Jump to content

Malwarebytes won't update


Recommended Posts

Hello Hamsterdiesel and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here and post your log files:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

DDS notepad:

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by User at 8:52:54 on 2013-04-12

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1334 [GMT -4:00]

.

AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

============== Running Processes ================

.

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\AVG SafeGuard toolbar\vprot.exe

C:\Program Files\Microsoft ActiveSync\Wcescomm.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\wuauclt.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Bar = hxxp://start.earthlink.net/AL/Search

mSearchAssistant = hxxp://start.earthlink.net/AL/Search

uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} -

BHO: ElnkBhoGuard Class: {00000000-0000-0000-0000-000000000002} -

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

BHO: ALOT Appbar Helper: {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - c:\program files\alotappbar\bin\bho\ALOTHelperBHO.dll

BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\14.0.0.14\AVG SafeGuard toolbar_toolbar.dll

BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} -

BHO: EpsonToolBandKicker Class: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

TB: EPSON Web-To-Page: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll

TB: EPSON Web-To-Page: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll

TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} -

TB: ALOT Appbar: {A531D99C-5A22-449b-83DA-872725C6D0ED} - c:\program files\alotappbar\bin\ALOTHelper.dll

TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\14.0.0.14\AVG SafeGuard toolbar_toolbar.dll

uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\Wcescomm.exe"

uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart

uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"

uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [igfxhkcmd] "c:\windows\system32\hkcmd.exe"

mRun: [igfxpers] "c:\windows\system32\igfxpers.exe"

mRun: [synTPLpr] "c:\program files\synaptics\syntp\SynTPLpr.exe"

mRun: [synTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"

mRun: [eabconfg.cpl] "c:\program files\hpq\quick launch buttons\EabServr.exe" /Start

mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe

mRun: [EPSON Stylus Photo R320 Series] "c:\windows\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE" /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY

mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"

StartupFolder: c:\docume~1\user\startm~1\programs\startup\rt-upd~1.lnk - c:\ross-tech\vcds\VCDS.EXE

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoWindowsUpdate = dword:0

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000

IE: EarthLink Google Search - c:\program files\earthlink totalaccess\toolbar\SearchUI.dll/search.html

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341233096203

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 68.87.64.146 68.87.75.194

TCP: Interfaces\{F29B5A26-87C9-4EA3-805A-C68113C05742} : DHCPNameServer = 68.87.64.146 68.87.75.194

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.0.1\ViProtocol.dll

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, UzfalmaHbist.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 60216]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 245048]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 96568]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-1-19 39224]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 208184]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 22328]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 170808]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-2-10 182072]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-3-21 31576]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-2-27 4937264]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-2-19 282624]

R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-2-14 1247600]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-1-23 92592]

R2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1;c:\program files\common files\avg secure search\vtoolbarupdater\14.0.1\ToolbarUpdater.exe [2013-3-21 945328]

S3 BW2NDIS5;BW2NDIS5;c:\windows\system32\drivers\bw2ndis5.sys --> c:\windows\system32\drivers\BW2NDIS5.sys [?]

S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-4-10 35144]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-4-10 40776]

S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2007-12-19 42112]

S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [2009-12-10 9472]

S3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB.SYS [2011-12-22 59464]

S3 swg3kser00;Sierra Wireless QMI USB Device for Legacy Serial Communication;c:\windows\system32\drivers\swg3kser00.sys [2012-8-7 215552]

S3 swiwdmbx;Sierra Wireless USB Bus Service;c:\windows\system32\drivers\swiwdmbx.sys [2012-8-7 83968]

S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [2012-8-7 208128]

S3 xcpip;TCP/IP Protocol Driver;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]

S3 xpsec;IPSEC driver;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]

S3 yzs2y.sys;yzs2y.sys;\??\c:\windows\system32\drivers\yzs2y.sys --> c:\windows\system32\drivers\yzs2y.sys [?]

S4 spywarebot;spywarebot;c:\windows\system32\drivers\spywarebot.sys --> c:\windows\system32\drivers\spywarebot.sys [?]

.

=============== Created Last 30 ================

.

2013-04-11 00:41:13 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2013-04-11 00:15:27 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-03-21 21:10:18 -------- d-----w- c:\documents and settings\user\local settings\application data\AVG SafeGuard toolbar

2013-03-21 20:59:53 -------- d-----w- c:\documents and settings\user\application data\AVG SafeGuard toolbar

2013-03-21 20:59:45 31576 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2013-03-21 20:59:39 -------- d-----w- c:\program files\common files\AVG Secure Search

2013-03-21 20:59:36 -------- d-----w- c:\program files\AVG SafeGuard toolbar

2013-03-15 20:37:31 12928 ------w- c:\windows\system32\dllcache\usb8023.sys

2013-03-15 20:37:30 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys

.

==================== Find3M ====================

.

2013-04-04 18:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-13 21:35:30 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-13 21:35:30 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll

2013-03-07 01:28:24 2193408 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-07 00:50:28 2070016 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-02 02:06:31 916480 ----a-w- c:\windows\system32\wininet.dll

2013-03-02 02:06:30 43520 ----a-w- c:\windows\system32\licmgr10.dll

2013-03-02 02:06:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2013-03-02 01:25:02 1867264 ----a-w- c:\windows\system32\win32k.sys

2013-03-02 01:08:47 385024 ----a-w- c:\windows\system32\html.iec

2013-03-01 14:32:20 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys

2013-02-27 07:56:51 2067456 ----a-w- c:\windows\system32\mstscax.dll

2013-02-27 03:40:46 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2013-02-14 07:52:46 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys

2013-02-08 08:37:56 245048 ----a-w- c:\windows\system32\drivers\avglogx.sys

2013-02-08 08:37:52 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys

2013-02-08 08:37:44 170808 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2013-02-08 08:37:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll

2008-06-25 01:29:05 3337917 ----a-w- c:\program files\alltowma_converter.exe

2008-06-25 00:02:45 3182285 ----a-w- c:\program files\mp3wavplus.exe

2007-11-26 04:24:00 25755448 ----a-w- c:\program files\wmp11-windowsxp-x86-enu.exe

2006-09-21 21:09:33 905216 ----a-w- c:\program files\iview398.exe

.

============= FINISH: 8:53:31.07 ===============

Link to post
Share on other sites

Attach notepad:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume1

Install Date: 6/10/2006 11:56:54 AM

System Uptime: 4/12/2013 8:32:27 AM (0 hours ago)

.

Motherboard: Quanta | | 308F

Processor: Intel® Pentium® M processor 1.60GHz | U1 | 1596/400mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 47 GiB total, 12.208 GiB free.

D: is FIXED (FAT32) - 7 GiB total, 0.499 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1779: 3/4/2013 7:38:58 AM - Software Distribution Service 3.0

RP1780: 3/4/2013 9:53:08 PM - Software Distribution Service 3.0

RP1781: 3/6/2013 5:47:02 AM - Software Distribution Service 3.0

RP1782: 3/7/2013 5:46:13 AM - Software Distribution Service 3.0

RP1783: 3/7/2013 7:24:06 AM - Software Distribution Service 3.0

RP1784: 3/8/2013 6:36:28 AM - Software Distribution Service 3.0

RP1785: 3/9/2013 8:18:21 AM - Software Distribution Service 3.0

RP1786: 3/10/2013 9:59:26 AM - Software Distribution Service 3.0

RP1787: 3/11/2013 8:20:45 AM - Software Distribution Service 3.0

RP1788: 3/11/2013 7:26:01 PM - Software Distribution Service 3.0

RP1789: 3/12/2013 3:00:20 AM - Software Distribution Service 3.0

RP1790: 3/13/2013 5:50:58 AM - Software Distribution Service 3.0

RP1791: 3/14/2013 5:42:57 AM - Software Distribution Service 3.0

RP1792: 3/14/2013 7:14:40 AM - Software Distribution Service 3.0

RP1793: 3/15/2013 5:43:54 AM - Software Distribution Service 3.0

RP1794: 3/15/2013 8:05:23 AM - Software Distribution Service 3.0

RP1795: 3/16/2013 8:57:30 AM - Software Distribution Service 3.0

RP1796: 3/17/2013 9:33:57 AM - Software Distribution Service 3.0

RP1797: 3/18/2013 5:38:37 AM - Software Distribution Service 3.0

RP1798: 3/19/2013 7:57:24 AM - Software Distribution Service 3.0

RP1799: 3/20/2013 5:39:53 AM - Software Distribution Service 3.0

RP1800: 3/20/2013 7:29:21 AM - Software Distribution Service 3.0

RP1801: 3/20/2013 7:45:19 AM - Software Distribution Service 3.0

RP1802: 3/20/2013 2:10:05 PM - Software Distribution Service 3.0

RP1803: 3/21/2013 5:46:09 AM - Software Distribution Service 3.0

RP1804: 3/21/2013 7:34:38 AM - Software Distribution Service 3.0

RP1805: 3/21/2013 4:55:02 PM - Installed AVG 2013

RP1806: 3/21/2013 4:55:28 PM - Removed AVG 2013

RP1807: 3/21/2013 4:56:39 PM - Installed AVG 2013

RP1808: 3/21/2013 5:01:28 PM - Removed AVG 2013

RP1809: 3/21/2013 9:53:12 PM - Software Distribution Service 3.0

RP1810: 3/23/2013 6:45:07 AM - Software Distribution Service 3.0

RP1811: 3/24/2013 10:42:34 AM - Software Distribution Service 3.0

RP1812: 3/25/2013 6:08:51 AM - Software Distribution Service 3.0

RP1813: 3/26/2013 5:46:54 AM - Software Distribution Service 3.0

RP1814: 3/26/2013 7:13:20 AM - Software Distribution Service 3.0

RP1815: 3/27/2013 5:45:08 AM - Software Distribution Service 3.0

RP1816: 3/27/2013 7:16:52 AM - Software Distribution Service 3.0

RP1817: 3/28/2013 5:45:24 AM - Software Distribution Service 3.0

RP1818: 3/28/2013 9:12:25 PM - Software Distribution Service 3.0

RP1819: 3/29/2013 9:29:55 PM - Software Distribution Service 3.0

RP1820: 3/31/2013 10:49:43 AM - Software Distribution Service 3.0

RP1821: 3/31/2013 2:52:30 PM - Software Distribution Service 3.0

RP1822: 4/1/2013 5:37:55 AM - Software Distribution Service 3.0

RP1823: 4/1/2013 9:50:16 PM - Software Distribution Service 3.0

RP1824: 4/2/2013 7:54:56 PM - Software Distribution Service 3.0

RP1825: 4/2/2013 8:17:37 PM - Software Distribution Service 3.0

RP1826: 4/3/2013 3:00:21 AM - Software Distribution Service 3.0

RP1827: 4/4/2013 5:46:16 AM - Software Distribution Service 3.0

RP1828: 4/5/2013 5:47:05 AM - Software Distribution Service 3.0

RP1829: 4/5/2013 6:06:33 AM - Software Distribution Service 3.0

RP1830: 4/5/2013 7:00:27 AM - Software Distribution Service 3.0

RP1831: 4/5/2013 2:24:31 PM - Software Distribution Service 3.0

RP1832: 4/6/2013 9:47:51 AM - Software Distribution Service 3.0

RP1833: 4/7/2013 8:30:51 AM - Software Distribution Service 3.0

RP1834: 4/7/2013 9:04:31 AM - Software Distribution Service 3.0

RP1835: 4/7/2013 9:35:51 PM - Software Distribution Service 3.0

RP1836: 4/8/2013 6:26:59 AM - Software Distribution Service 3.0

RP1837: 4/8/2013 7:54:41 AM - Software Distribution Service 3.0

RP1838: 4/8/2013 7:51:30 PM - Software Distribution Service 3.0

RP1839: 4/9/2013 3:00:21 AM - Software Distribution Service 3.0

RP1840: 4/9/2013 6:04:43 AM - Software Distribution Service 3.0

RP1841: 4/9/2013 8:48:23 PM - Software Distribution Service 3.0

RP1842: 4/10/2013 7:27:22 PM - Software Distribution Service 3.0

RP1843: 4/10/2013 9:41:48 PM - Software Distribution Service 3.0

RP1844: 4/12/2013 5:48:15 AM - Software Distribution Service 3.0

RP1845: 4/12/2013 8:36:36 AM - Revo Uninstaller's restore point - Java 6 Update 30

RP1846: 4/12/2013 8:37:21 AM - Removed Java 6 Update 27

RP1847: 4/12/2013 8:41:46 AM - Revo Uninstaller's restore point - J2SE Runtime Environment 5.0 Update 6

RP1848: 4/12/2013 8:42:19 AM - Removed J2SE Runtime Environment 5.0 Update 6

RP1849: 4/12/2013 8:45:04 AM - Revo Uninstaller's restore point - Java 7 Update 7

RP1850: 4/12/2013 8:45:28 AM - Removed Java 7 Update 7

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

7-Zip 9.21

Adobe AIR

Adobe Atmosphere Player for Acrobat and Adobe Reader

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.6)

Adobe Shockwave Player 11.6

ALOT Appbar

AVG 2013

BufferChm

Camera Window

Canon Camera WIA Driver

Canon Camera Window for ZoomBrowser EX

Canon PhotoRecord

Canon PowerShot S45 WIA Driver

Canon Utilities FileViewerUtility 1.0

Canon Utilities ZoomBrowser EX

CleanUp!

Compatibility Pack for the 2007 Office system

Conexant AC-Link Audio

Copy

CP_AtenaShokunin1Config

CP_CalendarTemplates1

cp_LightScribeConfig

cp_OnlineProjectsConfig

CP_Package_Basic1

CP_Package_Variety1

CP_Package_Variety2

CP_Package_Variety3

CP_Panorama1Config

cp_PosterPrintConfig

cp_UpdateProjectsConfig

Critical Update for Windows Media Player 11 (KB959772)

CueTour

CustomerResearchQFolder

Destination Component

DeviceDiscovery

DJ_AIO_03_F2200_ProductContext

DJ_AIO_03_F2200_Software

DJ_AIO_03_F2200_Software_Min

EarthLink Common Authentication

EarthLink MDAC

EPSON CardMonitor

EPSON PhotoCenter

EPSON PhotoStarter3.0

EPSON Print CD

EPSON Printer Software

EPSON Web-To-Page

ESPR320 Reference Guide

eSupportQFolder

F2200

F2200_Help

FileViewerUtility 1.0

FullDPAppQFolder

Garmin City Navigator North America NT 2008

Garmin Communicator Plugin

Google Chrome

GoToMeeting 5.3.0.977

GPBaseService

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Customer Participation Program 10.0

HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3

HP Help and Support

HP Imaging Device Functions 10.0

HP Photosmart Essential 2.5

HP Photosmart Premier Software 6.0

HP Smart Web Printing

HP Solution Center 10.0

HP Update

HP User Guides--System Recovery

HP User Guides 0001

HPProductAssistant

HpSdpAppCoreApp

InstantShareDevices

Intel® Graphics Media Accelerator Driver for Mobile

IrfanView (remove only)

LightScribe 1.4.56.1

Malwarebytes Anti-Malware version 1.75.0.1300

MarketResearch

Microsoft ActiveSync

Microsoft Calculator Plus

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Microsoft National Language Support Downlevel APIs

Microsoft Office File Validation Add-In

Microsoft Office Standard Edition 2003

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works

Microsoft XML Parser

MSSoap

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 and SOAP Toolkit 3.0

MSXML 4.0 SP2 Parser and SDK

OptionalContentQFolder

PhotoGallery

Print Lab Series

PSSWCORE

Quick Launch Buttons 5.20 F2

QuickTime

RandMap

Revo Uninstaller 1.91

Scan

Security Update for CAPICOM (KB931906)

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2792100)

Security Update for Windows Internet Explorer 8 (KB2797052)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows Internet Explorer 8 (KB2809289)

Security Update for Windows Internet Explorer 8 (KB2817183)

Security Update for Windows Internet Explorer 8 (KB969897)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2808735)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2813345)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

SkinsHP1

SmartWebPrintingOC

Soft Data Fax Modem with SmartCP

SolutionCenter

Sonic Audio Module

Sonic Copy Module

Sonic Data Module

Sonic MyDVD Plus

Sonic Update Manager

Sonic_PrimoSDK

Status

Switch Sound File Converter

swMSM

Symantec KB-DocID:2003093015493306

Synaptics Pointing Device Driver

Texas Instruments PCIxx21/x515/xx12 drivers.

TIPCI

TomTom HOME 2.8.3.2499

TomTom HOME Visual Studio Merge Modules

Toolbox

TrayApp

Unload

UnloadSupport

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB976749)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

VCDS Release 10.6.4

VCDS Release 11.11.5

VideoToolkit01

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

WebFldrs XP

WebReg

WIBU-KEY Setup (WIBU-KEY Remove)

Windows Driver Package - Ross-Tech USB Driver Package (06/16/2010 2.06.02)

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage v1.3.0254.0

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

WinRAR archiver

.

==== Event Viewer Messages From Past Week ========

.

4/8/2013 5:21:20 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

4/7/2013 9:04:37 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework, Version 2.0 (KB928365).

4/7/2013 10:24:52 AM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.

4/10/2013 8:40:44 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

4/10/2013 8:40:01 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSDriver AVGIDSShim Avgldx86 Avgtdix eabfiltr Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

4/10/2013 8:40:01 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

4/10/2013 8:40:01 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.

4/10/2013 8:40:01 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

4/10/2013 8:40:01 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

4/10/2013 8:40:01 PM, error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.

4/10/2013 8:39:18 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

.

==== End Of File ===========================

Link to post
Share on other sites

Step 1

Please uninstall this application: ALOT Appbar

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 4

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

aswMBR2-1.gif

On completion of the scan click save log, save it to your desktop and post in your next reply

aswMBR2.png

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • Malwarebytes' Anti-Malware log
  • aswMBR log
  • a new fresh DDS log

Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.8.3 (04.05.2013:1)

OS: Microsoft Windows XP x86

Ran by User on Fri 04/12/2013 at 9:56:28.85

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{95b7759c-8c7f-4bf1-b163-73684a933233}

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{00000000-6e41-4fd3-8538-502f5495e5fc}

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{d4027c7f-154a-4066-a1ad-4243d8127440}

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\cr_installer

Successfully deleted: [Registry Key] hkey_current_user\software\installedbrowserextensions

Successfully deleted: [Registry Key] hkey_current_user\software\shopping sidekick plugin

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\genericasktoolbar.dll

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\scripthelper.exe

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\viprotocol.dll

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\genericasktoolbar.toolbarwnd

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\genericasktoolbar.toolbarwnd.1

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\protocols\handler\viprotocol

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\s

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi.1

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole.1

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0021802.BHO

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0021802.Sandbox

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0021802.Sandbox.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0021802.BHO

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0021802.Sandbox

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0021802.Sandbox.1

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{171debeb-c3d4-40b7-ac73-056a5eba4a7e}

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{95b7759c-8c7f-4bf1-b163-73684a933233}

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{d4027c7f-154a-4066-a1ad-4243d8127440}

Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\1a24b5bb8521b03e0c8d908f5abc0ae6"

Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6aa0923513360135b272e8289c5f13fa"

Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\922525dcc5199162f8935747ca3d8e59"

~~~ Files

Successfully deleted: [File] "C:\WINDOWS\tasks\driver robot.job"

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\drivercure"

Successfully deleted: [Folder] "C:\Documents and Settings\User\Application Data\drivercure"

Successfully deleted: [Folder] "C:\Documents and Settings\User\Local Settings\Application Data\shopping sidekick plugin"

Successfully deleted: [Folder] "C:\Program Files\shopping sidekick plugin"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Fri 04/12/2013 at 10:02:46.10

End of JRT log

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.04.12.04

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

User :: YOUR-4105E587B6 [administrator]

4/12/2013 10:05:01 AM

mbam-log-2013-04-12 (10-05-01).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 229989

Time elapsed: 6 minute(s), 27 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software

Run date: 2013-04-12 10:16:35

-----------------------------

10:16:35.375 OS Version: Windows 5.1.2600 Service Pack 3

10:16:35.375 Number of processors: 1 586 0xD08

10:16:35.375 ComputerName: YOUR-4105E587B6 UserName: User

10:16:36.046 Initialize success

10:44:52.546 AVAST engine defs: 13041200

10:45:07.078 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4

10:45:07.078 Disk 0 Vendor: FUJITSU_MHV2060AT_PL 008300A1 Size: 57231MB BusType: 3

10:45:07.375 Disk 0 MBR read successfully

10:45:07.390 Disk 0 MBR scan

10:45:07.437 Disk 0 unknown MBR code

10:45:07.437 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 48516 MB offset 63

10:45:07.484 Disk 0 Partition 2 00 0C FAT32 LBA RECOVERY 7687 MB offset 99362025

10:45:07.515 Disk 0 Partition 3 00 D7 NTFS 1019 MB offset 115105725

10:45:07.546 Disk 0 scanning sectors +117194175

10:45:07.578 Disk 0 malicious Win32:MBRoot code @ sector 117194178 !

10:45:07.593 Disk 0 PE file @ sector 117194200 !

10:45:07.656 Disk 0 scanning C:\WINDOWS\system32\drivers

10:45:30.046 Service scanning

10:46:03.328 Modules scanning

10:46:14.640 Disk 0 trace - called modules:

10:46:14.687 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS

10:46:14.703 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a9ebab8]

10:46:14.734 3 CLASSPNP.SYS[f74e7fd7] -> nt!IofCallDriver -> \Device\00000083[0x8a999220]

10:46:14.765 5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8aa20d98]

10:46:15.375 AVAST engine scan C:\WINDOWS

10:46:40.609 AVAST engine scan C:\WINDOWS\system32

10:49:53.890 AVAST engine scan C:\WINDOWS\system32\drivers

10:50:19.515 AVAST engine scan C:\Documents and Settings\User

10:59:09.656 AVAST engine scan C:\Documents and Settings\All Users

11:00:17.953 Scan finished successfully

11:01:13.093 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\User\Desktop\MBR.dat"

11:01:13.125 The log file has been saved successfully to "C:\Documents and Settings\User\Desktop\aswMBR.txt"

New DDS log to follow...

Link to post
Share on other sites

<p>DDS notepad #2</p>

<p> </p>

<p> </p>

<div>DDS (Ver_2012-11-20.01) - NTFS_x86 </div>

<div>Internet Explorer: 8.0.6001.18702</div>

<div>Run by User at 11:06:11 on 2013-04-12</div>

<div>Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.2038.1381 [GMT -4:00]</div>

<div>.</div>

<div>AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}</div>

<div>.</div>

<div>============== Running Processes ================</div>

<div>.</div>

<div>C:\WINDOWS\system32\spoolsv.exe</div>

<div>C:\Program Files\AVG\AVG2013\avgwdsvc.exe</div>

<div>C:\Program Files\Common Files\LightScribe\LSSrvc.exe</div>

<div>C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe</div>

<div>C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe</div>

<div>C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe</div>

<div>C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe</div>

<div>C:\WINDOWS\System32\alg.exe</div>

<div>C:\WINDOWS\system32\wscntfy.exe</div>

<div>C:\WINDOWS\system32\hkcmd.exe</div>

<div>C:\WINDOWS\system32\igfxpers.exe</div>

<div>C:\Program Files\Synaptics\SynTP\SynTPLpr.exe</div>

<div>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe</div>

<div>C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe</div>

<div>C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE</div>

<div>C:\Program Files\QuickTime\qttask.exe</div>

<div>C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe</div>

<div>C:\Program Files\AVG\AVG2013\avgui.exe</div>

<div>C:\Program Files\Microsoft ActiveSync\Wcescomm.exe</div>

<div>C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe</div>

<div>C:\WINDOWS\system32\ctfmon.exe</div>

<div>C:\WINDOWS\system32\wuauclt.exe</div>

<div>C:\PROGRA~1\MI3AA1~1\rapimgr.exe</div>

<div>C:\WINDOWS\explorer.exe</div>

<div>C:\WINDOWS\notepad.exe</div>

<div>C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div>

<div>C:\WINDOWS\system32\wbem\wmiprvse.exe</div>

<div>C:\WINDOWS\System32\svchost.exe -k netsvcs</div>

<div>C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup</div>

<div>C:\WINDOWS\system32\svchost.exe -k NetworkService</div>

<div>C:\WINDOWS\system32\svchost.exe -k LocalService</div>

<div>C:\WINDOWS\system32\svchost.exe -k LocalService</div>

<div>C:\WINDOWS\system32\svchost.exe -k hpdevmgmt</div>

<div>C:\WINDOWS\System32\svchost.exe -k HPZ12</div>

<div>C:\WINDOWS\System32\svchost.exe -k HPZ12</div>

<div>C:\WINDOWS\system32\svchost.exe -k imgsvc</div>

<div>C:\WINDOWS\System32\svchost.exe -k HTTPFilter</div>

<div>.</div>

<div>============== Pseudo HJT Report ===============</div>

<div>.</div>

<div>uStart Page = hxxp://www.google.com/</div>

<div>uSearch Bar = hxxp://start.earthlink.net/AL/Search</div>

<div>mSearchAssistant = hxxp://start.earthlink.net/AL/Search</div>

<div>BHO: ElnkBhoGuard Class: {00000000-0000-0000-0000-000000000002} - </div>

<div>BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll</div>

<div>BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll</div>

<div>BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - </div>

<div>BHO: EpsonToolBandKicker Class: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll</div>

<div>BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll</div>

<div>TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll</div>

<div>TB: EPSON Web-To-Page: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll</div>

<div>TB: EPSON Web-To-Page: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll</div>

<div>uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\Wcescomm.exe"</div>

<div>uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart</div>

<div>uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"</div>

<div>uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c</div>

<div>uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe</div>

<div>mRun: [igfxhkcmd] "c:\windows\system32\hkcmd.exe"</div>

<div>mRun: [igfxpers] "c:\windows\system32\igfxpers.exe"</div>

<div>mRun: [synTPLpr] "c:\program files\synaptics\syntp\SynTPLpr.exe"</div>

<div>mRun: [synTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"</div>

<div>mRun: [eabconfg.cpl] "c:\program files\hpq\quick launch buttons\EabServr.exe" /Start</div>

<div>mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe</div>

<div>mRun: [EPSON Stylus Photo R320 Series] "c:\windows\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE" /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"</div>

<div>mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime</div>

<div>mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup</div>

<div>mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start</div>

<div>mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"</div>

<div>mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY</div>

<div>mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"</div>

<div>StartupFolder: c:\docume~1\user\startm~1\programs\startup\rt-upd~1.lnk - c:\ross-tech\vcds\VCDS.EXE</div>

<div>uPolicies-Explorer: NoDriveTypeAutoRun = dword:145</div>

<div>uPolicies-Explorer: NoWindowsUpdate = dword:0</div>

<div>mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1</div>

<div>mPolicies-Explorer: NoDriveTypeAutoRun = dword:145</div>

<div>IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000</div>

<div>IE: EarthLink Google Search - c:\program files\earthlink totalaccess\toolbar\SearchUI.dll/search.html</div>

<div>IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll</div>

<div>IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll</div>

<div>IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}</div>

<div>IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll</div>

<div>IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe</div>

<div>IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe</div>

<div>DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab</div>

<div>DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab</div>

<div>DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab</div>

<div>DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341233096203</div>

<div>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab</div>

<div>DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab</div>

<div>DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab</div>

<div>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab</div>

<div>DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab</div>

<div>TCP: NameServer = 68.87.64.146 68.87.75.194</div>

<div>TCP: Interfaces\{F29B5A26-87C9-4EA3-805A-C68113C05742} : DHCPNameServer = 68.87.64.146 68.87.75.194</div>

<div>Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - </div>

<div>Notify: igfxcui - igfxdev.dll</div>

<div>SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll</div>

<div>SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, UzfalmaHbist.dll</div>

<div>.</div>

<div>============= SERVICES / DRIVERS ===============</div>

<div>.</div>

<div>R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 60216]</div>

<div>R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 245048]</div>

<div>R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 96568]</div>

<div>R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-1-19 39224]</div>

<div>R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 208184]</div>

<div>R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 22328]</div>

<div>R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 170808]</div>

<div>R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-2-10 182072]</div>

<div>R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-3-21 31576]</div>

<div>R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-2-19 282624]</div>

<div>R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-2-14 1247600]</div>

<div>R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-1-23 92592]</div>

<div>R2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1;c:\program files\common files\avg secure search\vtoolbarupdater\14.0.1\ToolbarUpdater.exe [2013-3-21 945328]</div>

<div>S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-2-27 4937264]</div>

<div>S3 BW2NDIS5;BW2NDIS5;c:\windows\system32\drivers\bw2ndis5.sys --> c:\windows\system32\drivers\BW2NDIS5.sys [?]</div>

<div>S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-4-10 35144]</div>

<div>S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2007-12-19 42112]</div>

<div>S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [2009-12-10 9472]</div>

<div>S3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB.SYS [2011-12-22 59464]</div>

<div>S3 swg3kser00;Sierra Wireless QMI USB Device for Legacy Serial Communication;c:\windows\system32\drivers\swg3kser00.sys [2012-8-7 215552]</div>

<div>S3 swiwdmbx;Sierra Wireless USB Bus Service;c:\windows\system32\drivers\swiwdmbx.sys [2012-8-7 83968]</div>

<div>S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [2012-8-7 208128]</div>

<div>S3 xcpip;TCP/IP Protocol Driver;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]</div>

<div>S3 xpsec;IPSEC driver;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]</div>

<div>S3 yzs2y.sys;yzs2y.sys;\??\c:\windows\system32\drivers\yzs2y.sys --> c:\windows\system32\drivers\yzs2y.sys [?]</div>

<div>S4 spywarebot;spywarebot;c:\windows\system32\drivers\spywarebot.sys --> c:\windows\system32\drivers\spywarebot.sys [?]</div>

<div>.</div>

<div>=============== Created Last 30 ================</div>

<div>.</div>

<div>2013-04-12 13:56:25<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\ERUNT</div>

<div>2013-04-12 13:55:51<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>C:\JRT</div>

<div>2013-04-11 00:15:27<span class="Apple-tab-span" style="white-space:pre"> </span>35144<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\mbamchameleon.sys</div>

<div>2013-03-21 21:10:18<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\documents and settings\user\local settings\application data\AVG SafeGuard toolbar</div>

<div>2013-03-21 20:59:53<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\documents and settings\user\application data\AVG SafeGuard toolbar</div>

<div>2013-03-21 20:59:45<span class="Apple-tab-span" style="white-space:pre"> </span>31576<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\avgtpx86.sys</div>

<div>2013-03-21 20:59:39<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\common files\AVG Secure Search</div>

<div>2013-03-21 20:59:36<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\AVG SafeGuard toolbar</div>

<div>2013-03-15 20:37:31<span class="Apple-tab-span" style="white-space:pre"> </span>12928<span class="Apple-tab-span" style="white-space:pre"> </span>------w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\dllcache\usb8023.sys</div>

<div>2013-03-15 20:37:30<span class="Apple-tab-span" style="white-space:pre"> </span>12928<span class="Apple-tab-span" style="white-space:pre"> </span>------w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\dllcache\usb8023x.sys</div>

<div>.</div>

<div>==================== Find3M  ====================</div>

<div>.</div>

<div>2013-04-04 18:50:32<span class="Apple-tab-span" style="white-space:pre"> </span>22856<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\mbam.sys</div>

<div>2013-03-13 21:35:30<span class="Apple-tab-span" style="white-space:pre"> </span>73432<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\FlashPlayerCPLApp.cpl</div>

<div>2013-03-13 21:35:30<span class="Apple-tab-span" style="white-space:pre"> </span>693976<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\FlashPlayerApp.exe</div>

<div>2013-03-08 08:36:22<span class="Apple-tab-span" style="white-space:pre"> </span>293376<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\winsrv.dll</div>

<div>2013-03-07 01:28:24<span class="Apple-tab-span" style="white-space:pre"> </span>2193408<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\ntoskrnl.exe</div>

<div>2013-03-07 00:50:28<span class="Apple-tab-span" style="white-space:pre"> </span>2070016<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\ntkrnlpa.exe</div>

<div>2013-03-02 02:06:31<span class="Apple-tab-span" style="white-space:pre"> </span>916480<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\wininet.dll</div>

<div>2013-03-02 02:06:30<span class="Apple-tab-span" style="white-space:pre"> </span>43520<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\licmgr10.dll</div>

<div>2013-03-02 02:06:30<span class="Apple-tab-span" style="white-space:pre"> </span>1469440<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\inetcpl.cpl</div>

<div>2013-03-02 01:25:02<span class="Apple-tab-span" style="white-space:pre"> </span>1867264<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\win32k.sys</div>

<div>2013-03-02 01:08:47<span class="Apple-tab-span" style="white-space:pre"> </span>385024<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\html.iec</div>

<div>2013-03-01 14:32:20<span class="Apple-tab-span" style="white-space:pre"> </span>22328<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\avgidsshimx.sys</div>

<div>2013-02-27 07:56:51<span class="Apple-tab-span" style="white-space:pre"> </span>2067456<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\mstscax.dll</div>

<div>2013-02-27 03:40:46<span class="Apple-tab-span" style="white-space:pre"> </span>208184<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\avgidsdriverx.sys</div>

<div>2013-02-14 07:52:46<span class="Apple-tab-span" style="white-space:pre"> </span>182072<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\avgtdix.sys</div>

<div>2013-02-12 00:32:23<span class="Apple-tab-span" style="white-space:pre"> </span>12928<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\usb8023.sys</div>

<div>2013-02-12 00:32:23<span class="Apple-tab-span" style="white-space:pre"> </span>12928<span class="Apple-tab-span" style="white-space:pre"> </span>------w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\usb8023x.sys</div>

<div>2013-02-08 08:37:56<span class="Apple-tab-span" style="white-space:pre"> </span>245048<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\avglogx.sys</div>

<div>2013-02-08 08:37:52<span class="Apple-tab-span" style="white-space:pre"> </span>60216<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\avgidshx.sys</div>

<div>2013-02-08 08:37:44<span class="Apple-tab-span" style="white-space:pre"> </span>170808<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\avgldx86.sys</div>

<div>2013-02-08 08:37:40<span class="Apple-tab-span" style="white-space:pre"> </span>39224<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\avgrkx86.sys</div>

<div>2013-01-26 03:55:44<span class="Apple-tab-span" style="white-space:pre"> </span>552448<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\oleaut32.dll</div>

<div>2008-06-25 01:29:05<span class="Apple-tab-span" style="white-space:pre"> </span>3337917<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\alltowma_converter.exe</div>

<div>2008-06-25 00:02:45<span class="Apple-tab-span" style="white-space:pre"> </span>3182285<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\mp3wavplus.exe</div>

<div>2007-11-26 04:24:00<span class="Apple-tab-span" style="white-space:pre"> </span>25755448<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\wmp11-windowsxp-x86-enu.exe</div>

<div>2006-09-21 21:09:33<span class="Apple-tab-span" style="white-space:pre"> </span>905216<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\iview398.exe</div>

<div>.</div>

<div>============= FINISH: 11:06:34.79 ===============</div>

<div> </div>

Link to post
Share on other sites

<p> </p>

<div>Attach notepad #2:</div>

<div> </div>

<div>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.</div>

<div>IF REQUESTED, ZIP IT UP & ATTACH IT</div>

<div>.</div>

<div>DDS (Ver_2012-11-20.01)</div>

<div>.</div>

<div>Microsoft Windows XP Home Edition</div>

<div>Boot Device: \Device\HarddiskVolume1</div>

<div>Install Date: 6/10/2006 11:56:54 AM</div>

<div>System Uptime: 4/12/2013 8:32:27 AM (3 hours ago)</div>

<div>.</div>

<div>Motherboard: Quanta |  | 308F</div>

<div>Processor:         Intel® Pentium® M processor 1.60GHz | U1 | 1197/400mhz</div>

<div>.</div>

<div>==== Disk Partitions =========================</div>

<div>.</div>

<div>C: is FIXED (NTFS) - 47 GiB total, 11.969 GiB free.</div>

<div>D: is FIXED (FAT32) - 7 GiB total, 0.499 GiB free.</div>

<div>E: is CDROM ()</div>

<div>.</div>

<div>==== Disabled Device Manager Items =============</div>

<div>.</div>

<div>==== System Restore Points ===================</div>

<div>.</div>

<div>RP1779: 3/4/2013 7:38:58 AM - Software Distribution Service 3.0</div>

<div>RP1780: 3/4/2013 9:53:08 PM - Software Distribution Service 3.0</div>

<div>RP1781: 3/6/2013 5:47:02 AM - Software Distribution Service 3.0</div>

<div>RP1782: 3/7/2013 5:46:13 AM - Software Distribution Service 3.0</div>

<div>RP1783: 3/7/2013 7:24:06 AM - Software Distribution Service 3.0</div>

<div>RP1784: 3/8/2013 6:36:28 AM - Software Distribution Service 3.0</div>

<div>RP1785: 3/9/2013 8:18:21 AM - Software Distribution Service 3.0</div>

<div>RP1786: 3/10/2013 9:59:26 AM - Software Distribution Service 3.0</div>

<div>RP1787: 3/11/2013 8:20:45 AM - Software Distribution Service 3.0</div>

<div>RP1788: 3/11/2013 7:26:01 PM - Software Distribution Service 3.0</div>

<div>RP1789: 3/12/2013 3:00:20 AM - Software Distribution Service 3.0</div>

<div>RP1790: 3/13/2013 5:50:58 AM - Software Distribution Service 3.0</div>

<div>RP1791: 3/14/2013 5:42:57 AM - Software Distribution Service 3.0</div>

<div>RP1792: 3/14/2013 7:14:40 AM - Software Distribution Service 3.0</div>

<div>RP1793: 3/15/2013 5:43:54 AM - Software Distribution Service 3.0</div>

<div>RP1794: 3/15/2013 8:05:23 AM - Software Distribution Service 3.0</div>

<div>RP1795: 3/16/2013 8:57:30 AM - Software Distribution Service 3.0</div>

<div>RP1796: 3/17/2013 9:33:57 AM - Software Distribution Service 3.0</div>

<div>RP1797: 3/18/2013 5:38:37 AM - Software Distribution Service 3.0</div>

<div>RP1798: 3/19/2013 7:57:24 AM - Software Distribution Service 3.0</div>

<div>RP1799: 3/20/2013 5:39:53 AM - Software Distribution Service 3.0</div>

<div>RP1800: 3/20/2013 7:29:21 AM - Software Distribution Service 3.0</div>

<div>RP1801: 3/20/2013 7:45:19 AM - Software Distribution Service 3.0</div>

<div>RP1802: 3/20/2013 2:10:05 PM - Software Distribution Service 3.0</div>

<div>RP1803: 3/21/2013 5:46:09 AM - Software Distribution Service 3.0</div>

<div>RP1804: 3/21/2013 7:34:38 AM - Software Distribution Service 3.0</div>

<div>RP1805: 3/21/2013 4:55:02 PM - Installed AVG 2013</div>

<div>RP1806: 3/21/2013 4:55:28 PM - Removed AVG 2013</div>

<div>RP1807: 3/21/2013 4:56:39 PM - Installed AVG 2013</div>

<div>RP1808: 3/21/2013 5:01:28 PM - Removed AVG 2013</div>

<div>RP1809: 3/21/2013 9:53:12 PM - Software Distribution Service 3.0</div>

<div>RP1810: 3/23/2013 6:45:07 AM - Software Distribution Service 3.0</div>

<div>RP1811: 3/24/2013 10:42:34 AM - Software Distribution Service 3.0</div>

<div>RP1812: 3/25/2013 6:08:51 AM - Software Distribution Service 3.0</div>

<div>RP1813: 3/26/2013 5:46:54 AM - Software Distribution Service 3.0</div>

<div>RP1814: 3/26/2013 7:13:20 AM - Software Distribution Service 3.0</div>

<div>RP1815: 3/27/2013 5:45:08 AM - Software Distribution Service 3.0</div>

<div>RP1816: 3/27/2013 7:16:52 AM - Software Distribution Service 3.0</div>

<div>RP1817: 3/28/2013 5:45:24 AM - Software Distribution Service 3.0</div>

<div>RP1818: 3/28/2013 9:12:25 PM - Software Distribution Service 3.0</div>

<div>RP1819: 3/29/2013 9:29:55 PM - Software Distribution Service 3.0</div>

<div>RP1820: 3/31/2013 10:49:43 AM - Software Distribution Service 3.0</div>

<div>RP1821: 3/31/2013 2:52:30 PM - Software Distribution Service 3.0</div>

<div>RP1822: 4/1/2013 5:37:55 AM - Software Distribution Service 3.0</div>

<div>RP1823: 4/1/2013 9:50:16 PM - Software Distribution Service 3.0</div>

<div>RP1824: 4/2/2013 7:54:56 PM - Software Distribution Service 3.0</div>

<div>RP1825: 4/2/2013 8:17:37 PM - Software Distribution Service 3.0</div>

<div>RP1826: 4/3/2013 3:00:21 AM - Software Distribution Service 3.0</div>

<div>RP1827: 4/4/2013 5:46:16 AM - Software Distribution Service 3.0</div>

<div>RP1828: 4/5/2013 5:47:05 AM - Software Distribution Service 3.0</div>

<div>RP1829: 4/5/2013 6:06:33 AM - Software Distribution Service 3.0</div>

<div>RP1830: 4/5/2013 7:00:27 AM - Software Distribution Service 3.0</div>

<div>RP1831: 4/5/2013 2:24:31 PM - Software Distribution Service 3.0</div>

<div>RP1832: 4/6/2013 9:47:51 AM - Software Distribution Service 3.0</div>

<div>RP1833: 4/7/2013 8:30:51 AM - Software Distribution Service 3.0</div>

<div>RP1834: 4/7/2013 9:04:31 AM - Software Distribution Service 3.0</div>

<div>RP1835: 4/7/2013 9:35:51 PM - Software Distribution Service 3.0</div>

<div>RP1836: 4/8/2013 6:26:59 AM - Software Distribution Service 3.0</div>

<div>RP1837: 4/8/2013 7:54:41 AM - Software Distribution Service 3.0</div>

<div>RP1838: 4/8/2013 7:51:30 PM - Software Distribution Service 3.0</div>

<div>RP1839: 4/9/2013 3:00:21 AM - Software Distribution Service 3.0</div>

<div>RP1840: 4/9/2013 6:04:43 AM - Software Distribution Service 3.0</div>

<div>RP1841: 4/9/2013 8:48:23 PM - Software Distribution Service 3.0</div>

<div>RP1842: 4/10/2013 7:27:22 PM - Software Distribution Service 3.0</div>

<div>RP1843: 4/10/2013 9:41:48 PM - Software Distribution Service 3.0</div>

<div>RP1844: 4/12/2013 5:48:15 AM - Software Distribution Service 3.0</div>

<div>RP1845: 4/12/2013 8:36:36 AM - Revo Uninstaller's restore point - Java 6 Update 30</div>

<div>RP1846: 4/12/2013 8:37:21 AM - Removed Java 6 Update 27</div>

<div>RP1847: 4/12/2013 8:41:46 AM - Revo Uninstaller's restore point - J2SE Runtime Environment 5.0 Update 6</div>

<div>RP1848: 4/12/2013 8:42:19 AM - Removed J2SE Runtime Environment 5.0 Update 6</div>

<div>RP1849: 4/12/2013 8:45:04 AM - Revo Uninstaller's restore point - Java 7 Update 7</div>

<div>RP1850: 4/12/2013 8:45:28 AM - Removed Java 7 Update 7</div>

<div>RP1851: 4/12/2013 9:49:42 AM - Revo Uninstaller's restore point - ALOT Appbar</div>

<div>.</div>

<div>==== Installed Programs ======================</div>

<div>.</div>

<div>32 Bit HP CIO Components Installer</div>

<div>7-Zip 9.21</div>

<div>Adobe AIR</div>

<div>Adobe Atmosphere Player for Acrobat and Adobe Reader</div>

<div>Adobe Flash Player 11 ActiveX</div>

<div>Adobe Flash Player 11 Plugin</div>

<div>Adobe Reader X (10.1.6)</div>

<div>Adobe Shockwave Player 11.6</div>

<div>AVG 2013</div>

<div>BufferChm</div>

<div>Camera Window</div>

<div>Canon Camera WIA Driver</div>

<div>Canon Camera Window for ZoomBrowser EX</div>

<div>Canon PhotoRecord</div>

<div>Canon PowerShot S45 WIA Driver</div>

<div>Canon Utilities FileViewerUtility 1.0</div>

<div>Canon Utilities ZoomBrowser EX</div>

<div>CleanUp!</div>

<div>Compatibility Pack for the 2007 Office system</div>

<div>Conexant AC-Link Audio</div>

<div>Copy</div>

<div>CP_AtenaShokunin1Config</div>

<div>CP_CalendarTemplates1</div>

<div>cp_LightScribeConfig</div>

<div>cp_OnlineProjectsConfig</div>

<div>CP_Package_Basic1</div>

<div>CP_Package_Variety1</div>

<div>CP_Package_Variety2</div>

<div>CP_Package_Variety3</div>

<div>CP_Panorama1Config</div>

<div>cp_PosterPrintConfig</div>

<div>cp_UpdateProjectsConfig</div>

<div>Critical Update for Windows Media Player 11 (KB959772)</div>

<div>CueTour</div>

<div>CustomerResearchQFolder</div>

<div>Destination Component</div>

<div>DeviceDiscovery</div>

<div>DJ_AIO_03_F2200_ProductContext</div>

<div>DJ_AIO_03_F2200_Software</div>

<div>DJ_AIO_03_F2200_Software_Min</div>

<div>EarthLink Common Authentication</div>

<div>EarthLink MDAC</div>

<div>EPSON CardMonitor</div>

<div>EPSON PhotoCenter </div>

<div>EPSON PhotoStarter3.0</div>

<div>EPSON Print CD</div>

<div>EPSON Printer Software</div>

<div>EPSON Web-To-Page</div>

<div>ESPR320 Reference Guide</div>

<div>eSupportQFolder</div>

<div>F2200</div>

<div>F2200_Help</div>

<div>FileViewerUtility 1.0</div>

<div>FullDPAppQFolder</div>

<div>Garmin City Navigator North America NT 2008</div>

<div>Garmin Communicator Plugin</div>

<div>Google Chrome</div>

<div>GoToMeeting 5.3.0.977</div>

<div>GPBaseService</div>

<div>Hotfix for Windows Internet Explorer 7 (KB947864)</div>

<div>Hotfix for Windows Media Format 11 SDK (KB929399)</div>

<div>Hotfix for Windows Media Player 11 (KB939683)</div>

<div>Hotfix for Windows XP (KB2158563)</div>

<div>Hotfix for Windows XP (KB2443685)</div>

<div>Hotfix for Windows XP (KB2570791)</div>

<div>Hotfix for Windows XP (KB2633952)</div>

<div>Hotfix for Windows XP (KB2756822)</div>

<div>Hotfix for Windows XP (KB2779562)</div>

<div>Hotfix for Windows XP (KB952287)</div>

<div>Hotfix for Windows XP (KB954550-v5)</div>

<div>Hotfix for Windows XP (KB961118)</div>

<div>Hotfix for Windows XP (KB970653-v3)</div>

<div>Hotfix for Windows XP (KB976098-v2)</div>

<div>Hotfix for Windows XP (KB979306)</div>

<div>Hotfix for Windows XP (KB981793)</div>

<div>HP Customer Participation Program 10.0</div>

<div>HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3</div>

<div>HP Help and Support</div>

<div>HP Imaging Device Functions 10.0</div>

<div>HP Photosmart Essential 2.5</div>

<div>HP Photosmart Premier Software 6.0</div>

<div>HP Smart Web Printing</div>

<div>HP Solution Center 10.0</div>

<div>HP Update</div>

<div>HP User Guides--System Recovery</div>

<div>HP User Guides 0001</div>

<div>HPProductAssistant</div>

<div>HpSdpAppCoreApp</div>

<div>InstantShareDevices</div>

<div>Intel® Graphics Media Accelerator Driver for Mobile</div>

<div>IrfanView (remove only)</div>

