINDOWS\system32\mqsvc.exe

15:03:47.0828 3376 MSMQ - ok

15:03:47.0843 3376 [ 10E6B9022B0A5C9C41E2DA6AEAE5D404 ] MSMQTriggers C:\WINDOWS\system32\mqtgsvc.exe

15:03:47.0859 3376 MSMQTriggers - ok

15:03:47.0859 3376 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

15:03:47.0859 3376 MSPCLOCK - ok

15:03:47.0890 3376 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

15:03:47.0890 3376 MSPQM - ok

15:03:47.0921 3376 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

15:03:47.0921 3376 mssmbios - ok

15:03:47.0968 3376 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

15:03:47.0968 3376 Mup - ok

15:03:48.0031 3376 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

15:03:48.0031 3376 napagent - ok

15:03:48.0078 3376 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

15:03:48.0078 3376 NDIS - ok

15:03:48.0125 3376 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

15:03:48.0125 3376 NdisTapi - ok

15:03:48.0171 3376 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

15:03:48.0171 3376 Ndisuio - ok

15:03:48.0187 3376 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

15:03:48.0187 3376 NdisWan - ok

15:03:48.0218 3376 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

15:03:48.0218 3376 NDProxy - ok

15:03:48.0218 3376 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

15:03:48.0234 3376 NetBIOS - ok

15:03:48.0265 3376 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

15:03:48.0265 3376 NetBT - ok

15:03:48.0312 3376 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

15:03:48.0312 3376 NetDDE - ok

15:03:48.0328 3376 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

15:03:48.0328 3376 NetDDEdsdm - ok

15:03:48.0359 3376 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

15:03:48.0375 3376 Netlogon - ok

15:03:48.0390 3376 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

15:03:48.0390 3376 Netman - ok

15:03:48.0453 3376 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

15:03:48.0453 3376 NetTcpPortSharing - ok

15:03:48.0468 3376 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys

15:03:48.0468 3376 NIC1394 - ok

15:03:48.0531 3376 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

15:03:48.0531 3376 Nla - ok

15:03:48.0578 3376 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys

15:03:48.0578 3376 nm - ok

15:03:48.0609 3376 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

15:03:48.0609 3376 Npfs - ok

15:03:48.0671 3376 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

15:03:48.0687 3376 Ntfs - ok

15:03:48.0750 3376 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

15:03:48.0750 3376 NtLmSsp - ok

15:03:48.0812 3376 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

15:03:48.0812 3376 NtmsSvc - ok

15:03:48.0859 3376 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

15:03:48.0859 3376 Null - ok

15:03:49.0031 3376 [ 642A87877F83313EB5302749CD479024 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

15:03:49.0140 3376 nv - ok

15:03:49.0203 3376 [ 2A7A2C6AB9631028B6E3A4159AA65705 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys

15:03:49.0203 3376 NVENETFD - ok

15:03:49.0250 3376 [ 20526A8827DC0956B5526AEBCB6751A0 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys

15:03:49.0250 3376 nvnetbus - ok

15:03:49.0296 3376 [ B0903C021BFCD6055C053A569EF98AEF ] NVSvc C:\WINDOWS\system32\nvsvc32.exe

15:03:49.0312 3376 NVSvc - ok

15:03:49.0421 3376 [ 210EE09CB9C2655E55BD48D851369DC1 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

15:03:49.0453 3376 nvUpdatusService - ok

15:03:49.0515 3376 [ 2C2FD0E6B0180F94C260DD26706AA5F4 ] NWCWorkstation C:\WINDOWS\System32\nwwks.dll

15:03:49.0515 3376 NWCWorkstation - ok

15:03:49.0562 3376 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

15:03:49.0562 3376 NwlnkFlt - ok

15:03:49.0578 3376 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

15:03:49.0593 3376 NwlnkFwd - ok

15:03:49.0609 3376 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys

15:03:49.0640 3376 NwlnkIpx - ok

15:03:49.0687 3376 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys

15:03:49.0703 3376 NwlnkNb - ok

15:03:49.0734 3376 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys

15:03:49.0750 3376 NwlnkSpx - ok

15:03:49.0890 3376 [ 36B9B950E3D2E100970A48D8BAD86740 ] NWRDR C:\WINDOWS\system32\DRIVERS\nwrdr.sys

15:03:49.0906 3376 NWRDR - ok

15:03:49.0906 3376 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

15:03:49.0906 3376 ohci1394 - ok

15:03:50.0000 3376 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:03:50.0015 3376 ose - ok

15:03:50.0109 3376 [ 937A02981F11B2CE96B1D493C95AED2B ] p2pgasvc C:\WINDOWS\system32\p2pgasvc.dll

15:03:50.0109 3376 p2pgasvc - ok

15:03:50.0140 3376 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2pimsvc C:\WINDOWS\system32\p2psvc.dll

15:03:50.0203 3376 p2pimsvc - ok

15:03:50.0218 3376 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2psvc C:\WINDOWS\system32\p2psvc.dll

15:03:50.0218 3376 p2psvc - ok

15:03:50.0265 3376 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

15:03:50.0265 3376 Parport - ok

15:03:50.0296 3376 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

15:03:50.0296 3376 PartMgr - ok

15:03:50.0343 3376 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

15:03:50.0343 3376 ParVdm - ok

15:03:50.0359 3376 PCASp50 - ok

15:03:50.0437 3376 [ 8E8A962565D46855F031ECBF23ACE17A ] PCD5SRVC{085326CB-51A3560A-05010003} C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms

15:03:50.0468 3376 PCD5SRVC{085326CB-51A3560A-05010003} - ok

15:03:50.0484 3376 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

15:03:50.0484 3376 PCI - ok

15:03:50.0484 3376 PCIDump - ok

15:03:50.0500 3376 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

15:03:50.0500 3376 PCIIde - ok

15:03:50.0531 3376 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

15:03:50.0531 3376 Pcmcia - ok

15:03:50.0546 3376 PDCOMP - ok

15:03:50.0546 3376 PDFRAME - ok

15:03:50.0562 3376 PDRELI - ok

15:03:50.0562 3376 PDRFRAME - ok

15:03:50.0578 3376 perc2 - ok

15:03:50.0593 3376 perc2hib - ok

15:03:50.0640 3376 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

15:03:50.0656 3376 PlugPlay - ok

15:03:50.0750 3376 [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] Pml Driver HPZ12 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE

15:03:50.0750 3376 Pml Driver HPZ12 - ok

15:03:50.0796 3376 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] PNRPSvc C:\WINDOWS\system32\p2psvc.dll

15:03:50.0812 3376 PNRPSvc - ok

15:03:50.0812 3376 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

15:03:50.0812 3376 PolicyAgent - ok

15:03:50.0875 3376 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

15:03:50.0875 3376 PptpMiniport - ok

15:03:50.0890 3376 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys

15:03:50.0890 3376 Processor - ok

15:03:50.0890 3376 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

15:03:50.0906 3376 ProtectedStorage - ok

15:03:50.0937 3376 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys

15:03:50.0937 3376 Ps2 - ok

15:03:50.0937 3376 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

15:03:50.0937 3376 PSched - ok

15:03:50.0953 3376 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

15:03:50.0953 3376 Ptilink - ok

15:03:50.0984 3376 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

15:03:50.0984 3376 PxHelp20 - ok

Share this post


Link to post
Share on other sites

15:03:51.0000 3376 ql1080 - ok

15:03:51.0000 3376 Ql10wnt - ok

15:03:51.0015 3376 ql12160 - ok

15:03:51.0031 3376 ql1240 - ok

15:03:51.0031 3376 ql1280 - ok

15:03:51.0062 3376 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

15:03:51.0062 3376 RasAcd - ok

15:03:51.0125 3376 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

15:03:51.0125 3376 RasAuto - ok

15:03:51.0140 3376 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

15:03:51.0156 3376 Rasl2tp - ok

15:03:51.0203 3376 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

15:03:51.0218 3376 RasMan - ok

15:03:51.0218 3376 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

15:03:51.0234 3376 RasPppoe - ok

15:03:51.0234 3376 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

15:03:51.0234 3376 Raspti - ok

15:03:51.0265 3376 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

15:03:51.0265 3376 Rdbss - ok

15:03:51.0265 3376 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

15:03:51.0265 3376 RDPCDD - ok

15:03:51.0312 3376 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys

15:03:51.0312 3376 rdpdr - ok

15:03:51.0359 3376 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

15:03:51.0375 3376 RDPWD - ok

15:03:51.0406 3376 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

15:03:51.0406 3376 RDSessMgr - ok

15:03:51.0453 3376 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

15:03:51.0453 3376 redbook - ok

15:03:51.0500 3376 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

15:03:51.0500 3376 RemoteAccess - ok

15:03:51.0531 3376 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

15:03:51.0531 3376 RemoteRegistry - ok

15:03:51.0578 3376 [ 96F7A9A7BF0C9C0440A967440065D33C ] RMCAST C:\WINDOWS\system32\drivers\RMCast.sys

15:03:51.0593 3376 RMCAST - ok

15:03:51.0625 3376 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe

15:03:51.0625 3376 RpcLocator - ok

15:03:51.0687 3376 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll

15:03:51.0687 3376 RpcSs - ok

15:03:51.0718 3376 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe

15:03:51.0734 3376 RSVP - ok

15:03:51.0765 3376 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS

15:03:51.0765 3376 rtl8139 - ok

15:03:51.0765 3376 RTL8192su - ok

15:03:51.0812 3376 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

15:03:51.0812 3376 SamSs - ok

15:03:51.0812 3376 SamsungMonitorFirmware - ok

15:03:51.0875 3376 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

15:03:51.0875 3376 SCardSvr - ok

15:03:51.0921 3376 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

15:03:51.0937 3376 Schedule - ok

15:03:51.0968 3376 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

15:03:51.0968 3376 Secdrv - ok

15:03:52.0015 3376 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

15:03:52.0015 3376 seclogon - ok

15:03:52.0031 3376 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

15:03:52.0031 3376 SENS - ok

15:03:52.0093 3376 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys

15:03:52.0093 3376 Serial - ok

15:03:52.0171 3376 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

15:03:52.0171 3376 Sfloppy - ok

15:03:52.0234 3376 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

15:03:52.0234 3376 SharedAccess - ok

15:03:52.0281 3376 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

15:03:52.0296 3376 ShellHWDetection - ok

15:03:52.0296 3376 Simbad - ok

15:03:52.0343 3376 [ 32933B07FC16D9F778BEE12545FA1B1A ] SimpTcp C:\WINDOWS\system32\tcpsvcs.exe

15:03:52.0343 3376 SimpTcp - ok

15:03:52.0359 3376 SjyPkt - ok

15:03:52.0390 3376 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] SMTPSVC C:\WINDOWS\system32\inetsrv\inetinfo.exe

15:03:52.0390 3376 SMTPSVC - ok

15:03:52.0453 3376 [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP C:\WINDOWS\System32\snmp.exe

15:03:52.0453 3376 SNMP - ok

15:03:52.0484 3376 [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe

15:03:52.0484 3376 SNMPTRAP - ok

15:03:52.0500 3376 Sparrow - ok

15:03:52.0515 3376 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

15:03:52.0515 3376 splitter - ok

15:03:52.0578 3376 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

15:03:52.0578 3376 Spooler - ok

15:03:52.0625 3376 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

15:03:52.0687 3376 sr - ok

15:03:52.0750 3376 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

15:03:52.0750 3376 srservice - ok

15:03:52.0781 3376 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

15:03:52.0796 3376 Srv - ok

15:03:52.0828 3376 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

15:03:52.0828 3376 SSDPSRV - ok

15:03:52.0843 3376 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

15:03:52.0843 3376 stisvc - ok

15:03:52.0906 3376 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

15:03:52.0906 3376 swenum - ok

15:03:52.0921 3376 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

15:03:52.0921 3376 swmidi - ok

15:03:52.0921 3376 SwPrv - ok

15:03:52.0937 3376 symc810 - ok

15:03:52.0953 3376 symc8xx - ok

15:03:52.0953 3376 sym_hi - ok

15:03:52.0968 3376 sym_u3 - ok

15:03:53.0015 3376 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

15:03:53.0015 3376 sysaudio - ok

15:03:53.0046 3376 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

15:03:53.0046 3376 SysmonLog - ok

15:03:53.0062 3376 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

15:03:53.0062 3376 TapiSrv - ok

15:03:53.0109 3376 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

15:03:53.0140 3376 Tcpip - ok

15:03:53.0156 3376 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys

15:03:53.0156 3376 Tcpip6 - ok

15:03:53.0187 3376 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

15:03:53.0187 3376 TDPIPE - ok

15:03:53.0203 3376 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

15:03:53.0203 3376 TDTCP - ok

15:03:53.0218 3376 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

15:03:53.0218 3376 TermDD - ok

15:03:53.0281 3376 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

15:03:53.0281 3376 TermService - ok

15:03:53.0296 3376 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

15:03:53.0312 3376 Themes - ok

15:03:53.0359 3376 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe

15:03:53.0359 3376 TlntSvr - ok

15:03:53.0375 3376 TosIde - ok

15:03:53.0406 3376 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

15:03:53.0421 3376 TrkWks - ok

15:03:53.0453 3376 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys

15:03:53.0453 3376 tunmp - ok

15:03:53.0468 3376 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

15:03:53.0468 3376 Udfs - ok

15:03:53.0484 3376 ultra - ok

15:03:53.0531 3376 [ 9651E5D850B6F6BD7C77C70AA06F02BF ] UMWdf C:\WINDOWS\system32\wdfmgr.exe

15:03:53.0531 3376 UMWdf - ok

15:03:53.0578 3376 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

15:03:53.0578 3376 Update - ok

15:03:53.0609 3376 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

15:03:53.0625 3376 upnphost - ok

15:03:53.0640 3376 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

15:03:53.0640 3376 UPS - ok

15:03:53.0703 3376 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

15:03:53.0703 3376 usbccgp - ok

15:03:53.0750 3376 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

15:03:53.0750 3376 usbehci - ok

15:03:53.0765 3376 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

15:03:53.0765 3376 usbhub - ok

15:03:53.0796 3376 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys

15:03:53.0796 3376 usbohci - ok

15:03:53.0828 3376 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

15:03:53.0828 3376 usbscan - ok

15:03:53.0843 3376 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

15:03:53.0843 3376 usbstor - ok

15:03:53.0859 3376 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

15:03:53.0859 3376 usbuhci - ok

15:03:53.0906 3376 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

15:03:53.0906 3376 VgaSave - ok

15:03:53.0921 3376 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys

15:03:53.0921 3376 ViaIde - ok

15:03:53.0921 3376 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

15:03:53.0953 3376 VolSnap - ok

15:03:53.0984 3376 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

15:03:53.0984 3376 VSS - ok

15:03:54.0000 3376 vToolbarUpdater13.3.2 - ok

15:03:54.0031 3376 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll

15:03:54.0031 3376 W32Time - ok

15:03:54.0046 3376 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] W3SVC C:\WINDOWS\system32\inetsrv\inetinfo.exe

15:03:54.0046 3376 W3SVC - ok

15:03:54.0062 3376 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

15:03:54.0062 3376 Wanarp - ok

15:03:54.0078 3376 WDICA - ok

15:03:54.0093 3376 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

15:03:54.0093 3376 wdmaud - ok

15:03:54.0125 3376 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

15:03:54.0125 3376 WebClient - ok

15:03:54.0234 3376 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

15:03:54.0234 3376 winmgmt - ok

15:03:54.0296 3376 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll

15:03:54.0343 3376 WinRM - ok

15:03:54.0406 3376 [ B9715B9C18BC6C8F4B66733D208CC9F7 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

15:03:54.0406 3376 WmdmPmSN - ok

15:03:54.0468 3376 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll

15:03:54.0500 3376 Wmi - ok

15:03:54.0531 3376 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

15:03:54.0531 3376 WmiApSrv - ok

15:03:54.0562 3376 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

15:03:54.0562 3376 WS2IFSL - ok

15:03:54.0593 3376 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

15:03:54.0609 3376 wscsvc - ok

15:03:54.0671 3376 [ D0697918519A4CF059C2C7E3B9E93A53 ] WSWNA3100 C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe

15:03:54.0687 3376 WSWNA3100 - ok

15:03:54.0734 3376 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

15:03:54.0750 3376 wuauserv - ok

15:03:54.0796 3376 [ 326C012C7FE573829871FE9C9E41CF9B ] WUSB54GCv3 C:\WINDOWS\system32\DRIVERS\WUSB54GCv3.sys

15:03:54.0796 3376 WUSB54GCv3 - ok

15:03:54.0859 3376 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

15:03:54.0875 3376 WZCSVC - ok

15:03:55.0000 3376 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

15:03:55.0015 3376 xmlprov - ok

15:03:55.0062 3376 ================ Scan global ===============================

15:03:55.0109 3376 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

15:03:55.0156 3376 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

15:03:55.0187 3376 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

15:03:55.0203 3376 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

15:03:55.0203 3376 [Global] - ok

15:03:55.0203 3376 ================ Scan MBR ==================================

15:03:55.0234 3376 [ D11C727E03BB7318DCDA069B06E652F0 ] \Device\Harddisk0\DR0

15:03:55.0484 3376 \Device\Harddisk0\DR0 - ok

15:03:55.0484 3376 ================ Scan VBR ==================================

15:03:55.0500 3376 [ 7D1FB532F60B1805833305873E2E9833 ] \Device\Harddisk0\DR0\Partition1

15:03:55.0500 3376 \Device\Harddisk0\DR0\Partition1 - ok

15:03:55.0500 3376 [ CEE655F6E55C73A2BEFE1596E0DF8F79 ] \Device\Harddisk0\DR0\Partition2

15:03:55.0500 3376 \Device\Harddisk0\DR0\Partition2 - ok

15:03:55.0500 3376 ================ Scan active images ========================

15:03:55.0500 3376 [ 8F861EDA21C05857EB8197300A92501C ] C:\WINDOWS\system32\drivers\tunmp.sys

15:03:55.0500 3376 C:\WINDOWS\system32\drivers\tunmp.sys - ok

15:03:55.0515 3376 [ 59301936898AE62245A6F09C0ABA9475 ] C:\WINDOWS\system32\drivers\AmdK8.sys

15:03:55.0515 3376 C:\WINDOWS\system32\drivers\AmdK8.sys - ok

15:03:55.0515 3376 [ 00523019E3579C8F8A94457FE25F0F24 ] C:\WINDOWS\system32\drivers\aracpi.sys

15:03:55.0515 3376 C:\WINDOWS\system32\drivers\aracpi.sys - ok

15:03:55.0531 3376 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys

15:03:55.0531 3376 C:\WINDOWS\system32\drivers\videoprt.sys - ok

15:03:55.0531 3376 [ 642A87877F83313EB5302749CD479024 ] C:\WINDOWS\system32\drivers\nv4_mini.sys

