Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

StartNow and AnswerWorks


  • This topic is locked This topic is locked
19 replies to this topic

#1 Quevvy

Quevvy

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 23 December 2012 - 09:41 PM

(This is a different computer than my previous post.)

The problems I know about are StartNow search thing and some AnswerWorks thing that we did not want. But here are my logs. Also, when I first tried to run DDS, it crashed and the computer restarted. Then, I tried running it again with no other programs up and it crashed and restarted, but this time, the computer had to do a disk check. Then I tried to run eTrust antivirus (all it found were open errors), which took nearly 2 days until I prematurely terminated that program. Then I waited a day and ran it today and it worked. Anyways, here are the logs:




DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.4.1
Run by Tom at 20:07:29 on 2012-12-23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1201 [GMT -6:00]
.
FW: Norton Internet Worm Protection *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe
C:\WINDOWS\ehome\McrdSvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\DISC\DISCover.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppt.exe
C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe
C:\Program Files\Seagate\BlackArmorBackup\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\eHome\ehRec.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PAVILION&pf=desktop
uDefault_Search_URL = hxxp://www.google.com/ie
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uProxyOverride = 127.0.0.1;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - c:\program files\startnow toolbar\Toolbar32.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: hpWebHelper Class: {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - c:\program files\google\chrome\application\23.0.1271.97\npchrome_frame.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - c:\program files\startnow toolbar\Toolbar32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Aim6] <no file>
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [DMAScheduler] "c:\program files\hp digitalmedia archive\DMAScheduler.exe"
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [PCDrProfiler] <no file>
StartupFolder: c:\docume~1\tom\startm~1\programs\startup\pinmclnk.lnk - c:\hp\bin\cloaker.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:149
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/kos/eng/partner/us/kavwebscan_unicode.cab
DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - hxxp://www.musicnotes.com/download/mnviewer.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab
DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://btconferencing.webex.com/client/v_mywebex/webex/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5287/mcfscan.cab
TCP: NameServer = 64.233.207.8 64.233.207.9
TCP: Interfaces\{59CD4F91-C08C-40FC-8651-0367F233A068} : DHCPNameServer = 64.233.207.8 64.233.207.9
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome\application\23.0.1271.97\npchrome_frame.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\tom\application data\mozilla\firefox\profiles\rvfht47v.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z170&ocid=zdhp&install_date=20111108
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z170&form=ZGAADF&install_date=20111108&q=
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\tom\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\tom\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\npjpi170_04.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {C3949AC2-4B17-43ee-B4F1-D26B9D42404D} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\tom\application data\Move Networks
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - %profile%\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
.
============= SERVICES / DRIVERS ===============
.
R2 AllShare;SAMSUNG AllShare Service;c:\program files\samsung\samsung pc share manager\WiselinkPro.exe [2010-7-16 6638080]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files\hp\hplaserjetservice\HPLaserJetService.exe [2010-4-12 142336]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2012-2-6 13672]
R2 KodakDigitalDisplayService;KodakDigitalDisplayService;c:\program files\kodak\digital display\orbkodaklauncher\DllStartupService.exe [2009-5-14 98304]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\McrdSvc.exe [2005-10-20 96256]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\common files\seagate\schedule2\schedul2.exe [2009-7-23 617968]
R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;c:\program files\startnow toolbar\ToolbarUpdaterService.exe [2012-6-22 265952]
R3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [2006-8-24 468768]
S0 epstwnt;epstwnt;c:\windows\system32\drivers\epstwnt.mpd [2010-6-23 84480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1ca2e455298b5a2;Google Update Service (gupdate1ca2e455298b5a2);c:\program files\google\update\GoogleUpdate.exe [2009-9-5 133104]
S2 SHARSHTL;Shuttle Sharer;c:\windows\system32\drivers\Sharshtl.sys [2010-6-23 18432]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files\adobe\elements organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 169312]
S3 CXFALCON;Conexant Falcon II NTSC Video Capture;c:\windows\system32\drivers\cxfalcon.sys [2006-8-24 82048]
S3 HPFXBULKLEDM;HPFXBULKLEDM;c:\windows\system32\drivers\hppcbulkio.sys [2011-2-27 20504]
S3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hppcfaxio.sys [2011-2-27 21528]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2008-5-17 22216]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2008-5-17 366152]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 13:38:11 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-14 13:38:11 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35:34 385024 ----a-w- c:\windows\system32\html.iec
2012-10-25 09:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 09:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll
.
============= FINISH: 20:12:23.82 ===============

Edited by Quevvy, 23 December 2012 - 09:47 PM.


BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:47 PM

Posted 24 December 2012 - 01:48 PM

Hello Quevvy,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

  • Finally, please reply using the ADD REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.



1.
Download AdwCleaner
  • Double click on AdwCleaner.exe to run the tool.
    ***Note: Windows Vista and Windows 7 users:
    Right click in the adwCleaner.exe and select
    Posted Image
  • Click the Search button.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your next reply.
  • Or you can find the logfile at C:\AdwCleaner[R1].txt.


2.
Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.


Things to include in your next reply::
AdwCleaner[R1].txt
aswMBR log

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 Quevvy

Quevvy
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 24 December 2012 - 09:03 PM

Also, when trying to run the aswMBR, the computer crashed and restarted twice. The third time actually was able to run and finish.