<div>LightScribe  1.4.56.1</div>

<div>Malwarebytes Anti-Malware version 1.75.0.1300</div>

<div>MarketResearch</div>

<div>Microsoft ActiveSync</div>

<div>Microsoft Calculator Plus</div>

<div>Microsoft Compression Client Pack 1.0 for Windows XP</div>

<div>Microsoft Internationalized Domain Names Mitigation APIs</div>

<div>Microsoft Kernel-Mode Driver Framework Feature Pack 1.5</div>

<div>Microsoft National Language Support Downlevel APIs</div>

<div>Microsoft Office File Validation Add-In</div>

<div>Microsoft Office Standard Edition 2003</div>

<div>Microsoft User-Mode Driver Framework Feature Pack 1.0</div>

<div>Microsoft Visual C++ 2005 Redistributable</div>

<div>Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570</div>

<div>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148</div>

<div>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161</div>

<div>Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219</div>

<div>Microsoft Works</div>

<div>Microsoft XML Parser</div>

<div>MSSoap</div>

<div>MSXML 4.0 SP2 (KB927978)</div>

<div>MSXML 4.0 SP2 (KB936181)</div>

<div>MSXML 4.0 SP2 (KB954430)</div>

<div>MSXML 4.0 SP2 (KB973688)</div>

<div>MSXML 4.0 SP2 and SOAP Toolkit 3.0</div>

<div>MSXML 4.0 SP2 Parser and SDK</div>

<div>OptionalContentQFolder</div>

<div>PhotoGallery</div>

<div>Print Lab Series</div>

<div>PSSWCORE</div>

<div>Quick Launch Buttons 5.20 F2</div>

<div>QuickTime</div>

<div>RandMap</div>

<div>Revo Uninstaller 1.91</div>

<div>Scan</div>

<div>Security Update for CAPICOM (KB931906)</div>

<div>Security Update for Microsoft Windows (KB2564958)</div>

<div>Security Update for Step By Step Interactive Training (KB898458)</div>

<div>Security Update for Step By Step Interactive Training (KB923723)</div>

<div>Security Update for Windows Internet Explorer 7 (KB938127)</div>

<div>Security Update for Windows Internet Explorer 7 (KB939653)</div>

<div>Security Update for Windows Internet Explorer 7 (KB942615)</div>

<div>Security Update for Windows Internet Explorer 7 (KB944533)</div>

<div>Security Update for Windows Internet Explorer 7 (KB950759)</div>

<div>Security Update for Windows Internet Explorer 7 (KB953838)</div>

<div>Security Update for Windows Internet Explorer 7 (KB956390)</div>

<div>Security Update for Windows Internet Explorer 7 (KB958215)</div>

<div>Security Update for Windows Internet Explorer 7 (KB960714)</div>

<div>Security Update for Windows Internet Explorer 7 (KB961260)</div>

<div>Security Update for Windows Internet Explorer 7 (KB963027)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2183461)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2360131)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2416400)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2482017)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2497640)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2510531)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2530548)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2544521)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2559049)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2586448)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2618444)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2647516)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2675157)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2699988)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2722913)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2744842)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2761465)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2792100)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2797052)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2799329)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2809289)</div>

<div>Security Update for Windows Internet Explorer 8 (KB2817183)</div>

<div>Security Update for Windows Internet Explorer 8 (KB969897)</div>

<div>Security Update for Windows Internet Explorer 8 (KB971961)</div>

<div>Security Update for Windows Internet Explorer 8 (KB972260)</div>

<div>Security Update for Windows Internet Explorer 8 (KB974455)</div>

<div>Security Update for Windows Internet Explorer 8 (KB976325)</div>

<div>Security Update for Windows Internet Explorer 8 (KB978207)</div>

<div>Security Update for Windows Internet Explorer 8 (KB981332)</div>

<div>Security Update for Windows Internet Explorer 8 (KB982381)</div>

<div>Security Update for Windows Media Player (KB2378111)</div>

<div>Security Update for Windows Media Player (KB911564)</div>

<div>Security Update for Windows Media Player (KB952069)</div>

<div>Security Update for Windows Media Player (KB954155)</div>

<div>Security Update for Windows Media Player (KB968816)</div>

<div>Security Update for Windows Media Player (KB973540)</div>

<div>Security Update for Windows Media Player (KB975558)</div>

<div>Security Update for Windows Media Player (KB978695)</div>

<div>Security Update for Windows Media Player 10 (KB911565)</div>

<div>Security Update for Windows Media Player 10 (KB917734)</div>

<div>Security Update for Windows Media Player 10 (KB936782)</div>

<div>Security Update for Windows Media Player 11 (KB936782)</div>

<div>Security Update for Windows Media Player 11 (KB954154)</div>

<div>Security Update for Windows Media Player 6.4 (KB925398)</div>

<div>Security Update for Windows XP (KB2079403)</div>

<div>Security Update for Windows XP (KB2115168)</div>

<div>Security Update for Windows XP (KB2121546)</div>

<div>Security Update for Windows XP (KB2160329)</div>

<div>Security Update for Windows XP (KB2229593)</div>

<div>Security Update for Windows XP (KB2279986)</div>

<div>Security Update for Windows XP (KB2286198)</div>

<div>Security Update for Windows XP (KB2296011)</div>

<div>Security Update for Windows XP (KB2296199)</div>

<div>Security Update for Windows XP (KB2347290)</div>

<div>Security Update for Windows XP (KB2360937)</div>

<div>Security Update for Windows XP (KB2387149)</div>

<div>Security Update for Windows XP (KB2393802)</div>

<div>Security Update for Windows XP (KB2412687)</div>

<div>Security Update for Windows XP (KB2419632)</div>

<div>Security Update for Windows XP (KB2423089)</div>

<div>Security Update for Windows XP (KB2436673)</div>

<div>Security Update for Windows XP (KB2440591)</div>

<div>Security Update for Windows XP (KB2443105)</div>

<div>Security Update for Windows XP (KB2476490)</div>

<div>Security Update for Windows XP (KB2476687)</div>

<div>Security Update for Windows XP (KB2478960)</div>

<div>Security Update for Windows XP (KB2478971)</div>

<div>Security Update for Windows XP (KB2479628)</div>

<div>Security Update for Windows XP (KB2479943)</div>

<div>Security Update for Windows XP (KB2481109)</div>

<div>Security Update for Windows XP (KB2483185)</div>

<div>Security Update for Windows XP (KB2485376)</div>

<div>Security Update for Windows XP (KB2491683)</div>

<div>Security Update for Windows XP (KB2503658)</div>

<div>Security Update for Windows XP (KB2503665)</div>

<div>Security Update for Windows XP (KB2506212)</div>

<div>Security Update for Windows XP (KB2506223)</div>

<div>Security Update for Windows XP (KB2507618)</div>

<div>Security Update for Windows XP (KB2507938)</div>

<div>Security Update for Windows XP (KB2508272)</div>

<div>Security Update for Windows XP (KB2508429)</div>

<div>Security Update for Windows XP (KB2509553)</div>

<div>Security Update for Windows XP (KB2511455)</div>

<div>Security Update for Windows XP (KB2524375)</div>

<div>Security Update for Windows XP (KB2535512)</div>

<div>Security Update for Windows XP (KB2536276-v2)</div>

<div>Security Update for Windows XP (KB2536276)</div>

<div>Security Update for Windows XP (KB2544893-v2)</div>

<div>Security Update for Windows XP (KB2544893)</div>

<div>Security Update for Windows XP (KB2555917)</div>

<div>Security Update for Windows XP (KB2562937)</div>

<div>Security Update for Windows XP (KB2566454)</div>

<div>Security Update for Windows XP (KB2567053)</div>

<div>Security Update for Windows XP (KB2567680)</div>

<div>Security Update for Windows XP (KB2570222)</div>

<div>Security Update for Windows XP (KB2570947)</div>

<div>Security Update for Windows XP (KB2584146)</div>

<div>Security Update for Windows XP (KB2585542)</div>

<div>Security Update for Windows XP (KB2592799)</div>

<div>Security Update for Windows XP (KB2598479)</div>

<div>Security Update for Windows XP (KB2603381)</div>

<div>Security Update for Windows XP (KB2618451)</div>

<div>Security Update for Windows XP (KB2619339)</div>

<div>Security Update for Windows XP (KB2620712)</div>

<div>Security Update for Windows XP (KB2621440)</div>

<div>Security Update for Windows XP (KB2624667)</div>

<div>Security Update for Windows XP (KB2631813)</div>

<div>Security Update for Windows XP (KB2633171)</div>

<div>Security Update for Windows XP (KB2639417)</div>

<div>Security Update for Windows XP (KB2641653)</div>

<div>Security Update for Windows XP (KB2646524)</div>

<div>Security Update for Windows XP (KB2647518)</div>

<div>Security Update for Windows XP (KB2653956)</div>

<div>Security Update for Windows XP (KB2655992)</div>

<div>Security Update for Windows XP (KB2659262)</div>

<div>Security Update for Windows XP (KB2660465)</div>

<div>Security Update for Windows XP (KB2661637)</div>

<div>Security Update for Windows XP (KB2676562)</div>

<div>Security Update for Windows XP (KB2685939)</div>

<div>Security Update for Windows XP (KB2686509)</div>

<div>Security Update for Windows XP (KB2691442)</div>

<div>Security Update for Windows XP (KB2695962)</div>

<div>Security Update for Windows XP (KB2698365)</div>

<div>Security Update for Windows XP (KB2705219)</div>

<div>Security Update for Windows XP (KB2707511)</div>

<div>Security Update for Windows XP (KB2709162)</div>

<div>Security Update for Windows XP (KB2712808)</div>

<div>Security Update for Windows XP (KB2718523)</div>

<div>Security Update for Windows XP (KB2719985)</div>

<div>Security Update for Windows XP (KB2723135)</div>

<div>Security Update for Windows XP (KB2724197)</div>

<div>Security Update for Windows XP (KB2727528)</div>

<div>Security Update for Windows XP (KB2731847)</div>

<div>Security Update for Windows XP (KB2753842-v2)</div>

<div>Security Update for Windows XP (KB2753842)</div>

<div>Security Update for Windows XP (KB2757638)</div>

<div>Security Update for Windows XP (KB2758857)</div>

<div>Security Update for Windows XP (KB2761226)</div>

<div>Security Update for Windows XP (KB2770660)</div>

<div>Security Update for Windows XP (KB2778344)</div>

<div>Security Update for Windows XP (KB2779030)</div>

<div>Security Update for Windows XP (KB2780091)</div>

<div>Security Update for Windows XP (KB2799494)</div>

<div>Security Update for Windows XP (KB2802968)</div>

<div>Security Update for Windows XP (KB2807986)</div>

<div>Security Update for Windows XP (KB2808735)</div>

<div>Security Update for Windows XP (KB2813170)</div>

<div>Security Update for Windows XP (KB2813345)</div>

<div>Security Update for Windows XP (KB2820917)</div>

<div>Security Update for Windows XP (KB923561)</div>

<div>Security Update for Windows XP (KB923689)</div>

<div>Security Update for Windows XP (KB938464-v2)</div>

<div>Security Update for Windows XP (KB938464)</div>

<div>Security Update for Windows XP (KB941569)</div>

<div>Security Update for Windows XP (KB946648)</div>

<div>Security Update for Windows XP (KB950760)</div>

<div>Security Update for Windows XP (KB950762)</div>

<div>Security Update for Windows XP (KB950974)</div>

<div>Security Update for Windows XP (KB951066)</div>

<div>Security Update for Windows XP (KB951376-v2)</div>

<div>Security Update for Windows XP (KB951376)</div>

<div>Security Update for Windows XP (KB951698)</div>

<div>Security Update for Windows XP (KB951748)</div>

<div>Security Update for Windows XP (KB952004)</div>

<div>Security Update for Windows XP (KB952954)</div>

<div>Security Update for Windows XP (KB953839)</div>

<div>Security Update for Windows XP (KB954211)</div>

<div>Security Update for Windows XP (KB954459)</div>

<div>Security Update for Windows XP (KB954600)</div>

<div>Security Update for Windows XP (KB955069)</div>

<div>Security Update for Windows XP (KB956391)</div>

<div>Security Update for Windows XP (KB956572)</div>

<div>Security Update for Windows XP (KB956744)</div>

<div>Security Update for Windows XP (KB956802)</div>

<div>Security Update for Windows XP (KB956803)</div>

<div>Security Update for Windows XP (KB956841)</div>

<div>Security Update for Windows XP (KB956844)</div>

<div>Security Update for Windows XP (KB957095)</div>

<div>Security Update for Windows XP (KB957097)</div>

<div>Security Update for Windows XP (KB958644)</div>

<div>Security Update for Windows XP (KB958687)</div>

<div>Security Update for Windows XP (KB958690)</div>

<div>Security Update for Windows XP (KB958869)</div>

<div>Security Update for Windows XP (KB959426)</div>

<div>Security Update for Windows XP (KB960225)</div>

<div>Security Update for Windows XP (KB960715)</div>

<div>Security Update for Windows XP (KB960803)</div>

<div>Security Update for Windows XP (KB960859)</div>

<div>Security Update for Windows XP (KB961371)</div>

<div>Security Update for Windows XP (KB961373)</div>

<div>Security Update for Windows XP (KB961501)</div>

<div>Security Update for Windows XP (KB968537)</div>

<div>Security Update for Windows XP (KB969059)</div>

<div>Security Update for Windows XP (KB969898)</div>

<div>Security Update for Windows XP (KB969947)</div>

<div>Security Update for Windows XP (KB970238)</div>

<div>Security Update for Windows XP (KB970430)</div>

<div>Security Update for Windows XP (KB971468)</div>

<div>Security Update for Windows XP (KB971486)</div>

<div>Security Update for Windows XP (KB971557)</div>

<div>Security Update for Windows XP (KB971633)</div>

<div>Security Update for Windows XP (KB971657)</div>

<div>Security Update for Windows XP (KB972270)</div>

<div>Security Update for Windows XP (KB973346)</div>

<div>Security Update for Windows XP (KB973354)</div>

<div>Security Update for Windows XP (KB973507)</div>

<div>Security Update for Windows XP (KB973525)</div>

<div>Security Update for Windows XP (KB973869)</div>

<div>Security Update for Windows XP (KB973904)</div>

<div>Security Update for Windows XP (KB974112)</div>

<div>Security Update for Windows XP (KB974318)</div>

<div>Security Update for Windows XP (KB974392)</div>

<div>Security Update for Windows XP (KB974571)</div>

<div>Security Update for Windows XP (KB975025)</div>

<div>Security Update for Windows XP (KB975467)</div>

<div>Security Update for Windows XP (KB975560)</div>

<div>Security Update for Windows XP (KB975561)</div>

<div>Security Update for Windows XP (KB975562)</div>

<div>Security Update for Windows XP (KB975713)</div>

<div>Security Update for Windows XP (KB977165)</div>

<div>Security Update for Windows XP (KB977816)</div>

<div>Security Update for Windows XP (KB977914)</div>

<div>Security Update for Windows XP (KB978037)</div>

<div>Security Update for Windows XP (KB978251)</div>

<div>Security Update for Windows XP (KB978262)</div>

<div>Security Update for Windows XP (KB978338)</div>

<div>Security Update for Windows XP (KB978542)</div>

<div>Security Update for Windows XP (KB978601)</div>

<div>Security Update for Windows XP (KB979309)</div>

<div>Security Update for Windows XP (KB979482)</div>

<div>Security Update for Windows XP (KB979559)</div>

<div>Security Update for Windows XP (KB979683)</div>

<div>Security Update for Windows XP (KB979687)</div>

<div>Security Update for Windows XP (KB980195)</div>

<div>Security Update for Windows XP (KB980218)</div>

<div>Security Update for Windows XP (KB980232)</div>

<div>Security Update for Windows XP (KB980436)</div>

<div>Security Update for Windows XP (KB981322)</div>

<div>Security Update for Windows XP (KB981852)</div>

<div>Security Update for Windows XP (KB981957)</div>

<div>Security Update for Windows XP (KB981997)</div>

<div>Security Update for Windows XP (KB982132)</div>

<div>Security Update for Windows XP (KB982214)</div>

<div>Security Update for Windows XP (KB982665)</div>

<div>Security Update for Windows XP (KB982802)</div>

<div>SkinsHP1</div>

<div>SmartWebPrintingOC</div>

<div>Soft Data Fax Modem with SmartCP</div>

<div>SolutionCenter</div>

<div>Sonic Audio Module</div>

<div>Sonic Copy Module</div>

<div>Sonic Data Module</div>

<div>Sonic MyDVD Plus</div>

<div>Sonic Update Manager</div>

<div>Sonic_PrimoSDK</div>

<div>Status</div>

<div>Switch Sound File Converter</div>

<div>swMSM</div>

<div>Symantec KB-DocID:2003093015493306</div>

<div>Synaptics Pointing Device Driver</div>

<div>Texas Instruments PCIxx21/x515/xx12 drivers.</div>

<div>TIPCI</div>

<div>TomTom HOME 2.8.3.2499</div>

<div>TomTom HOME Visual Studio Merge Modules</div>

<div>Toolbox</div>

<div>TrayApp</div>

<div>Unload</div>

<div>UnloadSupport</div>

<div>Update for Microsoft .NET Framework 3.5 SP1 (KB963707)</div>

<div>Update for Windows Internet Explorer 8 (KB976662)</div>

<div>Update for Windows Internet Explorer 8 (KB976749)</div>

<div>Update for Windows Internet Explorer 8 (KB980182)</div>

<div>Update for Windows XP (KB2141007)</div>

<div>Update for Windows XP (KB2345886)</div>

<div>Update for Windows XP (KB2467659)</div>

<div>Update for Windows XP (KB2541763)</div>

<div>Update for Windows XP (KB2607712)</div>

<div>Update for Windows XP (KB2616676)</div>

<div>Update for Windows XP (KB2641690)</div>

<div>Update for Windows XP (KB2661254-v2)</div>

<div>Update for Windows XP (KB2718704)</div>

<div>Update for Windows XP (KB2736233)</div>

<div>Update for Windows XP (KB2749655)</div>

<div>Update for Windows XP (KB951072-v2)</div>

<div>Update for Windows XP (KB951978)</div>

<div>Update for Windows XP (KB955759)</div>

<div>Update for Windows XP (KB955839)</div>

<div>Update for Windows XP (KB967715)</div>

<div>Update for Windows XP (KB968389)</div>

<div>Update for Windows XP (KB971029)</div>

<div>Update for Windows XP (KB971737)</div>

<div>Update for Windows XP (KB973687)</div>

<div>Update for Windows XP (KB973815)</div>

<div>VCDS Release 10.6.4</div>

<div>VCDS Release 11.11.5</div>

<div>VideoToolkit01</div>

<div>Visual C++ 2008 x86 Runtime - (v9.0.30729)</div>

<div>Visual C++ 2008 x86 Runtime - v9.0.30729.01</div>

<div>WebFldrs XP</div>

<div>WebReg</div>

<div>WIBU-KEY Setup (WIBU-KEY Remove)</div>

<div>Windows Driver Package - Ross-Tech USB Driver Package (06/16/2010 2.06.02)</div>

<div>Windows Genuine Advantage Notifications (KB905474)</div>

<div>Windows Genuine Advantage v1.3.0254.0</div>

<div>Windows Genuine Advantage Validation Tool (KB892130)</div>

<div>Windows Internet Explorer 7</div>

<div>Windows Internet Explorer 8</div>

<div>Windows Media Format 11 runtime</div>

<div>Windows Media Player 11</div>

<div>Windows XP Service Pack 3</div>

<div>WinRAR archiver</div>

<div>.</div>

<div>==== Event Viewer Messages From Past Week ========</div>

<div>.</div>

<div>4/8/2013 5:21:20 AM, error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.</div>

<div>4/7/2013 9:04:37 AM, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework, Version 2.0 (KB928365).</div>

<div>4/7/2013 10:24:52 AM, error: Service Control Manager [7022]  - The HP CUE DeviceDiscovery Service service hung on starting.</div>

<div>4/10/2013 8:40:44 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}</div>

<div>4/10/2013 8:40:01 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD AVGIDSDriver AVGIDSShim Avgldx86 Avgtdix eabfiltr Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip</div>

<div>4/10/2013 8:40:01 PM, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.</div>

<div>4/10/2013 8:40:01 PM, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.</div>

<div>4/10/2013 8:40:01 PM, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.</div>

<div>4/10/2013 8:40:01 PM, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.</div>

<div>4/10/2013 8:40:01 PM, error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:  A device attached to the system is not functioning.</div>

<div>4/10/2013 8:39:18 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}</div>

<div>.</div>

<div>==== End Of File ===========================</div>

<div> </div>

Link to post
Share on other sites

<p> </p>

<div>aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software</div>

<div>Run date: 2013-04-12 12:52:24</div>

<div>-----------------------------</div>

<div>12:52:24.406    OS Version: Windows 5.1.2600 Service Pack 3</div>

<div>12:52:24.406    Number of processors: 1 586 0xD08</div>

<div>12:52:24.406    ComputerName: YOUR-4105E587B6  UserName: User</div>

<div>12:52:25.015    Initialize success</div>

<div>12:52:43.906    AVAST engine defs: 13041200</div>

<div>12:53:16.656    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4</div>

<div>12:53:16.656    Disk 0 Vendor: FUJITSU_MHV2060AT_PL 008300A1 Size: 57231MB BusType: 3</div>

<div>12:53:16.953    Disk 0 MBR read successfully</div>

<div>12:53:16.968    Disk 0 MBR scan</div>

<div>12:53:17.015    Disk 0 unknown MBR code</div>

<div>12:53:17.031    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        48516 MB offset 63</div>

<div>12:53:17.062    Disk 0 Partition 2 00     0C    FAT32 LBA RECOVERY     7687 MB offset 99362025</div>

<div>12:53:17.109    Disk 0 Partition 3 00     D7              NTFS         1019 MB offset 115105725</div>

<div>12:53:17.140    Disk 0 scanning sectors +117194175</div>

<div>12:53:17.187    Disk 0 malicious Win32:MBRoot code @ sector 117194178 !</div>

<div>12:53:17.203    Disk 0 PE file @ sector 117194200 !</div>

<div>12:53:17.281    Disk 0 scanning C:\WINDOWS\system32\drivers</div>

<div>12:53:49.187    Service scanning</div>

<div>12:54:22.687    Modules scanning</div>

<div>12:54:48.140    Disk 0 trace - called modules:</div>

<div>12:54:48.203    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS </div>

<div>12:54:48.218    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a9ebab8]</div>

<div>12:54:48.234    3 CLASSPNP.SYS[f74e7fd7] -> nt!IofCallDriver -> \Device\00000083[0x8a999220]</div>

<div>12:54:48.265    5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8aa20d98]</div>

<div>12:54:48.937    AVAST engine scan C:\WINDOWS</div>

<div>12:55:34.437    AVAST engine scan C:\WINDOWS\system32</div>

<div>13:00:28.703    AVAST engine scan C:\WINDOWS\system32\drivers</div>

<div>13:01:11.281    AVAST engine scan C:\Documents and Settings\User</div>

<div>13:14:11.031    AVAST engine scan C:\Documents and Settings\All Users</div>

<div>13:15:46.046    Scan finished successfully</div>

<div>13:18:15.671    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\User\Desktop\MBR.dat"</div>

<div>13:18:15.703    The log file has been saved successfully to "C:\Documents and Settings\User\Desktop\aswMBR2.txt"</div>

Link to post
Share on other sites

I re-ran dds after doing the fix mbr:

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by User at 9:11:05 on 2013-04-13

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1391 [GMT -4:00]

.

AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

============== Running Processes ================

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume1

Install Date: 6/10/2006 11:56:54 AM

System Uptime: 4/13/2013 7:18:23 AM (2 hours ago)

.

Motherboard: Quanta | | 308F

Processor: Intel® Pentium® M processor 1.60GHz | U1 | 989/400mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 47 GiB total, 11.836 GiB free.

D: is FIXED (FAT32) - 7 GiB total, 0.499 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1779: 3/4/2013 7:38:58 AM - Software Distribution Service 3.0

RP1780: 3/4/2013 9:53:08 PM - Software Distribution Service 3.0

RP1781: 3/6/2013 5:47:02 AM - Software Distribution Service 3.0

RP1782: 3/7/2013 5:46:13 AM - Software Distribution Service 3.0

RP1783: 3/7/2013 7:24:06 AM - Software Distribution Service 3.0

RP1784: 3/8/2013 6:36:28 AM - Software Distribution Service 3.0

RP1785: 3/9/2013 8:18:21 AM - Software Distribution Service 3.0

RP1786: 3/10/2013 9:59:26 AM - Software Distribution Service 3.0

RP1787: 3/11/2013 8:20:45 AM - Software Distribution Service 3.0

RP1788: 3/11/2013 7:26:01 PM - Software Distribution Service 3.0

RP1789: 3/12/2013 3:00:20 AM - Software Distribution Service 3.0

RP1790: 3/13/2013 5:50:58 AM - Software Distribution Service 3.0

RP1791: 3/14/2013 5:42:57 AM - Software Distribution Service 3.0

RP1792: 3/14/2013 7:14:40 AM - Software Distribution Service 3.0

RP1793: 3/15/2013 5:43:54 AM - Software Distribution Service 3.0

RP1794: 3/15/2013 8:05:23 AM - Software Distribution Service 3.0

RP1795: 3/16/2013 8:57:30 AM - Software Distribution Service 3.0

RP1796: 3/17/2013 9:33:57 AM - Software Distribution Service 3.0

RP1797: 3/18/2013 5:38:37 AM - Software Distribution Service 3.0

RP1798: 3/19/2013 7:57:24 AM - Software Distribution Service 3.0

RP1799: 3/20/2013 5:39:53 AM - Software Distribution Service 3.0

RP1800: 3/20/2013 7:29:21 AM - Software Distribution Service 3.0

RP1801: 3/20/2013 7:45:19 AM - Software Distribution Service 3.0

RP1802: 3/20/2013 2:10:05 PM - Software Distribution Service 3.0

RP1803: 3/21/2013 5:46:09 AM - Software Distribution Service 3.0

RP1804: 3/21/2013 7:34:38 AM - Software Distribution Service 3.0

RP1805: 3/21/2013 4:55:02 PM - Installed AVG 2013

RP1806: 3/21/2013 4:55:28 PM - Removed AVG 2013

RP1807: 3/21/2013 4:56:39 PM - Installed AVG 2013

RP1808: 3/21/2013 5:01:28 PM - Removed AVG 2013

RP1809: 3/21/2013 9:53:12 PM - Software Distribution Service 3.0

RP1810: 3/23/2013 6:45:07 AM - Software Distribution Service 3.0

RP1811: 3/24/2013 10:42:34 AM - Software Distribution Service 3.0

RP1812: 3/25/2013 6:08:51 AM - Software Distribution Service 3.0

RP1813: 3/26/2013 5:46:54 AM - Software Distribution Service 3.0

RP1814: 3/26/2013 7:13:20 AM - Software Distribution Service 3.0

RP1815: 3/27/2013 5:45:08 AM - Software Distribution Service 3.0

RP1816: 3/27/2013 7:16:52 AM - Software Distribution Service 3.0

RP1817: 3/28/2013 5:45:24 AM - Software Distribution Service 3.0

RP1818: 3/28/2013 9:12:25 PM - Software Distribution Service 3.0

RP1819: 3/29/2013 9:29:55 PM - Software Distribution Service 3.0

RP1820: 3/31/2013 10:49:43 AM - Software Distribution Service 3.0

RP1821: 3/31/2013 2:52:30 PM - Software Distribution Service 3.0

RP1822: 4/1/2013 5:37:55 AM - Software Distribution Service 3.0

RP1823: 4/1/2013 9:50:16 PM - Software Distribution Service 3.0

RP1824: 4/2/2013 7:54:56 PM - Software Distribution Service 3.0

RP1825: 4/2/2013 8:17:37 PM - Software Distribution Service 3.0

RP1826: 4/3/2013 3:00:21 AM - Software Distribution Service 3.0

RP1827: 4/4/2013 5:46:16 AM - Software Distribution Service 3.0

RP1828: 4/5/2013 5:47:05 AM - Software Distribution Service 3.0

RP1829: 4/5/2013 6:06:33 AM - Software Distribution Service 3.0

RP1830: 4/5/2013 7:00:27 AM - Software Distribution Service 3.0

RP1831: 4/5/2013 2:24:31 PM - Software Distribution Service 3.0

RP1832: 4/6/2013 9:47:51 AM - Software Distribution Service 3.0

RP1833: 4/7/2013 8:30:51 AM - Software Distribution Service 3.0

RP1834: 4/7/2013 9:04:31 AM - Software Distribution Service 3.0

RP1835: 4/7/2013 9:35:51 PM - Software Distribution Service 3.0

RP1836: 4/8/2013 6:26:59 AM - Software Distribution Service 3.0

RP1837: 4/8/2013 7:54:41 AM - Software Distribution Service 3.0

RP1838: 4/8/2013 7:51:30 PM - Software Distribution Service 3.0

RP1839: 4/9/2013 3:00:21 AM - Software Distribution Service 3.0

RP1840: 4/9/2013 6:04:43 AM - Software Distribution Service 3.0

RP1841: 4/9/2013 8:48:23 PM - Software Distribution Service 3.0

RP1842: 4/10/2013 7:27:22 PM - Software Distribution Service 3.0

RP1843: 4/10/2013 9:41:48 PM - Software Distribution Service 3.0

RP1844: 4/12/2013 5:48:15 AM - Software Distribution Service 3.0

RP1845: 4/12/2013 8:36:36 AM - Revo Uninstaller's restore point - Java 6 Update 30

RP1846: 4/12/2013 8:37:21 AM - Removed Java 6 Update 27

RP1847: 4/12/2013 8:41:46 AM - Revo Uninstaller's restore point - J2SE Runtime Environment 5.0 Update 6

RP1848: 4/12/2013 8:42:19 AM - Removed J2SE Runtime Environment 5.0 Update 6

RP1849: 4/12/2013 8:45:04 AM - Revo Uninstaller's restore point - Java 7 Update 7

RP1850: 4/12/2013 8:45:28 AM - Removed Java 7 Update 7

RP1851: 4/12/2013 9:49:42 AM - Revo Uninstaller's restore point - ALOT Appbar

RP1852: 4/12/2013 2:47:04 PM - Software Distribution Service 3.0

RP1853: 4/13/2013 8:54:20 AM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

7-Zip 9.21

Adobe AIR

Adobe Atmosphere Player for Acrobat and Adobe Reader