15:03:55.0531 3376 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok

15:03:55.0531 3376 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys

15:03:55.0531 3376 C:\WINDOWS\system32\drivers\usbport.sys - ok

15:03:55.0546 3376 [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys

15:03:55.0546 3376 C:\WINDOWS\system32\drivers\usbohci.sys - ok

15:03:55.0546 3376 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys

15:03:55.0546 3376 C:\WINDOWS\system32\drivers\usbehci.sys - ok

15:03:55.0562 3376 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys

15:03:55.0562 3376 C:\WINDOWS\system32\drivers\imapi.sys - ok

15:03:55.0562 3376 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys

15:03:55.0562 3376 C:\WINDOWS\system32\drivers\cdrom.sys - ok

15:03:55.0562 3376 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys

15:03:55.0562 3376 C:\WINDOWS\system32\drivers\ks.sys - ok

15:03:55.0578 3376 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys

15:03:55.0593 3376 C:\WINDOWS\system32\drivers\redbook.sys - ok

15:03:55.0593 3376 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys

15:03:55.0593 3376 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok

15:03:55.0609 3376 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys

15:03:55.0609 3376 C:\WINDOWS\system32\drivers\nic1394.sys - ok

15:03:55.0609 3376 [ 51A66C689AD9B9A953F75496209AE520 ] C:\WINDOWS\system32\drivers\AGRSM.sys

15:03:55.0609 3376 C:\WINDOWS\system32\drivers\AGRSM.sys - ok

15:03:55.0609 3376 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys

15:03:55.0609 3376 C:\WINDOWS\system32\drivers\modem.sys - ok

15:03:55.0625 3376 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys

15:03:55.0625 3376 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok

15:03:55.0625 3376 [ 58D7D9E20D81117FB49768F8592DA74F ] C:\WINDOWS\system32\drivers\nvsnpu.sys

15:03:55.0625 3376 C:\WINDOWS\system32\drivers\nvsnpu.sys - ok

15:03:55.0640 3376 [ 143856A6E46E74A19CEFAE9FF2246C71 ] C:\WINDOWS\system32\drivers\nvnrm.sys

15:03:55.0640 3376 C:\WINDOWS\system32\drivers\nvnrm.sys - ok

15:03:55.0640 3376 [ 20526A8827DC0956B5526AEBCB6751A0 ] C:\WINDOWS\system32\drivers\nvnetbus.sys

15:03:55.0640 3376 C:\WINDOWS\system32\drivers\nvnetbus.sys - ok

15:03:55.0656 3376 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys

15:03:55.0656 3376 C:\WINDOWS\system32\drivers\i8042prt.sys - ok

15:03:55.0656 3376 [ 390C204CED3785609AB24E9C52054A84 ] C:\WINDOWS\system32\drivers\PS2.sys

15:03:55.0656 3376 C:\WINDOWS\system32\drivers\PS2.sys - ok

15:03:55.0671 3376 [ 82969576093CD983DD559F5A86F382B4 ] C:\WINDOWS\system32\drivers\arkbcfltr.sys

15:03:55.0671 3376 C:\WINDOWS\system32\drivers\arkbcfltr.sys - ok

15:03:55.0671 3376 [ 7A2DA7C7B0C524EF26A79F17A5C69FDE ] C:\WINDOWS\system32\drivers\arpolicy.sys

15:03:55.0671 3376 C:\WINDOWS\system32\drivers\arpolicy.sys - ok

15:03:55.0687 3376 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys

15:03:55.0687 3376 C:\WINDOWS\system32\drivers\audstub.sys - ok

15:03:55.0687 3376 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys

15:03:55.0687 3376 C:\WINDOWS\system32\drivers\kbdclass.sys - ok

15:03:55.0687 3376 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys

15:03:55.0687 3376 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok

15:03:55.0703 3376 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys

15:03:55.0703 3376 C:\WINDOWS\system32\drivers\ndistapi.sys - ok

15:03:55.0703 3376 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys

15:03:55.0703 3376 C:\WINDOWS\system32\drivers\ndiswan.sys - ok

15:03:55.0718 3376 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys

15:03:55.0718 3376 C:\WINDOWS\system32\drivers\raspppoe.sys - ok

15:03:55.0718 3376 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys

15:03:55.0718 3376 C:\WINDOWS\system32\drivers\raspptp.sys - ok

15:03:55.0734 3376 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys

15:03:55.0734 3376 C:\WINDOWS\system32\drivers\tdi.sys - ok

15:03:55.0734 3376 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys

15:03:55.0734 3376 C:\WINDOWS\system32\drivers\psched.sys - ok

15:03:55.0734 3376 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys

15:03:55.0734 3376 C:\WINDOWS\system32\drivers\msgpc.sys - ok

15:03:55.0750 3376 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys

15:03:55.0750 3376 C:\WINDOWS\system32\drivers\ptilink.sys - ok

15:03:55.0750 3376 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys

15:03:55.0750 3376 C:\WINDOWS\system32\drivers\mouclass.sys - ok

15:03:55.0765 3376 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys

15:03:55.0765 3376 C:\WINDOWS\system32\drivers\raspti.sys - ok

15:03:55.0765 3376 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys

15:03:55.0765 3376 C:\WINDOWS\system32\drivers\rdpdr.sys - ok

15:03:55.0765 3376 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys

15:03:55.0781 3376 C:\WINDOWS\system32\drivers\swenum.sys - ok

15:03:55.0781 3376 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys

15:03:55.0781 3376 C:\WINDOWS\system32\drivers\termdd.sys - ok

15:03:55.0781 3376 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys

15:03:55.0781 3376 C:\WINDOWS\system32\drivers\mssmbios.sys - ok

15:03:55.0796 3376 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys

15:03:55.0796 3376 C:\WINDOWS\system32\drivers\update.sys - ok

15:03:55.0796 3376 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys

15:03:55.0796 3376 C:\WINDOWS\system32\drivers\ndproxy.sys - ok

15:03:55.0812 3376 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys

15:03:55.0812 3376 C:\WINDOWS\system32\drivers\usbd.sys - ok

15:03:55.0812 3376 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys

15:03:55.0812 3376 C:\WINDOWS\system32\drivers\usbhub.sys - ok

15:03:55.0812 3376 [ 2A7A2C6AB9631028B6E3A4159AA65705 ] C:\WINDOWS\system32\drivers\NVENETFD.sys

15:03:55.0812 3376 C:\WINDOWS\system32\drivers\NVENETFD.sys - ok

15:03:55.0828 3376 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys

15:03:55.0828 3376 C:\WINDOWS\system32\drivers\drmk.sys - ok

15:03:55.0828 3376 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys

15:03:55.0828 3376 C:\WINDOWS\system32\drivers\portcls.sys - ok

15:03:55.0843 3376 [ 14B48553BE78472D2BD3A518658A1710 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys

15:03:55.0843 3376 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok

15:03:55.0843 3376 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys

15:03:55.0843 3376 C:\WINDOWS\system32\drivers\fdc.sys - ok

15:03:55.0859 3376 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys

15:03:55.0859 3376 C:\WINDOWS\system32\drivers\flpydisk.sys - ok

15:03:55.0859 3376 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys

15:03:55.0859 3376 C:\WINDOWS\system32\drivers\beep.sys - ok

15:03:55.0859 3376 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys

15:03:55.0859 3376 C:\WINDOWS\system32\drivers\cdaudio.sys - ok

15:03:55.0875 3376 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys

15:03:55.0875 3376 C:\WINDOWS\system32\drivers\fs_rec.sys - ok

15:03:55.0875 3376 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys

15:03:55.0875 3376 C:\WINDOWS\system32\drivers\mnmdd.sys - ok

15:03:55.0890 3376 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys

15:03:55.0890 3376 C:\WINDOWS\system32\drivers\null.sys - ok

15:03:55.0890 3376 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys

15:03:55.0890 3376 C:\WINDOWS\system32\drivers\sfloppy.sys - ok

15:03:55.0906 3376 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys

15:03:55.0906 3376 C:\WINDOWS\system32\drivers\vga.sys - ok

15:03:55.0906 3376 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys

15:03:55.0906 3376 C:\WINDOWS\system32\drivers\msfs.sys - ok

15:03:55.0921 3376 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys

15:03:55.0921 3376 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok

15:03:55.0921 3376 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys

15:03:55.0921 3376 C:\WINDOWS\system32\drivers\npfs.sys - ok

15:03:55.0937 3376 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys

15:03:55.0937 3376 C:\WINDOWS\system32\drivers\ipsec.sys - ok

15:03:55.0937 3376 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys

15:03:55.0937 3376 C:\WINDOWS\system32\drivers\rasacd.sys - ok

15:03:55.0937 3376 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys

15:03:55.0937 3376 C:\WINDOWS\system32\drivers\tcpip.sys - ok

15:03:55.0953 3376 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] C:\WINDOWS\system32\drivers\tcpip6.sys

15:03:55.0953 3376 C:\WINDOWS\system32\drivers\tcpip6.sys - ok

15:03:55.0953 3376 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys

15:03:55.0953 3376 C:\WINDOWS\system32\drivers\ipnat.sys - ok

15:03:55.0968 3376 [ 3BB22519A194418D5FEC05D800A19AD0 ] C:\WINDOWS\system32\drivers\ip6fw.sys

15:03:55.0968 3376 C:\WINDOWS\system32\drivers\ip6fw.sys - ok

15:03:55.0968 3376 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys

15:03:55.0968 3376 C:\WINDOWS\system32\drivers\netbt.sys - ok

15:03:55.0984 3376 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys

15:03:55.0984 3376 C:\WINDOWS\system32\drivers\wanarp.sys - ok

15:03:55.0984 3376 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys

15:03:55.0984 3376 C:\WINDOWS\system32\drivers\afd.sys - ok

15:03:55.0984 3376 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys

15:03:55.0984 3376 C:\WINDOWS\system32\drivers\netbios.sys - ok

Share this post


Link to post
Share on other sites

15:03:56.0000 3376 [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys

15:03:56.0000 3376 C:\WINDOWS\system32\drivers\processr.sys - ok

15:03:56.0000 3376 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys

15:03:56.0000 3376 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok

15:03:56.0015 3376 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys

15:03:56.0015 3376 C:\WINDOWS\system32\drivers\rdbss.sys - ok

15:03:56.0015 3376 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys

15:03:56.0015 3376 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok

15:03:56.0015 3376 [ A69630D039C38018689190234F866D77 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\MpKsl1d313f32.sys

15:03:56.0015 3376 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\MpKsl1d313f32.sys - ok

15:03:56.0031 3376 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys

15:03:56.0031 3376 C:\WINDOWS\system32\drivers\fips.sys - ok

15:03:56.0031 3376 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe

15:03:56.0031 3376 C:\WINDOWS\system32\smss.exe - ok

15:03:56.0046 3376 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll

15:03:56.0046 3376 C:\WINDOWS\system32\ntdll.dll - ok

15:03:56.0046 3376 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe

15:03:56.0046 3376 C:\WINDOWS\system32\autochk.exe - ok

15:03:56.0046 3376 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys

15:03:56.0046 3376 C:\WINDOWS\system32\drivers\fastfat.sys - ok

15:03:56.0062 3376 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll

15:03:56.0062 3376 C:\WINDOWS\system32\sfcfiles.dll - ok

15:03:56.0062 3376 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys

15:03:56.0062 3376 C:\WINDOWS\system32\drivers\usbccgp.sys - ok

15:03:56.0062 3376 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys

15:03:56.0062 3376 C:\WINDOWS\system32\drivers\usbstor.sys - ok

15:03:56.0078 3376 [ B770039886598AAB7CF5EAEEC2409E31 ] C:\WINDOWS\system32\drivers\bcmwlhigh5.sys

15:03:56.0078 3376 C:\WINDOWS\system32\drivers\bcmwlhigh5.sys - ok

15:03:56.0078 3376 [ 9FEDAA46EB1A572AC4D9EE6B5F123CF2 ] C:\WINDOWS\system32\drivers\arhidfltr.sys

15:03:56.0078 3376 C:\WINDOWS\system32\drivers\arhidfltr.sys - ok

15:03:56.0093 3376 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys

15:03:56.0093 3376 C:\WINDOWS\system32\drivers\hidclass.sys - ok

15:03:56.0093 3376 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys

15:03:56.0093 3376 C:\WINDOWS\system32\drivers\hidparse.sys - ok

15:03:56.0093 3376 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys

15:03:56.0093 3376 C:\WINDOWS\system32\drivers\hidusb.sys - ok

15:03:56.0109 3376 [ 9B21791D8A78FAECE999FADBEBDA6C22 ] C:\WINDOWS\system32\drivers\armoucfltr.sys

15:03:56.0109 3376 C:\WINDOWS\system32\drivers\armoucfltr.sys - ok

15:03:56.0109 3376 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys

15:03:56.0109 3376 C:\WINDOWS\system32\drivers\mouhid.sys - ok

15:03:56.0125 3376 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] C:\WINDOWS\system32\drivers\udfs.sys

15:03:56.0125 3376 C:\WINDOWS\system32\drivers\udfs.sys - ok

15:03:56.0125 3376 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys

15:03:56.0125 3376 C:\WINDOWS\system32\drivers\wmilib.sys - ok

15:03:56.0140 3376 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys

15:03:56.0140 3376 C:\WINDOWS\system32\drivers\atapi.sys - ok

15:03:56.0140 3376 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys

15:03:56.0140 3376 C:\WINDOWS\system32\drivers\dxapi.sys - ok

15:03:56.0140 3376 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

15:03:56.0140 3376 C:\WINDOWS\system32\basesrv.dll - ok

15:03:56.0156 3376 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll

15:03:56.0156 3376 C:\WINDOWS\system32\csrsrv.dll - ok

15:03:56.0156 3376 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe

15:03:56.0156 3376 C:\WINDOWS\system32\csrss.exe - ok

15:03:56.0156 3376 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys

15:03:56.0156 3376 C:\WINDOWS\system32\watchdog.sys - ok

15:03:56.0171 3376 [ F984CAE54E536681B209F7816D8F68DA ] C:\WINDOWS\system32\win32k.sys

15:03:56.0171 3376 C:\WINDOWS\system32\win32k.sys - ok

15:03:56.0171 3376 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll

15:03:56.0171 3376 C:\WINDOWS\system32\gdi32.dll - ok

15:03:56.0187 3376 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

15:03:56.0187 3376 C:\WINDOWS\system32\winsrv.dll - ok

15:03:56.0187 3376 [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll

15:03:56.0187 3376 C:\WINDOWS\system32\kernel32.dll - ok

15:03:56.0187 3376 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll

15:03:56.0187 3376 C:\WINDOWS\system32\user32.dll - ok

15:03:56.0203 3376 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys

15:03:56.0203 3376 C:\WINDOWS\system32\drivers\dxg.sys - ok

15:03:56.0203 3376 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys

15:03:56.0203 3376 C:\WINDOWS\system32\drivers\dxgthk.sys - ok

15:03:56.0218 3376 [ 2B7393ED067069373E3688A79E9735D0 ] C:\WINDOWS\system32\nv4_disp.dll