# AdwCleaner v2.102 - Logfile created 12/24/2012 at 14:28:42
# Updated 23/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Tom - ROY
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Tom\Desktop\Michael's Software\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : Updater Service for StartNow Toolbar

***** [Files / Folders] *****

File Found : C:\Documents and Settings\All Users\Start Menu\Programs\eBay.lnk
File Found : C:\Program Files\Mozilla Firefox\.autoreg
Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\Beth\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\rvfht47v.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Found : HKCU\Software\StartNow Toolbar
Key Found : HKCU\Software\Zugo
Key Found : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Found : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Key Found : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Found : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Found : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Key Found : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\StartNow Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Found : HKLM\Software\StartNow Toolbar
Key Found : HKLM\Software\TENCENT
Key Found : HKLM\Software\Viewpoint
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v3.6.15 (en-US)

File : C:\Documents and Settings\Beth\Application Data\Mozilla\Firefox\Profiles\5vzgif4b.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\rvfht47v.default\prefs.js

Found : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.name", "StartNow Toolbar");
Found : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.startpage", "bdlr.startnow.com");
Found : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.install_folder", "C:\Program Files\StartNow Toolba[...]

File : C:\Documents and Settings\Mike-Pike\Application Data\Mozilla\Firefox\Profiles\bpb3dapw.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Jacqui\Application Data\Mozilla\Firefox\Profiles\qhd2smh1.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Found [l.16] : homepage = "hxxp://search.startnow.com/s/?src=startpage&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channel=&toolbar_id=&toolbar_version=&install_country=&install_date=20120920&user_guid=60349ADBB2EC42BA86848F028D0F19D2&machine_id=adcddd3bbe984123a4cbfab2a2213f6d&browser=CR&os=win&os_version=5.1-x86-SP3",
Found [l.20] : urls_to_restore_on_startup = [ "hxxp://search.startnow.com/s/?src=startpage&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channel=&toolbar_id=&toolbar_version=&install_country=&install_date=20120920&user_guid=60349ADBB2EC42BA86848F028D0F19D2&machine_id=adcddd3bbe984123a4cbfab2a2213f6d&browser=CR&os=win&os_version=5.1-x86-SP3" ]
Found [l.64] : icon_url = "hxxp://www.startnow.com/startnow/images/sn_favicon.ico",
Found [l.67] : keyword = "startnow.com",
Found [l.70] : search_url = "hxxp://search.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channel=&toolbar_id=&toolbar_version=&install_country=&install_date=20120920&user_guid=60349ADBB2EC42BA86848F028D0F19D2&machine_id=adcddd3bbe984123a4cbfab2a2213f6d&browser=CR&os=win&os_version=5.1-x86-SP3",
Found [l.1873] : homepage = "hxxp://search.startnow.com/s/?src=startpage&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channel=&toolbar_id=&toolbar_version=&install_country=&install_date=20120920&user_guid=60349ADBB2EC42BA86848F028D0F19D2&machine_id=adcddd3bbe984123a4cbfab2a2213f6d&browser=CR&os=win&os_version=5.1-x86-SP3",
Found [l.2350] : urls_to_restore_on_startup = [ "hxxp://search.startnow.com/s/?src=startpage&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channel=&toolbar_id=&toolbar_version=&install_country=&install_date=20120920&user_guid=60349ADBB2EC42BA86848F028D0F19D2&machine_id=adcddd3bbe984123a4cbfab2a2213f6d&browser=CR&os=win&os_version=5.1-x86-SP3" ]

File : C:\Documents and Settings\Mike-Pike\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Jacqui\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Tommy\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [7357 octets] - [24/12/2012 14:28:42]

########## EOF - C:\AdwCleaner[R1].txt - [7417 octets] ##########



































aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-24 19:59:45
-----------------------------
19:59:45.343 OS Version: Windows 5.1.2600 Service Pack 3
19:59:45.343 Number of processors: 2 586 0xF06
19:59:45.343 ComputerName: ROY UserName: Tom
19:59:46.734 Initialize success
20:00:39.765 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
20:00:39.765 Disk 0 Vendor: ST325082 3.AH Size: 238475MB BusType: 3
20:00:39.765 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-3
20:00:39.765 Disk 1 Vendor: ST325082 3.AH Size: 238475MB BusType: 3
20:00:39.781 Disk 0 MBR read successfully
20:00:39.781 Disk 0 MBR scan
20:00:39.781 Disk 0 unknown MBR code
20:00:39.781 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 229585 MB offset 63
20:00:39.796 Disk 0 Partition 2 00 0C FAT32 LBA RECOVERY 8879 MB offset 470206485
20:00:39.828 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 2 MB offset 488392065
20:00:39.828 Disk 0 scanning sectors +488397152
20:00:47.312 Disk 0 scanning C:\WINDOWS\system32\drivers
20:00:49.312 Service scanning
20:01:06.968 Modules scanning
20:01:12.140 Disk 0 trace - called modules:
20:01:12.171 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
20:01:12.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89ff1030]
20:01:12.171 3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0x8a401030]
20:01:12.171 Scan finished successfully
20:01:20.968 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Tom\Desktop\Michael's Software\MBR.dat"
20:01:20.968 The log file has been saved successfully to "C:\Documents and Settings\Tom\Desktop\Michael's Software\aswMBR.txt"

#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:47 PM

Posted 25 December 2012 - 02:15 PM

1.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

2.
  • Download ListParts to your Desktop.
  • Double click ListParts.exe to launch the program.
  • Press the Scan button.
  • When finished scanning it will make a log Result.txt on your Desktop.
  • Please post me the contents of the log.