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.6)

Adobe Shockwave Player 11.6

AVG 2013

BufferChm

Camera Window

Canon Camera WIA Driver

Canon Camera Window for ZoomBrowser EX

Canon PhotoRecord

Canon PowerShot S45 WIA Driver

Canon Utilities FileViewerUtility 1.0

Canon Utilities ZoomBrowser EX

CleanUp!

Compatibility Pack for the 2007 Office system

Conexant AC-Link Audio

Copy

CP_AtenaShokunin1Config

CP_CalendarTemplates1

cp_LightScribeConfig

cp_OnlineProjectsConfig

CP_Package_Basic1

CP_Package_Variety1

CP_Package_Variety2

CP_Package_Variety3

CP_Panorama1Config

cp_PosterPrintConfig

cp_UpdateProjectsConfig

Critical Update for Windows Media Player 11 (KB959772)

CueTour

CustomerResearchQFolder

Destination Component

DeviceDiscovery

DJ_AIO_03_F2200_ProductContext

DJ_AIO_03_F2200_Software

DJ_AIO_03_F2200_Software_Min

EarthLink Common Authentication

EarthLink MDAC

EPSON CardMonitor

EPSON PhotoCenter

EPSON PhotoStarter3.0

EPSON Print CD

EPSON Printer Software

EPSON Web-To-Page

ESPR320 Reference Guide

eSupportQFolder

F2200

F2200_Help

FileViewerUtility 1.0

FullDPAppQFolder

Garmin City Navigator North America NT 2008

Garmin Communicator Plugin

Google Chrome

GoToMeeting 5.3.0.977

GPBaseService

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Customer Participation Program 10.0

HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3

HP Help and Support

HP Imaging Device Functions 10.0

HP Photosmart Essential 2.5

HP Photosmart Premier Software 6.0

HP Smart Web Printing

HP Solution Center 10.0

HP Update

HP User Guides--System Recovery

HP User Guides 0001

HPProductAssistant

HpSdpAppCoreApp

InstantShareDevices

Intel® Graphics Media Accelerator Driver for Mobile

IrfanView (remove only)

LightScribe 1.4.56.1

Malwarebytes Anti-Malware version 1.75.0.1300

MarketResearch

Microsoft ActiveSync

Microsoft Calculator Plus

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Microsoft National Language Support Downlevel APIs

Microsoft Office File Validation Add-In

Microsoft Office Standard Edition 2003

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works

Microsoft XML Parser

MSSoap

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 and SOAP Toolkit 3.0

MSXML 4.0 SP2 Parser and SDK

OptionalContentQFolder

PhotoGallery

Print Lab Series

PSSWCORE

Quick Launch Buttons 5.20 F2

QuickTime

RandMap

Revo Uninstaller 1.91

Scan

Security Update for CAPICOM (KB931906)

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2792100)

Security Update for Windows Internet Explorer 8 (KB2797052)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows Internet Explorer 8 (KB2809289)

Security Update for Windows Internet Explorer 8 (KB2817183)

Security Update for Windows Internet Explorer 8 (KB969897)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2808735)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2813345)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

SkinsHP1

SmartWebPrintingOC

Soft Data Fax Modem with SmartCP

SolutionCenter

Sonic Audio Module

Sonic Copy Module

Sonic Data Module

Sonic MyDVD Plus

Sonic Update Manager

Sonic_PrimoSDK

Status

Switch Sound File Converter

swMSM

Symantec KB-DocID:2003093015493306

Synaptics Pointing Device Driver

Texas Instruments PCIxx21/x515/xx12 drivers.

TIPCI

TomTom HOME 2.8.3.2499

TomTom HOME Visual Studio Merge Modules

Toolbox

TrayApp

Unload

UnloadSupport

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB976749)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

VCDS Release 10.6.4

VCDS Release 11.11.5

VideoToolkit01

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

WebFldrs XP

WebReg

WIBU-KEY Setup (WIBU-KEY Remove)

Windows Driver Package - Ross-Tech USB Driver Package (06/16/2010 2.06.02)

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage v1.3.0254.0

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

WinRAR archiver

.

==== Event Viewer Messages From Past Week ========

.

4/8/2013 7:54:53 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework, Version 2.0 (KB928365).

4/8/2013 6:38:12 AM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.

4/8/2013 5:21:20 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

4/12/2013 11:46:17 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.

4/10/2013 8:40:44 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

4/10/2013 8:40:01 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSDriver AVGIDSShim Avgldx86 Avgtdix eabfiltr Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

4/10/2013 8:40:01 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

4/10/2013 8:40:01 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.

4/10/2013 8:40:01 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

4/10/2013 8:40:01 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

4/10/2013 8:40:01 PM, error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.

4/10/2013 8:39:18 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

.

==== End Of File ===========================

.

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\AVG SafeGuard toolbar\vprot.exe

C:\Program Files\Microsoft ActiveSync\Wcescomm.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Bar = hxxp://start.earthlink.net/AL/Search

mSearchAssistant = hxxp://start.earthlink.net/AL/Search

BHO: ElnkBhoGuard Class: {00000000-0000-0000-0000-000000000002} -

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

BHO: EpsonToolBandKicker Class: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

TB: EPSON Web-To-Page: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll

TB: EPSON Web-To-Page: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll

uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\Wcescomm.exe"

uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart

uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"

uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [igfxhkcmd] "c:\windows\system32\hkcmd.exe"

mRun: [igfxpers] "c:\windows\system32\igfxpers.exe"

mRun: [synTPLpr] "c:\program files\synaptics\syntp\SynTPLpr.exe"

mRun: [synTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"

mRun: [eabconfg.cpl] "c:\program files\hpq\quick launch buttons\EabServr.exe" /Start

mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe

mRun: [EPSON Stylus Photo R320 Series] "c:\windows\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE" /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY

mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"

StartupFolder: c:\docume~1\user\startm~1\programs\startup\rt-upd~1.lnk - c:\ross-tech\vcds\VCDS.EXE

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoWindowsUpdate = dword:0

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000

IE: EarthLink Google Search - c:\program files\earthlink totalaccess\toolbar\SearchUI.dll/search.html

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341233096203

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{F29B5A26-87C9-4EA3-805A-C68113C05742} : DHCPNameServer = 192.168.1.1

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, UzfalmaHbist.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 60216]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 245048]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 96568]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-1-19 39224]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 208184]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 22328]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 170808]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-2-10 182072]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-3-21 31576]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-2-27 4937264]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-2-19 282624]

R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-2-14 1247600]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-1-23 92592]

R2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1;c:\program files\common files\avg secure search\vtoolbarupdater\14.0.1\ToolbarUpdater.exe [2013-3-21 945328]

S3 BW2NDIS5;BW2NDIS5;c:\windows\system32\drivers\bw2ndis5.sys --> c:\windows\system32\drivers\BW2NDIS5.sys [?]

S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-4-10 35144]

S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2007-12-19 42112]

S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [2009-12-10 9472]

S3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB.SYS [2011-12-22 59464]

S3 swg3kser00;Sierra Wireless QMI USB Device for Legacy Serial Communication;c:\windows\system32\drivers\swg3kser00.sys [2012-8-7 215552]

S3 swiwdmbx;Sierra Wireless USB Bus Service;c:\windows\system32\drivers\swiwdmbx.sys [2012-8-7 83968]

S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [2012-8-7 208128]

S3 xcpip;TCP/IP Protocol Driver;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]

S3 xpsec;IPSEC driver;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]

S3 yzs2y.sys;yzs2y.sys;\??\c:\windows\system32\drivers\yzs2y.sys --> c:\windows\system32\drivers\yzs2y.sys [?]

S4 spywarebot;spywarebot;c:\windows\system32\drivers\spywarebot.sys --> c:\windows\system32\drivers\spywarebot.sys [?]

.

=============== Created Last 30 ================

.

2013-04-12 13:56:25 -------- d-----w- c:\windows\ERUNT

2013-04-12 13:55:51 -------- d-----w- C:\JRT

2013-04-11 00:15:27 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-03-21 21:10:18 -------- d-----w- c:\documents and settings\user\local settings\application data\AVG SafeGuard toolbar

2013-03-21 20:59:53 -------- d-----w- c:\documents and settings\user\application data\AVG SafeGuard toolbar

2013-03-21 20:59:45 31576 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2013-03-21 20:59:39 -------- d-----w- c:\program files\common files\AVG Secure Search

2013-03-21 20:59:36 -------- d-----w- c:\program files\AVG SafeGuard toolbar

2013-03-15 20:37:31 12928 ------w- c:\windows\system32\dllcache\usb8023.sys

2013-03-15 20:37:30 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys

.

==================== Find3M ====================

.

2013-04-04 18:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-13 21:35:30 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-13 21:35:30 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll

2013-03-07 01:28:24 2193408 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-07 00:50:28 2070016 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-02 02:06:31 916480 ----a-w- c:\windows\system32\wininet.dll

2013-03-02 02:06:30 43520 ----a-w- c:\windows\system32\licmgr10.dll

2013-03-02 02:06:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2013-03-02 01:25:02 1867264 ----a-w- c:\windows\system32\win32k.sys

2013-03-02 01:08:47 385024 ----a-w- c:\windows\system32\html.iec

2013-03-01 14:32:20 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys

2013-02-27 07:56:51 2067456 ----a-w- c:\windows\system32\mstscax.dll

2013-02-27 03:40:46 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2013-02-14 07:52:46 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys

2013-02-08 08:37:56 245048 ----a-w- c:\windows\system32\drivers\avglogx.sys

2013-02-08 08:37:52 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys

2013-02-08 08:37:44 170808 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2013-02-08 08:37:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll

2008-06-25 01:29:05 3337917 ----a-w- c:\program files\alltowma_converter.exe

2008-06-25 00:02:45 3182285 ----a-w- c:\program files\mp3wavplus.exe

2007-11-26 04:24:00 25755448 ----a-w- c:\program files\wmp11-windowsxp-x86-enu.exe

2006-09-21 21:09:33 905216 ----a-w- c:\program files\iview398.exe

.

============= FINISH: 9:12:33.31 ===============

Link to post
Share on other sites

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software

Run date: 2013-04-16 18:57:29

-----------------------------

18:57:29.046 OS Version: Windows 5.1.2600 Service Pack 3

18:57:29.046 Number of processors: 1 586 0xD08

18:57:29.046 ComputerName: YOUR-4105E587B6 UserName: User

18:57:38.859 Initialize success

18:59:28.937 AVAST engine download error: 0

18:59:28.937 AVAST engine defs: 13041200

18:59:41.968 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4

18:59:41.984 Disk 0 Vendor: FUJITSU_MHV2060AT_PL 008300A1 Size: 57231MB BusType: 3

18:59:42.187 Disk 0 MBR read successfully

18:59:42.187 Disk 0 MBR scan

18:59:42.203 Disk 0 Windows XP default MBR code

18:59:42.218 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 48516 MB offset 63

18:59:42.265 Disk 0 Partition 2 00 0C FAT32 LBA RECOVERY 7687 MB offset 99362025

18:59:42.296 Disk 0 Partition 3 00 D7 NTFS 1019 MB offset 115105725

18:59:42.312 Disk 0 scanning sectors +117194175

18:59:42.343 Disk 0 malicious Win32:MBRoot code @ sector 117194178 !

18:59:42.359 Disk 0 PE file @ sector 117194200 !

18:59:42.421 Disk 0 scanning C:\WINDOWS\system32\drivers

18:59:55.406 Service scanning

19:00:21.328 Modules scanning

19:00:30.734 Disk 0 trace - called modules:

19:00:30.781 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS

19:00:30.796 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aa65ab8]

19:00:30.828 3 CLASSPNP.SYS[f74e7fd7] -> nt!IofCallDriver -> \Device\00000082[0x8aa02030]

19:00:30.843 5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8aa0cd98]

19:00:31.312 AVAST engine scan C:\WINDOWS

19:00:59.625 AVAST engine scan C:\WINDOWS\system32

19:03:05.531 AVAST engine scan C:\WINDOWS\system32\drivers

19:03:26.000 AVAST engine scan C:\Documents and Settings\User

19:12:48.031 AVAST engine scan C:\Documents and Settings\All Users

19:13:47.828 Scan finished successfully

19:16:54.484 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\User\Desktop\MBR.dat"

19:16:54.515 The log file has been saved successfully to "C:\Documents and Settings\User\Desktop\aswMBR3.txt"

Link to post
Share on other sites

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Link to post
Share on other sites

It looks like it produced 2 logs. This is the larger of the 2: I have to split this post in two - too large

18:47:35.0515 2968 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

18:47:37.0234 2968 ============================================================

18:47:37.0234 2968 Current date / time: 2013/04/17 18:47:37.0234

18:47:37.0234 2968 SystemInfo:

18:47:37.0265 2968

18:47:37.0265 2968 OS Version: 5.1.2600 ServicePack: 3.0

18:47:37.0265 2968 Product type: Workstation

18:47:37.0265 2968 ComputerName: YOUR-4105E587B6

18:47:37.0265 2968 UserName: User

18:47:37.0281 2968 Windows directory: C:\WINDOWS

18:47:37.0281 2968 System windows directory: C:\WINDOWS

18:47:37.0281 2968 Processor architecture: Intel x86

18:47:37.0281 2968 Number of processors: 1

18:47:37.0281 2968 Page size: 0x1000

18:47:37.0281 2968 Boot type: Normal boot

18:47:37.0281 2968 ============================================================

18:47:40.0078 2968 BG loaded

18:47:40.0812 2968 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

18:47:40.0828 2968 ============================================================

18:47:40.0828 2968 \Device\Harddisk0\DR0:

18:47:40.0828 2968 MBR partitions:

18:47:40.0828 2968 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x5EC24AA

18:47:40.0828 2968 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x5EC24E9, BlocksNum 0xF03AD4

18:47:40.0828 2968 ============================================================

18:47:40.0984 2968 C: <-> \Device\Harddisk0\DR0\Partition1

18:47:41.0156 2968 D: <-> \Device\Harddisk0\DR0\Partition2

18:47:41.0218 2968 ============================================================

18:47:41.0218 2968 Initialize success

18:47:41.0218 2968 ============================================================

18:48:06.0406 1680 ============================================================

18:48:06.0406 1680 Scan started

18:48:06.0406 1680 Mode: Manual; SigCheck; TDLFS;

18:48:06.0406 1680 ============================================================

18:48:08.0281 1680 ================ Scan system memory ========================

18:48:08.0281 1680 System memory - ok

18:48:08.0281 1680 ================ Scan services =============================

18:48:08.0843 1680 Abiosdsk - ok

18:48:08.0859 1680 abp480n5 - ok

18:48:08.0953 1680 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:48:11.0453 1680 ACPI - ok

18:48:11.0515 1680 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

18:48:11.0718 1680 ACPIEC - ok

18:48:11.0828 1680 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

18:48:11.0875 1680 AdobeFlashPlayerUpdateSvc - ok

18:48:11.0890 1680 adpu160m - ok

18:48:11.0921 1680 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

18:48:12.0156 1680 aec - ok

18:48:12.0218 1680 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

18:48:12.0296 1680 AFD - ok

18:48:12.0312 1680 Aha154x - ok

18:48:12.0328 1680 aic78u2 - ok

18:48:12.0328 1680 aic78xx - ok

18:48:12.0375 1680 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

18:48:12.0562 1680 Alerter - ok

18:48:12.0578 1680 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

18:48:12.0765 1680 ALG - ok

18:48:12.0812 1680 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys

18:48:13.0000 1680 AliIde - ok

18:48:13.0015 1680 amsint - ok

18:48:13.0015 1680 AppMgmt - ok

18:48:13.0109 1680 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys

18:48:13.0281 1680 Arp1394 - ok

18:48:13.0296 1680 asc - ok

18:48:13.0312 1680 asc3350p - ok

18:48:13.0312 1680 asc3550 - ok

18:48:14.0546 1680 aspnet_state - ok

18:48:14.0578 1680 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:48:14.0734 1680 AsyncMac - ok

18:48:14.0750 1680 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

18:48:14.0921 1680 atapi - ok

18:48:14.0921 1680 Atdisk - ok

18:48:14.0968 1680 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:48:15.0109 1680 Atmarpc - ok

18:48:15.0156 1680 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

18:48:15.0328 1680 AudioSrv - ok

18:48:15.0359 1680 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

18:48:15.0562 1680 audstub - ok

18:48:16.0015 1680 [ 0D8244A9DB70BC6C36E2FB56F6039AB6 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe

18:48:16.0484 1680 AVGIDSAgent - ok

18:48:16.0578 1680 [ 1A2213B7D94944861449CB07BF2D099E ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys

18:48:16.0609 1680 AVGIDSDriver - ok

18:48:16.0671 1680 [ B0DEF92F4E1E6B9242E6C8FAB82703F7 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys

18:48:16.0703 1680 AVGIDSHX - ok

18:48:16.0734 1680 [ A426B2DC795531D99E2EE1952AEC051A ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys

18:48:16.0765 1680 AVGIDSShim - ok

18:48:16.0812 1680 [ 08FA13787D77A75DC413E27FD92B44E8 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys

18:48:16.0843 1680 Avgldx86 - ok

18:48:16.0859 1680 [ 3E587EE55C70E6DB78A98D7121D3052E ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys

18:48:16.0890 1680 Avglogx - ok

18:48:16.0921 1680 [ 5AC56B2CF8EE751796C5A8FC5C631B66 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

18:48:16.0953 1680 Avgmfx86 - ok

18:48:16.0953 1680 [ C29E6070396E437FDE184D739CCBA2C7 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

18:48:16.0984 1680 Avgrkx86 - ok

18:48:17.0031 1680 [ 52448A41CF1769CB3627677A0509627B ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys

18:48:17.0062 1680 Avgtdix - ok

18:48:17.0125 1680 [ 3FCF9368255525FDD929A48B2AA9EDF4 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys

18:48:17.0156 1680 avgtp - ok

18:48:17.0218 1680 [ DC98337F0D2A9F6C0B6FB682297ECE3B ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe

18:48:17.0265 1680 avgwd - ok

18:48:17.0296 1680 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

18:48:17.0531 1680 Beep - ok

18:48:17.0578 1680 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

18:48:17.0906 1680 BITS - ok

18:48:17.0968 1680 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

18:48:18.0093 1680 Browser - ok

18:48:18.0140 1680 [ E76DC88F00D50F46072FEB2371769978 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys

18:48:18.0187 1680 BTWUSB ( UnsignedFile.Multi.Generic ) - warning

18:48:18.0187 1680 BTWUSB - detected UnsignedFile.Multi.Generic (1)

18:48:18.0203 1680 BW2NDIS5 - ok

18:48:18.0234 1680 [ 4EBC37B6677A6768B307AE40839D788F ] CAMCAUD C:\WINDOWS\system32\drivers\camc6aud.sys

18:48:18.0312 1680 CAMCAUD - ok

18:48:18.0390 1680 [ 9A38FC432AD8B3400CEFB70A7236979E ] CAMCHALA C:\WINDOWS\system32\drivers\camc6hal.sys

18:48:18.0484 1680 CAMCHALA - ok

18:48:18.0546 1680 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

18:48:18.0906 1680 cbidf2k - ok

18:48:18.0921 1680 cd20xrnt - ok

18:48:18.0953 1680 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

18:48:19.0125 1680 Cdaudio - ok

18:48:19.0156 1680 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

18:48:19.0296 1680 Cdfs - ok

18:48:19.0343 1680 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:48:19.0500 1680 Cdrom - ok

18:48:19.0515 1680 Changer - ok

18:48:19.0546 1680 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

18:48:19.0718 1680 CiSvc - ok

18:48:19.0765 1680 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

18:48:19.0937 1680 ClipSrv - ok

18:48:19.0968 1680 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys

18:48:20.0156 1680 CmBatt - ok

18:48:20.0171 1680 CmdIde - ok

18:48:20.0203 1680 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys

18:48:20.0375 1680 Compbatt - ok

18:48:20.0390 1680 COMSysApp - ok

18:48:20.0406 1680 Cpqarray - ok

18:48:20.0453 1680 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

18:48:20.0625 1680 CryptSvc - ok

18:48:20.0640 1680 dac2w2k - ok

18:48:20.0656 1680 dac960nt - ok

18:48:20.0750 1680 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

18:48:20.0875 1680 DcomLaunch - ok

18:48:20.0921 1680 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

18:48:21.0109 1680 Dhcp - ok

18:48:21.0140 1680 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

18:48:21.0328 1680 Disk - ok

18:48:21.0343 1680 dmadmin - ok

18:48:21.0437 1680 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

18:48:21.0734 1680 dmboot - ok

18:48:21.0781 1680 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

18:48:22.0015 1680 dmio - ok

18:48:22.0062 1680 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

18:48:22.0296 1680 dmload - ok

18:48:22.0359 1680 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

18:48:22.0515 1680 dmserver - ok

18:48:22.0546 1680 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

18:48:22.0718 1680 DMusic - ok

18:48:22.0781 1680 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

18:48:22.0921 1680 Dnscache - ok

18:48:23.0000 1680 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

18:48:23.0203 1680 Dot3svc - ok

18:48:23.0203 1680 dpti2o - ok

18:48:23.0218 1680 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

18:48:23.0437 1680 drmkaud - ok

18:48:23.0515 1680 [ C6ACA0190EE7B614673EE0C91863B1EB ] eabfiltr C:\WINDOWS\system32\drivers\EABFiltr.sys

18:48:23.0609 1680 eabfiltr - ok

18:48:23.0640 1680 [ DA1011DB09AD641DE40CD5CCA70C0C43 ] eabusb C:\WINDOWS\system32\drivers\eabusb.sys

18:48:23.0687 1680 eabusb - ok

18:48:23.0734 1680 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

18:48:23.0968 1680 EapHost - ok

18:48:24.0062 1680 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

18:48:24.0343 1680 ERSvc - ok

18:48:24.0421 1680 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

18:48:24.0484 1680 Eventlog - ok

18:48:24.0578 1680 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll

18:48:24.0671 1680 EventSystem - ok

18:48:24.0734 1680 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

18:48:25.0031 1680 Fastfat - ok

18:48:25.0125 1680 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

18:48:25.0265 1680 FastUserSwitchingCompatibility - ok

18:48:25.0312 1680 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

18:48:25.0640 1680 Fdc - ok

18:48:25.0671 1680 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

18:48:25.0812 1680 Fips - ok

18:48:25.0843 1680 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys

18:48:26.0015 1680 Flpydisk - ok

18:48:26.0078 1680 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

18:48:26.0234 1680 FltMgr - ok

18:48:26.0296 1680 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:48:26.0468 1680 Fs_Rec - ok

18:48:26.0515 1680 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:48:26.0718 1680 Ftdisk - ok

18:48:26.0781 1680 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:48:26.0953 1680 Gpc - ok

18:48:27.0062 1680 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

18:48:27.0250 1680 helpsvc - ok

18:48:27.0296 1680 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll

18:48:27.0484 1680 HidServ - ok

18:48:27.0531 1680 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:48:27.0734 1680 HidUsb - ok

18:48:27.0828 1680 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

18:48:28.0000 1680 hkmsvc - ok

18:48:28.0015 1680 hpn - ok

18:48:28.0171 1680 [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

18:48:28.0234 1680 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

18:48:28.0234 1680 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

18:48:28.0265 1680 [ DF446BA625CC441617843E87798CE048 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

18:48:28.0312 1680 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning

18:48:28.0312 1680 hpqddsvc - detected UnsignedFile.Multi.Generic (1)

18:48:28.0437 1680 [ BCB03BB209495439BCBF94CFF9B6707B ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

18:48:28.0468 1680 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning

18:48:28.0468 1680 hpqwmiex - detected UnsignedFile.Multi.Generic (1)

18:48:28.0546 1680 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys

18:48:28.0812 1680 HPZid412 - ok

18:48:28.0843 1680 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

18:48:28.0953 1680 HPZipr12 - ok

18:48:28.0968 1680 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys

18:48:29.0093 1680 HPZius12 - ok

18:48:29.0171 1680 [ A4877A17E87D6E6AB959B36B9EF3DE8A ] HSFHWICH C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys

18:48:29.0265 1680 HSFHWICH - ok

18:48:29.0359 1680 [ DFA8F86C0DBCA7DB948043AA3BE6793B ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

18:48:29.0453 1680 HSF_DP - ok

18:48:29.0531 1680 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

18:48:29.0640 1680 HTTP - ok

18:48:29.0718 1680 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

18:48:30.0078 1680 HTTPFilter - ok

18:48:30.0093 1680 i2omgmt - ok

18:48:30.0093 1680 i2omp - ok

18:48:30.0156 1680 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:48:30.0312 1680 i8042prt - ok

18:48:30.0437 1680 [ 240D0F5D7CAAFD87BD8D801A97BBE041 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

18:48:30.0562 1680 ialm - ok

18:48:30.0640 1680 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

18:48:30.0703 1680 IDriverT ( UnsignedFile.Multi.Generic ) - warning

18:48:30.0703 1680 IDriverT - detected UnsignedFile.Multi.Generic (1)

18:48:30.0750 1680 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

18:48:30.0968 1680 Imapi - ok

18:48:31.0031 1680 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

18:48:31.0265 1680 ImapiService - ok

18:48:31.0281 1680 ini910u - ok

18:48:31.0328 1680 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys

18:48:31.0562 1680 IntelIde - ok

18:48:31.0625 1680 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

18:48:31.0843 1680 intelppm - ok

18:48:31.0890 1680 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

18:48:32.0125 1680 Ip6Fw - ok

18:48:32.0171 1680 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:48:32.0437 1680 IpFilterDriver - ok

18:48:32.0484 1680 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:48:32.0734 1680 IpInIp - ok

18:48:32.0781 1680 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:48:33.0015 1680 IpNat - ok

18:48:33.0046 1680 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:48:33.0281 1680 IPSec - ok

18:48:33.0312 1680 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

18:48:33.0562 1680 IRENUM - ok

18:48:33.0625 1680 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:48:33.0843 1680 isapnp - ok

18:48:33.0890 1680 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:48:34.0125 1680 Kbdclass - ok

18:48:34.0156 1680 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

18:48:34.0406 1680 kmixer - ok

18:48:34.0453 1680 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

18:48:34.0593 1680 KSecDD - ok