15:03:56.0218 3376 C:\WINDOWS\system32\nv4_disp.dll - ok

15:03:56.0218 3376 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll

15:03:56.0218 3376 C:\WINDOWS\system32\vga.dll - ok

15:03:56.0218 3376 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe

15:03:56.0218 3376 C:\WINDOWS\system32\winlogon.exe - ok

15:03:56.0234 3376 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll

15:03:56.0234 3376 C:\WINDOWS\system32\advapi32.dll - ok

15:03:56.0234 3376 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll

15:03:56.0234 3376 C:\WINDOWS\system32\rpcrt4.dll - ok

15:03:56.0250 3376 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll

15:03:56.0250 3376 C:\WINDOWS\system32\secur32.dll - ok

15:03:56.0250 3376 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll

15:03:56.0250 3376 C:\WINDOWS\system32\authz.dll - ok

15:03:56.0250 3376 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll

15:03:56.0250 3376 C:\WINDOWS\system32\msvcrt.dll - ok

15:03:56.0265 3376 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll

15:03:56.0265 3376 C:\WINDOWS\system32\crypt32.dll - ok

15:03:56.0265 3376 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll

15:03:56.0265 3376 C:\WINDOWS\system32\msasn1.dll - ok

15:03:56.0281 3376 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll

15:03:56.0281 3376 C:\WINDOWS\system32\nddeapi.dll - ok

15:03:56.0296 3376 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll

15:03:56.0296 3376 C:\WINDOWS\system32\netapi32.dll - ok

15:03:56.0296 3376 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll

15:03:56.0296 3376 C:\WINDOWS\system32\profmap.dll - ok

15:03:56.0296 3376 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll

15:03:56.0296 3376 C:\WINDOWS\system32\userenv.dll - ok

15:03:56.0312 3376 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll

15:03:56.0312 3376 C:\WINDOWS\system32\psapi.dll - ok

15:03:56.0312 3376 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll

15:03:56.0312 3376 C:\WINDOWS\system32\regapi.dll - ok

15:03:56.0328 3376 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll

15:03:56.0328 3376 C:\WINDOWS\system32\setupapi.dll - ok

15:03:56.0328 3376 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll

15:03:56.0328 3376 C:\WINDOWS\system32\imagehlp.dll - ok

15:03:56.0328 3376 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll

15:03:56.0328 3376 C:\WINDOWS\system32\version.dll - ok

15:03:56.0343 3376 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll

15:03:56.0343 3376 C:\WINDOWS\system32\winsta.dll - ok

15:03:56.0343 3376 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll

15:03:56.0343 3376 C:\WINDOWS\system32\wintrust.dll - ok

15:03:56.0359 3376 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll

15:03:56.0359 3376 C:\WINDOWS\system32\imm32.dll - ok

15:03:56.0359 3376 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll

15:03:56.0359 3376 C:\WINDOWS\system32\ws2help.dll - ok

15:03:56.0359 3376 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll

15:03:56.0359 3376 C:\WINDOWS\system32\ws2_32.dll - ok

15:03:56.0375 3376 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll

15:03:56.0375 3376 C:\WINDOWS\system32\kbdus.dll - ok

15:03:56.0375 3376 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll

15:03:56.0375 3376 C:\WINDOWS\system32\msgina.dll - ok

15:03:56.0390 3376 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll

15:03:56.0390 3376 C:\WINDOWS\system32\comctl32.dll - ok

15:03:56.0390 3376 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll

15:03:56.0390 3376 C:\WINDOWS\system32\comdlg32.dll - ok

15:03:56.0390 3376 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll

15:03:56.0390 3376 C:\WINDOWS\system32\odbc32.dll - ok

15:03:56.0406 3376 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll

15:03:56.0406 3376 C:\WINDOWS\system32\shell32.dll - ok

15:03:56.0406 3376 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll

15:03:56.0406 3376 C:\WINDOWS\system32\shlwapi.dll - ok

15:03:56.0421 3376 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll

15:03:56.0421 3376 C:\WINDOWS\system32\sxs.dll - ok

15:03:56.0421 3376 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

15:03:56.0421 3376 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok

15:03:56.0421 3376 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll

15:03:56.0421 3376 C:\WINDOWS\system32\odbcint.dll - ok

15:03:56.0437 3376 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll

15:03:56.0437 3376 C:\WINDOWS\system32\shsvcs.dll - ok

15:03:56.0437 3376 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll

15:03:56.0437 3376 C:\WINDOWS\system32\ole32.dll - ok

15:03:56.0453 3376 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll

15:03:56.0453 3376 C:\WINDOWS\system32\sfc.dll - ok

15:03:56.0453 3376 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll

15:03:56.0453 3376 C:\WINDOWS\system32\sfc_os.dll - ok

15:03:56.0453 3376 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll

15:03:56.0453 3376 C:\WINDOWS\system32\apphelp.dll - ok

15:03:56.0468 3376 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe

15:03:56.0468 3376 C:\WINDOWS\system32\lsass.exe - ok

15:03:56.0468 3376 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

15:03:56.0468 3376 C:\WINDOWS\system32\services.exe - ok

15:03:56.0484 3376 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll

15:03:56.0484 3376 C:\WINDOWS\system32\lsasrv.dll - ok

15:03:56.0484 3376 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll

15:03:56.0484 3376 C:\WINDOWS\system32\ncobjapi.dll - ok

15:03:56.0484 3376 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll

15:03:56.0484 3376 C:\WINDOWS\system32\msvcp60.dll - ok

15:03:56.0500 3376 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll

15:03:56.0500 3376 C:\WINDOWS\system32\scesrv.dll - ok

15:03:56.0500 3376 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll

15:03:56.0500 3376 C:\WINDOWS\system32\mpr.dll - ok

15:03:56.0515 3376 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll

15:03:56.0515 3376 C:\WINDOWS\system32\umpnpmgr.dll - ok

15:03:56.0515 3376 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll

15:03:56.0515 3376 C:\WINDOWS\system32\ntdsapi.dll - ok

15:03:56.0531 3376 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll

15:03:56.0531 3376 C:\WINDOWS\AppPatch\acadproc.dll - ok

15:03:56.0531 3376 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll

15:03:56.0531 3376 C:\WINDOWS\system32\dnsapi.dll - ok

15:03:56.0531 3376 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll

15:03:56.0531 3376 C:\WINDOWS\system32\shimeng.dll - ok

15:03:56.0546 3376 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll

15:03:56.0546 3376 C:\WINDOWS\system32\wldap32.dll - ok

15:03:56.0546 3376 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll

15:03:56.0546 3376 C:\WINDOWS\system32\samlib.dll - ok

15:03:56.0562 3376 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll

15:03:56.0562 3376 C:\WINDOWS\system32\samsrv.dll - ok

15:03:56.0562 3376 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll

15:03:56.0562 3376 C:\WINDOWS\AppPatch\acgenral.dll - ok

15:03:56.0562 3376 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll

15:03:56.0562 3376 C:\WINDOWS\system32\cryptdll.dll - ok

15:03:56.0578 3376 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll

15:03:56.0578 3376 C:\WINDOWS\system32\oleaut32.dll - ok

15:03:56.0578 3376 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll

15:03:56.0578 3376 C:\WINDOWS\system32\winmm.dll - ok

15:03:56.0593 3376 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll

15:03:56.0593 3376 C:\WINDOWS\system32\msacm32.dll - ok

15:03:56.0593 3376 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll

15:03:56.0593 3376 C:\WINDOWS\system32\uxtheme.dll - ok

15:03:56.0593 3376 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll

15:03:56.0593 3376 C:\WINDOWS\system32\digest.dll - ok

15:03:56.0609 3376 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll

15:03:56.0609 3376 C:\WINDOWS\system32\msapsspc.dll - ok

15:03:56.0609 3376 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll

15:03:56.0609 3376 C:\WINDOWS\system32\msvcrt40.dll - ok

15:03:56.0609 3376 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll

15:03:56.0609 3376 C:\WINDOWS\system32\schannel.dll - ok

15:03:56.0625 3376 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime

15:03:56.0625 3376 C:\WINDOWS\system32\msctfime.ime - ok

15:03:56.0625 3376 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll

15:03:56.0625 3376 C:\WINDOWS\system32\msnsspc.dll - ok

15:03:56.0640 3376 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll

15:03:56.0640 3376 C:\WINDOWS\system32\msprivs.dll - ok

15:03:56.0640 3376 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll

15:03:56.0640 3376 C:\WINDOWS\system32\kerberos.dll - ok

15:03:56.0640 3376 [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll

15:03:56.0640 3376 C:\WINDOWS\system32\atmfd.dll - ok

15:03:56.0656 3376 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll

15:03:56.0656 3376 C:\WINDOWS\system32\iphlpapi.dll - ok

15:03:56.0656 3376 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll

15:03:56.0656 3376 C:\WINDOWS\system32\msv1_0.dll - ok

15:03:56.0671 3376 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll

15:03:56.0671 3376 C:\WINDOWS\system32\netlogon.dll - ok

15:03:56.0671 3376 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll

15:03:56.0671 3376 C:\WINDOWS\system32\w32time.dll - ok

15:03:56.0671 3376 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll

15:03:56.0671 3376 C:\WINDOWS\system32\rsaenh.dll - ok

15:03:56.0687 3376 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll

15:03:56.0687 3376 C:\WINDOWS\system32\wdigest.dll - ok

15:03:56.0687 3376 [ 06E587F41466569F32BEAAC7260E8AEC ] C:\WINDOWS\system32\nwprovau.dll

15:03:56.0687 3376 C:\WINDOWS\system32\nwprovau.dll - ok

15:03:56.0703 3376 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll

15:03:56.0703 3376 C:\WINDOWS\system32\winscard.dll - ok

15:03:56.0703 3376 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll

15:03:56.0703 3376 C:\WINDOWS\system32\wtsapi32.dll - ok

15:03:56.0703 3376 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll

15:03:56.0703 3376 C:\WINDOWS\system32\scecli.dll - ok

15:03:56.0718 3376 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe

15:03:56.0718 3376 C:\WINDOWS\system32\svchost.exe - ok

15:03:56.0718 3376 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll

15:03:56.0718 3376 C:\WINDOWS\system32\ntmarta.dll - ok

15:03:56.0734 3376 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll

15:03:56.0734 3376 C:\WINDOWS\system32\rpcss.dll - ok

15:03:56.0734 3376 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll

15:03:56.0734 3376 C:\WINDOWS\system32\xpsp2res.dll - ok

15:03:56.0734 3376 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll

15:03:56.0734 3376 C:\WINDOWS\system32\eventlog.dll - ok

15:03:56.0750 3376 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll

15:03:56.0750 3376 C:\WINDOWS\system32\mswsock.dll - ok

15:03:56.0750 3376 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll

15:03:56.0750 3376 C:\WINDOWS\system32\hnetcfg.dll - ok

15:03:56.0765 3376 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll

15:03:56.0765 3376 C:\Program Files\Bonjour\mdnsNSP.dll - ok

15:03:56.0765 3376 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll

15:03:56.0765 3376 C:\WINDOWS\system32\winrnr.dll - ok

15:03:56.0765 3376 [ 60B8C0DB5A8E4D7B4712DF66D6FF2788 ] C:\WINDOWS\system32\wship6.dll

15:03:56.0765 3376 C:\WINDOWS\system32\wship6.dll - ok

15:03:56.0781 3376 [ 811BB60991FC03A63F2F844A3F9C6488 ] C:\WINDOWS\system32\wshisn.dll

15:03:56.0781 3376 C:\WINDOWS\system32\wshisn.dll - ok

15:03:56.0781 3376 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll

15:03:56.0781 3376 C:\WINDOWS\system32\wshtcpip.dll - ok

15:03:56.0796 3376 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll

15:03:56.0796 3376 C:\WINDOWS\system32\wsock32.dll - ok

15:03:56.0796 3376 [ 9AC7F31404F784753C4C04296E48CFAB ] C:\Program Files\Microsoft Security Client\MpSvc.dll

15:03:56.0796 3376 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok

15:03:56.0796 3376 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe

15:03:56.0796 3376 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok

15:03:56.0812 3376 [ AF1449AC1D79D37C7026C1D8912DDA8E ] C:\WINDOWS\system32\pnrpnsp.dll

15:03:56.0812 3376 C:\WINDOWS\system32\pnrpnsp.dll - ok

15:03:56.0812 3376 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll

15:03:56.0812 3376 C:\WINDOWS\system32\rasadhlp.dll - ok

15:03:56.0828 3376 [ 84204FDA617A3611D510A1DCBAE64004 ] C:\Program Files\Microsoft Security Client\MpClient.dll

15:03:56.0828 3376 C:\Program Files\Microsoft Security Client\MpClient.dll - ok

15:03:56.0828 3376 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\SqmApi.dll

15:03:56.0828 3376 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok

15:03:56.0828 3376 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] C:\WINDOWS\system32\drivers\nwlnkipx.sys

15:03:56.0828 3376 C:\WINDOWS\system32\drivers\nwlnkipx.sys - ok

15:03:56.0843 3376 [ 56D34A67C05E94E16377C60609741FF8 ] C:\WINDOWS\system32\drivers\nwlnknb.sys

15:03:56.0843 3376 C:\WINDOWS\system32\drivers\nwlnknb.sys - ok

15:03:56.0843 3376 [ C47E7C5E7410C7DE98F7219E3008C23D ] C:\WINDOWS\system32\drivers\EAPPkt.sys

15:03:56.0843 3376 C:\WINDOWS\system32\drivers\EAPPkt.sys - ok

15:03:56.0859 3376 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys

15:03:56.0859 3376 C:\WINDOWS\system32\drivers\ndisuio.sys - ok

15:03:56.0859 3376 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll

15:03:56.0859 3376 C:\WINDOWS\system32\dhcpcsvc.dll - ok

15:03:56.0859 3376 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll

15:03:56.0859 3376 C:\WINDOWS\system32\cscdll.dll - ok

15:03:56.0875 3376 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll

15:03:56.0875 3376 C:\WINDOWS\system32\dimsntfy.dll - ok

15:03:56.0875 3376 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv

15:03:56.0875 3376 C:\WINDOWS\system32\winspool.drv - ok

15:03:56.0890 3376 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll

15:03:56.0890 3376 C:\WINDOWS\system32\wlnotify.dll - ok

15:03:56.0890 3376 [ 7C29BC74635524E13FAA556A5FD48968 ] C:\Program Files\Microsoft Security Client\MpRTP.dll

15:03:56.0890 3376 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok

15:03:56.0890 3376 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll

15:03:56.0890 3376 C:\WINDOWS\system32\fltlib.dll - ok

15:03:56.0906 3376 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll

15:03:56.0906 3376 C:\WINDOWS\system32\dnsrslvr.dll - ok

15:03:56.0906 3376 [ 2187855A7703ADEF0CEF9EE4285182CC ] C:\WINDOWS\system32\eapsvc.dll

15:03:56.0906 3376 C:\WINDOWS\system32\eapsvc.dll - ok

15:03:56.0906 3376 [ 0BCB0EBC1B08FA384EC68F253C7253EF ] C:\WINDOWS\system32\eapphost.dll

15:03:56.0906 3376 C:\WINDOWS\system32\eapphost.dll - ok

15:03:56.0921 3376 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll

15:03:56.0921 3376 C:\WINDOWS\system32\clbcatq.dll - ok

15:03:56.0921 3376 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll

15:03:56.0921 3376 C:\WINDOWS\system32\lmhsvc.dll - ok

15:03:56.0921 3376 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll

15:03:56.0937 3376 C:\WINDOWS\system32\wzcsvc.dll - ok

15:03:56.0937 3376 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll

15:03:56.0937 3376 C:\WINDOWS\system32\comres.dll - ok

15:03:56.0937 3376 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll

15:03:56.0937 3376 C:\WINDOWS\system32\rtutils.dll - ok

15:03:56.0953 3376 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll

15:03:56.0953 3376 C:\WINDOWS\system32\eapolqec.dll - ok

15:03:56.0953 3376 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll

15:03:56.0953 3376 C:\WINDOWS\system32\wmi.dll - ok

15:03:56.0953 3376 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll

15:03:56.0968 3376 C:\WINDOWS\system32\atl.dll - ok

15:03:56.0968 3376 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll

15:03:56.0968 3376 C:\WINDOWS\system32\qutil.dll - ok

15:03:56.0968 3376 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll

15:03:56.0968 3376 C:\WINDOWS\system32\dot3api.dll - ok

15:03:56.0984 3376 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll

15:03:56.0984 3376 C:\WINDOWS\system32\esent.dll - ok

15:03:56.0984 3376 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] C:\WINDOWS\system32\dot3svc.dll

15:03:56.0984 3376 C:\WINDOWS\system32\dot3svc.dll - ok

15:03:56.0984 3376 [ EA39DA293C8BBAA0F89419BA64734CC7 ] C:\WINDOWS\system32\dot3msm.dll

15:03:56.0984 3376 C:\WINDOWS\system32\dot3msm.dll - ok

15:03:57.0000 3376 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll

15:03:57.0000 3376 C:\WINDOWS\system32\onex.dll - ok

15:03:57.0000 3376 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll

15:03:57.0000 3376 C:\WINDOWS\system32\eappcfg.dll - ok

15:03:57.0015 3376 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll

15:03:57.0015 3376 C:\WINDOWS\system32\eappprxy.dll - ok

15:03:57.0015 3376 [ F69189EB97B118B690ACCA93760AD738 ] C:\WINDOWS\system32\dot3gpclnt.dll

15:03:57.0015 3376 C:\WINDOWS\system32\dot3gpclnt.dll - ok

15:03:57.0015 3376 [ 3879D931FBB110292A16C8A3A11D7ED4 ] C:\WINDOWS\system32\l2gpstore.dll

15:03:57.0015 3376 C:\WINDOWS\system32\l2gpstore.dll - ok

15:03:57.0031 3376 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll

15:03:57.0031 3376 C:\WINDOWS\system32\rastls.dll - ok

15:03:57.0031 3376 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll

15:03:57.0031 3376 C:\WINDOWS\system32\cryptui.dll - ok

15:03:57.0046 3376 [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll

15:03:57.0046 3376 C:\WINDOWS\system32\msxml6.dll - ok

15:03:57.0046 3376 [ 9AD88EA663124336E88EB031F917CE20 ] C:\WINDOWS\system32\wininet.dll

15:03:57.0046 3376 C:\WINDOWS\system32\wininet.dll - ok

15:03:57.0046 3376 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll

15:03:57.0046 3376 C:\WINDOWS\system32\normaliz.dll - ok

15:03:57.0062 3376 [ BCA608797A3E8EEC0094CD6D596D77D7 ] C:\WINDOWS\system32\urlmon.dll

15:03:57.0062 3376 C:\WINDOWS\system32\urlmon.dll - ok

15:03:57.0062 3376 [ 994B77915EA49A467CDA144806AE42D6 ] C:\WINDOWS\system32\iertutil.dll

15:03:57.0062 3376 C:\WINDOWS\system32\iertutil.dll - ok

15:03:57.0078 3376 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll

15:03:57.0078 3376 C:\WINDOWS\system32\mprapi.dll - ok

15:03:57.0078 3376 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll

15:03:57.0078 3376 C:\WINDOWS\system32\activeds.dll - ok

15:03:57.0078 3376 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll

15:03:57.0078 3376 C:\WINDOWS\system32\adsldpc.dll - ok

15:03:57.0093 3376 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll

15:03:57.0093 3376 C:\WINDOWS\system32\rasapi32.dll - ok

15:03:57.0093 3376 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll

15:03:57.0093 3376 C:\WINDOWS\system32\rasman.dll - ok

15:03:57.0109 3376 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll

15:03:57.0109 3376 C:\WINDOWS\system32\tapi32.dll - ok

15:03:57.0109 3376 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll

15:03:57.0109 3376 C:\WINDOWS\system32\riched20.dll - ok

15:03:57.0109 3376 [ 11F06C27DAD83CD5E907D664CA591805 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\mpengine.dll

15:03:57.0109 3376 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\mpengine.dll - ok

15:03:57.0125 3376 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll

15:03:57.0125 3376 C:\WINDOWS\system32\raschap.dll - ok

15:03:57.0125 3376 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll

15:03:57.0125 3376 C:\WINDOWS\system32\schedsvc.dll - ok

15:03:57.0140 3376 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll

15:03:57.0140 3376 C:\WINDOWS\system32\msidle.dll - ok

15:03:57.0140 3376 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe

15:03:57.0140 3376 C:\WINDOWS\system32\rundll32.exe - ok

15:03:57.0140 3376 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe

15:03:57.0140 3376 C:\WINDOWS\system32\spoolsv.exe - ok

15:03:57.0156 3376 [ CC01BF9AFD6F446452F22677CF613145 ] C:\Program Files\Microsoft Fix it Center\MatsApi.dll

15:03:57.0156 3376 C:\Program Files\Microsoft Fix it Center\MatsApi.dll - ok

15:03:57.0156 3376 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll

15:03:57.0156 3376 C:\WINDOWS\system32\audiosrv.dll - ok

15:03:57.0171 3376 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll

15:03:57.0171 3376 C:\WINDOWS\system32\wkssvc.dll - ok

15:03:57.0171 3376 [ 2C2FD0E6B0180F94C260DD26706AA5F4 ] C:\WINDOWS\system32\nwwks.dll

15:03:57.0171 3376 C:\WINDOWS\system32\nwwks.dll - ok

15:03:57.0171 3376 [ E77A74BF45361E04C1AB0E9E50C5F855 ] C:\WINDOWS\system32\nwapi32.dll

15:03:57.0171 3376 C:\WINDOWS\system32\nwapi32.dll - ok

15:03:57.0187 3376 [ 36B9B950E3D2E100970A48D8BAD86740 ] C:\WINDOWS\system32\drivers\nwrdr.sys

15:03:57.0187 3376 C:\WINDOWS\system32\drivers\nwrdr.sys - ok

15:03:57.0187 3376 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys

15:03:57.0187 3376 C:\WINDOWS\system32\drivers\mrxdav.sys - ok

15:03:57.0187 3376 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll

15:03:57.0187 3376 C:\WINDOWS\system32\webclnt.dll - ok

15:03:57.0203 3376 [ FC5372FD2DEB28E847C8394C58BC76FA ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe

15:03:57.0203 3376 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok

15:03:57.0203 3376 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll

15:03:57.0203 3376 C:\WINDOWS\system32\mlang.dll - ok

15:03:57.0218 3376 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll

15:03:57.0218 3376 C:\WINDOWS\system32\cabinet.dll - ok

15:03:57.0218 3376 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll

15:03:57.0218 3376 C:\WINDOWS\system32\wzcsapi.dll - ok

15:03:57.0218 3376 [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll

15:03:57.0218 3376 C:\WINDOWS\system32\xmlprovi.dll - ok

15:03:57.0234 3376 [ 3B47E60E1012B23873ED2E4A9B4F2310 ] C:\Program Files\Microsoft Security Client\MsseWat.dll

15:03:57.0234 3376 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok

15:03:57.0234 3376 [ A26E0A6A7EBB45815A3583E170C27031 ] C:\Program Files\Microsoft Security Client\LegitLib.dll

15:03:57.0234 3376 C:\Program Files\Microsoft Security Client\LegitLib.dll - ok

15:03:57.0250 3376 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll

15:03:57.0250 3376 C:\WINDOWS\system32\wbem\wbemprox.dll - ok

15:03:57.0250 3376 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll

15:03:57.0250 3376 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok

15:03:57.0250 3376 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys

15:03:57.0250 3376 C:\WINDOWS\system32\drivers\serial.sys - ok

15:03:57.0265 3376 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] C:\WINDOWS\system32\msdtc.exe