Things to include in your next reply::
AdwCleaner[S1].txt
Result.txt
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 Quevvy

Quevvy
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 27 December 2012 - 03:26 AM

I had forgotten if I had run the AdwCleaner's delete cycle, so I accidentally ran it twice. I have included both logs:

# AdwCleaner v2.102 - Logfile created 12/25/2012 at 13:39:06
# Updated 23/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Tom - ROY
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Tom\Desktop\Michael's Software\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Updater Service for StartNow Toolbar

***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\eBay.lnk
File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Beth\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\rvfht47v.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\StartNow Toolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\Software\StartNow Toolbar
Key Deleted : HKLM\Software\TENCENT
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v3.6.15 (en-US)

File : C:\Documents and Settings\Beth\Application Data\Mozilla\Firefox\Profiles\5vzgif4b.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\rvfht47v.default\prefs.js

Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.name", "StartNow Toolbar");
Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.startpage", "bdlr.startnow.com");
Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.install_folder", "C:\Program Files\StartNow Toolba[...]

File : C:\Documents and Settings\Mike-Pike\Application Data\Mozilla\Firefox\Profiles\bpb3dapw.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Jacqui\Application Data\Mozilla\Firefox\Profiles\qhd2smh1.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.16] : homepage = "hxxp://search.startnow.com/s/?src=startpage&provider=&provider_name=startnow&prov[...]
Deleted [l.20] : urls_to_restore_on_startup = [ "hxxp://search.startnow.com/s/?src=startpage&provider=&prov[...]
Deleted [l.64] : icon_url = "hxxp://www.startnow.com/startnow/images/sn_favicon.ico",
Deleted [l.67] : keyword = "startnow.com",
Deleted [l.70] : search_url = "hxxp://search.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_[...]
Deleted [l.1873] : homepage = "hxxp://search.startnow.com/s/?src=startpage&provider=&provider_name=startnow&provide[...]
Deleted [l.2350] : urls_to_restore_on_startup = [ "hxxp://search.startnow.com/s/?src=startpage&provider=&provide[...]

File : C:\Documents and Settings\Mike-Pike\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Jacqui\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Tommy\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [7486 octets] - [24/12/2012 14:28:42]
AdwCleaner[S1].txt - [6192 octets] - [25/12/2012 13:39:06]

########## EOF - C:\AdwCleaner[S1].txt - [6252 octets] ##########














# AdwCleaner v2.103 - Logfile created 12/27/2012 at 02:12:59
# Updated 25/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Tom - ROY
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Tom\Local Settings\Temporary Internet Files\Content.IE5\K13WG3MW\adwcleaner[1].exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\.TMCONTAINER00000000000000000001
Key Deleted : HKLM\SOFTWARE\Classes\.TMCONTAINER00000000000000000002
Key Deleted : HKLM\SOFTWARE\Classes\3C4D0481E4EEA26071889C1C2F0CD661
Key Deleted : HKLM\SOFTWARE\Classes\C95D4EAEBA86CACFADD88C616B964512
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{18D10072035C4515918F7E37EAFAACFC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v3.6.15 (en-US)

File : C:\Documents and Settings\Beth\Application Data\Mozilla\Firefox\Profiles\5vzgif4b.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\rvfht47v.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Mike-Pike\Application Data\Mozilla\Firefox\Profiles\bpb3dapw.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Jacqui\Application Data\Mozilla\Firefox\Profiles\qhd2smh1.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.16] : homepage = "hxxp://search.startnow.com/s/?src=startpage&provider=&provider_name=startnow&prov[...]
Deleted [l.20] : urls_to_restore_on_startup = [ "hxxp://search.startnow.com/s/?src=startpage&provider=&prov[...]
Deleted [l.64] : icon_url = "hxxp://www.startnow.com/startnow/images/sn_favicon.ico",
Deleted [l.67] : keyword = "startnow.com",
Deleted [l.70] : search_url = "hxxp://search.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_[...]
Deleted [l.1873] : homepage = "hxxp://search.startnow.com/s/?src=startpage&provider=&provider_name=startnow&provide[...]
Deleted [l.2350] : urls_to_restore_on_startup = [ "hxxp://search.startnow.com/s/?src=startpage&provider=&provide[...]

File : C:\Documents and Settings\Mike-Pike\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Jacqui\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Tommy\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [7486 octets] - [24/12/2012 14:28:42]
AdwCleaner[S1].txt - [6321 octets] - [25/12/2012 13:39:06]
AdwCleaner[S2].txt - [3366 octets] - [27/12/2012 02:12:59]

########## EOF - C:\AdwCleaner[S2].txt - [3426 octets] ##########














ListParts by Farbar Version: 30-10-2012
Ran by Tom (administrator) on 27-12-2012 at 02:24:40
Windows XP (X86)
Running From: C:\Documents and Settings\Tom\Desktop\Michael's Software
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 50%
Total physical RAM: 2046.38 MB
Available physical RAM: 1016.62 MB
Total Pagefile: 3936.94 MB
Available Pagefile: 2752.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 2001.98 MB