18:48:34.0656 1680 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

18:48:34.0734 1680 lanmanserver - ok

18:48:34.0796 1680 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

18:48:34.0875 1680 lanmanworkstation - ok

18:48:34.0890 1680 lbrtfdc - ok

18:48:35.0015 1680 [ 258CACA1DAADE43978E2ECC9BDC94E1C ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe

18:48:35.0031 1680 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

18:48:35.0031 1680 LightScribeService - detected UnsignedFile.Multi.Generic (1)

18:48:35.0062 1680 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

18:48:35.0390 1680 LmHosts - ok

18:48:35.0453 1680 [ 4A5FFDF0FE830C448830BD4B02B02B4B ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys

18:48:35.0484 1680 mbamchameleon - ok

18:48:35.0531 1680 [ 5BB01B9F582259D1FB7653C5C1DA3653 ] MCSTRM C:\WINDOWS\system32\drivers\MCSTRM.sys

18:48:35.0562 1680 MCSTRM ( UnsignedFile.Multi.Generic ) - warning

18:48:35.0562 1680 MCSTRM - detected UnsignedFile.Multi.Generic (1)

18:48:35.0609 1680 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

18:48:35.0656 1680 mdmxsdk - ok

18:48:35.0687 1680 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

18:48:35.0828 1680 Messenger - ok

18:48:35.0890 1680 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

18:48:36.0093 1680 mnmdd - ok

18:48:36.0125 1680 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

18:48:36.0296 1680 mnmsrvc - ok

18:48:36.0359 1680 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

18:48:36.0515 1680 Modem - ok

18:48:36.0578 1680 [ 20FF89C59B0A50F53822303064988E00 ] MotDev C:\WINDOWS\system32\DRIVERS\motodrv.sys

18:48:36.0640 1680 MotDev - ok

18:48:36.0671 1680 [ 49BC2EA84DB5320B880A222E6E11B28B ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys

18:48:36.0828 1680 motmodem - ok

18:48:36.0843 1680 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:48:37.0078 1680 Mouclass - ok

18:48:37.0140 1680 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:48:37.0390 1680 mouhid - ok

18:48:37.0437 1680 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

18:48:37.0671 1680 MountMgr - ok

18:48:37.0687 1680 mraid35x - ok

18:48:37.0703 1680 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:48:37.0937 1680 MRxDAV - ok

18:48:38.0031 1680 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:48:38.0125 1680 MRxSmb - ok

18:48:38.0156 1680 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe

18:48:38.0328 1680 MSDTC - ok

18:48:38.0343 1680 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

18:48:38.0515 1680 Msfs - ok

18:48:38.0515 1680 MSIServer - ok

18:48:38.0562 1680 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:48:38.0750 1680 MSKSSRV - ok

18:48:38.0796 1680 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:48:39.0000 1680 MSPCLOCK - ok

18:48:39.0062 1680 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

18:48:39.0265 1680 MSPQM - ok

18:48:39.0312 1680 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:48:39.0500 1680 mssmbios - ok

18:48:39.0531 1680 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

18:48:39.0562 1680 Mup - ok

18:48:39.0609 1680 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

18:48:39.0843 1680 napagent - ok

18:48:39.0890 1680 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

18:48:40.0109 1680 NDIS - ok

18:48:40.0156 1680 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:48:40.0265 1680 NdisTapi - ok

18:48:40.0328 1680 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:48:40.0562 1680 Ndisuio - ok

18:48:40.0562 1680 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:48:40.0796 1680 NdisWan - ok

18:48:40.0859 1680 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

18:48:40.0953 1680 NDProxy - ok

18:48:41.0000 1680 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll

18:48:41.0046 1680 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

18:48:41.0046 1680 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

18:48:41.0109 1680 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

18:48:41.0343 1680 NetBIOS - ok

18:48:41.0421 1680 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

18:48:41.0687 1680 NetBT - ok

18:48:41.0750 1680 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

18:48:42.0031 1680 NetDDE - ok

18:48:42.0046 1680 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

18:48:42.0203 1680 NetDDEdsdm - ok

18:48:42.0250 1680 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

18:48:42.0421 1680 Netlogon - ok

18:48:42.0453 1680 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

18:48:42.0609 1680 Netman - ok

18:48:42.0640 1680 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys

18:48:42.0812 1680 NIC1394 - ok

18:48:42.0859 1680 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

18:48:42.0921 1680 Nla - ok

18:48:42.0953 1680 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

18:48:43.0125 1680 Npfs - ok

18:48:43.0171 1680 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

18:48:43.0421 1680 Ntfs - ok

18:48:43.0421 1680 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

18:48:43.0609 1680 NtLmSsp - ok

18:48:43.0671 1680 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

18:48:43.0921 1680 NtmsSvc - ok

18:48:43.0984 1680 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

18:48:44.0187 1680 Null - ok

18:48:44.0218 1680 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:48:44.0484 1680 NwlnkFlt - ok

18:48:44.0531 1680 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:48:44.0796 1680 NwlnkFwd - ok

18:48:44.0828 1680 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

18:48:45.0078 1680 ohci1394 - ok

18:48:45.0187 1680 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:48:45.0234 1680 ose - ok

18:48:45.0265 1680 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys

18:48:45.0484 1680 Parport - ok

18:48:45.0531 1680 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

18:48:45.0765 1680 PartMgr - ok

18:48:45.0796 1680 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

18:48:46.0046 1680 ParVdm - ok

18:48:46.0062 1680 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

18:48:46.0234 1680 PCI - ok

18:48:46.0250 1680 PCIDump - ok

18:48:46.0250 1680 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

18:48:46.0437 1680 PCIIde - ok

18:48:46.0453 1680 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys

18:48:46.0609 1680 Pcmcia - ok

18:48:46.0625 1680 PDCOMP - ok

18:48:46.0625 1680 PDFRAME - ok

18:48:46.0640 1680 PDRELI - ok

18:48:46.0656 1680 PDRFRAME - ok

18:48:46.0656 1680 perc2 - ok

18:48:46.0671 1680 perc2hib - ok

18:48:46.0734 1680 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

18:48:46.0765 1680 PlugPlay - ok

18:48:46.0828 1680 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll

18:48:46.0843 1680 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

18:48:46.0843 1680 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

18:48:46.0906 1680 [ DA19E3401F39C10DF193BE029C7E7BBA ] pnetmdm C:\WINDOWS\system32\DRIVERS\pnetmdm.sys

18:48:46.0953 1680 pnetmdm ( UnsignedFile.Multi.Generic ) - warning

18:48:46.0953 1680 pnetmdm - detected UnsignedFile.Multi.Generic (1)

18:48:46.0984 1680 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

18:48:47.0140 1680 PolicyAgent - ok

18:48:47.0187 1680 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:48:47.0328 1680 PptpMiniport - ok

18:48:47.0343 1680 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

18:48:47.0531 1680 ProtectedStorage - ok

18:48:47.0546 1680 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

18:48:47.0718 1680 PSched - ok

18:48:47.0765 1680 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:48:47.0937 1680 Ptilink - ok

18:48:47.0984 1680 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

18:48:48.0000 1680 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

18:48:48.0000 1680 PxHelp20 - detected UnsignedFile.Multi.Generic (1)

18:48:48.0000 1680 ql1080 - ok

18:48:48.0015 1680 Ql10wnt - ok

18:48:48.0031 1680 ql12160 - ok

18:48:48.0046 1680 ql1240 - ok

18:48:48.0062 1680 ql1280 - ok

18:48:48.0109 1680 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:48:48.0265 1680 RasAcd - ok

18:48:48.0328 1680 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

18:48:48.0500 1680 RasAuto - ok

18:48:48.0531 1680 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys

18:48:48.0656 1680 Rasirda - ok

18:48:48.0703 1680 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:48:48.0859 1680 Rasl2tp - ok

18:48:48.0906 1680 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

18:48:49.0093 1680 RasMan - ok

18:48:49.0109 1680 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:48:49.0296 1680 RasPppoe - ok

18:48:49.0312 1680 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

18:48:49.0515 1680 Raspti - ok

18:48:49.0578 1680 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:48:49.0750 1680 Rdbss - ok

18:48:49.0781 1680 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:48:49.0968 1680 RDPCDD - ok

18:48:50.0031 1680 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

18:48:50.0125 1680 RDPWD - ok

18:48:50.0171 1680 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

18:48:50.0375 1680 RDSessMgr - ok

18:48:50.0421 1680 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

18:48:50.0609 1680 redbook - ok

18:48:50.0687 1680 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

18:48:50.0906 1680 RemoteAccess - ok

18:48:50.0953 1680 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys

18:48:51.0156 1680 ROOTMODEM - ok

18:48:51.0187 1680 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe

18:48:51.0375 1680 RpcLocator - ok

18:48:51.0437 1680 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll

18:48:51.0515 1680 RpcSs - ok

18:48:51.0562 1680 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe

18:48:51.0750 1680 RSVP - ok

18:48:51.0828 1680 [ F1813D9E031B0E2E090AC6489FFD1007 ] RT-USB C:\WINDOWS\system32\drivers\RT-USB.SYS

18:48:51.0859 1680 RT-USB - ok

18:48:51.0921 1680 [ 7F0413BDD7D53EB4C7A371E7F6F84DF1 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys

18:48:52.0031 1680 RTL8023xp - ok

18:48:52.0078 1680 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

18:48:52.0296 1680 SamSs - ok

18:48:52.0328 1680 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

18:48:52.0562 1680 SCardSvr - ok

18:48:52.0640 1680 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

18:48:52.0796 1680 Schedule - ok

18:48:52.0859 1680 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys

18:48:53.0000 1680 sdbus - ok

18:48:53.0062 1680 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:48:53.0250 1680 Secdrv - ok

18:48:53.0296 1680 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

18:48:53.0453 1680 seclogon - ok

18:48:53.0468 1680 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

18:48:53.0640 1680 SENS - ok

18:48:53.0703 1680 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

18:48:53.0859 1680 serenum - ok

18:48:53.0906 1680 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

18:48:54.0062 1680 Serial - ok

18:48:54.0125 1680 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

18:48:54.0296 1680 Sfloppy - ok

18:48:54.0375 1680 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

18:48:54.0593 1680 SharedAccess - ok

18:48:54.0640 1680 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

18:48:54.0687 1680 ShellHWDetection - ok

18:48:54.0703 1680 Simbad - ok

18:48:54.0750 1680 [ 707647A1AA0EDB6CBEF61B0C75C28ED3 ] SMCIRDA C:\WINDOWS\system32\DRIVERS\smcirda.sys

18:48:54.0843 1680 SMCIRDA - ok

18:48:54.0859 1680 Sparrow - ok

18:48:54.0890 1680 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

18:48:55.0078 1680 splitter - ok

18:48:55.0140 1680 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

18:48:55.0218 1680 Spooler - ok

18:48:55.0234 1680 spywarebot - ok

18:48:55.0250 1680 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

18:48:55.0453 1680 sr - ok

18:48:55.0531 1680 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

18:48:55.0750 1680 srservice - ok

18:48:55.0828 1680 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

18:48:55.0921 1680 Srv - ok

18:48:55.0968 1680 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

18:48:56.0171 1680 SSDPSRV - ok

18:48:56.0218 1680 [ 8564BC9598BE1705477B7FA61D657C2B ] SSKBFD C:\WINDOWS\system32\Drivers\sskbfd.sys

18:48:56.0265 1680 SSKBFD - ok

18:48:56.0328 1680 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

18:48:56.0578 1680 stisvc - ok

18:48:56.0671 1680 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

18:48:56.0906 1680 swenum - ok

18:48:56.0984 1680 [ FDBD13CE3B3FC298E7FBB98B026F1ECB ] swg3kser00 C:\WINDOWS\system32\DRIVERS\swg3kser00.sys

18:48:57.0078 1680 swg3kser00 - ok

18:48:57.0125 1680 [ C61566BE5B8DA87F1B2BD3D9EC08592D ] swiwdmbx C:\WINDOWS\system32\DRIVERS\swiwdmbx.sys

18:48:57.0250 1680 swiwdmbx - ok

18:48:57.0296 1680 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

18:48:57.0593 1680 swmidi - ok

18:48:57.0640 1680 [ 1D394F1585793AC2A9738028FF97FBE3 ] SWNC8UA3 C:\WINDOWS\system32\DRIVERS\swnc8ua3.sys

18:48:57.0718 1680 SWNC8UA3 - ok

18:48:57.0734 1680 SwPrv - ok

18:48:57.0984 1680 [ 477A47C10C4B2E79DD52D74BAA9ED716 ] Symantec Core LC C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

18:48:58.0156 1680 Symantec Core LC - ok

18:48:58.0171 1680 symc810 - ok

18:48:58.0187 1680 symc8xx - ok

18:48:58.0234 1680 [ B226F8A4D780ACDF76145B58BB791D5B ] symlcbrd C:\WINDOWS\system32\drivers\symlcbrd.sys

18:48:58.0281 1680 symlcbrd - ok

18:48:58.0312 1680 sym_hi - ok

18:48:58.0328 1680 sym_u3 - ok

18:48:58.0406 1680 [ 23FE1F173996B8BAD4B9ED74003676D8 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys

18:48:58.0515 1680 SynTP - ok

18:48:58.0562 1680 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

18:48:58.0796 1680 sysaudio - ok

18:48:58.0859 1680 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

18:48:59.0000 1680 SysmonLog - ok

18:48:59.0062 1680 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

18:48:59.0218 1680 TapiSrv - ok

18:48:59.0296 1680 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:48:59.0359 1680 Tcpip - ok

18:48:59.0406 1680 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

18:48:59.0625 1680 TDPIPE - ok

18:48:59.0671 1680 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

18:48:59.0890 1680 TDTCP - ok

18:48:59.0937 1680 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

18:49:00.0125 1680 TermDD - ok

18:49:00.0171 1680 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

18:49:00.0390 1680 TermService - ok

18:49:00.0437 1680 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

18:49:00.0468 1680 Themes - ok

18:49:00.0562 1680 [ 9179E07503630D6FB2E4162FF0196191 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys

18:49:00.0625 1680 tifm21 - ok

18:49:00.0687 1680 [ 3199A477F0F06EEDE41BD55179F8EB05 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

18:49:00.0734 1680 TomTomHOMEService - ok

18:49:00.0734 1680 TosIde - ok

18:49:00.0812 1680 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

18:49:01.0046 1680 TrkWks - ok

18:49:01.0109 1680 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

18:49:01.0406 1680 Udfs - ok

18:49:01.0421 1680 ultra - ok

18:49:01.0515 1680 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

18:49:01.0843 1680 Update - ok

18:49:01.0906 1680 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

18:49:02.0203 1680 upnphost - ok

18:49:02.0265 1680 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

18:49:02.0546 1680 UPS - ok

18:49:02.0578 1680 USBAAPL - ok

18:49:02.0640 1680 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys

18:49:02.0812 1680 usbaudio - ok

18:49:02.0843 1680 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:49:03.0015 1680 usbccgp - ok

18:49:03.0062 1680 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:49:03.0218 1680 usbehci - ok

18:49:03.0234 1680 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:49:03.0406 1680 usbhub - ok

18:49:03.0484 1680 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:49:03.0671 1680 usbprint - ok

18:49:03.0718 1680 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:49:03.0906 1680 usbscan - ok

18:49:03.0968 1680 [ CAAD3467FBFAE8A380F67E9C7150A85E ] usbsermpt C:\WINDOWS\system32\DRIVERS\usbsermpt.sys

18:49:04.0015 1680 usbsermpt ( UnsignedFile.Multi.Generic ) - warning

18:49:04.0015 1680 usbsermpt - detected UnsignedFile.Multi.Generic (1)

18:49:04.0078 1680 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:49:04.0265 1680 USBSTOR - ok

18:49:04.0296 1680 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

18:49:04.0500 1680 usbuhci - ok

18:49:04.0546 1680 [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys

18:49:04.0703 1680 usb_rndisx - ok

18:49:04.0750 1680 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

18:49:04.0937 1680 VgaSave - ok

18:49:04.0953 1680 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys

18:49:05.0171 1680 ViaIde - ok

18:49:05.0187 1680 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

18:49:05.0437 1680 VolSnap - ok

18:49:05.0562 1680 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

18:49:05.0843 1680 VSS - ok

18:49:06.0343 1680 [ 6AE0A4978225CC6656D45504D6D78D0A ] vToolbarUpdater14.0.1 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe

18:49:06.0609 1680 vToolbarUpdater14.0.1 - ok

18:49:07.0000 1680 [ 9EE38FFCB4CBE5BEE6C305700DDC4725 ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys

18:49:07.0296 1680 w29n51 - ok

18:49:07.0375 1680 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll

18:49:07.0531 1680 W32Time - ok

18:49:07.0578 1680 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:49:07.0812 1680 Wanarp - ok

18:49:07.0875 1680 [ DC7F91B2ED24A738C807EA07F298928C ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys

18:49:07.0921 1680 wceusbsh ( UnsignedFile.Multi.Generic ) - warning

18:49:07.0921 1680 wceusbsh - detected UnsignedFile.Multi.Generic (1)

18:49:08.0000 1680 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

18:49:08.0062 1680 Wdf01000 - ok

18:49:08.0093 1680 WDICA - ok

18:49:08.0125 1680 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

18:49:08.0296 1680 wdmaud - ok

18:49:08.0312 1680 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

18:49:08.0515 1680 WebClient - ok

18:49:08.0578 1680 [ 09EBC00530CC3493DF55219D0DA5E03A ] WIBUKEY C:\WINDOWS\system32\DRIVERS\Wibukey.sys

18:49:08.0625 1680 WIBUKEY ( UnsignedFile.Multi.Generic ) - warning

18:49:08.0625 1680 WIBUKEY - detected UnsignedFile.Multi.Generic (1)

18:49:08.0687 1680 [ 473EE64C368CE2EED110376C11960259 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

18:49:08.0781 1680 winachsf - ok

18:49:08.0890 1680 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

18:49:09.0093 1680 winmgmt - ok

18:49:09.0187 1680 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

18:49:09.0296 1680 WmdmPmSN - ok

18:49:09.0343 1680 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

18:49:09.0609 1680 WmiAcpi - ok

18:49:09.0703 1680 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

18:49:09.0875 1680 WmiApSrv - ok

18:49:10.0015 1680 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

18:49:10.0156 1680 WMPNetworkSvc - ok

18:49:10.0203 1680 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys

18:49:10.0281 1680 WpdUsb - ok

18:49:10.0343 1680 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

18:49:10.0640 1680 WS2IFSL - ok

18:49:10.0703 1680 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

18:49:10.0875 1680 wscsvc - ok

18:49:10.0921 1680 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

18:49:11.0062 1680 wuauserv - ok

18:49:11.0125 1680 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

18:49:11.0203 1680 WudfPf - ok

18:49:11.0234 1680 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

18:49:11.0312 1680 WudfRd - ok

18:49:11.0343 1680 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

18:49:11.0406 1680 WudfSvc - ok

18:49:11.0500 1680 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

18:49:11.0750 1680 WZCSVC - ok

18:49:11.0765 1680 xcpip - ok

18:49:11.0812 1680 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

18:49:12.0046 1680 xmlprov - ok

18:49:12.0062 1680 xpsec - ok

18:49:12.0078 1680 yzs2y.sys - ok

18:49:12.0125 1680 ================ Scan global ===============================

18:49:12.0187 1680 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

18:49:12.0250 1680 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

18:49:12.0265 1680 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

18:49:12.0296 1680 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

18:49:12.0296 1680 [Global] - ok

18:49:12.0296 1680 ================ Scan MBR ==================================

18:49:12.0343 1680 [ 5232770D6A631352584F3E3A8B23C069 ] \Device\Harddisk0\DR0

18:49:12.0359 1680 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected

18:49:12.0359 1680 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)

18:49:12.0468 1680 ================ Scan VBR ==================================

18:49:12.0468 1680 [ 8FFD04C05D98011BAFDC09FB7FF7E69D ] \Device\Harddisk0\DR0\Partition1

18:49:12.0468 1680 \Device\Harddisk0\DR0\Partition1 - ok

18:49:12.0500 1680 [ 42052CCD87069E70885858F2F519C3E1 ] \Device\Harddisk0\DR0\Partition2

18:49:12.0500 1680 \Device\Harddisk0\DR0\Partition2 - ok

18:49:12.0500 1680 ================ Scan active images ========================

18:49:12.0500 1680 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys

18:49:12.0500 1680 C:\WINDOWS\system32\drivers\nic1394.sys - ok

18:49:12.0515 1680 [ 0F6C187D38D98F8DF904589A5F94D411 ] C:\WINDOWS\system32\drivers\cmbatt.sys

18:49:12.0515 1680 C:\WINDOWS\system32\drivers\cmbatt.sys - ok

18:49:12.0531 1680 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys

18:49:12.0531 1680 C:\WINDOWS\system32\drivers\intelppm.sys - ok

18:49:12.0531 1680 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys

18:49:12.0531 1680 C:\WINDOWS\system32\drivers\videoprt.sys - ok

18:49:12.0546 1680 [ 240D0F5D7CAAFD87BD8D801A97BBE041 ] C:\WINDOWS\system32\drivers\ialmnt5.sys

18:49:12.0546 1680 C:\WINDOWS\system32\drivers\ialmnt5.sys - ok

18:49:12.0546 1680 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys

18:49:12.0546 1680 C:\WINDOWS\system32\drivers\usbport.sys - ok

18:49:12.0562 1680 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys

18:49:12.0562 1680 C:\WINDOWS\system32\drivers\usbuhci.sys - ok

18:49:12.0562 1680 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys

18:49:12.0562 1680 C:\WINDOWS\system32\drivers\usbehci.sys - ok

18:49:12.0578 1680 [ 7F0413BDD7D53EB4C7A371E7F6F84DF1 ] C:\WINDOWS\system32\drivers\Rtlnicxp.sys

18:49:12.0578 1680 C:\WINDOWS\system32\drivers\Rtlnicxp.sys - ok

18:49:12.0578 1680 [ 9EE38FFCB4CBE5BEE6C305700DDC4725 ] C:\WINDOWS\system32\drivers\w29n51.sys

18:49:12.0578 1680 C:\WINDOWS\system32\drivers\w29n51.sys - ok

18:49:12.0593 1680 [ 9179E07503630D6FB2E4162FF0196191 ] C:\WINDOWS\system32\drivers\tifm21.sys

18:49:12.0593 1680 C:\WINDOWS\system32\drivers\tifm21.sys - ok

18:49:12.0593 1680 [ 9A38FC432AD8B3400CEFB70A7236979E ] C:\WINDOWS\system32\drivers\camc6hal.sys

18:49:12.0593 1680 C:\WINDOWS\system32\drivers\camc6hal.sys - ok

18:49:12.0609 1680 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] C:\WINDOWS\system32\drivers\sdbus.sys

18:49:12.0609 1680 C:\WINDOWS\system32\drivers\sdbus.sys - ok

18:49:12.0609 1680 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys

18:49:12.0609 1680 C:\WINDOWS\system32\drivers\ks.sys - ok

18:49:12.0625 1680 [ 4EBC37B6677A6768B307AE40839D788F ] C:\WINDOWS\system32\drivers\camc6aud.sys

18:49:12.0625 1680 C:\WINDOWS\system32\drivers\camc6aud.sys - ok

18:49:12.0640 1680 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys

18:49:12.0640 1680 C:\WINDOWS\system32\drivers\drmk.sys - ok

18:49:12.0640 1680 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys

18:49:12.0640 1680 C:\WINDOWS\system32\drivers\portcls.sys - ok

18:49:12.0656 1680 [ A4877A17E87D6E6AB959B36B9EF3DE8A ] C:\WINDOWS\system32\drivers\HSFHWICH.sys

18:49:12.0656 1680 C:\WINDOWS\system32\drivers\HSFHWICH.sys - ok

18:49:12.0671 1680 [ DFA8F86C0DBCA7DB948043AA3BE6793B ] C:\WINDOWS\system32\drivers\HSF_DP.sys

18:49:12.0671 1680 C:\WINDOWS\system32\drivers\HSF_DP.sys - ok

18:49:12.0671 1680 [ 473EE64C368CE2EED110376C11960259 ] C:\WINDOWS\system32\drivers\HSF_CNXT.sys

18:49:12.0671 1680 C:\WINDOWS\system32\drivers\HSF_CNXT.sys - ok

18:49:12.0687 1680 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys

18:49:12.0687 1680 C:\WINDOWS\system32\drivers\i8042prt.sys - ok

18:49:12.0687 1680 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys

18:49:12.0687 1680 C:\WINDOWS\system32\drivers\kbdclass.sys - ok

18:49:12.0703 1680 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys

18:49:12.0703 1680 C:\WINDOWS\system32\drivers\modem.sys - ok

18:49:12.0703 1680 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys

18:49:12.0703 1680 C:\WINDOWS\system32\drivers\usbd.sys - ok

18:49:12.0718 1680 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys

18:49:12.0718 1680 C:\WINDOWS\system32\drivers\cdrom.sys - ok

18:49:12.0718 1680 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys

18:49:12.0718 1680 C:\WINDOWS\system32\drivers\imapi.sys - ok

18:49:12.0734 1680 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys

18:49:12.0734 1680 C:\WINDOWS\system32\drivers\mouclass.sys - ok

18:49:12.0750 1680 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys

18:49:12.0750 1680 C:\WINDOWS\system32\drivers\redbook.sys - ok

18:49:12.0750 1680 [ 23FE1F173996B8BAD4B9ED74003676D8 ] C:\WINDOWS\system32\drivers\SynTP.sys

18:49:12.0750 1680 C:\WINDOWS\system32\drivers\SynTP.sys - ok

18:49:12.0765 1680 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys

18:49:12.0765 1680 C:\WINDOWS\system32\drivers\audstub.sys - ok

18:49:12.0765 1680 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys

18:49:12.0781 1680 C:\WINDOWS\system32\drivers\ndistapi.sys - ok

18:49:12.0781 1680 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys

18:49:12.0781 1680 C:\WINDOWS\system32\drivers\ndiswan.sys - ok

18:49:12.0796 1680 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys

18:49:12.0796 1680 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok

18:49:12.0796 1680 [ C42584FD66CE9E17403AEBCA199F7BDB ] C:\WINDOWS\system32\drivers\wmiacpi.sys

18:49:12.0796 1680 C:\WINDOWS\system32\drivers\wmiacpi.sys - ok

18:49:12.0812 1680 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys

18:49:12.0812 1680 C:\WINDOWS\system32\drivers\raspppoe.sys - ok

18:49:12.0828 1680 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys

18:49:12.0828 1680 C:\WINDOWS\system32\drivers\tdi.sys - ok

18:49:12.0828 1680 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys

18:49:12.0828 1680 C:\WINDOWS\system32\drivers\msgpc.sys - ok

18:49:12.0843 1680 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys

18:49:12.0843 1680 C:\WINDOWS\system32\drivers\psched.sys - ok

18:49:12.0859 1680 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys

18:49:12.0859 1680 C:\WINDOWS\system32\drivers\raspptp.sys - ok

18:49:12.0859 1680 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys

18:49:12.0859 1680 C:\WINDOWS\system32\drivers\ptilink.sys - ok

18:49:12.0875 1680 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys

18:49:12.0875 1680 C:\WINDOWS\system32\drivers\raspti.sys - ok

18:49:12.0890 1680 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys

18:49:12.0890 1680 C:\WINDOWS\system32\drivers\termdd.sys - ok

18:49:12.0890 1680 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys

18:49:12.0890 1680 C:\WINDOWS\system32\drivers\swenum.sys - ok

18:49:12.0906 1680 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys

18:49:12.0906 1680 C:\WINDOWS\system32\drivers\update.sys - ok

18:49:12.0921 1680 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys

18:49:12.0921 1680 C:\WINDOWS\system32\drivers\mssmbios.sys - ok

18:49:12.0921 1680 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys

18:49:12.0921 1680 C:\WINDOWS\system32\drivers\ndproxy.sys - ok

18:49:12.0937 1680 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys

18:49:12.0937 1680 C:\WINDOWS\system32\drivers\usbhub.sys - ok

18:49:12.0937 1680 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys

18:49:12.0937 1680 C:\WINDOWS\system32\drivers\sfloppy.sys - ok

18:49:12.0953 1680 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys

18:49:12.0953 1680 C:\WINDOWS\system32\drivers\cdaudio.sys - ok