15:03:57.0265 3376 C:\WINDOWS\system32\msdtc.exe - ok

15:03:57.0265 3376 [ 31E6A08C6DFB167E15F53B12E57F3F52 ] C:\WINDOWS\system32\msdtctm.dll

15:03:57.0265 3376 C:\WINDOWS\system32\msdtctm.dll - ok

15:03:57.0281 3376 [ F0D371D357790601C4A03B25F6AD09F8 ] C:\WINDOWS\system32\msdtclog.dll

15:03:57.0281 3376 C:\WINDOWS\system32\msdtclog.dll - ok

15:03:57.0281 3376 [ 92E1A82CA4B048D1D970CBEA1A097F6E ] C:\WINDOWS\system32\msdtcprx.dll

15:03:57.0281 3376 C:\WINDOWS\system32\msdtcprx.dll - ok

15:03:57.0281 3376 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll

15:03:57.0281 3376 C:\WINDOWS\system32\mtxclu.dll - ok

15:03:57.0296 3376 [ AE3470D2BF8F16FD93FA54167B87172D ] C:\WINDOWS\system32\xolehlp.dll

15:03:57.0296 3376 C:\WINDOWS\system32\xolehlp.dll - ok

15:03:57.0296 3376 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll

15:03:57.0296 3376 C:\WINDOWS\system32\clusapi.dll - ok

15:03:57.0312 3376 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll

15:03:57.0312 3376 C:\WINDOWS\system32\resutils.dll - ok

15:03:57.0312 3376 [ 2B8B64AA14F817BDF3E3204FB041A61D ] C:\WINDOWS\system32\mtxoci.dll

15:03:57.0312 3376 C:\WINDOWS\system32\mtxoci.dll - ok

15:03:57.0312 3376 [ 3DEBBECF665DCDDE3A95D9B902010817 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

15:03:57.0312 3376 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok

15:03:57.0328 3376 [ A9A3DAA780CA6C9671A19D52456705B4 ] C:\WINDOWS\system32\alrsvc.dll

15:03:57.0328 3376 C:\WINDOWS\system32\alrsvc.dll - ok

15:03:57.0328 3376 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll

15:03:57.0328 3376 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok

15:03:57.0343 3376 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll

15:03:57.0343 3376 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok

15:03:57.0343 3376 [ 92DA9EDE07390B4352B29DD82079E398 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll

15:03:57.0343 3376 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok

15:03:57.0343 3376 [ 054B87C872292A960B9B8A834B34DFA7 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll

15:03:57.0343 3376 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok

15:03:57.0359 3376 [ 2503287BD19AE52E36E9DE42834A2AC0 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll

15:03:57.0359 3376 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok

15:03:57.0359 3376 [ 794950DB77AA590C2964ECA0A5874A09 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll

15:03:57.0359 3376 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok

15:03:57.0375 3376 [ 638C7596B493F5F77DB9EF6BAD8FE46C ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll

15:03:57.0375 3376 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok

15:03:57.0375 3376 [ 250BF888DDBE88D61EB19A9D4957C794 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll

15:03:57.0375 3376 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok

15:03:57.0390 3376 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll

15:03:57.0390 3376 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok

15:03:57.0390 3376 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll

15:03:57.0390 3376 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok

15:03:57.0390 3376 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll

15:03:57.0390 3376 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok

15:03:57.0406 3376 [ 37CF2461CB5E40C4CFAB82C8FC79A2BC ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll

15:03:57.0406 3376 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok

15:03:57.0406 3376 [ 1224BC6DE919F8CD8C1C945280E63852 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll

15:03:57.0406 3376 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok

15:03:57.0406 3376 [ 9A0D9B2E263BEDE80FB79DDBAD240EC1 ] C:\WINDOWS\arservice.exe

15:03:57.0406 3376 C:\WINDOWS\arservice.exe - ok

15:03:57.0421 3376 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\system32\dnssd.dll

15:03:57.0421 3376 C:\WINDOWS\system32\dnssd.dll - ok

15:03:57.0421 3376 [ 905B5BF5BE0A86E8412801BF20357195 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll

15:03:57.0421 3376 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok

15:03:57.0437 3376 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll

15:03:57.0437 3376 C:\WINDOWS\system32\powrprof.dll - ok

15:03:57.0437 3376 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

15:03:57.0437 3376 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok

15:03:57.0437 3376 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv

15:03:57.0437 3376 C:\WINDOWS\system32\wdmaud.drv - ok

15:03:57.0453 3376 [ FC33CBBB9CADCEC307DA010FE763D04C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll

15:03:57.0453 3376 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok

15:03:57.0453 3376 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys

15:03:57.0453 3376 C:\WINDOWS\system32\drivers\wdmaud.sys - ok

15:03:57.0468 3376 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys

15:03:57.0468 3376 C:\WINDOWS\system32\drivers\sysaudio.sys - ok

15:03:57.0468 3376 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys

15:03:57.0468 3376 C:\WINDOWS\system32\drivers\splitter.sys - ok

15:03:57.0468 3376 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys

15:03:57.0468 3376 C:\WINDOWS\system32\drivers\aec.sys - ok

15:03:57.0484 3376 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys

15:03:57.0484 3376 C:\WINDOWS\system32\drivers\swmidi.sys - ok

15:03:57.0484 3376 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll

15:03:57.0484 3376 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok

15:03:57.0500 3376 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys

15:03:57.0500 3376 C:\WINDOWS\system32\drivers\dmusic.sys - ok

15:03:57.0500 3376 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

15:03:57.0500 3376 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok

15:03:57.0515 3376 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys

15:03:57.0515 3376 C:\WINDOWS\system32\drivers\drmkaud.sys - ok

15:03:57.0515 3376 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys

15:03:57.0515 3376 C:\WINDOWS\system32\drivers\kmixer.sys - ok

15:03:57.0515 3376 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv

15:03:57.0515 3376 C:\WINDOWS\system32\msacm32.drv - ok

15:03:57.0531 3376 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll

15:03:57.0531 3376 C:\WINDOWS\system32\midimap.dll - ok

15:03:57.0531 3376 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe

15:03:57.0531 3376 C:\Program Files\Bonjour\mDNSResponder.exe - ok

15:03:57.0546 3376 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] C:\WINDOWS\ehome\ehrecvr.exe

15:03:57.0546 3376 C:\WINDOWS\ehome\ehrecvr.exe - ok

15:03:57.0546 3376 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll

15:03:57.0546 3376 C:\WINDOWS\system32\cryptsvc.dll - ok

15:03:57.0562 3376 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll

15:03:57.0562 3376 C:\WINDOWS\system32\certcli.dll - ok

15:03:57.0562 3376 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll

15:03:57.0562 3376 C:\WINDOWS\system32\dmserver.dll - ok

15:03:57.0562 3376 [ 6D280BC969218AE4A72180F907C32913 ] C:\WINDOWS\ehome\ehTrace.dll

15:03:57.0562 3376 C:\WINDOWS\ehome\ehTrace.dll - ok

15:03:57.0578 3376 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll

15:03:57.0578 3376 C:\WINDOWS\system32\faultrep.dll - ok

15:03:57.0578 3376 [ A53243709439AC2A4C216B817F8D7411 ] C:\WINDOWS\ehome\ehSched.exe

15:03:57.0578 3376 C:\WINDOWS\ehome\ehSched.exe - ok

15:03:57.0578 3376 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe

15:03:57.0593 3376 C:\Program Files\Google\Update\GoogleUpdate.exe - ok

15:03:57.0593 3376 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll

15:03:57.0593 3376 C:\WINDOWS\system32\ersvc.dll - ok

15:03:57.0593 3376 [ 926AFC4848FF3297BB264333BF51E21F ] C:\WINDOWS\system32\sbe.dll

15:03:57.0593 3376 C:\WINDOWS\system32\sbe.dll - ok

15:03:57.0609 3376 [ 008DF0C9D81BD814480DD9C052893E8C ] C:\WINDOWS\ehome\ehRec.exe

15:03:57.0609 3376 C:\WINDOWS\ehome\ehRec.exe - ok

15:03:57.0609 3376 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll

15:03:57.0609 3376 C:\WINDOWS\system32\es.dll - ok

15:03:57.0609 3376 [ 128DD9AF8640DBCC711940903C8B554F ] C:\WINDOWS\system32\mscoree.dll

15:03:57.0609 3376 C:\WINDOWS\system32\mscoree.dll - ok

15:03:57.0625 3376 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll

15:03:57.0625 3376 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok

15:03:57.0625 3376 [ E325BCDBB6DED6C89F679B8AE89E975C ] C:\WINDOWS\system32\msvidctl.dll

15:03:57.0625 3376 C:\WINDOWS\system32\msvidctl.dll - ok

15:03:57.0640 3376 [ ADE43E6677BA2D52413DDDAB38438555 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll

15:03:57.0640 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - ok

15:03:57.0640 3376 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll

15:03:57.0640 3376 C:\WINDOWS\system32\msi.dll - ok

15:03:57.0640 3376 [ 34FFB6ABA2DA398BB33422E1E9275BA9 ] C:\WINDOWS\system32\quartz.dll

15:03:57.0640 3376 C:\WINDOWS\system32\quartz.dll - ok

15:03:57.0656 3376 [ AA5E22854F56C68148EB3345DBD62970 ] C:\WINDOWS\system32\devenum.dll

15:03:57.0656 3376 C:\WINDOWS\system32\devenum.dll - ok

15:03:57.0656 3376 [ D25C03D04159D462D69F294BA7142BDB ] C:\WINDOWS\system32\msdmo.dll

15:03:57.0656 3376 C:\WINDOWS\system32\msdmo.dll - ok

15:03:57.0671 3376 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll

15:03:57.0671 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll - ok

15:03:57.0671 3376 [ 7C87A5FB95777E4132B11FC3D92CAAF5 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll

15:03:57.0671 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll - ok

15:03:57.0671 3376 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll

15:03:57.0671 3376 C:\WINDOWS\system32\dbghelp.dll - ok

15:03:57.0687 3376 [ C0A447BCA69D9661D1EF7EDF4C700FE3 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll

15:03:57.0687 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - ok

15:03:57.0687 3376 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll

15:03:57.0687 3376 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok

15:03:57.0703 3376 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys

15:03:57.0703 3376 C:\WINDOWS\system32\drivers\http.sys - ok

15:03:57.0703 3376 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

15:03:57.0703 3376 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok

15:03:57.0703 3376 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll

15:03:57.0703 3376 C:\WINDOWS\system32\mstask.dll - ok

15:03:57.0718 3376 [ C01AC32DC5C03076CFB852CB5DA5229C ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

15:03:57.0718 3376 C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe - ok

15:03:57.0718 3376 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] C:\WINDOWS\system32\drivers\nwlnkspx.sys

15:03:57.0718 3376 C:\WINDOWS\system32\drivers\nwlnkspx.sys - ok

15:03:57.0734 3376 [ 1D109ED0D660654EA7FF1574558031C4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll

15:03:57.0734 3376 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll - ok

15:03:57.0734 3376 [ FB53A700132D9A97D1E10E9F80BD6174 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

15:03:57.0734 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok

15:03:57.0734 3376 [ A1018558AA64BAA2355CC3C00754C52F ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2e505dac\mscorlib.dll

15:03:57.0734 3376 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2e505dac\mscorlib.dll - ok

15:03:57.0750 3376 [ AE8028E980FCAB6CCAF68E6850D8FE50 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll

15:03:57.0750 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - ok

15:03:57.0750 3376 [ 73B44FE5423982B2709D6EA2F674B807 ] C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll

15:03:57.0750 3376 C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll - ok

15:03:57.0765 3376 [ 09523AFBC5937D7CC786FC9C74D2D516 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll

15:03:57.0765 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll - ok

15:03:57.0765 3376 [ AB9AAC01AC223F03707748C038A03244 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll

15:03:57.0765 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - ok

15:03:57.0765 3376 [ 8BA39E5F79366F45AF9759C1DAE346AE ] C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll

15:03:57.0765 3376 C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll - ok

15:03:57.0781 3376 [ CF9EEA7F51101A281B99FCA7AFFA2524 ] C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll

15:03:57.0781 3376 C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll - ok

15:03:57.0781 3376 [ 0967D9749326622FA8FDE688CA126736 ] C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll

15:03:57.0781 3376 C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll - ok

15:03:57.0796 3376 [ B6335A2EFBF0B4B7D4080E8B933A9F9B ] C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll

15:03:57.0796 3376 C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll - ok

15:03:57.0796 3376 [ 52ABC8C57DFEE5A7AAA210CE2E9DFE73 ] C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\ehcm.dll

15:03:57.0796 3376 C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\ehcm.dll - ok

15:03:57.0796 3376 [ F282D4EDD85D53E20D902CC92190C5F5 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

15:03:57.0796 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok

15:03:57.0812 3376 [ 6D0A021A23A281AB9F212CF1E2BD3757 ] C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll

15:03:57.0812 3376 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - ok

15:03:57.0812 3376 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll

15:03:57.0812 3376 C:\WINDOWS\system32\cryptnet.dll - ok

15:03:57.0828 3376 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll

15:03:57.0828 3376 C:\WINDOWS\system32\sensapi.dll - ok

15:03:57.0828 3376 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll

15:03:57.0828 3376 C:\WINDOWS\system32\winhttp.dll - ok

15:03:57.0828 3376 [ 723528449ED0D1B0AD98AF3EDF23101D ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

15:03:57.0828 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok

15:03:57.0843 3376 [ 4B3685AA700084E4ED6635FC1EFD9CC2 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll

15:03:57.0843 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll - ok

15:03:57.0843 3376 [ 836C47A536256675A57E760805CC0988 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_3347f3fa\System.dll

15:03:57.0843 3376 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_3347f3fa\System.dll - ok

15:03:57.0859 3376 [ 254CCDC043DFADC5D5EF99B533BB1DC2 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll

15:03:57.0859 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll - ok

15:03:57.0859 3376 [ 66946DE593185983B6D05F837D452262 ] C:\WINDOWS\ehome\ehui.dll

15:03:57.0859 3376 C:\WINDOWS\ehome\ehui.dll - ok

15:03:57.0859 3376 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll

15:03:57.0859 3376 C:\WINDOWS\system32\hid.dll - ok

15:03:57.0875 3376 [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll

15:03:57.0875 3376 C:\WINDOWS\system32\msftedit.dll - ok

15:03:57.0875 3376 [ 7AC813E17BD960987C5DA788AF295361 ] C:\WINDOWS\ehome\ehdebug.dll

15:03:57.0875 3376 C:\WINDOWS\ehome\ehdebug.dll - ok

15:03:57.0890 3376 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll

15:03:57.0890 3376 C:\WINDOWS\system32\shfolder.dll - ok

15:03:57.0890 3376 [ A5205B3AF85B1477AB2C2A1E12201598 ] C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll

15:03:57.0890 3376 C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll - ok

15:03:57.0890 3376 [ 741BDBA1E61DA6C56DD1C13BDDF1A7EE ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll

15:03:57.0890 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll - ok

15:03:57.0906 3376 [ 3550DFA6FFFBD7604DABB28DF4ABF096 ] C:\WINDOWS\ehome\custsat.dll

15:03:57.0906 3376 C:\WINDOWS\ehome\custsat.dll - ok

15:03:57.0906 3376 [ D32149320B2815E5CE0A16250C7F03A6 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_0ae3b29e\System.Xml.dll

15:03:57.0906 3376 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_0ae3b29e\System.Xml.dll - ok

15:03:57.0906 3376 [ BF815ED8082A7AD0F80BAD2A55A4C3D6 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\91442e74da926f6b2c33b5754014940d\System.IdentityModel.ni.dll

15:03:57.0906 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\91442e74da926f6b2c33b5754014940d\System.IdentityModel.ni.dll - ok

15:03:57.0921 3376 [ 576FF75D51B79536C3AE7659B482B7D5 ] C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll

15:03:57.0921 3376 C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll - ok

15:03:57.0921 3376 [ 6C0C9D1CEC8EED0C0CD5F6CE5EBCC18B ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\e111a71c3241227f928b484f57ffa827\System.IdentityModel.Selectors.ni.dll

15:03:57.0921 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\e111a71c3241227f928b484f57ffa827\System.IdentityModel.Selectors.ni.dll - ok

15:03:57.0937 3376 [ 0F0F5B564C5A3C9B38A6220230252567 ] C:\WINDOWS\ehome\ehProxy.dll

15:03:57.0937 3376 C:\WINDOWS\ehome\ehProxy.dll - ok

15:03:57.0937 3376 [ 7F8319BB501BD0A67AAD167D1EF8F951 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll

15:03:57.0937 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll - ok

15:03:57.0937 3376 [ 6F640DC052CF77161A23E29261593793 ] C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll

15:03:57.0937 3376 C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll - ok

15:03:57.0953 3376 [ 30D9CFDDDE206082A5A3CF71AAB6C9C3 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

15:03:57.0953 3376 C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - ok

15:03:57.0953 3376 [ 0F2F3D8826957EA21E68DDCE13ACF8BC ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\64bfc7fc01a4a79ce6b2c433c2e6e1a9\SMDiagnostics.ni.dll

15:03:57.0953 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\64bfc7fc01a4a79ce6b2c433c2e6e1a9\SMDiagnostics.ni.dll - ok

15:03:57.0968 3376 [ EA08C74D9BE05E53D3C92456413AA656 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll

15:03:57.0968 3376 C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll - ok

15:03:57.0968 3376 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll

15:03:57.0968 3376 C:\WINDOWS\system32\comsvcs.dll - ok

15:03:57.0968 3376 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] C:\WINDOWS\system32\inetsrv\inetinfo.exe

15:03:57.0968 3376 C:\WINDOWS\system32\inetsrv\inetinfo.exe - ok

15:03:57.0984 3376 [ EA77DB688F86723EF710F41E56777734 ] C:\WINDOWS\system32\iisrtl.dll

15:03:57.0984 3376 C:\WINDOWS\system32\iisrtl.dll - ok

15:03:57.0984 3376 [ C42ADC86AC5EF0803DE8B92D5AD1A4AD ] C:\WINDOWS\system32\inetsrv\rpcref.dll

15:03:57.0984 3376 C:\WINDOWS\system32\inetsrv\rpcref.dll - ok

Share this post


Link to post
Share on other sites

15:03:58.0000 3376 [ 6F9AE59017FAE7E111265394967E846E ] C:\Program Files\Java\jre7\bin\jqs.exe

15:03:58.0000 3376 C:\Program Files\Java\jre7\bin\jqs.exe - ok

15:03:58.0000 3376 [ 173531318F4A58593CF5C2F06426C3B6 ] C:\WINDOWS\system32\inetsrv\iisadmin.dll

15:03:58.0000 3376 C:\WINDOWS\system32\inetsrv\iisadmin.dll - ok

15:03:58.0000 3376 [ F08D74EC300B8BA60CA953C58A24D19E ] C:\WINDOWS\system32\iprip.dll

15:03:58.0000 3376 C:\WINDOWS\system32\iprip.dll - ok

15:03:58.0015 3376 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll

15:03:58.0015 3376 C:\WINDOWS\system32\vssapi.dll - ok

15:03:58.0015 3376 [ 2B92A88E329F4845D31941967A3BAA90 ] C:\Program Files\Java\jre7\bin\msvcr100.dll