======================= Partitions =========================

1 Drive c: (HP_PAVILION) (Fixed) (Total:224.2 GB) (Free:16.26 GB) NTFS ==>[Drive with boot components (Windows XP)]
2 Drive d: () (Fixed) (Total:232.88 GB) (Free:67.69 GB) NTFS
3 Drive e: (HP_RECOVERY) (Fixed) (Total:8.65 GB) (Free:0.42 GB) FAT32 ==>[Drive with boot components (Windows XP)]
10 Drive l: (Expansion Drive) (Fixed) (Total:1397.26 GB) (Free:1253.11 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 233 GB 0 B
Disk 1 Online 233 GB 0 B
Disk 6 Online 1397 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 224 GB 32 KB
Partition 2 Primary 9 GB 224 GB
Partition 3 Unknown 2544 KB 233 GB
======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C HP_PAVILION NTFS Partition 224 GB Healthy System (partition with boot components)
======================================================================================================

Disk: 0
Partition 2
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E HP_RECOVERY FAT32 Partition 9 GB Healthy
======================================================================================================

Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.
======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 233 GB 32 KB
======================================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 D NTFS Partition 233 GB Healthy
======================================================================================================

Partitions of Disk 6:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1397 GB 32 KB
======================================================================================================

Disk: 6
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 9 L Expansion D NTFS Partition 1397 GB Healthy
======================================================================================================

****** End Of Log ******

#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:47 PM

Posted 27 December 2012 - 11:39 PM

1.
  • Click Start and in the Search Programs and files box type Notepad.exe then hit Enter.
  • An empty Notepad file will open.
  • Copy and paste the contents of the code box below into Notepad.

Disk=0 Partition=3 type=07

  • Click Format and ensure Wordwrap is unchecked.
  • Save as Fix.txt to your Desktop (must be in this location).

Next

  • Double click ListParts.exe to launch the program.
  • Press the Fix button.
  • ListParts will process the script in Fix.txt
  • When finished please press the Scan button.
  • A log Result.txt will open on your Desktop.
  • Please post me the contents of the log.


2.
  • 1. Please download OTL from one of the following mirrors:
  • This is THE Mirror
    2. Save it to your desktop.
    3. Double click on the Posted Image icon on your desktop.
    4. Under the Custom Scan box paste this in
    c:\windows\*. /SL
    c:\windows\*. /RP 
    netsvcs
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav 
    %systemroot%\system32\drivers\*.sys /90
    5. Push the Quick Scan button.
    6. Two reports will open, copy and paste them in a reply here:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 Quevvy

Quevvy
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 28 December 2012 - 02:07 AM

The logs were too long to post together, so I'll be listing each separately.

ListParts
OTL
[I guess it put the ListParts and OTL together even though I posted separately]

Extras

Edited by Quevvy, 28 December 2012 - 02:20 AM.


#8 Quevvy

Quevvy
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 28 December 2012 - 02:16 AM

ListParts by Farbar Version: 30-10-2012
Ran by Tom (administrator) on 28-12-2012 at 00:49:19
Windows XP (X86)
Running From: C:\Documents and Settings\Tom\Desktop\Michael's Software
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 48%
Total physical RAM: 2046.38 MB
Available physical RAM: 1058.81 MB
Total Pagefile: 3936.94 MB
Available Pagefile: 2889.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 2001.98 MB

======================= Partitions =========================

1 Drive c: (HP_PAVILION) (Fixed) (Total:224.2 GB) (Free:16.2 GB) NTFS ==>[Drive with boot components (Windows XP)]
2 Drive d: () (Fixed) (Total:232.88 GB) (Free:67.69 GB) NTFS
3 Drive e: (HP_RECOVERY) (Fixed) (Total:8.65 GB) (Free:0.42 GB) FAT32 ==>[Drive with boot components (Windows XP)]
10 Drive l: (Expansion Drive) (Fixed) (Total:1397.26 GB) (Free:1253.09 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 233 GB 0 B
Disk 1 Online 233 GB 0 B
Disk 6 Online 1397 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 224 GB 32 KB
Partition 2 Primary 9 GB 224 GB
Partition 3 Unknown 2544 KB 233 GB
======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C HP_PAVILION NTFS Partition 224 GB Healthy System (partition with boot components)
======================================================================================================

Disk: 0
Partition 2
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E HP_RECOVERY FAT32 Partition 9 GB Healthy
======================================================================================================

Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.
======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 233 GB 32 KB
======================================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 D NTFS Partition 233 GB Healthy
======================================================================================================

Partitions of Disk 6:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1397 GB 32 KB
======================================================================================================

Disk: 6
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 9 L Expansion D NTFS Partition 1397 GB Healthy
======================================================================================================

****** End Of Log ******

OTL logfile created on: 12/28/2012 12:50:12 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Tom\Desktop\Michael's Software
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 51.50% Memory free
3.84 Gb Paging File | 2.83 Gb Available in Paging File | 73.67% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 224.20 Gb Total Space | 16.20 Gb Free Space | 7.23% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 67.69 Gb Free Space | 29.07% Space Free | Partition Type: NTFS
Drive E: | 8.65 Gb Total Space | 0.42 Gb Free Space | 4.83% Space Free | Partition Type: FAT32
Drive L: | 1397.26 Gb Total Space | 1253.09 Gb Free Space | 89.68% Space Free | Partition Type: NTFS