18:49:12.0953 1680 [ 3FCF9368255525FDD929A48B2AA9EDF4 ] C:\WINDOWS\system32\drivers\avgtpx86.sys

18:49:12.0953 1680 C:\WINDOWS\system32\drivers\avgtpx86.sys - ok

18:49:12.0968 1680 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys

18:49:12.0968 1680 C:\WINDOWS\system32\drivers\beep.sys - ok

18:49:12.0968 1680 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys

18:49:12.0968 1680 C:\WINDOWS\system32\drivers\fs_rec.sys - ok

18:49:12.0984 1680 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys

18:49:12.0984 1680 C:\WINDOWS\system32\drivers\null.sys - ok

18:49:12.0984 1680 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys

18:49:12.0984 1680 C:\WINDOWS\system32\drivers\mnmdd.sys - ok

18:49:13.0000 1680 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys

18:49:13.0000 1680 C:\WINDOWS\system32\drivers\vga.sys - ok

18:49:13.0000 1680 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys

18:49:13.0000 1680 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok

18:49:13.0015 1680 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys

18:49:13.0015 1680 C:\WINDOWS\system32\drivers\msfs.sys - ok

18:49:13.0015 1680 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys

18:49:13.0015 1680 C:\WINDOWS\system32\drivers\npfs.sys - ok

18:49:13.0031 1680 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys

18:49:13.0031 1680 C:\WINDOWS\system32\drivers\ipsec.sys - ok

18:49:13.0031 1680 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys

18:49:13.0031 1680 C:\WINDOWS\system32\drivers\rasacd.sys - ok

18:49:13.0046 1680 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys

18:49:13.0046 1680 C:\WINDOWS\system32\drivers\tcpip.sys - ok

18:49:13.0062 1680 [ 52448A41CF1769CB3627677A0509627B ] C:\WINDOWS\system32\drivers\avgtdix.sys

18:49:13.0062 1680 C:\WINDOWS\system32\drivers\avgtdix.sys - ok

18:49:13.0062 1680 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys

18:49:13.0062 1680 C:\WINDOWS\system32\drivers\netbt.sys - ok

18:49:13.0078 1680 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys

18:49:13.0078 1680 C:\WINDOWS\system32\drivers\afd.sys - ok

18:49:13.0078 1680 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys

18:49:13.0078 1680 C:\WINDOWS\system32\drivers\ipnat.sys - ok

18:49:13.0093 1680 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys

18:49:13.0093 1680 C:\WINDOWS\system32\drivers\wanarp.sys - ok

18:49:13.0093 1680 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys

18:49:13.0093 1680 C:\WINDOWS\system32\drivers\netbios.sys - ok

18:49:13.0109 1680 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys

18:49:13.0109 1680 C:\WINDOWS\system32\drivers\rdbss.sys - ok

18:49:13.0109 1680 [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys

18:49:13.0109 1680 C:\WINDOWS\system32\drivers\arp1394.sys - ok

18:49:13.0125 1680 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys

18:49:13.0125 1680 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok

18:49:13.0125 1680 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys

18:49:13.0125 1680 C:\WINDOWS\system32\drivers\fips.sys - ok

18:49:13.0140 1680 [ 08FA13787D77A75DC413E27FD92B44E8 ] C:\WINDOWS\system32\drivers\avgldx86.sys

18:49:13.0140 1680 C:\WINDOWS\system32\drivers\avgldx86.sys - ok

18:49:13.0140 1680 [ C6ACA0190EE7B614673EE0C91863B1EB ] C:\WINDOWS\system32\drivers\eabfiltr.sys

18:49:13.0140 1680 C:\WINDOWS\system32\drivers\eabfiltr.sys - ok

18:49:13.0140 1680 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys

18:49:13.0140 1680 C:\WINDOWS\system32\drivers\usbccgp.sys - ok

18:49:13.0156 1680 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys

18:49:13.0156 1680 C:\WINDOWS\system32\drivers\hidparse.sys - ok

18:49:13.0156 1680 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys

18:49:13.0156 1680 C:\WINDOWS\system32\drivers\hidclass.sys - ok

18:49:13.0171 1680 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys

18:49:13.0171 1680 C:\WINDOWS\system32\drivers\hidusb.sys - ok

18:49:13.0171 1680 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys

18:49:13.0171 1680 C:\WINDOWS\system32\drivers\mouhid.sys - ok

18:49:13.0187 1680 [ 1A2213B7D94944861449CB07BF2D099E ] C:\WINDOWS\system32\drivers\avgidsdriverx.sys

18:49:13.0187 1680 C:\WINDOWS\system32\drivers\avgidsdriverx.sys - ok

18:49:13.0187 1680 [ A426B2DC795531D99E2EE1952AEC051A ] C:\WINDOWS\system32\drivers\avgidsshimx.sys

18:49:13.0187 1680 C:\WINDOWS\system32\drivers\avgidsshimx.sys - ok

18:49:13.0203 1680 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe

18:49:13.0203 1680 C:\WINDOWS\system32\smss.exe - ok

18:49:13.0203 1680 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll

18:49:13.0203 1680 C:\WINDOWS\system32\ntdll.dll - ok

18:49:13.0218 1680 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe

18:49:13.0218 1680 C:\WINDOWS\system32\autochk.exe - ok

18:49:13.0218 1680 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys

18:49:13.0218 1680 C:\WINDOWS\system32\drivers\fastfat.sys - ok

18:49:13.0234 1680 [ B9CB6D4E5A30968330F6E32ACB945641 ] C:\PROGRA~1\AVG\AVG2013\avgrsx.exe

18:49:13.0234 1680 C:\PROGRA~1\AVG\AVG2013\avgrsx.exe - ok

18:49:13.0234 1680 [ 3B3D5E94A5F24417BE2C179DDD883702 ] C:\Program Files\AVG\AVG2013\avgsysx.dll

18:49:13.0234 1680 C:\Program Files\AVG\AVG2013\avgsysx.dll - ok

18:49:13.0250 1680 [ AE4D9DC676A2517DEE3E51978BCFE47C ] C:\Program Files\AVG\AVG2013\avgntopensslx.dll

18:49:13.0250 1680 C:\Program Files\AVG\AVG2013\avgntopensslx.dll - ok

18:49:13.0250 1680 [ 21139ED432EFB4A8CDF715862DBDF9E0 ] C:\Program Files\AVG\AVG2013\avglogx.dll

18:49:13.0250 1680 C:\Program Files\AVG\AVG2013\avglogx.dll - ok

18:49:13.0265 1680 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys

18:49:13.0265 1680 C:\WINDOWS\system32\drivers\cdfs.sys - ok

18:49:13.0265 1680 [ 3FD65320312C8411B72E33DA8661D36A ] C:\WINDOWS\system32\ntoskrnl.exe

18:49:13.0265 1680 C:\WINDOWS\system32\ntoskrnl.exe - ok

18:49:13.0281 1680 [ 6A0A8D20469EFD39A4A3463A88811A57 ] C:\Program Files\AVG\AVG2013\avgsched.dll

18:49:13.0281 1680 C:\Program Files\AVG\AVG2013\avgsched.dll - ok

18:49:13.0281 1680 [ 1931311AF80A54A4FE8F0862820FE015 ] C:\Program Files\AVG\AVG2013\avgwdwsc.dll

18:49:13.0281 1680 C:\Program Files\AVG\AVG2013\avgwdwsc.dll - ok

18:49:13.0296 1680 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll

18:49:13.0296 1680 C:\WINDOWS\system32\ipsecsvc.dll - ok

18:49:13.0296 1680 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

18:49:13.0296 1680 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok

18:49:13.0312 1680 [ D4EEBF6E9559689034BB628B437BE7E4 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5mu.dll

18:49:13.0312 1680 C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5mu.dll - ok

18:49:13.0328 1680 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

18:49:13.0328 1680 C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok

18:49:13.0328 1680 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll

18:49:13.0328 1680 C:\WINDOWS\system32\seclogon.dll - ok

18:49:13.0343 1680 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll

18:49:13.0343 1680 C:\WINDOWS\system32\win32spl.dll - ok

18:49:13.0343 1680 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll

18:49:13.0343 1680 C:\WINDOWS\system32\dssenh.dll - ok

18:49:13.0359 1680 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] C:\WINDOWS\system32\HPZipm12.dll

18:49:13.0359 1680 C:\WINDOWS\system32\HPZipm12.dll - ok

18:49:13.0359 1680 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll

18:49:13.0359 1680 C:\WINDOWS\system32\mscms.dll - ok

18:49:13.0375 1680 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll

18:49:13.0375 1680 C:\WINDOWS\system32\psbase.dll - ok

18:49:13.0375 1680 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll

18:49:13.0375 1680 C:\WINDOWS\system32\pstorsvc.dll - ok

18:49:13.0390 1680 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll

18:49:13.0390 1680 C:\WINDOWS\system32\sens.dll - ok

18:49:13.0390 1680 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll

18:49:13.0390 1680 C:\WINDOWS\system32\oakley.dll - ok

18:49:13.0390 1680 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll

18:49:13.0390 1680 C:\WINDOWS\system32\srsvc.dll - ok

18:49:13.0406 1680 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll

18:49:13.0406 1680 C:\WINDOWS\system32\wiaservc.dll - ok

18:49:13.0406 1680 [ 91CA748B04BF0E2CAB06BE29116E05C5 ] C:\Program Files\AVG\AVG2013\avgidpsdkx.dll

18:49:13.0406 1680 C:\Program Files\AVG\AVG2013\avgidpsdkx.dll - ok

18:49:13.0421 1680 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll

18:49:13.0421 1680 C:\WINDOWS\system32\netrap.dll - ok

18:49:13.0421 1680 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll

18:49:13.0421 1680 C:\WINDOWS\system32\winipsec.dll - ok

18:49:13.0437 1680 [ 9598BCA4FDBBD75142EE254E6023E9A6 ] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll

18:49:13.0437 1680 C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll - ok

18:49:13.0437 1680 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll

18:49:13.0437 1680 C:\WINDOWS\system32\inetpp.dll - ok

18:49:13.0453 1680 [ A478F882D04E1AE9AC17F1C914964A63 ] C:\WINDOWS\system32\url.dll

18:49:13.0453 1680 C:\WINDOWS\system32\url.dll - ok

18:49:13.0453 1680 [ 9C8E896FCF103F943EB3F405A974447D ] C:\WINDOWS\system32\ntkrnlpa.exe

18:49:13.0453 1680 C:\WINDOWS\system32\ntkrnlpa.exe - ok

18:49:13.0468 1680 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

18:49:13.0468 1680 C:\WINDOWS\system32\winsrv.dll - ok

18:49:13.0468 1680 [ C9F44E08EF18BE1139386095360B0E39 ] C:\Program Files\AVG\AVG2013\avgcorex.dll

18:49:13.0468 1680 C:\Program Files\AVG\AVG2013\avgcorex.dll - ok

18:49:13.0484 1680 [ DC98337F0D2A9F6C0B6FB682297ECE3B ] C:\Program Files\AVG\AVG2013\avgwdsvc.exe

18:49:13.0484 1680 C:\Program Files\AVG\AVG2013\avgwdsvc.exe - ok

18:49:13.0484 1680 [ BEA22322EA2DFE41CF7CE22A6EDE08EA ] C:\Program Files\AVG\AVG2013\avgwd.dll

18:49:13.0484 1680 C:\Program Files\AVG\AVG2013\avgwd.dll - ok

18:49:13.0500 1680 [ 414F57444511B818DB23FA5CF89F3205 ] C:\Program Files\AVG\AVG2013\avgclitx.dll

18:49:13.0500 1680 C:\Program Files\AVG\AVG2013\avgclitx.dll - ok

18:49:13.0500 1680 [ 0D8244A9DB70BC6C36E2FB56F6039AB6 ] C:\Program Files\AVG\AVG2013\avgidsagent.exe

18:49:13.0500 1680 C:\Program Files\AVG\AVG2013\avgidsagent.exe - ok

18:49:13.0515 1680 [ 099D9F937F6EE23672391B3A5BD6D7E5 ] C:\Program Files\AVG\AVG2013\avgntsqlitex.dll

18:49:13.0515 1680 C:\Program Files\AVG\AVG2013\avgntsqlitex.dll - ok

18:49:13.0515 1680 [ 40E12972BB73C2927E19553E30EAEE3C ] C:\Program Files\AVG\AVG2013\avgcommx.dll

18:49:13.0515 1680 C:\Program Files\AVG\AVG2013\avgcommx.dll - ok

18:49:13.0531 1680 [ 5BDB1E096DEA119A4D205ACB6E958175 ] C:\Program Files\AVG\AVG2013\avgopensslx.dll

18:49:13.0531 1680 C:\Program Files\AVG\AVG2013\avgopensslx.dll - ok

18:49:13.0531 1680 [ 7F2A2DDA32A0CDF28868864A87A05B23 ] C:\Program Files\AVG\AVG2013\avgsecapix.dll

18:49:13.0531 1680 C:\Program Files\AVG\AVG2013\avgsecapix.dll - ok

18:49:13.0546 1680 [ BBAD10F039069325326CDA0A68D55356 ] C:\Program Files\AVG\AVG2013\avgcfgx.dll

18:49:13.0546 1680 C:\Program Files\AVG\AVG2013\avgcfgx.dll - ok

18:49:13.0546 1680 [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll

18:49:13.0546 1680 C:\WINDOWS\system32\lz32.dll - ok

18:49:13.0562 1680 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll

18:49:13.0562 1680 C:\WINDOWS\system32\msidle.dll - ok

18:49:13.0562 1680 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll

18:49:13.0562 1680 C:\WINDOWS\system32\wmi.dll - ok

18:49:13.0578 1680 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe

18:49:13.0578 1680 C:\WINDOWS\system32\csrss.exe - ok

18:49:13.0578 1680 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll

18:49:13.0578 1680 C:\WINDOWS\system32\kbdus.dll - ok

18:49:13.0593 1680 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll

18:49:13.0593 1680 C:\WINDOWS\system32\midimap.dll - ok

18:49:13.0593 1680 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll

18:49:13.0593 1680 C:\WINDOWS\system32\msnsspc.dll - ok

18:49:13.0609 1680 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll

18:49:13.0609 1680 C:\WINDOWS\system32\rasadhlp.dll - ok

18:49:13.0609 1680 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll

18:49:13.0609 1680 C:\WINDOWS\system32\sfc.dll - ok

18:49:13.0625 1680 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll

18:49:13.0625 1680 C:\WINDOWS\system32\usbmon.dll - ok

18:49:13.0625 1680 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll

18:49:13.0625 1680 C:\WINDOWS\system32\vga.dll - ok

18:49:13.0640 1680 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll

18:49:13.0640 1680 C:\WINDOWS\system32\eappprxy.dll - ok

18:49:13.0640 1680 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\WINDOWS\system32\mdimon.dll

18:49:13.0640 1680 C:\WINDOWS\system32\mdimon.dll - ok

18:49:13.0656 1680 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll

18:49:13.0656 1680 C:\WINDOWS\system32\ncobjapi.dll - ok

18:49:13.0656 1680 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll

18:49:13.0656 1680 C:\WINDOWS\system32\sfc_os.dll - ok

18:49:13.0671 1680 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll

18:49:13.0671 1680 C:\WINDOWS\system32\tcpmon.dll - ok

18:49:13.0671 1680 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll

18:49:13.0671 1680 C:\WINDOWS\system32\wzcsvc.dll - ok

18:49:13.0671 1680 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll

18:49:13.0671 1680 C:\WINDOWS\system32\esent.dll - ok

18:49:13.0687 1680 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll

18:49:13.0687 1680 C:\WINDOWS\system32\odbcint.dll - ok

18:49:13.0687 1680 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll

18:49:13.0687 1680 C:\WINDOWS\system32\msapsspc.dll - ok

18:49:13.0703 1680 [ CC29CF5BA4F3AD6BED8E424866810223 ] C:\WINDOWS\system32\ialmdnt5.dll

18:49:13.0703 1680 C:\WINDOWS\system32\ialmdnt5.dll - ok

18:49:13.0703 1680 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll

18:49:13.0703 1680 C:\WINDOWS\system32\msvcrt40.dll - ok

18:49:13.0718 1680 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll

18:49:13.0718 1680 C:\WINDOWS\system32\netshell.dll - ok

18:49:13.0718 1680 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll

18:49:13.0718 1680 C:\WINDOWS\system32\schannel.dll - ok

18:49:13.0734 1680 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll

18:49:13.0734 1680 C:\WINDOWS\system32\netmsg.dll - ok

18:49:13.0734 1680 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll

18:49:13.0734 1680 C:\WINDOWS\system32\rastls.dll - ok

18:49:13.0750 1680 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll

18:49:13.0750 1680 C:\WINDOWS\system32\umpnpmgr.dll - ok

18:49:13.0750 1680 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll

18:49:13.0750 1680 C:\WINDOWS\system32\shsvcs.dll - ok

18:49:13.0765 1680 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll

18:49:13.0765 1680 C:\WINDOWS\system32\wkssvc.dll - ok

18:49:13.0765 1680 [ DF446BA625CC441617843E87798CE048 ] C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

18:49:13.0765 1680 C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll - ok

18:49:13.0781 1680 [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll

18:49:13.0781 1680 C:\WINDOWS\system32\WudfPlatform.dll - ok

18:49:13.0781 1680 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll

18:49:13.0781 1680 C:\WINDOWS\system32\dot3dlg.dll - ok

18:49:13.0796 1680 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll

18:49:13.0796 1680 C:\WINDOWS\system32\ersvc.dll - ok

18:49:13.0796 1680 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll

18:49:13.0796 1680 C:\WINDOWS\system32\hid.dll - ok

18:49:13.0812 1680 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll

18:49:13.0812 1680 C:\WINDOWS\system32\hidserv.dll - ok

18:49:13.0812 1680 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll

18:49:13.0812 1680 C:\WINDOWS\system32\lmhsvc.dll - ok

18:49:13.0828 1680 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe

18:49:13.0828 1680 C:\WINDOWS\system32\lsass.exe - ok

18:49:13.0828 1680 [ D8361BEAB7109AB8B069F7F5028E37B1 ] C:\WINDOWS\system32\olesvr32.dll

18:49:13.0828 1680 C:\WINDOWS\system32\olesvr32.dll - ok

18:49:13.0843 1680 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll

18:49:13.0843 1680 C:\WINDOWS\system32\profmap.dll - ok

18:49:13.0843 1680 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe

18:49:13.0843 1680 C:\WINDOWS\system32\svchost.exe - ok

18:49:13.0859 1680 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll

18:49:13.0859 1680 C:\WINDOWS\system32\w32time.dll - ok

18:49:13.0859 1680 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll

18:49:13.0859 1680 C:\WINDOWS\system32\scecli.dll - ok

18:49:13.0875 1680 [ D7DCFB4D0C58FFB569DE93E1681FD37A ] C:\WINDOWS\system32\WgaLogon.dll

18:49:13.0875 1680 C:\WINDOWS\system32\WgaLogon.dll - ok

18:49:13.0875 1680 [ C83C0791FC7FA3CBE9BE2825B8A47EAF ] C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll

18:49:13.0875 1680 C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll - ok

18:49:13.0890 1680 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll

18:49:13.0890 1680 C:\WINDOWS\system32\schedsvc.dll - ok

18:49:13.0890 1680 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll

18:49:13.0890 1680 C:\WINDOWS\system32\certcli.dll - ok

18:49:13.0906 1680 [ F0683C310687E88FB4D1B814BDFB82A3 ] C:\WINDOWS\system32\ialmdev5.dll

18:49:13.0906 1680 C:\WINDOWS\system32\ialmdev5.dll - ok

18:49:13.0906 1680 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll

18:49:13.0906 1680 C:\WINDOWS\system32\odbc32.dll - ok

18:49:13.0921 1680 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll

18:49:13.0921 1680 C:\WINDOWS\system32\es.dll - ok

18:49:13.0921 1680 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll

18:49:13.0921 1680 C:\WINDOWS\system32\mswsock.dll - ok

18:49:13.0937 1680 [ DA45AD502B4F2B7FC4ADEBA2E309F384 ] C:\WINDOWS\system32\netevent.dll

18:49:13.0937 1680 C:\WINDOWS\system32\netevent.dll - ok

18:49:13.0937 1680 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll

18:49:13.0937 1680 C:\WINDOWS\system32\scesrv.dll - ok

18:49:13.0953 1680 [ 045DF7AE14CAAED71338916D6FB66812 ] C:\WINDOWS\system32\wow32.dll

18:49:13.0953 1680 C:\WINDOWS\system32\wow32.dll - ok

18:49:13.0953 1680 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll

18:49:13.0953 1680 C:\WINDOWS\system32\hnetcfg.dll - ok

18:49:13.0968 1680 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll

18:49:13.0968 1680 C:\WINDOWS\system32\kerberos.dll - ok

18:49:13.0968 1680 [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll

18:49:13.0968 1680 C:\WINDOWS\system32\atmfd.dll - ok

18:49:13.0984 1680 [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\system32\msvcp100.dll

18:49:13.0984 1680 C:\WINDOWS\system32\msvcp100.dll - ok

18:49:13.0984 1680 [ 681B807E53BDADA337735C28C0E48A1B ] C:\WINDOWS\system32\ntvdm.exe

18:49:13.0984 1680 C:\WINDOWS\system32\ntvdm.exe - ok

18:49:14.0000 1680 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Common Files\LightScribe\msvcr71.dll

18:49:14.0000 1680 C:\Program Files\Common Files\LightScribe\msvcr71.dll - ok

18:49:14.0000 1680 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll

18:49:14.0000 1680 C:\WINDOWS\system32\localspl.dll - ok

18:49:14.0015 1680 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll

18:49:14.0015 1680 C:\WINDOWS\system32\samsrv.dll - ok

18:49:14.0015 1680 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll

18:49:14.0015 1680 C:\WINDOWS\system32\netlogon.dll - ok

18:49:14.0031 1680 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Common Files\LightScribe\msvcp71.dll

18:49:14.0031 1680 C:\Program Files\Common Files\LightScribe\msvcp71.dll - ok

18:49:14.0031 1680 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll

18:49:14.0031 1680 C:\WINDOWS\system32\lsasrv.dll - ok

18:49:14.0046 1680 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\system32\msvcr100.dll

18:49:14.0046 1680 C:\WINDOWS\system32\msvcr100.dll - ok

18:49:14.0046 1680 [ 85091A542F424FCC77027C7CBC5FA87E ] C:\WINDOWS\system32\ialmdd5.dll

18:49:14.0046 1680 C:\WINDOWS\system32\ialmdd5.dll - ok

18:49:14.0062 1680 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll

18:49:14.0062 1680 C:\WINDOWS\system32\msgina.dll - ok

18:49:14.0062 1680 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll

18:49:14.0062 1680 C:\WINDOWS\system32\sfcfiles.dll - ok

18:49:14.0078 1680 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll

18:49:14.0078 1680 C:\WINDOWS\system32\eapolqec.dll - ok

18:49:14.0078 1680 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll

18:49:14.0078 1680 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok

18:49:14.0093 1680 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll

18:49:14.0093 1680 C:\WINDOWS\system32\cryptdll.dll - ok

18:49:14.0093 1680 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll

18:49:14.0093 1680 C:\WINDOWS\system32\csrsrv.dll - ok

18:49:14.0109 1680 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll

18:49:14.0109 1680 C:\WINDOWS\system32\dimsntfy.dll - ok

18:49:14.0109 1680 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll

18:49:14.0109 1680 C:\WINDOWS\system32\nddeapi.dll - ok

18:49:14.0125 1680 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll

18:49:14.0125 1680 C:\WINDOWS\system32\powrprof.dll - ok

18:49:14.0125 1680 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll

18:49:14.0125 1680 C:\WINDOWS\system32\winrnr.dll - ok

18:49:14.0140 1680 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll

18:49:14.0140 1680 C:\WINDOWS\system32\wshtcpip.dll - ok

18:49:14.0140 1680 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll

18:49:14.0140 1680 C:\WINDOWS\AppPatch\acadproc.dll - ok

18:49:14.0156 1680 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll

18:49:14.0156 1680 C:\WINDOWS\system32\audiosrv.dll - ok

18:49:14.0156 1680 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll

18:49:14.0156 1680 C:\WINDOWS\system32\cnbjmon.dll - ok

18:49:14.0171 1680 [ 9E57AF3D019BA7C1523B663C8FA7733D ] C:\WINDOWS\system32\ialmrnt5.dll

18:49:14.0171 1680 C:\WINDOWS\system32\ialmrnt5.dll - ok

18:49:14.0171 1680 [ 86440EDFF27095E03741AEDC5752AA51 ] C:\WINDOWS\system32\olecnv32.dll

18:49:14.0171 1680 C:\WINDOWS\system32\olecnv32.dll - ok

18:49:14.0187 1680 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll

18:49:14.0187 1680 C:\WINDOWS\system32\qutil.dll - ok

18:49:14.0187 1680 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll

18:49:14.0187 1680 C:\WINDOWS\system32\rasman.dll - ok

18:49:14.0187 1680 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll

18:49:14.0187 1680 C:\WINDOWS\system32\wzcsapi.dll - ok

18:49:14.0203 1680 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll

18:49:14.0203 1680 C:\WINDOWS\system32\digest.dll - ok

18:49:14.0203 1680 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll

18:49:14.0203 1680 C:\WINDOWS\system32\eappcfg.dll - ok

18:49:14.0218 1680 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll

18:49:14.0218 1680 C:\WINDOWS\system32\regapi.dll - ok

18:49:14.0218 1680 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll

18:49:14.0218 1680 C:\WINDOWS\system32\dhcpcsvc.dll - ok

18:49:14.0234 1680 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll

18:49:14.0234 1680 C:\WINDOWS\system32\eventlog.dll - ok

18:49:14.0234 1680 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe

18:49:14.0234 1680 C:\WINDOWS\system32\spoolsv.exe - ok

18:49:14.0250 1680 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll

18:49:14.0250 1680 C:\WINDOWS\system32\wdigest.dll - ok

18:49:14.0250 1680 [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll

18:49:14.0250 1680 C:\WINDOWS\system32\WudfSvc.dll - ok

18:49:14.0265 1680 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

18:49:14.0265 1680 C:\WINDOWS\system32\basesrv.dll - ok

18:49:14.0265 1680 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll

18:49:14.0265 1680 C:\WINDOWS\system32\cryptsvc.dll - ok

18:49:14.0281 1680 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll

18:49:14.0281 1680 C:\WINDOWS\system32\dnsrslvr.dll - ok

18:49:14.0281 1680 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll

18:49:14.0281 1680 C:\WINDOWS\system32\onex.dll - ok

18:49:14.0296 1680 [ 258CACA1DAADE43978E2ECC9BDC94E1C ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe

18:49:14.0296 1680 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok

18:49:14.0296 1680 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll

18:49:14.0296 1680 C:\WINDOWS\system32\dpcdll.dll - ok

18:49:14.0312 1680 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll

18:49:14.0312 1680 C:\WINDOWS\system32\msv1_0.dll - ok

18:49:14.0312 1680 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll

18:49:14.0312 1680 C:\WINDOWS\system32\msprivs.dll - ok

18:49:14.0328 1680 [ AE9543F20FCC1E7BCAA13051CC076147 ] C:\WINDOWS\system32\olethk32.dll

18:49:14.0328 1680 C:\WINDOWS\system32\olethk32.dll - ok

18:49:14.0328 1680 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

18:49:14.0328 1680 C:\WINDOWS\system32\services.exe - ok

18:49:14.0343 1680 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll

18:49:14.0343 1680 C:\WINDOWS\system32\webclnt.dll - ok

18:49:14.0343 1680 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll

18:49:14.0343 1680 C:\WINDOWS\system32\wlnotify.dll - ok

18:49:14.0359 1680 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll

18:49:14.0359 1680 C:\WINDOWS\system32\ntmarta.dll - ok

18:49:14.0359 1680 [ FA1B9CAE64B23C950DA3D96ABBF23BD0 ] C:\WINDOWS\system32\olecli32.dll

18:49:14.0359 1680 C:\WINDOWS\system32\olecli32.dll - ok

18:49:14.0375 1680 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll

18:49:14.0375 1680 C:\WINDOWS\system32\spoolss.dll - ok

18:49:14.0375 1680 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll

18:49:14.0375 1680 C:\WINDOWS\system32\credui.dll - ok

18:49:14.0390 1680 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll

18:49:14.0390 1680 C:\WINDOWS\system32\dot3api.dll - ok

18:49:14.0390 1680 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll

18:49:14.0390 1680 C:\WINDOWS\system32\rasapi32.dll - ok

18:49:14.0390 1680 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll

18:49:14.0390 1680 C:\WINDOWS\system32\raschap.dll - ok

18:49:14.0406 1680 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll

18:49:14.0406 1680 C:\WINDOWS\system32\srvsvc.dll - ok

18:49:14.0406 1680 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll

18:49:14.0406 1680 C:\WINDOWS\system32\winscard.dll - ok

18:49:14.0421 1680 [ CE9B98EE57685CF61ABAEF078BA0C704 ] C:\WINDOWS\system32\hpzll5mu.dll

18:49:14.0421 1680 C:\WINDOWS\system32\hpzll5mu.dll - ok

18:49:14.0421 1680 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll

18:49:14.0421 1680 C:\WINDOWS\system32\pjlmon.dll - ok

18:49:14.0437 1680 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll

18:49:14.0437 1680 C:\WINDOWS\system32\tapi32.dll - ok

18:49:14.0437 1680 [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll

18:49:14.0437 1680 C:\WINDOWS\system32\kernel32.dll - ok

18:49:14.0453 1680 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll

18:49:14.0453 1680 C:\WINDOWS\system32\winmm.dll - ok

18:49:14.0453 1680 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll

18:49:14.0453 1680 C:\WINDOWS\system32\advapi32.dll - ok

18:49:14.0468 1680 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll

18:49:14.0468 1680 C:\WINDOWS\system32\rpcrt4.dll - ok

18:49:14.0468 1680 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll

18:49:14.0468 1680 C:\WINDOWS\system32\secur32.dll - ok

18:49:14.0484 1680 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll

18:49:14.0484 1680 C:\WINDOWS\system32\gdi32.dll - ok

18:49:14.0484 1680 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll

18:49:14.0484 1680 C:\WINDOWS\system32\user32.dll - ok

18:49:14.0500 1680 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll

18:49:14.0500 1680 C:\WINDOWS\system32\comdlg32.dll - ok

18:49:14.0500 1680 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll

18:49:14.0500 1680 C:\WINDOWS\system32\comctl32.dll - ok

18:49:14.0515 1680 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll

18:49:14.0515 1680 C:\WINDOWS\system32\shell32.dll - ok

18:49:14.0515 1680 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll

18:49:14.0515 1680 C:\WINDOWS\system32\msvcrt.dll - ok