15:03:58.0015 3376 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok

15:03:58.0031 3376 [ 0E9106A49B72FF5E6C7EED93373A401A ] C:\WINDOWS\system32\inetsrv\coadmin.dll

15:03:58.0031 3376 C:\WINDOWS\system32\inetsrv\coadmin.dll - ok

15:03:58.0031 3376 [ 11848E7EBAF7D9624FA99B05226DB027 ] C:\WINDOWS\system32\admwprox.dll

15:03:58.0031 3376 C:\WINDOWS\system32\admwprox.dll - ok

15:03:58.0031 3376 [ 4B9E117CB68E8486792176C10337E11D ] C:\WINDOWS\system32\inetsrv\metadata.dll

15:03:58.0031 3376 C:\WINDOWS\system32\inetsrv\metadata.dll - ok

15:03:58.0046 3376 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll

15:03:58.0046 3376 C:\WINDOWS\system32\colbact.dll - ok

15:03:58.0046 3376 [ D4F0113C084930EF51D37C156A0E3589 ] C:\WINDOWS\system32\inetsrv\nsepm.dll

15:03:58.0046 3376 C:\WINDOWS\system32\inetsrv\nsepm.dll - ok

15:03:58.0062 3376 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll

15:03:58.0062 3376 C:\WINDOWS\system32\pdh.dll - ok

15:03:58.0062 3376 [ CD2DCBA9155D7F03001E5B6EE5963638 ] C:\WINDOWS\system32\iismap.dll

15:03:58.0062 3376 C:\WINDOWS\system32\iismap.dll - ok

15:03:58.0062 3376 [ 1EE883222C4DDC84B4C9A71438E56673 ] C:\WINDOWS\system32\inetsrv\wamreg.dll

15:03:58.0062 3376 C:\WINDOWS\system32\inetsrv\wamreg.dll - ok

15:03:58.0078 3376 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll

15:03:58.0078 3376 C:\WINDOWS\system32\odbcbcp.dll - ok

15:03:58.0078 3376 [ 8B1520068B9C6BFB58BA63ABF8DBE25E ] C:\WINDOWS\system32\inetsrv\admexs.dll

15:03:58.0078 3376 C:\WINDOWS\system32\inetsrv\admexs.dll - ok

15:03:58.0093 3376 [ 15922DE9A8AED8AFD48C229673C83938 ] C:\WINDOWS\system32\inetsrv\svcext.dll

15:03:58.0093 3376 C:\WINDOWS\system32\inetsrv\svcext.dll - ok

15:03:58.0093 3376 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll

15:03:58.0093 3376 C:\WINDOWS\system32\security.dll - ok

15:03:58.0093 3376 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll

15:03:58.0093 3376 C:\WINDOWS\system32\srvsvc.dll - ok

15:03:58.0109 3376 [ B1E1C8BB1392537E4D415FCDCB93B1D3 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe

15:03:58.0109 3376 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok

15:03:58.0109 3376 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll

15:03:58.0109 3376 C:\WINDOWS\system32\netmsg.dll - ok

15:03:58.0125 3376 [ 78050E770FFAE1FC5FAA25CD108A6E43 ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll

15:03:58.0125 3376 C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok

15:03:58.0125 3376 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll

15:03:58.0125 3376 C:\WINDOWS\system32\perfos.dll - ok

15:03:58.0156 3376 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll

15:03:58.0156 3376 C:\WINDOWS\system32\perfdisk.dll - ok

15:03:58.0156 3376 [ 4A77C31E21F922995226CDBC41B91026 ] C:\Program Files\Common Files\LightScribe\LSLog.dll

15:03:58.0156 3376 C:\Program Files\Common Files\LightScribe\LSLog.dll - ok

15:03:58.0156 3376 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys

15:03:58.0156 3376 C:\WINDOWS\system32\drivers\srv.sys - ok

15:03:58.0156 3376 [ 11F714F85530A2BD134074DC30E99FCA ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

15:03:58.0156 3376 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE - ok

15:03:58.0156 3376 [ EEE50BF24CAEEDB515A8F3B22756D3BB ] C:\WINDOWS\system32\drivers\mqac.sys

15:03:58.0156 3376 C:\WINDOWS\system32\drivers\mqac.sys - ok

15:03:58.0156 3376 [ 986B1FF5814366D71E0AC5755C88F2D3 ] C:\WINDOWS\system32\msgsvc.dll

15:03:58.0156 3376 C:\WINDOWS\system32\msgsvc.dll - ok

15:03:58.0171 3376 [ 8E0B45F79BAC2BFD204F172DD602D674 ] C:\WINDOWS\system32\inetsrv\ftpsvc2.dll

15:03:58.0171 3376 C:\WINDOWS\system32\inetsrv\ftpsvc2.dll - ok

15:03:58.0171 3376 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll

15:03:58.0171 3376 C:\WINDOWS\system32\netman.dll - ok

15:03:58.0187 3376 [ D34612C5D02D026535B3095D620626AE ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

15:03:58.0187 3376 C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe - ok

15:03:58.0187 3376 [ 087C6340B03D82A1AB69D6317E50434B ] C:\WINDOWS\system32\inetsrv\infocomm.dll

15:03:58.0187 3376 C:\WINDOWS\system32\inetsrv\infocomm.dll - ok

15:03:58.0187 3376 [ 415009D769F1651B83F59AD6625FCDD6 ] C:\WINDOWS\system32\inetsrv\isatq.dll

15:03:58.0187 3376 C:\WINDOWS\system32\inetsrv\isatq.dll - ok

15:03:58.0203 3376 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll

15:03:58.0203 3376 C:\WINDOWS\system32\netshell.dll - ok

15:03:58.0203 3376 [ C4565B66628AF9F96CA9E96EE9FA53EE ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMSvcHost\282e01daabaac115e295a812a4a14bc3\SMSvcHost.ni.exe

15:03:58.0203 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMSvcHost\282e01daabaac115e295a812a4a14bc3\SMSvcHost.ni.exe - ok

15:03:58.0218 3376 [ D84912095CE496CA1FFAE62408EC3B85 ] C:\Program Files\Java\jre7\bin\awt.dll

15:03:58.0218 3376 C:\Program Files\Java\jre7\bin\awt.dll - ok

15:03:58.0218 3376 [ 0E64ED5EB846635639B3C658E7711A5E ] C:\WINDOWS\system32\inetsrv\iisfecnv.dll

15:03:58.0218 3376 C:\WINDOWS\system32\inetsrv\iisfecnv.dll - ok

15:03:58.0218 3376 [ AA146BECA421B20E3319EDA983DC17C1 ] C:\WINDOWS\system32\inetsrv\lonsint.dll

15:03:58.0218 3376 C:\WINDOWS\system32\inetsrv\lonsint.dll - ok

15:03:58.0234 3376 [ 1052A30843A752429AB223779D678AB2 ] C:\WINDOWS\system32\inetsrv\iscomlog.dll

15:03:58.0234 3376 C:\WINDOWS\system32\inetsrv\iscomlog.dll - ok

15:03:58.0234 3376 [ A25263ADBBE40D64BA2AE9FF0E74B2FF ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\58ee03cb0f505b226bfe97c0e879005f\System.ServiceModel.ni.dll

15:03:58.0234 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\58ee03cb0f505b226bfe97c0e879005f\System.ServiceModel.ni.dll - ok

15:03:58.0250 3376 [ 45AE139A4B7CB1951A37BCA3DC6CA372 ] C:\WINDOWS\system32\inetsrv\iislog.dll

15:03:58.0250 3376 C:\WINDOWS\system32\inetsrv\iislog.dll - ok

15:03:58.0250 3376 [ 0764DC82AB4F1D75CBBD2DDDEF31B0D1 ] C:\Program Files\Java\jre7\bin\client\jvm.dll

15:03:58.0250 3376 C:\Program Files\Java\jre7\bin\client\jvm.dll - ok

15:03:58.0250 3376 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll

15:03:58.0250 3376 C:\WINDOWS\system32\credui.dll - ok

15:03:58.0265 3376 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll

15:03:58.0265 3376 C:\WINDOWS\system32\dot3dlg.dll - ok

15:03:58.0265 3376 [ 0C720C33E8D28AD60B7932EAD82309EA ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll

15:03:58.0265 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll - ok

15:03:58.0281 3376 [ B0903C021BFCD6055C053A569EF98AEF ] C:\WINDOWS\system32\nvsvc32.exe

15:03:58.0281 3376 C:\WINDOWS\system32\nvsvc32.exe - ok

15:03:58.0281 3376 [ CE54D466E3023021B64CA73CB3AEE36D ] C:\Program Files\Java\jre7\bin\dcpr.dll

15:03:58.0281 3376 C:\Program Files\Java\jre7\bin\dcpr.dll - ok

15:03:58.0281 3376 [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE

15:03:58.0281 3376 C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE - ok

15:03:58.0296 3376 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll

15:03:58.0296 3376 C:\WINDOWS\system32\ipsecsvc.dll - ok

15:03:58.0296 3376 [ 039167B798C03F52FAF505E72F771C10 ] C:\Program Files\Java\jre7\bin\deploy.dll

15:03:58.0296 3376 C:\Program Files\Java\jre7\bin\deploy.dll - ok

15:03:58.0312 3376 [ 96F7A9A7BF0C9C0440A967440065D33C ] C:\WINDOWS\system32\drivers\rmcast.sys

15:03:58.0312 3376 C:\WINDOWS\system32\drivers\rmcast.sys - ok

15:03:58.0312 3376 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] C:\WINDOWS\system32\mprdim.dll

15:03:58.0312 3376 C:\WINDOWS\system32\mprdim.dll - ok

15:03:58.0312 3376 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll

15:03:58.0312 3376 C:\WINDOWS\system32\oakley.dll - ok

15:03:58.0328 3376 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll

15:03:58.0328 3376 C:\WINDOWS\system32\regsvc.dll - ok

15:03:58.0328 3376 [ 6CB1C20F2CE3402A60F3F766D73B15B8 ] C:\WINDOWS\system32\iprtrmgr.dll

15:03:58.0328 3376 C:\WINDOWS\system32\iprtrmgr.dll - ok

15:03:58.0343 3376 [ 4886B4E882438F472674A7F6A08BE081 ] C:\Program Files\Java\jre7\bin\fontmanager.dll

15:03:58.0343 3376 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok

15:03:58.0343 3376 [ 4971C76B967D772850EF693EFE4F1FC3 ] C:\WINDOWS\system32\inetsrv\smtpsvc.dll

15:03:58.0343 3376 C:\WINDOWS\system32\inetsrv\smtpsvc.dll - ok

15:03:58.0343 3376 [ B92A85618A470F4406CEE8785CE89B4F ] C:\WINDOWS\system32\rtm.dll

15:03:58.0343 3376 C:\WINDOWS\system32\rtm.dll - ok

15:03:58.0359 3376 [ 60C377BE6B3CC83F6A8584934B181D2E ] C:\WINDOWS\system32\snmp.exe

15:03:58.0359 3376 C:\WINDOWS\system32\snmp.exe - ok

15:03:58.0359 3376 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll

15:03:58.0359 3376 C:\WINDOWS\system32\winipsec.dll - ok

15:03:58.0375 3376 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll

15:03:58.0375 3376 C:\WINDOWS\system32\pstorsvc.dll - ok

15:03:58.0375 3376 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll

15:03:58.0375 3376 C:\WINDOWS\system32\snmpapi.dll - ok

15:03:58.0375 3376 [ 99F7E13F9C16B255FB5114B0322428E1 ] C:\Program Files\Java\jre7\bin\java.dll

15:03:58.0375 3376 C:\Program Files\Java\jre7\bin\java.dll - ok

15:03:58.0390 3376 [ B5247F381EC1E2C568421F182867EC8A ] C:\WINDOWS\system32\iprtprio.dll

15:03:58.0390 3376 C:\WINDOWS\system32\iprtprio.dll - ok

15:03:58.0390 3376 [ 7AC9F99C9E12A5C0C35B0A9891543AEC ] C:\WINDOWS\system32\lmmib2.dll

15:03:58.0390 3376 C:\WINDOWS\system32\lmmib2.dll - ok

15:03:58.0406 3376 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll

15:03:58.0406 3376 C:\WINDOWS\system32\psbase.dll - ok

15:03:58.0406 3376 [ 63E8D944AFBEEBB243F25C4ED07E74C5 ] C:\WINDOWS\system32\inetmib1.dll

15:03:58.0406 3376 C:\WINDOWS\system32\inetmib1.dll - ok

15:03:58.0406 3376 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll

15:03:58.0406 3376 C:\WINDOWS\system32\srsvc.dll - ok

15:03:58.0421 3376 [ C744B07A16F5FBAAF2892716F4DBCB1B ] C:\WINDOWS\system32\hostmib.dll

15:03:58.0421 3376 C:\WINDOWS\system32\hostmib.dll - ok

15:03:58.0421 3376 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll

15:03:58.0421 3376 C:\WINDOWS\system32\dssenh.dll - ok

15:03:58.0421 3376 [ 63F336B9DB4AC8138379457E8E52BC5F ] C:\Program Files\Java\jre7\bin\javaw.exe

15:03:58.0421 3376 C:\Program Files\Java\jre7\bin\javaw.exe - ok

15:03:58.0437 3376 [ A2AB8BA0D91306C1AEB4235DD1D16A5E ] C:\WINDOWS\system32\fcachdll.dll

15:03:58.0437 3376 C:\WINDOWS\system32\fcachdll.dll - ok

15:03:58.0437 3376 [ 050460E291891B4637A48EAAC1039BCD ] C:\Program Files\Java\jre7\bin\jp2native.dll

15:03:58.0437 3376 C:\Program Files\Java\jre7\bin\jp2native.dll - ok

15:03:58.0453 3376 [ C3FED6BBC024AAFFE6969FD4EE9F5941 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll

15:03:58.0453 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll - ok

15:03:58.0453 3376 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll

15:03:58.0453 3376 C:\WINDOWS\system32\seclogon.dll - ok

15:03:58.0453 3376 [ B6740D5A7EE0A23E1D68B0499A6A48F7 ] C:\Program Files\Java\jre7\bin\jpeg.dll

15:03:58.0453 3376 C:\Program Files\Java\jre7\bin\jpeg.dll - ok

15:03:58.0468 3376 [ EB255169EDF1FABC69DF70498C8840E0 ] C:\WINDOWS\system32\ipxrtmgr.dll

15:03:58.0468 3376 C:\WINDOWS\system32\ipxrtmgr.dll - ok

15:03:58.0468 3376 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll

15:03:58.0468 3376 C:\WINDOWS\system32\ssdpsrv.dll - ok

15:03:58.0484 3376 [ 5D55DEFB3AB92BC43C4DFD06935FA0F1 ] C:\WINDOWS\system32\rwnh.dll

15:03:58.0484 3376 C:\WINDOWS\system32\rwnh.dll - ok

15:03:58.0484 3376 [ D05AB88927849DF74CF4F1C303DAEB4F ] C:\WINDOWS\system32\adptif.dll

15:03:58.0484 3376 C:\WINDOWS\system32\adptif.dll - ok

15:03:58.0484 3376 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll

15:03:58.0484 3376 C:\WINDOWS\system32\wiaservc.dll - ok

15:03:58.0500 3376 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll

15:03:58.0500 3376 C:\WINDOWS\system32\sens.dll - ok

15:03:58.0500 3376 [ 5C4C5B46DF01A44515059E274439FEEB ] C:\WINDOWS\system32\exstrace.dll

15:03:58.0500 3376 C:\WINDOWS\system32\exstrace.dll - ok

15:03:58.0515 3376 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll

15:03:58.0515 3376 C:\WINDOWS\system32\rasppp.dll - ok

15:03:58.0515 3376 [ 65C7B0BEA2CAADB9B4A46B7E6B906744 ] C:\Program Files\Java\jre7\bin\net.dll

15:03:58.0515 3376 C:\Program Files\Java\jre7\bin\net.dll - ok

15:03:58.0515 3376 [ D0697918519A4CF059C2C7E3B9E93A53 ] C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe

15:03:58.0515 3376 C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe - ok

15:03:58.0531 3376 [ 3E3DC22FEDED0AAFF9604A6EA16404FB ] C:\WINDOWS\system32\staxmem.dll

15:03:58.0531 3376 C:\WINDOWS\system32\staxmem.dll - ok

15:03:58.0531 3376 [ AB22CAD443E9693C59E82D9EC3DF1B14 ] C:\WINDOWS\system32\inetsrv\w3svc.dll

15:03:58.0531 3376 C:\WINDOWS\system32\inetsrv\w3svc.dll - ok

15:03:58.0546 3376 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll

15:03:58.0546 3376 C:\WINDOWS\system32\spoolss.dll - ok

15:03:58.0546 3376 [ BCE501BEADE9B6796A42575ADDB40C1C ] C:\Program Files\Java\jre7\bin\nio.dll

15:03:58.0546 3376 C:\Program Files\Java\jre7\bin\nio.dll - ok

15:03:58.0546 3376 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll

15:03:58.0546 3376 C:\WINDOWS\system32\localspl.dll - ok

15:03:58.0562 3376 [ A6AA041AAB553BBB216748F7AB20B958 ] C:\Program Files\Java\jre7\bin\verify.dll

15:03:58.0562 3376 C:\Program Files\Java\jre7\bin\verify.dll - ok

15:03:58.0562 3376 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll

15:03:58.0562 3376 C:\WINDOWS\system32\ntlsapi.dll - ok

15:03:58.0578 3376 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll

15:03:58.0578 3376 C:\WINDOWS\system32\cfgmgr32.dll - ok

15:03:58.0578 3376 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll

15:03:58.0578 3376 C:\WINDOWS\system32\trkwks.dll - ok

15:03:58.0593 3376 [ 0CB44B21E9949C9F7EA31AFBFD184249 ] C:\Program Files\Java\jre7\bin\zip.dll

15:03:58.0593 3376 C:\Program Files\Java\jre7\bin\zip.dll - ok

15:03:58.0593 3376 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll

15:03:58.0593 3376 C:\WINDOWS\system32\mscms.dll - ok

15:03:58.0593 3376 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll

15:03:58.0593 3376 C:\WINDOWS\system32\oleacc.dll - ok

15:03:58.0609 3376 [ 0161C94DBBF5B7F478D97235F95040A1 ] C:\WINDOWS\system32\inetsrv\sspifilt.dll

15:03:58.0609 3376 C:\WINDOWS\system32\inetsrv\sspifilt.dll - ok

15:03:58.0609 3376 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll

15:03:58.0609 3376 C:\WINDOWS\system32\icmp.dll - ok

15:03:58.0625 3376 [ B1DED39112E0C85BAFA58DCBEC6718B6 ] C:\WINDOWS\system32\ipxwan.dll

15:03:58.0625 3376 C:\WINDOWS\system32\ipxwan.dll - ok

15:03:58.0625 3376 [ 62BB866CBECC3B3620C983BC2AB65A73 ] C:\Program Files\NETGEAR\WNA3100\WifiLib.dll

15:03:58.0625 3376 C:\Program Files\NETGEAR\WNA3100\WifiLib.dll - ok

15:03:58.0625 3376 [ DF0A511F38F16016BF658FCA0090CB87 ] C:\WINDOWS\ehome\mcrdsvc.exe