Computer Name: ROY | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/28 00:49:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tom\Desktop\Michael's Software\OTL.exe
PRC - [2012/12/04 19:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012/07/13 11:35:38 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2012/04/04 17:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/02/06 16:25:08 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/02/23 16:11:22 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/07/16 17:23:30 | 006,638,080 | ---- | M] () -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
PRC - [2010/06/09 15:15:34 | 000,417,906 | ---- | M] () -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
PRC - [2010/04/16 11:32:48 | 000,058,936 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
PRC - [2010/04/12 09:13:08 | 000,142,336 | ---- | M] (HP) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2010/03/24 14:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/10/24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/07/23 14:36:58 | 000,963,784 | ---- | M] (Seagate) -- C:\Program Files\Seagate\BlackArmorBackup\TimounterMonitor.exe
PRC - [2009/07/23 14:32:00 | 000,376,272 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
PRC - [2009/07/23 14:31:54 | 000,617,968 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2009/07/23 14:18:04 | 004,352,960 | ---- | M] (Seagate) -- C:\Program Files\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe
PRC - [2009/05/14 12:21:22 | 000,098,304 | R--- | M] (Orb Networks, Inc.) -- C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe
PRC - [2008/12/20 07:50:34 | 002,656,528 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008/12/20 07:46:58 | 000,558,864 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2008/12/16 21:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/30 20:57:56 | 000,075,352 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DiscStreamHub.exe
PRC - [2007/10/30 20:57:54 | 001,095,256 | ---- | M] (Digital Interactive Systems Corporation) -- C:\Program Files\DISC\DISCover.exe
PRC - [2006/07/06 08:15:00 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/07/06 08:14:30 | 000,090,112 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2006/06/01 17:25:00 | 000,180,224 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\ELService.exe
PRC - [2006/04/13 03:05:00 | 000,090,112 | ---- | M] (Sonic Solutions) -- C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
PRC - [2005/09/09 03:24:30 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
PRC - [2005/09/09 01:18:10 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
PRC - [2005/01/10 09:35:16 | 000,073,728 | ---- | M] (Computer Associates International) -- C:\Program Files\PestPatrol\CookiePatrol.exe
PRC - [2004/11/15 11:49:54 | 000,098,304 | ---- | M] (Computer Associates International) -- C:\Program Files\PestPatrol\PPControl.exe
PRC - [2003/04/19 07:53:08 | 000,148,480 | ---- | M] () -- C:\Program Files\PestPatrol\PPMemCheck.exe
PRC - [2003/02/13 10:24:30 | 000,234,976 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\eTrust Antivirus\InoTask.exe
PRC - [2003/02/13 10:24:04 | 000,230,880 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\eTrust Antivirus\InoRT.exe
PRC - [2003/02/13 10:24:00 | 000,144,864 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
PRC - [1998/11/24 01:00:00 | 000,106,496 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPPPT.exe
PRC - [1998/11/24 01:00:00 | 000,043,520 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/04 19:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll
MOD - [2012/12/04 19:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012/12/04 19:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012/12/04 19:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012/12/04 19:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012/12/04 19:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012/12/04 19:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2012/11/19 03:14:27 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ffb303da\mscorlib.dll
MOD - [2012/11/19 03:14:24 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_ab12f5b7\system.drawing.dll
MOD - [2012/11/19 03:14:20 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_8243ded2\system.xml.dll
MOD - [2012/11/19 03:14:17 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_21d543f5\system.windows.forms.dll
MOD - [2012/11/19 03:14:12 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_4b9850ce\system.dll
MOD - [2012/11/19 03:14:04 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2012/11/19 03:14:04 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012/11/19 03:14:02 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2012/11/19 03:10:04 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\d8ca3b9fefcda19eeecd55c239f504ba\System.Management.ni.dll
MOD - [2012/11/19 03:09:28 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\31b7eef43a23e7c6e93594be583f3d08\System.ServiceProcess.ni.dll
MOD - [2012/11/19 03:09:25 | 001,801,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\188d6391f7485a07e1218b5fc4ec2207\System.Deployment.ni.dll
MOD - [2012/11/19 03:09:24 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\709bb78b419d5d5e30f2acfd722abb29\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2012/11/19 03:09:21 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\b809681da85a58046cb39f268b6697ad\System.Web.ni.dll
MOD - [2012/11/19 03:09:12 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7ec47c4afad694faa491abd6b45928a\System.Runtime.Remoting.ni.dll
MOD - [2012/11/19 03:09:03 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\41cac4885974d07de06f0b4fec9883f0\System.Configuration.ni.dll
MOD - [2012/11/19 03:06:49 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d35b50eb6bb7b1bfb6592419d9feba47\System.Xml.ni.dll
MOD - [2012/11/19 03:06:42 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6585a5fcaaa1b49b9a1bd9ca5c5c306e\System.Windows.Forms.ni.dll
MOD - [2012/11/19 03:06:26 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\da4bcb702feb770ce40cf1371b0c4d02\System.Drawing.ni.dll
MOD - [2012/11/19 03:04:28 | 007,977,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\90ad0c96693527ae685ff40019bb33b0\System.ni.dll
MOD - [2012/11/19 03:04:13 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll
MOD - [2012/11/19 03:03:08 | 003,194,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/11/19 03:03:06 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/11/19 03:03:06 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2012/11/19 03:03:01 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/11/19 03:03:01 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/11/19 03:03:00 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2012/11/19 03:02:59 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2012/11/19 03:02:59 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012/11/19 03:02:57 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2012/11/19 03:02:52 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/06/21 02:03:52 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012/02/27 03:19:06 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll
MOD - [2012/02/27 03:15:59 | 000,762,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\01e360ed3a3cb2b0a3c47c7f3eb09e58\System.Runtime.Remoting.ni.dll
MOD - [2012/02/27 03:15:57 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll
MOD - [2012/02/27 03:15:56 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll
MOD - [2012/02/27 03:13:34 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll
MOD - [2012/02/27 03:13:23 | 013,137,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll
MOD - [2012/02/27 03:13:12 | 001,652,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll
MOD - [2012/02/27 03:13:04 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll
MOD - [2012/02/27 03:12:59 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll
MOD - [2012/02/27 03:12:55 | 007,054,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll
MOD - [2012/02/27 03:12:43 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll
MOD - [2012/02/27 03:12:34 | 014,407,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll
MOD - [2011/11/03 09:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/10/14 17:38:00 | 000,456,192 | ---- | M] () -- C:\WINDOWS\system32\encdec.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/10 23:01:52 | 002,236,416 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
MOD - [2011/04/10 23:01:52 | 001,396,736 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
MOD - [2011/04/10 23:01:52 | 000,868,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
MOD - [2011/04/10 23:01:52 | 000,847,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
MOD - [2011/04/10 23:01:52 | 000,782,336 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
MOD - [2011/04/10 23:01:52 | 000,688,128 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2011/04/10 23:01:52 | 000,528,384 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
MOD - [2011/04/10 23:01:52 | 000,462,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
MOD - [2011/04/10 23:01:52 | 000,237,568 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2011/04/10 23:01:52 | 000,155,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
MOD - [2011/04/10 23:01:52 | 000,143,360 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2011/04/10 23:01:51 | 000,471,040 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2011/04/10 23:01:51 | 000,406,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2011/04/10 23:01:51 | 000,356,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2011/04/10 23:01:51 | 000,315,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2011/04/10 23:01:51 | 000,264,192 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2011/04/10 23:01:51 | 000,129,536 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2011/04/10 23:01:51 | 000,090,112 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2011/04/10 23:01:51 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2011/04/10 23:01:51 | 000,052,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2011/04/10 23:01:51 | 000,044,544 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2011/04/10 23:01:51 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2011/04/10 23:01:50 | 011,503,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2011/04/10 23:01:50 | 000,761,856 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
MOD - [2011/04/10 23:01:50 | 000,684,032 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2011/04/10 23:01:50 | 000,339,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2011/04/10 23:01:50 | 000,234,496 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2011/04/10 23:01:50 | 000,171,520 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2011/04/10 23:01:50 | 000,152,576 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2011/04/10 23:01:50 | 000,098,304 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2011/04/10 23:01:50 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2011/04/10 23:01:46 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
MOD - [2011/04/10 23:01:46 | 000,062,464 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2011/01/23 10:34:10 | 000,409,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2011/01/23 10:34:09 | 000,476,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2011/01/23 10:34:09 | 000,046,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2011/01/23 10:34:09 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
MOD - [2011/01/23 10:34:09 | 000,018,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2011/01/23 10:34:09 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
MOD - [2011/01/23 10:34:08 | 000,421,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2011/01/23 10:34:08 | 000,269,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2011/01/23 10:34:08 | 000,120,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2011/01/23 10:34:08 | 000,070,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2011/01/23 10:34:05 | 000,121,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2010/08/25 23:12:26 | 000,555,624 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2010/07/16 17:23:30 | 006,638,080 | ---- | M] () -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
MOD - [2010/06/09 15:15:34 | 000,417,906 | ---- | M] () -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
MOD - [2010/05/13 14:39:40 | 000,131,086 | ---- | M] () -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\swscale-0.dll
MOD - [2010/05/13 14:39:34 | 000,069,134 | ---- | M] () -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\avutil-50.dll
MOD - [2010/05/13 14:39:26 | 004,434,958 | ---- | M] () -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\avcodec-52.dll
MOD - [2010/05/13 14:39:18 | 000,672,782 | ---- | M] () -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\avformat-52.dll
MOD - [2010/04/16 11:29:52 | 000,119,864 | ---- | M] () -- C:\Program Files\HP\ToolBoxFX\bin\NativeUtils.dll
MOD - [2010/03/23 14:37:10 | 000,077,312 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2010/03/18 15:25:15 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2010/03/18 15:25:15 | 000,403,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2010/03/18 15:25:14 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2010/03/18 15:25:13 | 000,419,616 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2010/03/18 15:25:13 | 000,270,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2010/03/18 15:25:13 | 000,121,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2010/03/18 15:25:13 | 000,120,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2010/03/18 15:25:13 | 000,070,432 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2010/03/18 15:25:13 | 000,046,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2010/03/18 15:25:13 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2010/02/04 16:45:02 | 000,335,360 | ---- | M] () -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\PCAutoChapterLib.dll
MOD - [2010/01/20 10:48:46 | 000,057,856 | ---- | M] () -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\lang.dll
MOD - [2009/07/13 15:14:44 | 000,147,456 | ---- | M] () -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\libexpat.dll
MOD - [2009/03/02 20:10:40 | 001,058,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2009/03/02 20:10:39 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2009/03/02 20:10:39 | 000,402,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2009/03/02 20:10:39 | 000,238,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2009/03/02 20:10:39 | 000,047,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2009/03/02 20:10:39 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2009/03/02 20:10:38 | 000,120,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2009/03/02 20:10:38 | 000,072,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2009/03/02 20:10:37 | 000,130,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/03/02 20:07:38 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
MOD - [2009/03/02 20:07:38 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2009/03/02 20:07:37 | 000,458,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll
MOD - [2009/03/02 20:07:37 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll
MOD - [2009/03/02 20:07:37 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll
MOD - [2009/03/02 20:07:36 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll
MOD - [2008/12/20 07:50:34 | 002,656,528 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
MOD - [2008/12/20 07:46:58 | 000,558,864 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/08/24 18:22:14 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2006/08/24 18:22:14 | 000,299,008 | ---- | M] () -- c:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll
MOD - [2006/08/24 18:22:13 | 000,573,440 | ---- | M] () -- c:\windows\assembly\gac\system.web.services\1.0.5000.0__b03f5f7f11d50a3a\system.web.services.dll
MOD - [2005/11/28 11:44:30 | 000,102,400 | ---- | M] () -- C:\WINDOWS\system32\hcwXDS.dll
MOD - [2005/09/09 03:24:30 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
MOD - [2005/08/05 15:01:54 | 000,159,744 | ---- | M] () -- C:\WINDOWS\system32\VBICodec.ax
MOD - [2005/08/05 14:06:50 | 000,165,376 | ---- | M] () -- C:\WINDOWS\system32\mpg2splt.ax
MOD - [2004/05/25 20:36:58 | 000,417,792 | ---- | M] () -- C:\Program Files\Mpeg2Decoder\ac3filter.ax
MOD - [2003/04/19 07:53:08 | 000,148,480 | ---- | M] () -- C:\Program Files\PestPatrol\PPMemCheck.exe
MOD - [2003/01/26 11:07:42 | 000,061,440 | ---- | M] () -- C:\Program Files\PestPatrol\PPServer.dll
MOD - [2003/01/26 11:07:40 | 000,212,992 | ---- | M] () -- C:\Program Files\PestPatrol\PPEngine.dll
MOD - [1998/11/24 01:00:00 | 000,043,520 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)
SRV - [2012/12/14 07:38:13 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/04 17:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/02/06 16:25:08 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/09/16 11:55:50 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/07/16 17:23:30 | 006,638,080 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- (AllShare)
SRV - [2010/04/12 09:13:08 | 000,142,336 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/10/24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/09/06 05:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/07/23 14:31:54 | 000,617,968 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2009/06/04 09:51:46 | 000,066,048 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus®
SRV - [2009/05/14 12:21:22 | 000,098,304 | R--- | M] (Orb Networks, Inc.) [Auto | Running] -- C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe -- (KodakDigitalDisplayService)
SRV - [2008/12/16 21:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2006/07/06 08:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2006/06/01 17:25:00 | 000,180,224 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\ELService.exe -- (ELService)
SRV - [2005/09/09 03:24:30 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor4.0)
SRV - [2003/02/13 10:24:30 | 000,234,976 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\eTrust Antivirus\InoTask.exe -- (InoTask)
SRV - [2003/02/13 10:24:04 | 000,230,880 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\eTrust Antivirus\InoRT.exe -- (InoRT)
SRV - [2003/02/13 10:24:00 | 000,144,864 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\eTrust Antivirus\InoRpc.exe -- (InoRPC)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/10/27 13:58:17 | 000,971,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpm174.sys -- (tdrpman174)
DRV - [2010/10/27 13:58:16 | 000,568,384 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2010/10/27 13:58:00 | 000,134,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snman380.sys -- (snapman380)
DRV - [2010/04/22 16:33:07 | 000,021,528 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hppcfaxio.sys -- (HPFXFAX)
DRV - [2010/04/22 16:33:07 | 000,020,504 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hppcbulkio.sys -- (HPFXBULKLEDM)
DRV - [2008/12/16 21:58:54 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/04/13 12:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2008/02/05 20:21:48 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/02/05 20:21:37 | 004,658,456 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2008/02/05 20:21:25 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/02/05 20:20:40 | 000,628,760 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2006/09/28 20:21:02 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2006/06/14 05:04:12 | 004,299,264 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006/05/09 16:36:44 | 000,009,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ELacpi.sys -- (ELacpi)
DRV - [2006/05/09 16:36:42 | 000,007,040 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Elmon.sys -- (ELmon)
DRV - [2006/05/09 16:36:22 | 000,006,912 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Elkbd.sys -- (ELkbd)
DRV - [2006/05/09 16:36:20 | 000,006,400 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Elmou.sys -- (ELmou)
DRV - [2006/05/09 16:36:18 | 000,010,112 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Elhid.sys -- (ELhid)
DRV - [2006/04/20 08:35:16 | 000,082,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cxfalcon.sys -- (CXFALCON)
DRV - [2006/04/13 10:47:38 | 000,168,064 | ---- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2)
DRV - [2005/12/12 11:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/12/06 05:20:50 | 000,241,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 05:20:40 | 000,936,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2005/10/05 04:44:06 | 000,468,768 | ---- | M] (Liteon Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wn5301.sys -- (WN5301)
DRV - [2005/09/20 10:22:37 | 000,009,344 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - [2004/08/03 08:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004/02/04 10:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV - [2003/01/03 16:12:52 | 000,113,728 | ---- | M] (Computer Associates) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\ino_fltr.sys -- (INO_FLTR)
DRV - [2003/01/03 14:08:14 | 000,019,776 | ---- | M] (Computer Associates) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\ino_flpy.sys -- (INO_FLPY)
DRV - [2001/08/23 13:00:00 | 000,022,400 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbcpHid.sys -- (SbcpHid)
DRV - [1998/10/28 11:49:02 | 000,084,480 | ---- | M] (Shuttle Technology. ) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\epstwnt.mpd -- (epstwnt)
DRV - [1998/08/12 01:41:02 | 000,018,432 | ---- | M] (Shuttle Technology) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Sharshtl.sys -- (SHARSHTL)
DRV - [1997/12/22 19:02:46 | 000,023,936 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {F72A6334-31DE-48C6-BE68-430493258B5E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{F72A6334-31DE-48C6-BE68-430493258B5E}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=1I7GGLL_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?pc=Z170&ocid=zdhp&install_date=20111108"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {5911488E-9D1E-40ec-8CBB-06B231CC153F}:2.4.0
FF - prefs.js..extensions.enabledItems: {C3949AC2-4B17-43ee-B4F1-D26B9D42404D}:15.0.5
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z170&form=ZGAADF&install_date=20111108&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2012/01/24 15:24:51 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Tom\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Tom\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Tom\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/13 11:36:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/13 11:36:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/30 14:32:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/30 14:32:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Documents and Settings\Tom\Application Data\Move Networks [2009/12/03 14:50:21 | 000,000,000 | ---D | M]