18:49:14.0531 1680 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll

18:49:14.0531 1680 C:\WINDOWS\system32\shlwapi.dll - ok

18:49:14.0531 1680 [ DA5B96A293B006572209E5EAC9F3A045 ] C:\WINDOWS\system32\wininet.dll

18:49:14.0531 1680 C:\WINDOWS\system32\wininet.dll - ok

18:49:14.0546 1680 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll

18:49:14.0546 1680 C:\WINDOWS\system32\normaliz.dll - ok

18:49:14.0546 1680 [ A9D17E2AFAB5EB5C4920D8E07505D3CA ] C:\WINDOWS\system32\urlmon.dll

18:49:14.0546 1680 C:\WINDOWS\system32\urlmon.dll - ok

18:49:14.0562 1680 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll

18:49:14.0562 1680 C:\WINDOWS\system32\ole32.dll - ok

18:49:14.0562 1680 [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll

18:49:14.0562 1680 C:\WINDOWS\system32\oleaut32.dll - ok

18:49:14.0578 1680 [ BD485DBD15FFA3286A75906E4C4DD914 ] C:\WINDOWS\system32\iertutil.dll

18:49:14.0578 1680 C:\WINDOWS\system32\iertutil.dll - ok

18:49:14.0578 1680 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll

18:49:14.0578 1680 C:\WINDOWS\system32\imm32.dll - ok

18:49:14.0593 1680 [ 012DF358CEBAA23ACB26D82077820817 ] C:\WINDOWS\system32\lpk.dll

18:49:14.0593 1680 C:\WINDOWS\system32\lpk.dll - ok

18:49:14.0593 1680 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll

18:49:14.0593 1680 C:\WINDOWS\system32\shimeng.dll - ok

18:49:14.0609 1680 [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll

18:49:14.0609 1680 C:\WINDOWS\system32\usp10.dll - ok

18:49:14.0609 1680 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-

Link to post
Share on other sites

Part 2:

Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

18:49:14.0609 1680 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok

18:49:14.0625 1680 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll

18:49:14.0625 1680 C:\WINDOWS\system32\msctf.dll - ok

18:49:14.0625 1680 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll

18:49:14.0625 1680 C:\WINDOWS\system32\uxtheme.dll - ok

18:49:14.0640 1680 [ 471B0231BDDFDDA6F8C448B0D70B365C ] C:\WINDOWS\system32\SynTPFcs.dll

18:49:14.0640 1680 C:\WINDOWS\system32\SynTPFcs.dll - ok

18:49:14.0640 1680 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll

18:49:14.0640 1680 C:\WINDOWS\system32\version.dll - ok

18:49:14.0656 1680 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe

18:49:14.0656 1680 C:\WINDOWS\explorer.exe - ok

18:49:14.0656 1680 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll

18:49:14.0656 1680 C:\WINDOWS\system32\apphelp.dll - ok

18:49:14.0656 1680 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll

18:49:14.0671 1680 C:\WINDOWS\system32\browseui.dll - ok

18:49:14.0671 1680 [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll

18:49:14.0671 1680 C:\WINDOWS\system32\shdocvw.dll - ok

18:49:14.0671 1680 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll

18:49:14.0671 1680 C:\WINDOWS\system32\crypt32.dll - ok

18:49:14.0687 1680 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll

18:49:14.0687 1680 C:\WINDOWS\system32\cryptui.dll - ok

18:49:14.0687 1680 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll

18:49:14.0687 1680 C:\WINDOWS\system32\msasn1.dll - ok

18:49:14.0703 1680 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll

18:49:14.0703 1680 C:\WINDOWS\system32\netapi32.dll - ok

18:49:14.0703 1680 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll

18:49:14.0703 1680 C:\WINDOWS\system32\wintrust.dll - ok

18:49:14.0718 1680 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll

18:49:14.0718 1680 C:\WINDOWS\system32\imagehlp.dll - ok

18:49:14.0718 1680 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll

18:49:14.0718 1680 C:\WINDOWS\system32\wldap32.dll - ok

18:49:14.0734 1680 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll

18:49:14.0734 1680 C:\WINDOWS\AppPatch\acgenral.dll - ok

18:49:14.0734 1680 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll

18:49:14.0734 1680 C:\WINDOWS\system32\msacm32.dll - ok

18:49:14.0750 1680 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll

18:49:14.0750 1680 C:\WINDOWS\system32\userenv.dll - ok

18:49:14.0750 1680 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll

18:49:14.0750 1680 C:\WINDOWS\system32\riched20.dll - ok

18:49:14.0765 1680 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll

18:49:14.0765 1680 C:\WINDOWS\system32\rpcss.dll - ok

18:49:14.0765 1680 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll

18:49:14.0765 1680 C:\WINDOWS\system32\clbcatq.dll - ok

18:49:14.0781 1680 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll

18:49:14.0781 1680 C:\WINDOWS\system32\comres.dll - ok

18:49:14.0781 1680 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll

18:49:14.0781 1680 C:\WINDOWS\system32\cscui.dll - ok

18:49:14.0796 1680 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll

18:49:14.0796 1680 C:\WINDOWS\system32\cscdll.dll - ok

18:49:14.0796 1680 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll

18:49:14.0796 1680 C:\WINDOWS\system32\themeui.dll - ok

18:49:14.0812 1680 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll

18:49:14.0812 1680 C:\WINDOWS\system32\msimg32.dll - ok

18:49:14.0812 1680 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe

18:49:14.0812 1680 C:\WINDOWS\system32\winlogon.exe - ok

18:49:14.0828 1680 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll

18:49:14.0828 1680 C:\WINDOWS\system32\xpsp2res.dll - ok

18:49:14.0828 1680 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll

18:49:14.0828 1680 C:\WINDOWS\system32\actxprxy.dll - ok

18:49:14.0843 1680 [ E11457C66FDD966EE415FBBC6D9BE643 ] C:\WINDOWS\system32\msimtf.dll

18:49:14.0843 1680 C:\WINDOWS\system32\msimtf.dll - ok

18:49:14.0843 1680 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll

18:49:14.0843 1680 C:\WINDOWS\system32\mpr.dll - ok

18:49:14.0859 1680 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll

18:49:14.0859 1680 C:\WINDOWS\system32\msi.dll - ok

18:49:14.0859 1680 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll

18:49:14.0859 1680 C:\WINDOWS\system32\atl.dll - ok

18:49:14.0875 1680 [ A2180B455AE266D66F38634DE018E7CE ] C:\WINDOWS\system32\ieframe.dll

18:49:14.0875 1680 C:\WINDOWS\system32\ieframe.dll - ok

18:49:14.0875 1680 [ A0AC3841DC595B5D86AB9E5016A0E36A ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

18:49:14.0875 1680 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok

18:49:14.0890 1680 [ AB349998E551DE1C0DCC5AD63CE41D31 ] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

18:49:14.0890 1680 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe - ok

18:49:14.0890 1680 [ 42344DDF30337979216EA6AFA58BB42A ] C:\WINDOWS\system32\hkcmd.exe

18:49:14.0890 1680 C:\WINDOWS\system32\hkcmd.exe - ok

18:49:14.0906 1680 [ 4B10675852FE8862521024778E264D5F ] C:\WINDOWS\system32\igfxpers.exe

18:49:14.0906 1680 C:\WINDOWS\system32\igfxpers.exe - ok

18:49:14.0906 1680 [ 5D8ADFC63002FD8D5F5F663CBFFDD78B ] C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe

18:49:14.0906 1680 C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe - ok

18:49:14.0921 1680 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll

18:49:14.0921 1680 C:\WINDOWS\system32\rsaenh.dll - ok

18:49:14.0921 1680 [ 0E3605A5E7C23F1139C5C448E1EAF494 ] C:\WINDOWS\system32\shimgvw.dll

18:49:14.0921 1680 C:\WINDOWS\system32\shimgvw.dll - ok

18:49:14.0937 1680 [ D0AAAE16BA162DD89D646887F1539855 ] C:\WINDOWS\system32\gdiplus.dll

18:49:14.0937 1680 C:\WINDOWS\system32\gdiplus.dll - ok

18:49:14.0937 1680 [ 85FE43A44239E406D7BB9513569D4D00 ] C:\WINDOWS\system32\mshtml.dll

18:49:14.0937 1680 C:\WINDOWS\system32\mshtml.dll - ok

18:49:14.0953 1680 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll

18:49:14.0953 1680 C:\WINDOWS\system32\iphlpapi.dll - ok

18:49:14.0953 1680 [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] C:\WINDOWS\system32\msls31.dll

18:49:14.0953 1680 C:\WINDOWS\system32\msls31.dll - ok

18:49:14.0968 1680 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll

18:49:14.0968 1680 C:\WINDOWS\system32\psapi.dll - ok

18:49:14.0968 1680 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll

18:49:14.0968 1680 C:\WINDOWS\system32\mprapi.dll - ok

18:49:14.0984 1680 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll

18:49:14.0984 1680 C:\WINDOWS\system32\netman.dll - ok

18:49:14.0984 1680 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll

18:49:14.0984 1680 C:\WINDOWS\system32\ws2help.dll - ok

18:49:15.0000 1680 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll

18:49:15.0000 1680 C:\WINDOWS\system32\ws2_32.dll - ok

18:49:15.0000 1680 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll

18:49:15.0000 1680 C:\WINDOWS\system32\activeds.dll - ok

18:49:15.0015 1680 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll

18:49:15.0015 1680 C:\WINDOWS\system32\adsldpc.dll - ok

18:49:15.0015 1680 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll

18:49:15.0015 1680 C:\WINDOWS\system32\rtutils.dll - ok

18:49:15.0031 1680 [ 3EA40C03BB20A68F5F49798296112EF9 ] C:\WINDOWS\system32\hccutils.dll

18:49:15.0031 1680 C:\WINDOWS\system32\hccutils.dll - ok

18:49:15.0031 1680 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll

18:49:15.0031 1680 C:\WINDOWS\system32\samlib.dll - ok

18:49:15.0046 1680 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll

18:49:15.0046 1680 C:\WINDOWS\system32\setupapi.dll - ok

18:49:15.0046 1680 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe

18:49:15.0046 1680 C:\WINDOWS\system32\logonui.exe - ok

18:49:15.0062 1680 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll

18:49:15.0062 1680 C:\WINDOWS\system32\duser.dll - ok

18:49:15.0062 1680 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll

18:49:15.0062 1680 C:\WINDOWS\system32\oleacc.dll - ok

18:49:15.0078 1680 [ 99F59B3392AD68F08BB528791F5D880D ] C:\WINDOWS\system32\oleaccrc.dll

18:49:15.0078 1680 C:\WINDOWS\system32\oleaccrc.dll - ok

18:49:15.0078 1680 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll

18:49:15.0078 1680 C:\WINDOWS\system32\shgina.dll - ok

18:49:15.0093 1680 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll

18:49:15.0093 1680 C:\WINDOWS\system32\winsta.dll - ok

18:49:15.0093 1680 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll

18:49:15.0093 1680 C:\WINDOWS\system32\wsock32.dll - ok

18:49:15.0109 1680 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll

18:49:15.0109 1680 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok

18:49:15.0125 1680 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll

18:49:15.0125 1680 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok

18:49:15.0125 1680 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll

18:49:15.0125 1680 C:\WINDOWS\system32\authz.dll - ok

18:49:15.0140 1680 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll

18:49:15.0140 1680 C:\WINDOWS\system32\msxml3.dll - ok

18:49:15.0140 1680 [ EC3985A65F9CE1BA25C72B5CD00530E3 ] C:\WINDOWS\system32\SynCOM.dll

18:49:15.0140 1680 C:\WINDOWS\system32\SynCOM.dll - ok

18:49:15.0140 1680 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe

18:49:15.0140 1680 C:\WINDOWS\system32\userinit.exe - ok

18:49:15.0156 1680 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll

18:49:15.0156 1680 C:\WINDOWS\system32\wtsapi32.dll - ok

18:49:15.0156 1680 [ 572334E13E0D4C8A2986CCA2A736DCE5 ] C:\WINDOWS\system32\msxml3r.dll

18:49:15.0156 1680 C:\WINDOWS\system32\msxml3r.dll - ok

18:49:15.0171 1680 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll

18:49:15.0171 1680 C:\WINDOWS\system32\sensapi.dll - ok

18:49:15.0171 1680 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll

18:49:15.0171 1680 C:\WINDOWS\system32\sxs.dll - ok

18:49:15.0187 1680 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll

18:49:15.0187 1680 C:\WINDOWS\system32\msvcp60.dll - ok

18:49:15.0187 1680 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll

18:49:15.0187 1680 C:\WINDOWS\system32\ntdsapi.dll - ok

18:49:15.0203 1680 [ E365ABAA34D50987B33E02E53AEC30B4 ] C:\Program Files\AVG\AVG2013\avgnsx.exe

18:49:15.0203 1680 C:\Program Files\AVG\AVG2013\avgnsx.exe - ok

18:49:15.0203 1680 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll

18:49:15.0203 1680 C:\WINDOWS\system32\dnsapi.dll - ok

18:49:15.0218 1680 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll

18:49:15.0218 1680 C:\WINDOWS\system32\wbem\wbemprox.dll - ok

18:49:15.0218 1680 [ 477A47C10C4B2E79DD52D74BAA9ED716 ] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

18:49:15.0218 1680 C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe - ok

18:49:15.0234 1680 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] C:\WINDOWS\system32\HPZinw12.dll

18:49:15.0234 1680 C:\WINDOWS\system32\HPZinw12.dll - ok

18:49:15.0234 1680 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll

18:49:15.0234 1680 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok

18:49:15.0250 1680 [ 172BE63FE4CCB653446687BFB97E61C9 ] C:\PROGRA~1\AVG\AVG2013\avgchjwx.dll

18:49:15.0250 1680 C:\PROGRA~1\AVG\AVG2013\avgchjwx.dll - ok

18:49:15.0250 1680 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll

18:49:15.0250 1680 C:\WINDOWS\system32\cfgmgr32.dll - ok

18:49:15.0265 1680 [ 6D2EDE5CC51FF35004BD07E9EF3E1996 ] C:\PROGRA~1\AVG\AVG2013\avgcclix.dll

18:49:15.0265 1680 C:\PROGRA~1\AVG\AVG2013\avgcclix.dll - ok

18:49:15.0265 1680 [ 53B18D940D7155C49D507F076AF43554 ] C:\Program Files\AVG\AVG2013\avgcsrvx.exe

18:49:15.0265 1680 C:\Program Files\AVG\AVG2013\avgcsrvx.exe - ok

18:49:15.0281 1680 [ 32DFEEF66057184481ECC3C6116CE895 ] C:\Program Files\AVG\AVG2013\avgcertx.dll

18:49:15.0281 1680 C:\Program Files\AVG\AVG2013\avgcertx.dll - ok

18:49:15.0281 1680 [ 2E967B05E5D1EF57632819BDC54F19B1 ] C:\Program Files\AVG\AVG2013\avgchclx.dll

18:49:15.0281 1680 C:\Program Files\AVG\AVG2013\avgchclx.dll - ok

18:49:15.0296 1680 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys

18:49:15.0296 1680 C:\WINDOWS\system32\drivers\wmilib.sys - ok

18:49:15.0296 1680 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys

18:49:15.0296 1680 C:\WINDOWS\system32\drivers\atapi.sys - ok

18:49:15.0312 1680 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys

18:49:15.0312 1680 C:\WINDOWS\system32\drivers\dxapi.sys - ok

18:49:15.0312 1680 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys

18:49:15.0312 1680 C:\WINDOWS\system32\watchdog.sys - ok

18:49:15.0328 1680 [ 860AC2E4711D2DACF12D98A42105A611 ] C:\WINDOWS\system32\win32k.sys

18:49:15.0328 1680 C:\WINDOWS\system32\win32k.sys - ok

18:49:15.0328 1680 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys

18:49:15.0328 1680 C:\WINDOWS\system32\drivers\dxg.sys - ok

18:49:15.0343 1680 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys

18:49:15.0343 1680 C:\WINDOWS\system32\drivers\dxgthk.sys - ok

18:49:15.0343 1680 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime

18:49:15.0343 1680 C:\WINDOWS\system32\msctfime.ime - ok

18:49:15.0359 1680 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv

18:49:15.0359 1680 C:\WINDOWS\system32\winspool.drv - ok

18:49:15.0359 1680 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys

18:49:15.0359 1680 C:\WINDOWS\system32\drivers\ndisuio.sys - ok

18:49:15.0375 1680 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll

18:49:15.0375 1680 C:\WINDOWS\system32\mlang.dll - ok

18:49:15.0375 1680 [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll

18:49:15.0375 1680 C:\WINDOWS\system32\xmlprovi.dll - ok

18:49:15.0390 1680 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys

18:49:15.0390 1680 C:\WINDOWS\system32\drivers\mrxdav.sys - ok

18:49:15.0390 1680 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv

18:49:15.0390 1680 C:\WINDOWS\system32\wdmaud.drv - ok

18:49:15.0406 1680 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys

18:49:15.0406 1680 C:\WINDOWS\system32\drivers\wdmaud.sys - ok

18:49:15.0406 1680 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys

18:49:15.0406 1680 C:\WINDOWS\system32\drivers\sysaudio.sys - ok

18:49:15.0421 1680 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys

18:49:15.0421 1680 C:\WINDOWS\system32\drivers\splitter.sys - ok

18:49:15.0421 1680 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys

18:49:15.0421 1680 C:\WINDOWS\system32\drivers\aec.sys - ok

18:49:15.0437 1680 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys

18:49:15.0437 1680 C:\WINDOWS\system32\drivers\swmidi.sys - ok

18:49:15.0437 1680 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys

18:49:15.0437 1680 C:\WINDOWS\system32\drivers\dmusic.sys - ok

18:49:15.0453 1680 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys

18:49:15.0453 1680 C:\WINDOWS\system32\drivers\kmixer.sys - ok

18:49:15.0453 1680 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys

18:49:15.0453 1680 C:\WINDOWS\system32\drivers\drmkaud.sys - ok

18:49:15.0468 1680 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv

18:49:15.0468 1680 C:\WINDOWS\system32\msacm32.drv - ok

18:49:15.0468 1680 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl

18:49:15.0468 1680 C:\WINDOWS\system32\desk.cpl - ok

18:49:15.0484 1680 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe

18:49:15.0484 1680 C:\WINDOWS\system32\cmd.exe - ok

18:49:15.0484 1680 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys

18:49:15.0484 1680 C:\WINDOWS\system32\drivers\srv.sys - ok

18:49:15.0500 1680 [ 5BB01B9F582259D1FB7653C5C1DA3653 ] C:\WINDOWS\system32\drivers\mcstrm.sys

18:49:15.0500 1680 C:\WINDOWS\system32\drivers\mcstrm.sys - ok

18:49:15.0500 1680 [ 3C318B9CD391371BED62126581EE9961 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys

18:49:15.0500 1680 C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok

18:49:15.0515 1680 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll

18:49:15.0515 1680 C:\WINDOWS\system32\cryptnet.dll - ok

18:49:15.0515 1680 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll

18:49:15.0515 1680 C:\WINDOWS\system32\winhttp.dll - ok

18:49:15.0531 1680 [ C46049174399ECA9ECC37ADEB0B5C24D ] C:\WINDOWS\system32\E_FLM9FA.DLL

18:49:15.0531 1680 C:\WINDOWS\system32\E_FLM9FA.DLL - ok

18:49:15.0531 1680 [ B226F8A4D780ACDF76145B58BB791D5B ] C:\WINDOWS\system32\drivers\symlcbrd.sys

18:49:15.0531 1680 C:\WINDOWS\system32\drivers\symlcbrd.sys - ok

18:49:15.0546 1680 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll

18:49:15.0546 1680 C:\WINDOWS\system32\termsrv.dll - ok

18:49:15.0546 1680 [ 3199A477F0F06EEDE41BD55179F8EB05 ] C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

18:49:15.0546 1680 C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe - ok

18:49:15.0562 1680 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll

18:49:15.0562 1680 C:\WINDOWS\system32\icaapi.dll - ok

18:49:15.0562 1680 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll

18:49:15.0562 1680 C:\WINDOWS\system32\mstlsapi.dll - ok

18:49:15.0578 1680 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll

18:49:15.0578 1680 C:\WINDOWS\system32\trkwks.dll - ok

18:49:15.0578 1680 [ 6AE0A4978225CC6656D45504D6D78D0A ] C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe

18:49:15.0578 1680 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe - ok

18:49:15.0593 1680 [ 09EBC00530CC3493DF55219D0DA5E03A ] C:\WINDOWS\system32\drivers\Wibukey.sys

18:49:15.0593 1680 C:\WINDOWS\system32\drivers\Wibukey.sys - ok

18:49:15.0593 1680 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll

18:49:15.0593 1680 C:\WINDOWS\system32\wbem\wmisvc.dll - ok

18:49:15.0609 1680 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll

18:49:15.0609 1680 C:\WINDOWS\system32\vssapi.dll - ok

18:49:15.0609 1680 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll

18:49:15.0609 1680 C:\WINDOWS\system32\wuauserv.dll - ok

18:49:15.0625 1680 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll

18:49:15.0625 1680 C:\WINDOWS\system32\browser.dll - ok

18:49:15.0625 1680 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll

18:49:15.0625 1680 C:\WINDOWS\system32\wuaueng.dll - ok

18:49:15.0640 1680 [ BCB03BB209495439BCBF94CFF9B6707B ] C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

18:49:15.0640 1680 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe - ok

18:49:15.0640 1680 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll

18:49:15.0640 1680 C:\WINDOWS\system32\cabinet.dll - ok

18:49:15.0656 1680 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll

18:49:15.0656 1680 C:\WINDOWS\system32\mspatcha.dll - ok

18:49:15.0656 1680 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll

18:49:15.0656 1680 C:\WINDOWS\system32\wups.dll - ok

18:49:15.0656 1680 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll

18:49:15.0656 1680 C:\WINDOWS\system32\wups2.dll - ok

18:49:15.0671 1680 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll

18:49:15.0671 1680 C:\WINDOWS\system32\ipnathlp.dll - ok

18:49:15.0671 1680 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll

18:49:15.0671 1680 C:\WINDOWS\system32\comsvcs.dll - ok

18:49:15.0687 1680 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll

18:49:15.0687 1680 C:\WINDOWS\system32\colbact.dll - ok

18:49:15.0687 1680 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll

18:49:15.0687 1680 C:\WINDOWS\system32\mtxclu.dll - ok

18:49:15.0703 1680 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll

18:49:15.0703 1680 C:\WINDOWS\system32\clusapi.dll - ok

18:49:15.0703 1680 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll

18:49:15.0703 1680 C:\WINDOWS\system32\resutils.dll - ok

18:49:15.0718 1680 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll

18:49:15.0718 1680 C:\WINDOWS\system32\wbem\wbemcore.dll - ok

18:49:15.0718 1680 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll

18:49:15.0718 1680 C:\WINDOWS\system32\wbem\esscli.dll - ok

18:49:15.0734 1680 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll

18:49:15.0734 1680 C:\WINDOWS\system32\wbem\fastprox.dll - ok

18:49:15.0734 1680 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll

18:49:15.0734 1680 C:\WINDOWS\system32\wscsvc.dll - ok

18:49:15.0750 1680 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll

18:49:15.0750 1680 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok

18:49:15.0750 1680 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll

18:49:15.0750 1680 C:\WINDOWS\system32\wbem\wmiutils.dll - ok

18:49:15.0765 1680 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll

18:49:15.0765 1680 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok

18:49:15.0765 1680 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe

18:49:15.0765 1680 C:\WINDOWS\system32\wuauclt.exe - ok

18:49:15.0781 1680 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll

18:49:15.0781 1680 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok

18:49:15.0781 1680 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll

18:49:15.0781 1680 C:\WINDOWS\system32\wbem\wbemess.dll - ok

18:49:15.0796 1680 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll

18:49:15.0796 1680 C:\WINDOWS\system32\wuapi.dll - ok

18:49:15.0796 1680 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll

18:49:15.0796 1680 C:\WINDOWS\system32\wbem\ncprov.dll - ok

18:49:15.0812 1680 [ 047CD344AC7B76BA3C224FAE1A4627C9 ] C:\WINDOWS\system32\WgaTray.exe

18:49:15.0812 1680 C:\WINDOWS\system32\WgaTray.exe - ok

18:49:15.0812 1680 [ E058C4821D48E0A67F6069CB50818D44 ] C:\WINDOWS\system32\LegitCheckControl.dll

18:49:15.0812 1680 C:\WINDOWS\system32\LegitCheckControl.dll - ok

18:49:15.0828 1680 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe

18:49:15.0828 1680 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok

18:49:15.0828 1680 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll

18:49:15.0828 1680 C:\WINDOWS\system32\licwmi.dll - ok

18:49:15.0843 1680 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll

18:49:15.0843 1680 C:\WINDOWS\system32\wbem\framedyn.dll - ok

18:49:15.0843 1680 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll

18:49:15.0843 1680 C:\WINDOWS\system32\licdll.dll - ok

18:49:15.0859 1680 [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll

18:49:15.0859 1680 C:\WINDOWS\system32\msxml6.dll - ok

18:49:15.0859 1680 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll

18:49:15.0859 1680 C:\WINDOWS\system32\wbem\cimwin32.dll - ok

18:49:15.0875 1680 [ C68153ECC557A0C841D976543E493EF6 ] C:\Program Files\AVG\AVG2013\avgxpl.dll

18:49:15.0875 1680 C:\Program Files\AVG\AVG2013\avgxpl.dll - ok

18:49:15.0875 1680 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll

18:49:15.0875 1680 C:\WINDOWS\system32\security.dll - ok

18:49:15.0890 1680 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll

18:49:15.0890 1680 C:\WINDOWS\system32\wbem\wmipcima.dll - ok

18:49:15.0890 1680 [ F92E1076C42FCD6DB3D72D8CFE9816D5 ] C:\WINDOWS\system32\wscntfy.exe

18:49:15.0890 1680 C:\WINDOWS\system32\wscntfy.exe - ok

18:49:15.0906 1680 [ C88C65DF1ED4DFD34CFBD11CDFE519A3 ] C:\WINDOWS\system32\wucltui.dll

18:49:15.0906 1680 C:\WINDOWS\system32\wucltui.dll - ok

18:49:15.0906 1680 [ C31DD4CEC06D2908AE5F212A0B13805B ] C:\WINDOWS\system32\wuaucpl.cpl

18:49:15.0906 1680 C:\WINDOWS\system32\wuaucpl.cpl - ok

18:49:15.0921 1680 [ BBDFDBEAD1B7A1CFD44BFFFD177FB627 ] C:\WINDOWS\system32\mucltui.dll

18:49:15.0921 1680 C:\WINDOWS\system32\mucltui.dll - ok

18:49:15.0921 1680 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll

18:49:15.0921 1680 C:\WINDOWS\system32\wbem\wbemcons.dll - ok

18:49:15.0937 1680 [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

18:49:15.0937 1680 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll - ok

18:49:15.0937 1680 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll

18:49:15.0937 1680 C:\WINDOWS\system32\shfolder.dll - ok

18:49:15.0953 1680 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe

18:49:15.0953 1680 C:\WINDOWS\system32\alg.exe - ok

18:49:15.0953 1680 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll

18:49:15.0953 1680 C:\WINDOWS\system32\netcfgx.dll - ok

18:49:15.0968 1680 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll

18:49:15.0968 1680 C:\WINDOWS\system32\tapisrv.dll - ok

18:49:15.0968 1680 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll

18:49:15.0968 1680 C:\WINDOWS\system32\rasmans.dll - ok

18:49:15.0984 1680 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll

18:49:15.0984 1680 C:\WINDOWS\system32\rastapi.dll - ok

18:49:15.0984 1680 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp

18:49:15.0984 1680 C:\WINDOWS\system32\unimdm.tsp - ok

18:49:16.0000 1680 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll

18:49:16.0000 1680 C:\WINDOWS\system32\uniplat.dll - ok

18:49:16.0000 1680 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll

18:49:16.0000 1680 C:\WINDOWS\system32\unimdmat.dll - ok

18:49:16.0015 1680 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll

18:49:16.0015 1680 C:\WINDOWS\system32\modemui.dll - ok

18:49:16.0015 1680 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp

18:49:16.0015 1680 C:\WINDOWS\system32\kmddsp.tsp - ok

18:49:16.0031 1680 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp

18:49:16.0031 1680 C:\WINDOWS\system32\ndptsp.tsp - ok

18:49:16.0031 1680 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp

18:49:16.0031 1680 C:\WINDOWS\system32\ipconf.tsp - ok

18:49:16.0046 1680 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp

18:49:16.0046 1680 C:\WINDOWS\system32\h323.tsp - ok

18:49:16.0046 1680 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp

18:49:16.0046 1680 C:\WINDOWS\system32\hidphone.tsp - ok

18:49:16.0062 1680 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll

18:49:16.0062 1680 C:\WINDOWS\system32\rasppp.dll - ok

18:49:16.0062 1680 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll

18:49:16.0062 1680 C:\WINDOWS\system32\ntlsapi.dll - ok

18:49:16.0078 1680 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll

18:49:16.0078 1680 C:\WINDOWS\system32\rasqec.dll - ok

18:49:16.0078 1680 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] C:\WINDOWS\system32\rasauto.dll

18:49:16.0078 1680 C:\WINDOWS\system32\rasauto.dll - ok

18:49:16.0093 1680 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys

18:49:16.0093 1680 C:\WINDOWS\system32\drivers\http.sys - ok

18:49:16.0093 1680 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll

18:49:16.0093 1680 C:\WINDOWS\system32\icmp.dll - ok

18:49:16.0109 1680 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll

18:49:16.0109 1680 C:\WINDOWS\system32\ssdpsrv.dll - ok

18:49:16.0109 1680 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] C:\WINDOWS\system32\upnphost.dll