15:03:58.0625 3376 C:\WINDOWS\ehome\mcrdsvc.exe - ok

15:03:58.0640 3376 [ 6118B7CD42B72DE0B1463CE4A20B999B ] C:\WINDOWS\system32\inetsrv\seo.dll

15:03:58.0640 3376 C:\WINDOWS\system32\inetsrv\seo.dll - ok

15:03:58.0640 3376 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll

15:03:58.0640 3376 C:\WINDOWS\system32\tapisrv.dll - ok

15:03:58.0656 3376 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll

15:03:58.0656 3376 C:\WINDOWS\system32\ssdpapi.dll - ok

15:03:58.0656 3376 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll

15:03:58.0656 3376 C:\WINDOWS\system32\cnbjmon.dll - ok

15:03:58.0656 3376 [ E9B5F354AE80325283FD5C1C05217B01 ] C:\WINDOWS\system32\mqsvc.exe

15:03:58.0656 3376 C:\WINDOWS\system32\mqsvc.exe - ok

15:03:58.0671 3376 [ DEE675F3DBA03900DFBA174BCF981130 ] C:\WINDOWS\system32\mqqm.dll

15:03:58.0671 3376 C:\WINDOWS\system32\mqqm.dll - ok

15:03:58.0671 3376 [ 73226F04E979C3EB6629C336DCC87999 ] C:\Program Files\NETGEAR\WNA3100\wps_api.dll

15:03:58.0671 3376 C:\Program Files\NETGEAR\WNA3100\wps_api.dll - ok

15:03:58.0687 3376 [ E0B83ADFB16D794A0D207FE119D03182 ] C:\WINDOWS\system32\HPTcpMon.dll

15:03:58.0687 3376 C:\WINDOWS\system32\HPTcpMon.dll - ok

15:03:58.0687 3376 [ F005DFD204C96C94D4F1ED32377EF256 ] C:\WINDOWS\system32\inetsrv\compfilt.dll

15:03:58.0687 3376 C:\WINDOWS\system32\inetsrv\compfilt.dll - ok

15:03:58.0687 3376 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll

15:03:58.0687 3376 C:\WINDOWS\system32\actxprxy.dll - ok

15:03:58.0703 3376 [ 5126AD9453668872D1BEB6477BD5C909 ] C:\WINDOWS\system32\inetsrv\aqueue.dll

15:03:58.0703 3376 C:\WINDOWS\system32\inetsrv\aqueue.dll - ok

15:03:58.0703 3376 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll

15:03:58.0703 3376 C:\WINDOWS\system32\wbem\wmisvc.dll - ok

15:03:58.0718 3376 [ 16FC2C309998C6D55C182652D6A1C5B1 ] C:\WINDOWS\system32\hpzjrd01.dll

15:03:58.0718 3376 C:\WINDOWS\system32\hpzjrd01.dll - ok

15:03:58.0718 3376 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll

15:03:58.0718 3376 C:\WINDOWS\system32\browser.dll - ok

15:03:58.0718 3376 [ ECA78193AB6F44F5B3DDEC6C4E069186 ] C:\WINDOWS\system32\inetsrv\gzip.dll

15:03:58.0718 3376 C:\WINDOWS\system32\inetsrv\gzip.dll - ok

15:03:58.0734 3376 [ 5A1055ABBD8909B62AB70EE63AC9CA90 ] C:\WINDOWS\system32\inetsrv\pwsdata.dll

15:03:58.0734 3376 C:\WINDOWS\system32\inetsrv\pwsdata.dll - ok

15:03:58.0734 3376 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll

15:03:58.0734 3376 C:\WINDOWS\system32\wuauserv.dll - ok

15:03:58.0750 3376 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll

15:03:58.0750 3376 C:\WINDOWS\system32\wuaueng.dll - ok

15:03:58.0750 3376 [ 5CC3838902A9257B79BD43F56D8B7275 ] C:\WINDOWS\system32\HPTcpMUI.dll

15:03:58.0750 3376 C:\WINDOWS\system32\HPTcpMUI.dll - ok

15:03:58.0750 3376 [ AD4D987E49E27180954F5FB31FF5D2DC ] C:\WINDOWS\system32\mqutil.dll

15:03:58.0750 3376 C:\WINDOWS\system32\mqutil.dll - ok

15:03:58.0765 3376 [ 36247C6D5E1FE03A56EE81BB99D7E68C ] C:\WINDOWS\system32\HPTcpMib.dll

15:03:58.0765 3376 C:\WINDOWS\system32\HPTcpMib.dll - ok

15:03:58.0765 3376 [ 1E744353BD534405187A404667DA3DC3 ] C:\WINDOWS\system32\mgmtapi.dll

15:03:58.0765 3376 C:\WINDOWS\system32\mgmtapi.dll - ok

15:03:58.0781 3376 [ F0F848EF2FE9107D07422F704EB549E7 ] C:\WINDOWS\system32\inetsrv\md5filt.dll

15:03:58.0781 3376 C:\WINDOWS\system32\inetsrv\md5filt.dll - ok

15:03:58.0781 3376 [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll

15:03:58.0781 3376 C:\WINDOWS\system32\wsnmp32.dll - ok

15:03:58.0796 3376 [ EEE6EFD0A1861B8322D0BF9B0060A8D5 ] C:\WINDOWS\system32\inetsrv\ntfsdrv.dll

15:03:58.0796 3376 C:\WINDOWS\system32\inetsrv\ntfsdrv.dll - ok

15:03:58.0796 3376 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\WINDOWS\system32\mdimon.dll

15:03:58.0796 3376 C:\WINDOWS\system32\mdimon.dll - ok

15:03:58.0796 3376 [ C983CBCF269AE56BFAD04039780C45E6 ] C:\WINDOWS\system32\inetsrv\mailmsg.dll

15:03:58.0796 3376 C:\WINDOWS\system32\inetsrv\mailmsg.dll - ok

15:03:58.0812 3376 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll

15:03:58.0812 3376 C:\WINDOWS\system32\pjlmon.dll - ok

15:03:58.0812 3376 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll

15:03:58.0812 3376 C:\WINDOWS\system32\tcpmon.dll - ok

15:03:58.0828 3376 [ DE5003632F20C69A07B8DFBC83F460E4 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll

15:03:58.0828 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll - ok

15:03:58.0828 3376 [ C8B87FEA6BC1428B1A4A2C5964DC3DC5 ] C:\WINDOWS\system32\inetsrv\httpext.dll

15:03:58.0828 3376 C:\WINDOWS\system32\inetsrv\httpext.dll - ok

15:03:58.0828 3376 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll

15:03:58.0828 3376 C:\WINDOWS\system32\usbmon.dll - ok

15:03:58.0843 3376 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

15:03:58.0843 3376 C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok

15:03:58.0843 3376 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

15:03:58.0843 3376 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok

15:03:58.0859 3376 [ 7DBCAD793A31B4B144F8E948157564A5 ] C:\WINDOWS\system32\mqsec.dll

15:03:58.0859 3376 C:\WINDOWS\system32\mqsec.dll - ok

15:03:58.0859 3376 [ 291778DFEBAA278B451D457B03C10AC1 ] C:\WINDOWS\system32\win32spl.dll

15:03:58.0859 3376 C:\WINDOWS\system32\win32spl.dll - ok

15:03:58.0859 3376 [ 31A735007FEF7C97ECB2F6A77734C089 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\33ff7d73f01be8329a95c6e03f1dd555\System.Web.ni.dll

15:03:58.0859 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\33ff7d73f01be8329a95c6e03f1dd555\System.Web.ni.dll - ok

15:03:58.0875 3376 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll

15:03:58.0875 3376 C:\WINDOWS\system32\netrap.dll - ok

15:03:58.0875 3376 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll

15:03:58.0875 3376 C:\WINDOWS\system32\inetpp.dll - ok

15:03:58.0890 3376 [ 6A473B625E465946F73FB2C24412656C ] C:\WINDOWS\system32\snmpmib.dll

15:03:58.0890 3376 C:\WINDOWS\system32\snmpmib.dll - ok

15:03:58.0890 3376 [ 14390243E43F290A61B0B1FB3602DC4F ] C:\WINDOWS\system32\evntagnt.dll

15:03:58.0890 3376 C:\WINDOWS\system32\evntagnt.dll - ok

15:03:58.0890 3376 [ 384DA6A9C70889F01B99888C5E07072C ] C:\WINDOWS\system32\igmpagnt.dll

15:03:58.0890 3376 C:\WINDOWS\system32\igmpagnt.dll - ok

15:03:58.0906 3376 [ 93F02F396720478C656D65ECFB65A497 ] C:\WINDOWS\system32\mcastmib.dll

15:03:58.0906 3376 C:\WINDOWS\system32\mcastmib.dll - ok

15:03:58.0906 3376 [ D022E59E6F132660B2D7E66D41FFB341 ] C:\WINDOWS\system32\rtipxmib.dll

15:03:58.0906 3376 C:\WINDOWS\system32\rtipxmib.dll - ok

15:03:58.0906 3376 [ F7540AA476A8A5DC175DF2E02ADC5093 ] C:\WINDOWS\system32\inetsrv\httpmib.dll

15:03:58.0906 3376 C:\WINDOWS\system32\inetsrv\httpmib.dll - ok

15:03:58.0921 3376 [ 08E93ED452CECD72F0EAFBB08489A175 ] C:\WINDOWS\system32\infoadmn.dll

15:03:58.0921 3376 C:\WINDOWS\system32\infoadmn.dll - ok

15:03:58.0921 3376 [ 01F6A8FB09C0FA0633E27D3FCB32DE71 ] C:\WINDOWS\system32\inetsrv\ftpmib.dll

15:03:58.0921 3376 C:\WINDOWS\system32\inetsrv\ftpmib.dll - ok

15:03:58.0937 3376 [ 6BDD333A105978CF4C560CA86FF5E39D ] C:\WINDOWS\system32\nvcpl.dll

15:03:58.0937 3376 C:\WINDOWS\system32\nvcpl.dll - ok

15:03:58.0937 3376 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll

15:03:58.0937 3376 C:\WINDOWS\system32\mspatcha.dll - ok

15:03:58.0937 3376 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll

15:03:58.0937 3376 C:\WINDOWS\system32\wbem\wbemcore.dll - ok

15:03:58.0953 3376 [ B37D6067174291AA8EADE3F94A03CBFF ] C:\WINDOWS\system32\mqlogmgr.dll

15:03:58.0953 3376 C:\WINDOWS\system32\mqlogmgr.dll - ok

15:03:58.0953 3376 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll

15:03:58.0953 3376 C:\WINDOWS\system32\wbem\esscli.dll - ok

15:03:58.0968 3376 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll

15:03:58.0968 3376 C:\WINDOWS\system32\wbem\fastprox.dll - ok

15:03:58.0968 3376 [ C07D5197410AAB28D0D93F943F59656D ] C:\WINDOWS\system32\6to4svc.dll

15:03:58.0968 3376 C:\WINDOWS\system32\6to4svc.dll - ok

15:03:58.0968 3376 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll

15:03:58.0968 3376 C:\WINDOWS\system32\wscsvc.dll - ok

15:03:58.0984 3376 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll

15:03:58.0984 3376 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok

15:03:58.0984 3376 [ 10E6B9022B0A5C9C41E2DA6AEAE5D404 ] C:\WINDOWS\system32\mqtgsvc.exe

15:03:58.0984 3376 C:\WINDOWS\system32\mqtgsvc.exe - ok

15:03:59.0000 3376 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll

15:03:59.0000 3376 C:\WINDOWS\system32\ipnathlp.dll - ok

15:03:59.0000 3376 [ 132D5EFF6E74FA644EB99EBFCD3A0F57 ] C:\WINDOWS\system32\mqrt.dll

15:03:59.0000 3376 C:\WINDOWS\system32\mqrt.dll - ok

15:03:59.0000 3376 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] C:\Program Files\Canon\CAL\CALMAIN.exe

15:03:59.0000 3376 C:\Program Files\Canon\CAL\CALMAIN.exe - ok

15:03:59.0015 3376 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll

15:03:59.0015 3376 C:\WINDOWS\system32\wups.dll - ok

15:03:59.0015 3376 [ 186005D68BB8F87B2F66AFF4D2BF0C6B ] C:\WINDOWS\system32\mqtrig.dll

15:03:59.0015 3376 C:\WINDOWS\system32\mqtrig.dll - ok

15:03:59.0031 3376 [ 3CAEAE7608F1BD7BA873A3B02895B106 ] C:\WINDOWS\system32\sti.dll

15:03:59.0031 3376 C:\WINDOWS\system32\sti.dll - ok

15:03:59.0031 3376 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll

15:03:59.0031 3376 C:\WINDOWS\system32\wups2.dll - ok

15:03:59.0031 3376 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll

15:03:59.0031 3376 C:\WINDOWS\system32\rasmans.dll - ok

15:03:59.0046 3376 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll

15:03:59.0046 3376 C:\WINDOWS\system32\netcfgx.dll - ok

15:03:59.0046 3376 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll

15:03:59.0046 3376 C:\WINDOWS\system32\wbem\wmiutils.dll - ok

15:03:59.0046 3376 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll

15:03:59.0062 3376 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok

15:03:59.0062 3376 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll

15:03:59.0062 3376 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok

15:03:59.0062 3376 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll

15:03:59.0062 3376 C:\WINDOWS\system32\rastapi.dll - ok

15:03:59.0078 3376 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp

15:03:59.0078 3376 C:\WINDOWS\system32\unimdm.tsp - ok

15:03:59.0078 3376 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll

15:03:59.0078 3376 C:\WINDOWS\system32\uniplat.dll - ok

15:03:59.0078 3376 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll

15:03:59.0078 3376 C:\WINDOWS\system32\wbem\wbemess.dll - ok

15:03:59.0093 3376 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe

15:03:59.0093 3376 C:\WINDOWS\system32\wuauclt.exe - ok

15:03:59.0093 3376 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll

15:03:59.0093 3376 C:\WINDOWS\system32\wuapi.dll - ok

15:03:59.0109 3376 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll

15:03:59.0109 3376 C:\WINDOWS\system32\wbem\ncprov.dll - ok

15:03:59.0109 3376 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll

15:03:59.0109 3376 C:\WINDOWS\system32\wbem\wbemcons.dll - ok

15:03:59.0125 3376 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll

15:03:59.0125 3376 C:\WINDOWS\system32\unimdmat.dll - ok

15:03:59.0125 3376 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll

15:03:59.0125 3376 C:\WINDOWS\system32\modemui.dll - ok

15:03:59.0125 3376 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp

15:03:59.0125 3376 C:\WINDOWS\system32\kmddsp.tsp - ok

15:03:59.0140 3376 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp

15:03:59.0140 3376 C:\WINDOWS\system32\ndptsp.tsp - ok

15:03:59.0140 3376 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp

15:03:59.0140 3376 C:\WINDOWS\system32\ipconf.tsp - ok

15:03:59.0156 3376 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp

15:03:59.0156 3376 C:\WINDOWS\system32\h323.tsp - ok

15:03:59.0156 3376 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp

15:03:59.0156 3376 C:\WINDOWS\system32\hidphone.tsp - ok

15:03:59.0156 3376 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll

15:03:59.0156 3376 C:\WINDOWS\system32\rasqec.dll - ok

15:03:59.0171 3376 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] C:\WINDOWS\system32\rasauto.dll

15:03:59.0171 3376 C:\WINDOWS\system32\rasauto.dll - ok

15:03:59.0171 3376 [ 0A9BA6AF531AFE7FA5E4FB973852D863 ] C:\WINDOWS\system32\dllhost.exe

15:03:59.0171 3376 C:\WINDOWS\system32\dllhost.exe - ok

15:03:59.0171 3376 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe

15:03:59.0171 3376 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok

15:03:59.0187 3376 [ C99B3415198D1AAB7227F2C88FD664B9 ] C:\WINDOWS\system32\drivers\nwlnkfwd.sys

15:03:59.0187 3376 C:\WINDOWS\system32\drivers\nwlnkfwd.sys - ok

15:03:59.0187 3376 [ B305F3FAD35083837EF46A0BBCE2FC57 ] C:\WINDOWS\system32\drivers\nwlnkflt.sys

15:03:59.0187 3376 C:\WINDOWS\system32\drivers\nwlnkflt.sys - ok

15:03:59.0203 3376 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll

15:03:59.0203 3376 C:\WINDOWS\system32\termsrv.dll - ok

15:03:59.0203 3376 [ 2E942A2BABCE91DA57F7D63D4F69F15F ] C:\WINDOWS\system32\ipxrip.dll

15:03:59.0203 3376 C:\WINDOWS\system32\ipxrip.dll - ok

15:03:59.0203 3376 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll

15:03:59.0203 3376 C:\WINDOWS\system32\icaapi.dll - ok

15:03:59.0218 3376 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll

15:03:59.0218 3376 C:\WINDOWS\system32\mstlsapi.dll - ok

15:03:59.0218 3376 [ 4B83FCBBE72AF5F99D109798653E8B78 ] C:\WINDOWS\system32\ipxsap.dll

15:03:59.0218 3376 C:\WINDOWS\system32\ipxsap.dll - ok

15:03:59.0234 3376 [ 17E0CF9C8CBB717D05948656BCD86EFA ] C:\WINDOWS\system32\txflog.dll

15:03:59.0234 3376 C:\WINDOWS\system32\txflog.dll - ok

15:03:59.0234 3376 [ 3DCA91DA05450DB41EE7115B54E528D3 ] C:\WINDOWS\system32\mprddm.dll

15:03:59.0234 3376 C:\WINDOWS\system32\mprddm.dll - ok

15:03:59.0234 3376 [ D07AE9626E383A785440CDF25702326C ] C:\WINDOWS\system32\iashlpr.dll

15:03:59.0234 3376 C:\WINDOWS\system32\iashlpr.dll - ok

15:03:59.0250 3376 [ 18E03F4113D731142B571B259EA67848 ] C:\WINDOWS\system32\iasrad.dll

15:03:59.0250 3376 C:\WINDOWS\system32\iasrad.dll - ok

15:03:59.0250 3376 [ C7C84DF7233F4834CD190F3DCCAF50CA ] C:\WINDOWS\system32\rdpwsx.dll

15:03:59.0250 3376 C:\WINDOWS\system32\rdpwsx.dll - ok

15:03:59.0265 3376 [ A44AD395C672B5BACE38773E996BAE95 ] C:\WINDOWS\system32\iaspolcy.dll

15:03:59.0265 3376 C:\WINDOWS\system32\iaspolcy.dll - ok

15:03:59.0265 3376 [ 6F99509944223527E4B18954CAC981D5 ] C:\WINDOWS\system32\iassvcs.dll

15:03:59.0265 3376 C:\WINDOWS\system32\iassvcs.dll - ok

15:03:59.0265 3376 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] C:\WINDOWS\system32\drivers\asyncmac.sys

15:03:59.0265 3376 C:\WINDOWS\system32\drivers\asyncmac.sys - ok

15:03:59.0281 3376 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll

15:03:59.0281 3376 C:\WINDOWS\system32\licwmi.dll - ok

15:03:59.0281 3376 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll

15:03:59.0281 3376 C:\WINDOWS\system32\wbem\framedyn.dll - ok

15:03:59.0296 3376 [ 7AC715A7F6B8D1F8ACDBF567D580E1D0 ] C:\WINDOWS\system32\iassdo.dll