18:49:16.0109 1680 C:\WINDOWS\system32\upnphost.dll - ok

18:49:16.0125 1680 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll

18:49:16.0125 1680 C:\WINDOWS\system32\ssdpapi.dll - ok

18:49:16.0125 1680 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll

18:49:16.0125 1680 C:\WINDOWS\system32\rasdlg.dll - ok

18:49:16.0140 1680 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll

18:49:16.0140 1680 C:\WINDOWS\system32\upnp.dll - ok

18:49:16.0140 1680 [ ADC90EBBE2823C23A0406ACD3D6E9312 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

18:49:16.0140 1680 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL - ok

18:49:16.0156 1680 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll

18:49:16.0156 1680 C:\WINDOWS\system32\httpapi.dll - ok

18:49:16.0156 1680 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll

18:49:16.0156 1680 C:\WINDOWS\system32\w3ssl.dll - ok

18:49:16.0171 1680 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll

18:49:16.0171 1680 C:\WINDOWS\system32\strmfilt.dll - ok

18:49:16.0171 1680 [ 68F6725B4A59E16C04B3F3AC514D6724 ] C:\Program Files\AVG\AVG2013\fixcfg.exe

18:49:16.0171 1680 C:\Program Files\AVG\AVG2013\fixcfg.exe - ok

18:49:16.0187 1680 [ 5378AD5A54C074EBA41B7D97FC96D63F ] C:\Program Files\AVG\AVG2013\avgadvisorx.dll

18:49:16.0187 1680 C:\Program Files\AVG\AVG2013\avgadvisorx.dll - ok

18:49:16.0187 1680 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll

18:49:16.0187 1680 C:\WINDOWS\system32\snmpapi.dll - ok

18:49:16.0203 1680 [ 9EEFE69139FDBB4A3C327630F8EB993A ] C:\WINDOWS\system32\wlanapi.dll

18:49:16.0203 1680 C:\WINDOWS\system32\wlanapi.dll - ok

18:49:16.0203 1680 [ 63E8D944AFBEEBB243F25C4ED07E74C5 ] C:\WINDOWS\system32\inetmib1.dll

18:49:16.0203 1680 C:\WINDOWS\system32\inetmib1.dll - ok

18:49:16.0203 1680 [ E69A7AD873CAF58D3A39DD8B0DB94724 ] C:\Program Files\AVG\AVG2013\avgcslx.dll

18:49:16.0218 1680 C:\Program Files\AVG\AVG2013\avgcslx.dll - ok

18:49:16.0218 1680 [ C72CE5B8E86F4A0FDB4853747932C771 ] C:\Program Files\AVG\AVG2013\avgcmgr.exe

18:49:16.0218 1680 C:\Program Files\AVG\AVG2013\avgcmgr.exe - ok

18:49:16.0218 1680 [ AABE9126CDC962E0DDF8867B9982F32D ] C:\Program Files\AVG\AVG2013\avgdiagex.exe

18:49:16.0218 1680 C:\Program Files\AVG\AVG2013\avgdiagex.exe - ok

18:49:16.0234 1680 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll

18:49:16.0234 1680 C:\WINDOWS\system32\pdh.dll - ok

18:49:16.0234 1680 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll

18:49:16.0234 1680 C:\WINDOWS\system32\odbcbcp.dll - ok

18:49:16.0250 1680 [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\User\LOCALS~1\Temp\546806CD-BA9C-4DAC-B85C-999140F80C33.exe

18:49:16.0250 1680 C:\DOCUME~1\User\LOCALS~1\Temp\546806CD-BA9C-4DAC-B85C-999140F80C33.exe - ok

18:49:16.0265 1680 [ 963B374F969C356DE08F73F0940383D8 ] C:\Program Files\HPQ\Default Settings\Cpqset.exe

18:49:16.0265 1680 C:\Program Files\HPQ\Default Settings\Cpqset.exe - ok

18:49:16.0265 1680 [ FD81EF75770D341CE00485C9CBA09F6B ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE

18:49:16.0265 1680 C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE - ok

18:49:16.0281 1680 [ 55D7A219AD8D0DB8980528944152A6FD ] C:\Program Files\QuickTime\QTTask.exe

18:49:16.0281 1680 C:\Program Files\QuickTime\QTTask.exe - ok

18:49:16.0281 1680 [ FB9E5C251CF6C37749F296BACB34A69B ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

18:49:16.0281 1680 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok

18:49:16.0296 1680 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll

18:49:16.0296 1680 C:\WINDOWS\system32\ntshrui.dll - ok

18:49:16.0296 1680 [ 51F3C4FBEEF66CEBA7ABE43F4F5C1B69 ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

18:49:16.0296 1680 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe - ok

18:49:16.0312 1680 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll

18:49:16.0312 1680 C:\WINDOWS\system32\linkinfo.dll - ok

18:49:16.0312 1680 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

18:49:16.0312 1680 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

18:49:16.0328 1680 [ BA92C496F08D78F7DB263A20C36AA546 ] C:\Program Files\AVG\AVG2013\avgui.exe

18:49:16.0328 1680 C:\Program Files\AVG\AVG2013\avgui.exe - ok

18:49:16.0328 1680 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll

18:49:16.0328 1680 C:\WINDOWS\system32\webcheck.dll - ok

18:49:16.0343 1680 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll

18:49:16.0343 1680 C:\WINDOWS\system32\stobject.dll - ok

18:49:16.0343 1680 [ 6C4B5DFA3C8706D3FEC335701B058FA3 ] C:\Program Files\AVG SafeGuard toolbar\vprot.exe

18:49:16.0343 1680 C:\Program Files\AVG SafeGuard toolbar\vprot.exe - ok

18:49:16.0359 1680 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll

18:49:16.0359 1680 C:\WINDOWS\system32\batmeter.dll - ok

18:49:16.0359 1680 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll

18:49:16.0359 1680 C:\WINDOWS\system32\WPDShServiceObj.dll - ok

18:49:16.0375 1680 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\WINDOWS\system32\mfc100u.dll

18:49:16.0375 1680 C:\WINDOWS\system32\mfc100u.dll - ok

18:49:16.0375 1680 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\79629390.sys

18:49:16.0375 1680 C:\WINDOWS\system32\drivers\79629390.sys - ok

18:49:16.0390 1680 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe

18:49:16.0390 1680 C:\WINDOWS\system32\imapi.exe - ok

18:49:16.0390 1680 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll

18:49:16.0390 1680 C:\WINDOWS\system32\mydocs.dll - ok

18:49:16.0390 1680 [ F771EE80948971858BEEF36839C24E65 ] C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll

18:49:16.0390 1680 C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll - ok

18:49:16.0406 1680 [ 476A0876C16D2CC3F5A46697CF37BEE7 ] C:\WINDOWS\system32\igfxsrvc.exe

18:49:16.0406 1680 C:\WINDOWS\system32\igfxsrvc.exe - ok

18:49:16.0406 1680 [ 5515EB5E3A8B073F66CFC697EB0D4B55 ] C:\Program Files\Microsoft ActiveSync\wcescomm.exe

18:49:16.0406 1680 C:\Program Files\Microsoft ActiveSync\wcescomm.exe - ok

18:49:16.0421 1680 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll

18:49:16.0421 1680 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok

18:49:16.0421 1680 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll

18:49:16.0421 1680 C:\WINDOWS\system32\PortableDeviceApi.dll - ok

18:49:16.0437 1680 [ C98EF7E083579C0D588D0E909F48A90A ] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

18:49:16.0437 1680 C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe - ok

18:49:16.0437 1680 [ 10B2D7031DAAB302DB4D7C00D20BD205 ] C:\WINDOWS\system32\SynTPAPI.dll

18:49:16.0437 1680 C:\WINDOWS\system32\SynTPAPI.dll - ok

18:49:16.0453 1680 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\WINDOWS\system32\mfc100enu.dll

18:49:16.0453 1680 C:\WINDOWS\system32\mfc100enu.dll - ok

18:49:16.0453 1680 [ F02A533F517EB38333CB12A9E8963773 ] C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

18:49:16.0453 1680 C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe - ok

18:49:16.0468 1680 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe

18:49:16.0468 1680 C:\WINDOWS\system32\ctfmon.exe - ok

18:49:16.0468 1680 [ 2DCB5ABE60984701AF96A76B6749148A ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe

18:49:16.0468 1680 C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok

18:49:16.0484 1680 [ BBF25E7C3ABF30348F13180ED22B6744 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FASR9FA.DLL

18:49:16.0484 1680 C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FASR9FA.DLL - ok

18:49:16.0500 1680 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll

18:49:16.0500 1680 C:\WINDOWS\system32\msutb.dll - ok

18:49:16.0500 1680 [ 9BB7B70D35A073C419005E1B74CD184D ] C:\Program Files\AVG\AVG2013\avgkrnlapix.dll

18:49:16.0500 1680 C:\Program Files\AVG\AVG2013\avgkrnlapix.dll - ok

18:49:16.0515 1680 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll

18:49:16.0515 1680 C:\WINDOWS\system32\msisip.dll - ok

18:49:16.0515 1680 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll

18:49:16.0515 1680 C:\WINDOWS\system32\wshext.dll - ok

18:49:16.0515 1680 [ 43CCB246B3D0C385E54F14B04DF96E9F ] C:\WINDOWS\system32\ceutil.dll

18:49:16.0515 1680 C:\WINDOWS\system32\ceutil.dll - ok

18:49:16.0531 1680 [ 40FA2F035ED88108850757CA51DAD942 ] C:\PROGRA~1\MICROS~4\OFFICE11\MCPS.DLL

18:49:16.0531 1680 C:\PROGRA~1\MICROS~4\OFFICE11\MCPS.DLL - ok

18:49:16.0531 1680 [ B12C853961947ED89B9437966C7507B4 ] C:\WINDOWS\system32\rapi.dll

18:49:16.0531 1680 C:\WINDOWS\system32\rapi.dll - ok

18:49:16.0546 1680 [ DB0AA3706292AF63B46C7084BECCB8C7 ] C:\Program Files\Microsoft ActiveSync\tcp2udp.dll

18:49:16.0546 1680 C:\Program Files\Microsoft ActiveSync\tcp2udp.dll - ok

18:49:16.0546 1680 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll

18:49:16.0546 1680 C:\WINDOWS\ime\sptip.dll - ok

18:49:16.0562 1680 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.135\goopdate.dll

18:49:16.0562 1680 C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.135\goopdate.dll - ok

18:49:16.0578 1680 [ 7BD0254F77EF11110BB75A3E11536971 ] C:\Ross-Tech\VCDS\VCDS.EXE

18:49:16.0578 1680 C:\Ross-Tech\VCDS\VCDS.EXE - ok

18:49:16.0578 1680 [ 058710B720282CA82B909912D3EF28DB ] C:\WINDOWS\regedit.exe

18:49:16.0578 1680 C:\WINDOWS\regedit.exe - ok

18:49:16.0593 1680 [ C5DCF85E964F6E4D13AE3BCBB5400567 ] C:\Program Files\AVG SafeGuard toolbar\14.0.0.14\AVG SafeGuard toolbar_toolbar.dll

18:49:16.0593 1680 C:\Program Files\AVG SafeGuard toolbar\14.0.0.14\AVG SafeGuard toolbar_toolbar.dll - ok

18:49:16.0593 1680 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll

18:49:16.0593 1680 C:\WINDOWS\system32\dbghelp.dll - ok

18:49:16.0609 1680 [ 841A401331B3EC5C5662517FFFD3EA12 ] C:\WINDOWS\system32\igfxsrvc.dll

18:49:16.0609 1680 C:\WINDOWS\system32\igfxsrvc.dll - ok

18:49:16.0609 1680 [ BFC2A40FE739C453F5D02B7EEF41CA28 ] C:\WINDOWS\system32\igfxdev.dll

18:49:16.0609 1680 C:\WINDOWS\system32\igfxdev.dll - ok

18:49:16.0625 1680 [ 98E53CA00D3C0A2E9FAA4E59C101AEBA ] C:\WINDOWS\system32\mslbui.dll

18:49:16.0625 1680 C:\WINDOWS\system32\mslbui.dll - ok

18:49:16.0625 1680 [ 9EED448E2C6306BFD8B2B19063FC21A1 ] C:\Program Files\AVG\AVG2013\avgidpmx.dll

18:49:16.0625 1680 C:\Program Files\AVG\AVG2013\avgidpmx.dll - ok

18:49:16.0640 1680 [ 84E54181481B72144672AF9C044DAC7B ] C:\WINDOWS\system32\igfxres.dll

18:49:16.0640 1680 C:\WINDOWS\system32\igfxres.dll - ok

18:49:16.0640 1680 [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe

18:49:16.0640 1680 C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok

18:49:16.0640 1680 [ 96A0066AB9872D3575575A463C53FF6C ] C:\WINDOWS\system32\aclui.dll

18:49:16.0640 1680 C:\WINDOWS\system32\aclui.dll - ok

18:49:16.0656 1680 [ 7D4A768DEA3DC643CBB65222D5B1377B ] C:\PROGRA~1\MI3AA1~1\rapimgr.exe

18:49:16.0656 1680 C:\PROGRA~1\MI3AA1~1\rapimgr.exe - ok

18:49:16.0656 1680 [ 751068D5D0ECD64A4810379729A1F0BC ] C:\WINDOWS\system32\ulib.dll

18:49:16.0656 1680 C:\WINDOWS\system32\ulib.dll - ok

18:49:16.0671 1680 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll

18:49:16.0671 1680 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok

18:49:16.0671 1680 [ 9904AD0B0AE628483A300A872DC9E0C0 ] C:\Ross-Tech\VCDS\RT-USB.dll

18:49:16.0671 1680 C:\Ross-Tech\VCDS\RT-USB.dll - ok

18:49:16.0687 1680 [ 37461F2C3F212CF508A20FDC729ABDE5 ] C:\WINDOWS\system32\clb.dll

18:49:16.0687 1680 C:\WINDOWS\system32\clb.dll - ok

18:49:16.0703 1680 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll

18:49:16.0703 1680 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok

18:49:16.0703 1680 [ C9F53508462A124D91E6E54FA850AE8D ] C:\Program Files\HPQ\Quick Launch Buttons\cpqinfo.dll

18:49:16.0703 1680 C:\Program Files\HPQ\Quick Launch Buttons\cpqinfo.dll - ok

18:49:16.0718 1680 [ 8CF645D02C215AAE3574CE94046090DE ] C:\Program Files\HPQ\Quick Launch Buttons\EabInst.dll

18:49:16.0718 1680 C:\Program Files\HPQ\Quick Launch Buttons\EabInst.dll - ok

18:49:16.0718 1680 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleCrashHandler.exe

18:49:16.0718 1680 C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok

18:49:16.0734 1680 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll

18:49:16.0734 1680 C:\WINDOWS\system32\riched32.dll - ok

18:49:16.0734 1680 [ 7460D7EED8A97FD7603B254C9F1EC354 ] C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\SiteSafety.dll

18:49:16.0734 1680 C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\SiteSafety.dll - ok

18:49:16.0750 1680 [ 2FEF21EEE9934BB10165AA02E530183C ] C:\Program Files\AVG\AVG2013\avglngx.dll

18:49:16.0750 1680 C:\Program Files\AVG\AVG2013\avglngx.dll - ok

18:49:16.0750 1680 [ E6F9143B9607A682ED439900AA99D586 ] C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\14.0.1\avgdttbx.dll

18:49:16.0750 1680 C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\14.0.1\avgdttbx.dll - ok

18:49:16.0765 1680 [ 6C1F256696FDB4CCBB46048C206ECEB7 ] C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll

18:49:16.0765 1680 C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll - ok

18:49:16.0765 1680 [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINDOWS\system32\wbem\wmiprov.dll

18:49:16.0765 1680 C:\WINDOWS\system32\wbem\wmiprov.dll - ok

18:49:16.0781 1680 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll

18:49:16.0781 1680 C:\WINDOWS\system32\mstask.dll - ok

18:49:16.0781 1680 [ 532F1D7F6F40019E1DC56A2470EC6EE2 ] C:\Program Files\Microsoft ActiveSync\dtptdns.dll

18:49:16.0781 1680 C:\Program Files\Microsoft ActiveSync\dtptdns.dll - ok

18:49:16.0796 1680 [ ECE9B82C7696AD211F9BD64E41DF598B ] C:\Program Files\AVG\AVG2013\avguires.dll

18:49:16.0796 1680 C:\Program Files\AVG\AVG2013\avguires.dll - ok

18:49:16.0796 1680 [ 730E90935150048A4E5F392FCDD49DA3 ] C:\Program Files\AVG\AVG2013\avgapps.dll

18:49:16.0796 1680 C:\Program Files\AVG\AVG2013\avgapps.dll - ok

18:49:16.0812 1680 ============================================================

18:49:16.0812 1680 Scan finished

18:49:16.0812 1680 ============================================================

18:49:16.0937 0996 Detected object count: 15

18:49:16.0937 0996 Actual detected object count: 15

18:50:03.0093 0996 BTWUSB ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0093 0996 BTWUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0093 0996 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0093 0996 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0093 0996 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0093 0996 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0093 0996 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0093 0996 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0093 0996 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0093 0996 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0093 0996 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0093 0996 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0109 0996 MCSTRM ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0109 0996 MCSTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0109 0996 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0109 0996 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0109 0996 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0109 0996 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0109 0996 pnetmdm ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0109 0996 pnetmdm ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0109 0996 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0109 0996 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0109 0996 usbsermpt ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0109 0996 usbsermpt ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0125 0996 wceusbsh ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0125 0996 wceusbsh ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0125 0996 WIBUKEY ( UnsignedFile.Multi.Generic ) - skipped by user

18:50:03.0125 0996 WIBUKEY ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:50:03.0609 0996 \Device\Harddisk0\DR0\# - copied to quarantine

18:50:03.0609 0996 \Device\Harddisk0\DR0 - copied to quarantine

18:50:03.0640 0996 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot

18:50:03.0734 0996 \Device\Harddisk0\DR0 - ok

18:50:03.0734 0996 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure

18:50:15.0656 2764 Deinitialize success

Link to post
Share on other sites

And this is the smaller log:

18:38:58.0015 5832 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

18:38:59.0312 5832 ============================================================

18:38:59.0312 5832 Current date / time: 2013/04/17 18:38:59.0312

18:38:59.0312 5832 SystemInfo:

18:38:59.0312 5832

18:38:59.0312 5832 OS Version: 5.1.2600 ServicePack: 3.0

18:38:59.0312 5832 Product type: Workstation

18:38:59.0312 5832 ComputerName: YOUR-4105E587B6

18:38:59.0312 5832 UserName: User

18:38:59.0312 5832 Windows directory: C:\WINDOWS

18:38:59.0312 5832 System windows directory: C:\WINDOWS

18:38:59.0312 5832 Processor architecture: Intel x86

18:38:59.0312 5832 Number of processors: 1

18:38:59.0312 5832 Page size: 0x1000

18:38:59.0312 5832 Boot type: Normal boot

18:38:59.0312 5832 ============================================================

18:39:01.0343 5832 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

18:39:01.0343 5832 ============================================================

18:39:01.0343 5832 \Device\Harddisk0\DR0:

18:39:01.0343 5832 MBR partitions:

18:39:01.0343 5832 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x5EC24AA

18:39:01.0343 5832 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x5EC24E9, BlocksNum 0xF03AD4

18:39:01.0343 5832 ============================================================

18:39:01.0390 5832 C: <-> \Device\Harddisk0\DR0\Partition1

18:39:01.0406 5832 D: <-> \Device\Harddisk0\DR0\Partition2

18:39:01.0406 5832 ============================================================

18:39:01.0406 5832 Initialize success

18:39:01.0406 5832 ============================================================

18:39:48.0484 2444 Deinitialize success

Link to post
Share on other sites

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

ComboFix 13-04-18.03 - User 04/18/2013 18:38:09.1.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1614 [GMT -4:00]

Running from: c:\documents and settings\User\Desktop\ComboFix.exe

AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\arepo.pad

c:\documents and settings\User\g2mdlhlpx.exe

c:\documents and settings\User\WINDOWS

c:\windows\system32\_000111_.tmp.dll

c:\windows\system32\drivers\etc\hosts.ics

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\fusion.dll

c:\windows\system32\URTTemp\mscoree.dll

c:\windows\system32\URTTemp\mscorsn.dll

c:\windows\system32\URTTemp\mscorwks.dll

c:\windows\system32\URTTemp\msvcr71.dll

c:\windows\wininit.ini

D:\Autorun.inf

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_xcpip

-------\Service_xpsec

.

.

((((((((((((((((((((((((( Files Created from 2013-03-18 to 2013-04-18 )))))))))))))))))))))))))))))))

.

.

2013-04-17 22:50 . 2013-04-17 22:50 -------- d-----w- C:\TDSSKiller_Quarantine

2013-04-17 00:30 . 2013-04-17 00:30 -------- d-----w- c:\program files\Common Files\TiVo Shared

2013-04-12 13:56 . 2013-04-12 13:56 -------- d-----w- c:\windows\ERUNT

2013-04-12 13:55 . 2013-04-12 13:55 -------- d-----w- C:\JRT

2013-04-11 00:15 . 2013-04-11 00:41 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-03-21 21:10 . 2013-03-21 21:10 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\AVG SafeGuard toolbar

2013-03-21 20:59 . 2013-03-21 20:59 -------- d-----w- c:\documents and settings\User\Application Data\AVG SafeGuard toolbar

2013-03-21 20:59 . 2013-03-21 20:59 31576 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2013-03-21 20:59 . 2013-03-21 20:59 -------- d-----w- c:\program files\Common Files\AVG Secure Search

2013-03-21 20:59 . 2013-04-03 00:15 -------- d-----w- c:\program files\AVG SafeGuard toolbar

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-04-04 18:50 . 2010-07-22 22:02 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-13 21:35 . 2013-02-24 04:10 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-13 21:35 . 2011-06-30 01:23 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-08 08:36 . 2004-08-04 08:00 293376 ----a-w- c:\windows\system32\winsrv.dll

2013-03-07 01:28 . 2004-08-04 08:00 2193408 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-07 00:50 . 2004-08-04 08:00 2070016 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-02 02:06 . 2004-08-04 08:00 916480 ----a-w- c:\windows\system32\wininet.dll

2013-03-02 02:06 . 2004-08-04 08:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2013-03-02 02:06 . 2004-08-04 08:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2013-03-02 01:25 . 2004-08-04 08:00 1867264 ----a-w- c:\windows\system32\win32k.sys

2013-03-02 01:08 . 2004-08-04 08:00 385024 ----a-w- c:\windows\system32\html.iec

2013-03-01 14:32 . 2011-12-23 17:32 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys

2013-02-27 07:56 . 2004-08-04 08:00 2067456 ----a-w- c:\windows\system32\mstscax.dll

2013-02-27 03:40 . 2011-12-23 17:32 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2013-02-14 07:52 . 2011-02-10 11:54 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2013-02-12 00:32 . 2008-08-30 03:43 12928 ------w- c:\windows\system32\drivers\usb8023x.sys

2013-02-12 00:32 . 2004-08-04 08:00 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-02-08 08:37 . 2011-03-01 18:25 96568 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2013-02-08 08:37 . 2012-09-21 08:46 245048 ----a-w- c:\windows\system32\drivers\avglogx.sys

2013-02-08 08:37 . 2012-04-19 08:50 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys

2013-02-08 08:37 . 2011-01-07 10:41 170808 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2013-02-08 08:37 . 2011-01-19 08:32 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2013-01-26 03:55 . 2004-08-04 08:00 552448 ----a-w- c:\windows\system32\oleaut32.dll

2008-06-25 01:29 . 2008-06-25 01:28 3337917 ----a-w- c:\program files\alltowma_converter.exe

2008-06-25 00:02 . 2008-06-25 00:02 3182285 ----a-w- c:\program files\mp3wavplus.exe

2007-11-26 04:24 . 2007-11-26 04:23 25755448 ----a-w- c:\program files\wmp11-windowsxp-x86-enu.exe

2006-09-21 21:09 . 2006-09-21 21:09 905216 ----a-w- c:\program files\iview398.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688]

"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 98394]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 688218]

"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2005-12-07 409600]

"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2004-11-05 233534]

"EPSON Stylus Photo R320 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE" [2004-04-26 98304]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-03-13 4394032]

"vProt"="c:\program files\AVG SafeGuard toolbar\vprot.exe" [2013-03-21 1101488]

.

c:\documents and settings\User\Start Menu\Programs\Startup\

RT-Updater.lnk - c:\ross-tech\VCDS\VCDS.EXE [2013-1-2 1265816]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, UzfalmaHbist.dll

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk

backup=c:\windows\pss\HP Photosmart Premier Fast Start.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2007-10-15 02:17 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]

2007-08-22 21:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2009-11-11 04:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecGuard]

2005-10-11 18:23 1187840 ------w- c:\windows\SMINST\Recguard.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"=

"c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"=

"c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"8097:TCP"= 8097:TCP:EarthLink UHP Modem Support

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"3389:TCP"= 3389:TCP:Remote Desktop

"65533:TCP"= 65533:TCP:Services

"52344:TCP"= 52344:TCP:Services

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [4/19/2012 4:50 AM 60216]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [9/21/2012 4:46 AM 245048]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [1/19/2011 4:32 AM 39224]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [12/23/2011 1:32 PM 208184]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [12/23/2011 1:32 PM 22328]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [1/7/2011 6:41 AM 170808]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2/10/2011 7:54 AM 182072]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [3/21/2013 4:59 PM 31576]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [2/19/2013 4:02 AM 282624]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [1/23/2012 12:43 AM 92592]

R2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [3/21/2013 4:59 PM 945328]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [2/27/2013 11:42 PM 4937264]

S3 BW2NDIS5;BW2NDIS5;c:\windows\system32\Drivers\BW2NDIS5.sys --> c:\windows\system32\Drivers\BW2NDIS5.sys [?]

S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [4/10/2013 8:15 PM 35144]

S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [12/19/2007 9:04 PM 42112]

S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [12/10/2009 5:43 PM 9472]

S3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB.SYS [12/22/2011 4:09 PM 59464]

S3 swg3kser00;Sierra Wireless QMI USB Device for Legacy Serial Communication;c:\windows\system32\drivers\swg3kser00.sys [8/7/2012 8:20 AM 215552]

S3 swiwdmbx;Sierra Wireless USB Bus Service;c:\windows\system32\drivers\swiwdmbx.sys [8/7/2012 8:20 AM 83968]

S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [8/7/2012 8:20 AM 208128]

S3 yzs2y.sys;yzs2y.sys;\??\c:\windows\system32\drivers\yzs2y.sys --> c:\windows\system32\drivers\yzs2y.sys [?]

S4 spywarebot;spywarebot;c:\windows\system32\DRIVERS\spywarebot.sys --> c:\windows\system32\DRIVERS\spywarebot.sys [?]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2013-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-24 21:35]

.

2013-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1840662052-3274334844-2783040890-1006Core.job

- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-03-16 01:55]

.

2013-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1840662052-3274334844-2783040890-1006UA.job

- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-03-16 01:55]

.

2013-04-18 c:\windows\Tasks\ParetoLogic Registration.job

- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2012-10-26 22:00]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

IE: EarthLink Google Search - c:\program files\EarthLink TotalAccess\Toolbar\SearchUI.dll/search.html

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS REMOVED - - - -

.

HKCU-Run-OM2_Monitor - c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe

SafeBoot-47918997.sys

SafeBoot-71817499.sys

SafeBoot-svcWRSSSDK

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe

MSConfigStartUp-CTFMON - (no file)

MSConfigStartUp-hpWirelessAssistant - c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

MSConfigStartUp-StrgSync - c:\program files\StorageSync\StrgSync.exe

MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.5.0_06\bin\jusched.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-04-18 18:48

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????3?3?4?8??p???? ?,?B?????????????hLC? ??????

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(4060)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\mshtml.dll

c:\windows\system32\msls31.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe

c:\progra~1\MI3AA1~1\rapimgr.exe

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Completion time: 2013-04-18 18:52:58 - machine was rebooted

ComboFix-quarantined-files.txt 2013-04-18 22:52

.

Pre-Run: 12,648,128,512 bytes free

Post-Run: 12,774,305,792 bytes free

.

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

.

- - End Of File - - DF1BD15C0717A536E5B9B11D577D3E35

Link to post
Share on other sites

Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 2

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • ESET Online Scanner log

Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.8.5 (04.17.2013:1)

OS: Microsoft Windows XP x86

Ran by User on Fri 04/19/2013 at 16:02:23.89

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Fri 04/19/2013 at 16:08:26.15

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ESET log to follow (most likely on Sunday when I have several hours to let it run)

Thank You!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.