15:03:59.0296 3376 C:\WINDOWS\system32\iassdo.dll - ok

15:03:59.0296 3376 [ B9D26DE2FF120199A0217F62C4230A9A ] C:\WINDOWS\system32\iasrecst.dll

15:03:59.0296 3376 C:\WINDOWS\system32\iasrecst.dll - ok

15:03:59.0296 3376 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll

15:03:59.0296 3376 C:\WINDOWS\system32\licdll.dll - ok

15:03:59.0312 3376 [ 077F067C69073D1EBC84984E7FE5BA44 ] C:\WINDOWS\system32\msjetoledb40.dll

15:03:59.0312 3376 C:\WINDOWS\system32\msjetoledb40.dll - ok

15:03:59.0312 3376 [ 9E70016C950B1F8FDEAA6F067E2E25A8 ] C:\WINDOWS\system32\msjet40.dll

15:03:59.0312 3376 C:\WINDOWS\system32\msjet40.dll - ok

15:03:59.0328 3376 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll

15:03:59.0328 3376 C:\WINDOWS\system32\dpcdll.dll - ok

15:03:59.0328 3376 [ AFDC647D16B285B9AE6140335B3B3255 ] C:\WINDOWS\system32\mswstr10.dll

15:03:59.0328 3376 C:\WINDOWS\system32\mswstr10.dll - ok

15:03:59.0328 3376 [ 0D14F07B29FBF0D750AA2495DD72B968 ] C:\WINDOWS\system32\msjter40.dll

15:03:59.0328 3376 C:\WINDOWS\system32\msjter40.dll - ok

15:03:59.0343 3376 [ 7E2B58CE8C4013287371667880B1080D ] C:\WINDOWS\system32\msjint40.dll

15:03:59.0343 3376 C:\WINDOWS\system32\msjint40.dll - ok

15:03:59.0343 3376 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll

15:03:59.0343 3376 C:\WINDOWS\system32\msxml3.dll - ok

15:03:59.0359 3376 [ DC095DB6D468CB5B653E05F865487E57 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll

15:03:59.0359 3376 C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok

15:03:59.0359 3376 [ 01F0CBEB457CAE7EF0CA52C7CCA5B0E8 ] C:\WINDOWS\system32\msdart.dll

15:03:59.0359 3376 C:\WINDOWS\system32\msdart.dll - ok

15:03:59.0359 3376 [ F86A2C7C279C746D5C5E06941ED4C337 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll

15:03:59.0359 3376 C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok

15:03:59.0375 3376 [ E5DE87DDDB8CBE4687EADF296E58452A ] C:\WINDOWS\system32\msjtes40.dll

15:03:59.0375 3376 C:\WINDOWS\system32\msjtes40.dll - ok

15:03:59.0375 3376 [ BE87245CE60329B31C94F1B4236E5832 ] C:\WINDOWS\system32\expsrv.dll

15:03:59.0375 3376 C:\WINDOWS\system32\expsrv.dll - ok

15:03:59.0375 3376 [ CAFBD14F56A68E6C1A55C0EAC7E487FA ] C:\WINDOWS\system32\vbajet32.dll

15:03:59.0390 3376 C:\WINDOWS\system32\vbajet32.dll - ok

15:03:59.0390 3376 [ F96E689699A68A69916227F4D29A87FD ] C:\WINDOWS\system32\iasnap.dll

15:03:59.0390 3376 C:\WINDOWS\system32\iasnap.dll - ok

15:03:59.0390 3376 [ C2689CC0535E6939D1A0732808E2CAFB ] C:\WINDOWS\system32\iassam.dll

15:03:59.0390 3376 C:\WINDOWS\system32\iassam.dll - ok

15:03:59.0421 3376 [ 9627EE26C7F3FD023D87DB50C62F5111 ] C:\WINDOWS\ehome\sqldb20.dll

15:03:59.0421 3376 C:\WINDOWS\ehome\sqldb20.dll - ok

15:03:59.0421 3376 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe

15:03:59.0421 3376 C:\WINDOWS\system32\alg.exe - ok

15:03:59.0421 3376 [ A6169405D73FA5BC4392839D65420568 ] C:\WINDOWS\system32\iasacct.dll

15:03:59.0421 3376 C:\WINDOWS\system32\iasacct.dll - ok

15:03:59.0437 3376 [ A3AE51C21160328EA11F734392A0F269 ] C:\WINDOWS\ehome\sqlqp20.dll

15:03:59.0437 3376 C:\WINDOWS\ehome\sqlqp20.dll - ok

15:03:59.0437 3376 [ 160762386084A0BB69F91BB694114D14 ] C:\WINDOWS\ehome\sqlse20.dll

15:03:59.0437 3376 C:\WINDOWS\ehome\sqlse20.dll - ok

15:03:59.0453 3376 [ D651151C706B961CF375FFD33545DAF9 ] C:\WINDOWS\system32\dpnhupnp.dll

15:03:59.0453 3376 C:\WINDOWS\system32\dpnhupnp.dll - ok

15:03:59.0453 3376 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] C:\WINDOWS\system32\drivers\rdpwd.sys

15:03:59.0453 3376 C:\WINDOWS\system32\drivers\rdpwd.sys - ok

15:03:59.0453 3376 [ C56B6D0402371CF3700EB322EF3AAF61 ] C:\WINDOWS\system32\drivers\tdtcp.sys

15:03:59.0453 3376 C:\WINDOWS\system32\drivers\tdtcp.sys - ok

15:03:59.0468 3376 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll

15:03:59.0468 3376 C:\WINDOWS\system32\wbem\cimwin32.dll - ok

15:03:59.0468 3376 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll

15:03:59.0468 3376 C:\WINDOWS\system32\wbem\wmipcima.dll - ok

15:03:59.0484 3376 [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll

15:03:59.0484 3376 C:\WINDOWS\system32\advpack.dll - ok

15:03:59.0484 3376 [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe

15:03:59.0484 3376 C:\WINDOWS\system32\mpnotify.exe - ok

15:03:59.0484 3376 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll

15:03:59.0484 3376 C:\WINDOWS\system32\cscui.dll - ok

15:03:59.0500 3376 [ F92E1076C42FCD6DB3D72D8CFE9816D5 ] C:\WINDOWS\system32\wscntfy.exe

15:03:59.0500 3376 C:\WINDOWS\system32\wscntfy.exe - ok

15:03:59.0500 3376 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe

15:03:59.0500 3376 C:\WINDOWS\system32\userinit.exe - ok

15:03:59.0500 3376 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe

15:03:59.0515 3376 C:\WINDOWS\explorer.exe - ok

15:03:59.0515 3376 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll

15:03:59.0515 3376 C:\WINDOWS\system32\browseui.dll - ok

15:03:59.0515 3376 [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll

15:03:59.0515 3376 C:\WINDOWS\system32\shdocvw.dll - ok

15:03:59.0531 3376 [ BBE0725AA3FE3122C09E79BBB6F0CDF8 ] C:\Program Files\Box Sync\BoxIconOverlayHandler.dll

15:03:59.0531 3376 C:\Program Files\Box Sync\BoxIconOverlayHandler.dll - ok

15:03:59.0531 3376 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll

15:03:59.0531 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok

15:03:59.0531 3376 [ EDAC6749F3AAD4FA7A3C8DF929F29765 ] C:\Program Files\Box Sync\BoxUtils.dll

15:03:59.0546 3376 C:\Program Files\Box Sync\BoxUtils.dll - ok

15:03:59.0546 3376 [ EB97291E3C9E0035B47B45DBB1AF710D ] C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

15:03:59.0546 3376 C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - ok

15:03:59.0546 3376 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl

15:03:59.0546 3376 C:\WINDOWS\system32\desk.cpl - ok

15:03:59.0562 3376 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll

15:03:59.0562 3376 C:\WINDOWS\system32\themeui.dll - ok

15:03:59.0562 3376 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll

15:03:59.0562 3376 C:\WINDOWS\system32\msimg32.dll - ok

15:03:59.0562 3376 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe

15:03:59.0578 3376 C:\WINDOWS\system32\cmd.exe - ok

15:03:59.0578 3376 [ 903C8C110131B8A71501514B61A17761 ] C:\WINDOWS\system32\ieframe.dll

15:03:59.0578 3376 C:\WINDOWS\system32\ieframe.dll - ok

15:03:59.0578 3376 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\456A5630-E92A-4B4F-A44A-1CD8DF5881C2.exe

15:03:59.0578 3376 C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\456A5630-E92A-4B4F-A44A-1CD8DF5881C2.exe - ok

15:03:59.0593 3376 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll

15:03:59.0593 3376 C:\WINDOWS\system32\msutb.dll - ok

15:03:59.0593 3376 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll

15:03:59.0593 3376 C:\WINDOWS\system32\msctf.dll - ok

15:03:59.0609 3376 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll

15:03:59.0609 3376 C:\WINDOWS\system32\ntshrui.dll - ok

15:03:59.0609 3376 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\23823188.sys

15:03:59.0609 3376 C:\WINDOWS\system32\drivers\23823188.sys - ok

15:03:59.0609 3376 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe

15:03:59.0609 3376 C:\WINDOWS\system32\verclsid.exe - ok

15:03:59.0625 3376 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll

15:03:59.0625 3376 C:\WINDOWS\system32\webcheck.dll - ok

15:03:59.0625 3376 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe

15:03:59.0625 3376 C:\WINDOWS\system32\imapi.exe - ok

15:03:59.0640 3376 [ F3EAEA279F09A7779C18793C87640794 ] C:\WINDOWS\SMINST\Recguard.exe

15:03:59.0640 3376 C:\WINDOWS\SMINST\Recguard.exe - ok

15:03:59.0640 3376 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll

15:03:59.0640 3376 C:\WINDOWS\system32\stobject.dll - ok

15:03:59.0656 3376 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll

15:03:59.0656 3376 C:\WINDOWS\system32\oledlg.dll - ok

15:03:59.0656 3376 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll

15:03:59.0656 3376 C:\WINDOWS\system32\batmeter.dll - ok

15:03:59.0656 3376 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll

15:03:59.0656 3376 C:\WINDOWS\system32\olepro32.dll - ok

15:03:59.0671 3376 [ 5C4ADB808B54126C1ED2FBA0EAE06C63 ] C:\WINDOWS\system32\upnpui.dll

15:03:59.0671 3376 C:\WINDOWS\system32\upnpui.dll - ok

15:03:59.0671 3376 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll

15:03:59.0671 3376 C:\WINDOWS\system32\upnp.dll - ok

15:03:59.0687 3376 [ 6E505A2FB400A6038B9DA781305DD814 ] C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe

15:03:59.0687 3376 C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe - ok

15:03:59.0687 3376 [ 96337880D0957F5C0C3D48BD3BBF89FF ] C:\WINDOWS\system32\nwiz.exe

15:03:59.0687 3376 C:\WINDOWS\system32\nwiz.exe - ok

15:03:59.0687 3376 [ 0DCAC41EB58A45049BD7FF665C32D5F4 ] C:\Program Files\iTunes\iTunesHelper.exe

15:03:59.0687 3376 C:\Program Files\iTunes\iTunesHelper.exe - ok

15:03:59.0703 3376 [ 9074A3AE59FC1ABA68B6ABE4556FAF9D ] C:\WINDOWS\system32\nvmctray.dll

15:03:59.0703 3376 C:\WINDOWS\system32\nvmctray.dll - ok

15:03:59.0703 3376 [ 0BA077EFEDBD024029D2F77C355CADDE ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll

15:03:59.0703 3376 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok

15:03:59.0718 3376 [ E4CE6C4AE730E0EC87FC5DA4CD1946AD ] C:\Program Files\iTunes\iTunesHelper.dll

15:03:59.0718 3376 C:\Program Files\iTunes\iTunesHelper.dll - ok

15:03:59.0718 3376 [ 0B9CBB2B0C34663EDFBC445E55C8B068 ] C:\WINDOWS\system32\nview.dll

15:03:59.0718 3376 C:\WINDOWS\system32\nview.dll - ok

15:03:59.0718 3376 [ FB9E5C251CF6C37749F296BACB34A69B ] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

15:03:59.0718 3376 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe - ok

15:03:59.0734 3376 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll

15:03:59.0734 3376 C:\WINDOWS\system32\linkinfo.dll - ok

15:03:59.0734 3376 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll

15:03:59.0734 3376 C:\WINDOWS\system32\httpapi.dll - ok

15:03:59.0750 3376 [ 42DCC44CF5FA41100D7A5BE01D866180 ] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe

15:03:59.0750 3376 C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe - ok

15:03:59.0750 3376 [ E7BE61EB1BDE3921FF0CDD24F1535332 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll

15:03:59.0750 3376 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok

15:03:59.0750 3376 [ 93A67AD03FD9C2286A4A5AD9A67F381A ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll

15:03:59.0750 3376 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok

15:03:59.0765 3376 [ C637FC4638A96165256B28D38DE7B953 ] C:\Program Files\HP\HP Software Update\hpwuschd2.exe

15:03:59.0765 3376 C:\Program Files\HP\HP Software Update\hpwuschd2.exe - ok

15:03:59.0765 3376 [ 29DA65E0839415D5B0E768FC565ABDC9 ] C:\WINDOWS\system32\nvwddi.dll

15:03:59.0765 3376 C:\WINDOWS\system32\nvwddi.dll - ok

15:03:59.0781 3376 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll

15:03:59.0781 3376 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok

15:03:59.0781 3376 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll

15:03:59.0781 3376 C:\WINDOWS\system32\w3ssl.dll - ok

15:03:59.0781 3376 [ 7A21E06385E748E9CB0252F1BBC493F1 ] C:\WINDOWS\ehome\ehtray.exe

15:03:59.0781 3376 C:\WINDOWS\ehome\ehtray.exe - ok

15:03:59.0796 3376 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll

15:03:59.0796 3376 C:\WINDOWS\system32\strmfilt.dll - ok

15:03:59.0796 3376 [ F771EE80948971858BEEF36839C24E65 ] C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll

15:03:59.0796 3376 C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll - ok

15:03:59.0812 3376 [ 8C1846CF3628C1AF15E8A21BB48CB38A ] C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe

15:03:59.0812 3376 C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe - ok

15:03:59.0812 3376 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\msvcr71.dll

15:03:59.0812 3376 C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\msvcr71.dll - ok

15:03:59.0812 3376 [ 9212D6DF2A00DAB5C0C8A65399167CB2 ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe

15:03:59.0812 3376 C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok

15:03:59.0828 3376 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll

15:03:59.0828 3376 C:\WINDOWS\system32\rasdlg.dll - ok

15:03:59.0828 3376 [ 06A4250C9E3606CAE3F68DA45702F342 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll

15:03:59.0828 3376 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok

15:03:59.0843 3376 [ 1F3FF6C062B311FE410EC89F6BFAC213 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

15:03:59.0843 3376 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok

15:03:59.0843 3376 [ 03A905FBA1D62317087DB5C21C0F8F62 ] C:\WINDOWS\ehome\ehmsas.exe

15:03:59.0843 3376 C:\WINDOWS\ehome\ehmsas.exe - ok

15:03:59.0843 3376 [ B596347A26DC054EBB44EB3BC8E95B0A ] C:\WINDOWS\arpwrmsg.exe

15:03:59.0843 3376 C:\WINDOWS\arpwrmsg.exe - ok

15:03:59.0859 3376 [ 0607CBC6FA20114CB491EFE4B2F9EFAD ] C:\WINDOWS\system32\d3d9.dll

15:03:59.0859 3376 C:\WINDOWS\system32\d3d9.dll - ok

15:03:59.0859 3376 [ 2E61C409474416CC78D66300F1BCB722 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll

15:03:59.0859 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll - ok

15:03:59.0875 3376 [ EEA46BF5D63A96B21E24FD0EFE4CAD56 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll

15:03:59.0875 3376 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok

15:03:59.0875 3376 [ 21850AF423E983904CD63D43A560387D ] C:\WINDOWS\armcex.dll

15:03:59.0875 3376 C:\WINDOWS\armcex.dll - ok

15:03:59.0875 3376 [ F1430F5D20F4BB71A003209C3DB3ADDF ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll

15:03:59.0875 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll - ok

15:03:59.0890 3376 [ 8D1805727E8642FF88DE9DAEB088ADEF ] C:\WINDOWS\system32\fpalsu.dll

15:03:59.0890 3376 C:\WINDOWS\system32\fpalsu.dll - ok

15:03:59.0890 3376 [ D9C2C7C1552093DA582E1AB9B3432B55 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll

15:03:59.0890 3376 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll - ok

15:03:59.0906 3376 [ 2686A3462805BDD858BCDA4A051BD8C8 ] C:\WINDOWS\system32\snprfdll.dll

15:03:59.0906 3376 C:\WINDOWS\system32\snprfdll.dll - ok

15:03:59.0906 3376 [ DBE2B62353660ECCA0D75EA307A717E9 ] C:\WINDOWS\system32\perfctrs.dll

15:03:59.0906 3376 C:\WINDOWS\system32\perfctrs.dll - ok

15:03:59.0906 3376 [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll

15:03:59.0906 3376 C:\WINDOWS\system32\mmcshext.dll - ok

15:03:59.0921 3376 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

15:03:59.0921 3376 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

15:03:59.0921 3376 [ 03F46B4C5C39C956C15D4838D5743A39 ] C:\WINDOWS\system32\perfnw.dll

15:03:59.0921 3376 C:\WINDOWS\system32\perfnw.dll - ok

15:03:59.0921 3376 [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll

15:03:59.0921 3376 C:\WINDOWS\system32\hhsetup.dll - ok

15:03:59.0937 3376 [ 6A3C3FF4437675DA77EAAB64FC235F58 ] C:\PROGRA~1\COMMON~1\System\MSMAPI\1033\MSMAPI32.DLL

15:03:59.0937 3376 C:\PROGRA~1\COMMON~1\System\MSMAPI\1033\MSMAPI32.DLL - ok

15:03:59.0937 3376 [ A15B420EEB9850B22D803A676E3423CC ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll

15:03:59.0937 3376 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok

15:03:59.0953 3376 [ 31B067C412FA1A9BAD3CA2A63D7DA440 ] C:\WINDOWS\system32\d3d8thk.dll

15:03:59.0953 3376 C:\WINDOWS\system32\d3d8thk.dll - ok

15:03:59.0953 3376 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe

15:03:59.0953 3376 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok

15:03:59.0953 3376 [ FBDB9D0935B9907B809B381FDDF1627F ] C:\WINDOWS\system32\regsvr32.exe

15:03:59.0953 3376 C:\WINDOWS\system32\regsvr32.exe - ok

15:03:59.0968 3376 [ 77E9CE0672E3D3D0399D9DE2C657DA2D ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSO.DLL

15:03:59.0968 3376 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSO.DLL - ok

15:03:59.0968 3376 [ 4D6C9FDE7D8CBDA25C686F48FD8C1D8C ] C:\Program Files\PC-Doctor 5 for Windows\Common.dll

15:03:59.0968 3376 C:\Program Files\PC-Doctor 5 for Windows\Common.dll - ok

15:03:59.0984 3376 [ 1AAF5F7E13D208EA6FF7A5B84FDD6A8D ] C:\Program Files\PC-Doctor 5 for Windows\pcdrindicator.dll

15:03:59.0984 3376 C:\Program Files\PC-Doctor 5 for Windows\pcdrindicator.dll - ok

15:03:59.0984 3376 [ 3C6FA2F4D58611579B21798E0568F548 ] C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe

15:03:59.0984 3376 C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok

15:04:00.0000 3376 [ D0B1ACDC16AF9EA06D6461A361A46CBA ] C:\Program Files\PC-Doctor 5 for Windows\msvcp71.dll

Share this post


Link to post
Share on other sites

15:04:00.0000 3376 C:\Program Files\PC-Doctor 5 for Windows\msvcp71.dll - ok

15:04:00.0000 3376 [ 66E56A76CE961CC627EF9FF6502048B7 ] C:\Program Files\PC-Doctor 5 for Windows\msvcr71.dll

15:04:00.0000 3376 C:\Program Files\PC-Doctor 5 for Windows\msvcr71.dll - ok

15:04:00.0000 3376 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll

15:04:00.0000 3376 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok

15:04:00.0015 3376 [ 5F99F5F86C10AD55BE90335A8360CC2A ] C:\Program Files\PC-Doctor 5 for Windows\Dapi5.dll

15:04:00.0015 3376 C:\Program Files\PC-Doctor 5 for Windows\Dapi5.dll - ok

15:04:00.0015 3376 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll

15:04:00.0015 3376 C:\WINDOWS\system32\qmgr.dll - ok

15:04:00.0031 3376 [ 3EA6643EB3B9181EAB47538398B476BB ] C:\Program Files\PC-Doctor 5 for Windows\Enumerator.dll

15:04:00.0031 3376 C:\Program Files\PC-Doctor 5 for Windows\Enumerator.dll - ok

15:04:00.0031 3376 [ 20719719C391314C67E895F8F53A4BAF ] C:\Program Files\PC-Doctor 5 for Windows\Matrix.dll

15:04:00.0031 3376 C:\Program Files\PC-Doctor 5 for Windows\Matrix.dll - ok

15:04:00.0046 3376 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll

15:04:00.0046 3376 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok

15:04:00.0046 3376 [ C8FCC1F6FCCA45B6EAC62EF66B11DF20 ] C:\Program Files\PC-Doctor 5 for Windows\SharedAll.dll

15:04:00.0046 3376 C:\Program Files\PC-Doctor 5 for Windows\SharedAll.dll - ok

15:04:00.0046 3376 [ 7FE5FF890EB0F3138F4CB830AEB09E21 ] C:\Program Files\PC-Doctor 5 for Windows\IPC.dll

15:04:00.0046 3376 C:\Program Files\PC-Doctor 5 for Windows\IPC.dll - ok

15:04:00.0062 3376 [ 3E0F88D9D0D445BA5570DA442547B8C7 ] C:\Program Files\PC-Doctor 5 for Windows\Pcd5Services.dll

15:04:00.0062 3376 C:\Program Files\PC-Doctor 5 for Windows\Pcd5Services.dll - ok

15:04:00.0062 3376 [ 24A311C4B7266D7EA185DD586DA8C80D ] C:\Program Files\PC-Doctor 5 for Windows\ProgressTrace.dll

15:04:00.0062 3376 C:\Program Files\PC-Doctor 5 for Windows\ProgressTrace.dll - ok

15:04:00.0078 3376 [ 03C76895F47A1339A697269000675266 ] C:\WINDOWS\system32\newdev.dll

15:04:00.0078 3376 C:\WINDOWS\system32\newdev.dll - ok

15:04:00.0078 3376 [ B4459D13473D07FCB43365C02732DE16 ] C:\WINDOWS\system32\pschdprf.dll

15:04:00.0078 3376 C:\WINDOWS\system32\pschdprf.dll - ok

15:04:00.0078 3376 [ 8040D4264F9999E58CBF3B9E7B156295 ] C:\Program Files\PC-Doctor 5 for Windows\Http.dll

15:04:00.0078 3376 C:\Program Files\PC-Doctor 5 for Windows\Http.dll - ok

15:04:00.0093 3376 [ F92690E4C08B51BF68B11435E45E037C ] C:\Program Files\PC-Doctor 5 for Windows\Lsapi.dll

15:04:00.0093 3376 C:\Program Files\PC-Doctor 5 for Windows\Lsapi.dll - ok

15:04:00.0093 3376 [ 039EA1E42FED8ABAD4C05BDB0324B814 ] C:\Program Files\PC-Doctor 5 for Windows\Scsi.dll

15:04:00.0093 3376 C:\Program Files\PC-Doctor 5 for Windows\Scsi.dll - ok

15:04:00.0109 3376 [ 3B1E86BFBE9C656E284D8AC24F184F09 ] C:\Program Files\PC-Doctor 5 for Windows\Smart.dll

15:04:00.0109 3376 C:\Program Files\PC-Doctor 5 for Windows\Smart.dll - ok

15:04:00.0109 3376 [ 1F3A82333046F4B97B2BB148ABF38D54 ] C:\WINDOWS\system32\traffic.dll

15:04:00.0109 3376 C:\WINDOWS\system32\traffic.dll - ok

15:04:00.0125 3376 [ F1DAC7969C1337AF790BD1D981AA780C ] C:\WINDOWS\system32\qmgrprxy.dll

15:04:00.0125 3376 C:\WINDOWS\system32\qmgrprxy.dll - ok

15:04:00.0125 3376 [ 3798FB97C9E6742ABB6743F0A4527353 ] C:\WINDOWS\system32\nvshell.dll

15:04:00.0125 3376 C:\WINDOWS\system32\nvshell.dll - ok

15:04:00.0125 3376 [ B0B0D7905AC71BC278F17F455E182611 ] C:\WINDOWS\system32\rasctrs.dll

15:04:00.0125 3376 C:\WINDOWS\system32\rasctrs.dll - ok

15:04:00.0140 3376 [ F9DD799E07ED5028DB2F1FFEA72C9357 ] C:\WINDOWS\system32\rsvpperf.dll

15:04:00.0140 3376 C:\WINDOWS\system32\rsvpperf.dll - ok

15:04:00.0140 3376 [ 1136F3F9B7CB44E738EC79363A69894D ] C:\WINDOWS\system32\smtpctrs.dll

15:04:00.0140 3376 C:\WINDOWS\system32\smtpctrs.dll - ok

15:04:00.0156 3376 [ 8E8A962565D46855F031ECBF23ACE17A ] C:\PROGRA~1\PC-DOC~1\pcd5srvc.pkms

15:04:00.0156 3376 C:\PROGRA~1\PC-DOC~1\pcd5srvc.pkms - ok

15:04:00.0156 3376 [ F22ED2CD5E26514C6E8D21B5DA4572A3 ] C:\WINDOWS\system32\smtpapi.dll

15:04:00.0156 3376 C:\WINDOWS\system32\smtpapi.dll - ok

15:04:00.0156 3376 [ 49918803B661367023BF325CF602AFDC ] C:\Program Files\iPod\bin\iPodService.exe

15:04:00.0156 3376 C:\Program Files\iPod\bin\iPodService.exe - ok

15:04:00.0171 3376 [ 6951B89B4F591AA694048A6CD0E5224A ] C:\WINDOWS\system32\tapiperf.dll

15:04:00.0171 3376 C:\WINDOWS\system32\tapiperf.dll - ok

15:04:00.0171 3376 [ A0B7FC085B98DBBC995F6B35CB50280F ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll

15:04:00.0171 3376 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok

15:04:00.0171 3376 [ 9B7C7A89C8BEC0A8DF3DBEF3291B2CF7 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll

15:04:00.0171 3376 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok

15:04:00.0187 3376 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll

15:04:00.0187 3376 C:\WINDOWS\system32\drprov.dll - ok

15:04:00.0187 3376 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll

15:04:00.0187 3376 C:\WINDOWS\system32\ntlanman.dll - ok

15:04:00.0203 3376 [ CC48D35013009588B0A3F6632A81940B ] C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\PxWrap.dll

15:04:00.0203 3376 C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\PxWrap.dll - ok

15:04:00.0203 3376 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll

15:04:00.0203 3376 C:\WINDOWS\system32\netui0.dll - ok

15:04:00.0203 3376 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll

15:04:00.0203 3376 C:\WINDOWS\system32\netui1.dll - ok

15:04:00.0218 3376 [ 997F5E9C8442ABD564084D4BE3940454 ] C:\WINDOWS\system32\Px.dll

15:04:00.0218 3376 C:\WINDOWS\system32\Px.dll - ok

15:04:00.0218 3376 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll

15:04:00.0218 3376 C:\WINDOWS\system32\davclnt.dll - ok

15:04:00.0234 3376 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\msvcp71.DLL

15:04:00.0234 3376 C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\msvcp71.DLL - ok

15:04:00.0234 3376 [ B5DBE74457D015EC8D4F2CD43D52906D ] C:\WINDOWS\RTHDCPL.EXE

15:04:00.0234 3376 C:\WINDOWS\RTHDCPL.EXE - ok

15:04:00.0234 3376 [ 7E1B0C85B7347D9391FE60F6DADFDDF0 ] C:\Program Files\Microsoft Security Client\msseces.exe

15:04:00.0234 3376 C:\Program Files\Microsoft Security Client\msseces.exe - ok

15:04:00.0250 3376 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll

15:04:00.0250 3376 C:\WINDOWS\system32\dsound.dll - ok

15:04:00.0250 3376 [ 7CEDDB100E2B1254FD591A04C8470EBB ] C:\Program Files\PC-Doctor 5 for Windows\pcdrsysinfodirect.p5x

15:04:00.0250 3376 C:\Program Files\PC-Doctor 5 for Windows\pcdrsysinfodirect.p5x - ok

15:04:00.0265 3376 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe

15:04:00.0265 3376 C:\WINDOWS\system32\ctfmon.exe - ok

15:04:00.0265 3376 [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx

15:04:00.0265 3376 C:\WINDOWS\system32\hhctrl.ocx - ok

15:04:00.0265 3376 [ CE232810F63E5759024BA0877B6FD1B4 ] C:\WINDOWS\system32\wmp.dll

15:04:00.0265 3376 C:\WINDOWS\system32\wmp.dll - ok

15:04:00.0281 3376 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll

15:04:00.0281 3376 C:\WINDOWS\ime\sptip.dll - ok

15:04:00.0281 3376 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll

15:04:00.0281 3376 C:\WINDOWS\system32\msisip.dll - ok

15:04:00.0296 3376 [ A69630D039C38018689190234F866D77 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\MpKsl4dbbc91e.sys

15:04:00.0296 3376 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\MpKsl4dbbc91e.sys - ok

15:04:00.0296 3376 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll

15:04:00.0296 3376 C:\WINDOWS\system32\wshext.dll - ok

15:04:00.0296 3376 [ AA6505F84394FE7D6D62335D4398F9F1 ] C:\Program Files\PC-Doctor 5 for Windows\Acpi.dll

15:04:00.0296 3376 C:\Program Files\PC-Doctor 5 for Windows\Acpi.dll - ok

15:04:00.0312 3376 [ BFD07B921CA9A03B13E16E58BB3E6543 ] C:\Program Files\PC-Doctor 5 for Windows\libModuleCommon.dll

15:04:00.0312 3376 C:\Program Files\PC-Doctor 5 for Windows\libModuleCommon.dll - ok

15:04:00.0312 3376 [ 7943A80F1A6FD37969AACD411B511F91 ] C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll

15:04:00.0312 3376 C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll - ok

15:04:00.0328 3376 [ 0DBEE38060475A4C3E04D3B908AEC0B9 ] C:\Program Files\Microsoft Security Client\EppManifest.dll

15:04:00.0328 3376 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok

15:04:00.0328 3376 [ 40FA2F035ED88108850757CA51DAD942 ] C:\PROGRA~1\MICROS~4\OFFICE11\MCPS.DLL

15:04:00.0328 3376 C:\PROGRA~1\MICROS~4\OFFICE11\MCPS.DLL - ok

15:04:00.0328 3376 [ 5597D0075861CB0A6E6087752D205C0D ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

15:04:00.0328 3376 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - ok

15:04:00.0343 3376 [ 3816A07BF4E7E7BF5A6D2F59CE3A9FE4 ] C:\Program Files\PC-Doctor 5 for Windows\pcdrsysinfostorage.p5x

15:04:00.0343 3376 C:\Program Files\PC-Doctor 5 for Windows\pcdrsysinfostorage.p5x - ok

15:04:00.0343 3376 [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll

15:04:00.0343 3376 C:\WINDOWS\system32\msvfw32.dll - ok

15:04:00.0359 3376 [ 85EBCDF930AD766B46A521A9149D3276 ] C:\Program Files\NETGEAR\WNA3100\WNA3100.exe

15:04:00.0359 3376 C:\Program Files\NETGEAR\WNA3100\WNA3100.exe - ok

15:04:00.0359 3376 [ 9E8043C72F8B6ADA2B4C10827BB547B1 ] C:\WINDOWS\system32\wmploc.dll

15:04:00.0359 3376 C:\WINDOWS\system32\wmploc.dll - ok

15:04:00.0359 3376 [ 7686EF44D476926BAA3412EDA4D4DD70 ] C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll

15:04:00.0359 3376 C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll - ok

15:04:00.0375 3376 [ 7DB54F9C9D530193DEE603EF2C8C2895 ] C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll

15:04:00.0375 3376 C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll - ok

15:04:00.0375 3376 [ 82E047AC9DCFA908F169EBB20C157198 ] C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll

15:04:00.0375 3376 C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll - ok

15:04:00.0390 3376 [ 972297BAE5220EB376E52839BAE013B0 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc

15:04:00.0390 3376 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc - ok

15:04:00.0390 3376 [ CEC0E5BFF9D3BCDF28D741ACADDF52C1 ] C:\WINDOWS\system32\pxdrv.dll

15:04:00.0390 3376 C:\WINDOWS\system32\pxdrv.dll - ok

15:04:00.0390 3376 [ 621D873625B55315D248204E6588BA2D ] C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll

15:04:00.0390 3376 C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll - ok

15:04:00.0406 3376 [ CE319AC8DF8164B2C33EEF12FD445ED7 ] C:\WINDOWS\system32\PxMas.dll

15:04:00.0406 3376 C:\WINDOWS\system32\PxMas.dll - ok

15:04:00.0406 3376 [ D4C4A79EF3898603B587B3C432C94EAB ] C:\WINDOWS\system32\PxSFS.DLL

15:04:00.0406 3376 C:\WINDOWS\system32\PxSFS.DLL - ok

15:04:00.0421 3376 [ 107736B30790A06EF1A89433D7846606 ] C:\WINDOWS\system32\PxWave.dll

15:04:00.0421 3376 C:\WINDOWS\system32\PxWave.dll - ok

15:04:00.0437 3376 [ 349DAFDCA38BFD84D992F11A3E949347 ] C:\WINDOWS\system32\VXBLOCK.dll

15:04:00.0437 3376 C:\WINDOWS\system32\VXBLOCK.dll - ok

15:04:00.0437 3376 [ C81BE1B951C36E97D3DA90DA745DA5F7 ] C:\hp\KBD\kbd.exe

15:04:00.0437 3376 C:\hp\KBD\kbd.exe - ok

15:04:00.0453 3376 [ 308C9DDBD043903534514B097396E017 ] C:\hp\KBD\aol.dll

15:04:00.0453 3376 C:\hp\KBD\aol.dll - ok

15:04:00.0453 3376 [ F68A3F0D63BE926ED65ED1C8C5B03A3D ] C:\hp\KBD\led.dll

15:04:00.0453 3376 C:\hp\KBD\led.dll - ok

15:04:00.0453 3376 [ 205DB5A0DD15DF2657EFD4B64D0CC4A3 ] C:\hp\KBD\msg.dll

15:04:00.0453 3376 C:\hp\KBD\msg.dll - ok

15:04:00.0468 3376 [ FB8BFCDF02173E59F8336C3EAECE76E5 ] C:\hp\KBD\Onl.dll

15:04:00.0468 3376 C:\hp\KBD\Onl.dll - ok

15:04:00.0468 3376 [ 5F1EC8079DCC3ACB3315966A9A7E2391 ] C:\hp\KBD\OSD.DLL

15:04:00.0468 3376 C:\hp\KBD\OSD.DLL - ok

15:04:00.0468 3376 [ 2AE54F20144B2AF570587A8478D02885 ] C:\hp\KBD\PS2.dll

15:04:00.0468 3376 C:\hp\KBD\PS2.dll - ok

15:04:00.0484 3376 [ 2F420C4DCFFACF50F73CAB6C27DDA901 ] C:\hp\KBD\sct.dll

15:04:00.0484 3376 C:\hp\KBD\sct.dll - ok

15:04:00.0484 3376 [ F8C008DA6F620E822394781C894A06DB ] C:\hp\KBD\usb.dll

15:04:00.0484 3376 C:\hp\KBD\usb.dll - ok

15:04:00.0500 3376 [ 261E5E3602941656A1442B255C936B9E ] C:\hp\KBD\cfg.dll

15:04:00.0500 3376 C:\hp\KBD\cfg.dll - ok

15:04:00.0500 3376 [ 996FC333026A68A66078A4AB6C9EA54C ] C:\hp\KBD\url.dll

15:04:00.0500 3376 C:\hp\KBD\url.dll - ok

15:04:00.0500 3376 [ 60DB5561F7B646FA217E9EA6561E6705 ] C:\hp\KBD\msikbdif.dll

15:04:00.0500 3376 C:\hp\KBD\msikbdif.dll - ok

15:04:00.0515 3376 [ 585992D78B671AAA075C02241309795D ] C:\WINDOWS\system32\msvcirt.dll

15:04:00.0515 3376 C:\WINDOWS\system32\msvcirt.dll - ok

15:04:00.0515 3376 ============================================================

15:04:00.0515 3376 Scan finished

15:04:00.0515 3376 ============================================================

15:04:00.0531 2848 Detected object count: 0

15:04:00.0531 2848 Actual detected object count: 0

NOTE: Things seem to be getting alot better. Still get reaction from scrolling over "Unite"

Share this post


Link to post
Share on other sites

Hey preconmanager,

Thank you for the logs so far.

Please download the Kaspersky Virus Removal Tool from here to your Desktop.

Double-click the Removal Tool.

Click the cog in the upper right corner:

AVPfront.gif

Select down to and including your main drive.

Once done please select the Automatic Scan tab and press Start Scan.

avpsettings.gif

Allow AVP to delete all infections found.

Once it has finished select the Report tab.

Select the Detected threats report from the left and press the Save button.

Save it to your Desktop and post the contents in your next reply.

Share this post


Link to post
Share on other sites

Scan completed. No threats found. It did not give me the opportunity to save anything because it was blank.

Share this post


Link to post
Share on other sites

Hey preconmanager,

OK.

Please download HitmanPro.

  • For 32-bit Operating System - dEMD6.gif.
  • This is the mirror - dEMD6.gif
  • For 64-bit Operating System - dEMD6.gif
  • This is the mirror - dEMD6.gif
  • Launch the program by double clicking on the 5vo5F.jpg icon. (Windows Vista/7 users right click on the HitmanPro icon and select Run as administrator).

  • Click on the next button. You must agree with the terms of EULA.
  • Check the box beside "No, I only want to perform a one-time scan to check this computer".
  • Click on the next button.
  • The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.
  • When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!
  • on the next button.
  • Click on the "Export scan results to XML file".
  • Save that file to your Desktop and zip and attach it in your next reply.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.