[2008/08/28 16:23:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tom\Application Data\Mozilla\Extensions
[2012/12/25 13:39:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\rvfht47v.default\extensions
[2011/02/01 10:45:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\rvfht47v.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/07 22:42:24 | 000,001,945 | ---- | M] () -- C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\rvfht47v.default\searchplugins\bing-zugo.xml
[2012/08/24 23:01:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/20 14:53:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/06 22:11:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/18 22:01:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/19 15:52:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012/07/13 11:36:09 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2009/12/03 14:50:21 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\TOM\APPLICATION DATA\MOVE NETWORKS
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TOM\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\RVFHT47V.DEFAULT\EXTENSIONS\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
[2012/07/13 11:35:47 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

========== Chrome ==========

CHR - homepage: http://google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: getPlusPlus for Adobe 16229 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Tom\Application Data\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Tom\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Google Translate = C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Angry Birds = C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: AdBlock = C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.54_0\
CHR - Extension: Pencil Sketch = C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\khoppfeapecnfbjkbibiljlffnhlpndk\1.0_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.9.9_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\7.0.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2008/05/03 17:42:02 | 000,236,669 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 8286 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (Hewlett-Packard)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome\Application\23.0.1271.97\npchrome_frame.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\BlackArmorBackup\TimounterMonitor.exe (Seagate)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe File not found
O4 - HKLM..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min File not found
O4 - HKLM..\Run: [BlackArmorBackupMonitor.exe] C:\Program Files\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe (Seagate)
O4 - HKLM..\Run: [CookiePatrol] c:\Program Files\PestPatrol\CookiePatrol.exe (Computer Associates International)
O4 - HKLM..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe (Digital Interactive Systems Corporation)
O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)
O4 - HKLM..\Run: [ftutil2] C:\WINDOWS\System32\ftutil2.dll (Promise Technology, Inc.)
O4 - HKLM..\Run: [HP Lamp] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe ()
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [hpppt] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppt.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [PestPatrol Control Center] c:\Program Files\PestPatrol\PPControl.exe (Computer Associates International)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [PPMemCheck] c:\Program Files\PestPatrol\PPMemCheck.exe ()
O4 - HKLM..\Run: [Realtime Monitor] C:\Program Files\CA\eTrust Antivirus\Realmon.exe (Computer Associates International, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [CAHeadless] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [StartNow Search Protect] C:\Program Files\StartNow Toolbar\search_protect.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\Tom\Start Menu\Programs\Startup\PinMcLnk.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky.com/kos/eng/partner/us/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin.com/cab/LinkedInContactFinderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://btconferencing.webex.com/client/v_mywebex/webex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5287/mcfscan.cab (McFreeScan Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.233.207.8 64.233.207.9
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59CD4F91-C08C-40FC-8651-0367F233A068}: DhcpNameServer = 64.233.207.8 64.233.207.9
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome\Application\23.0.1271.97\npchrome_frame.dll (Google Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Tom\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tom\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/24 19:00:54 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 08:07:38 | 000,000,000 | -HS- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 00:01:14 | 000,000,053 | -HS- | M] () - E:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2008/12/15 18:52:18 | 000,000,080 | ---- | M] () - L:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {29A43E48-B726-47B6-9EAC-AA2B7B48E133} - Microsoft .NET Framework 1.0 Security Update (KB2698035)
ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {339E9413-F230-4F0F-ADDD-17914D95FD6D} - Microsoft .NET Framework 1.0 Hotfix (KB2604042)
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066)
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8BF1B8CD-9A6C-4382-A454-CC769B913F48} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)
ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {A38B334A-A0A2-436D-BAA0-34FE5E517E44} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {AFAAE209-2405-5EBF-4056-A42A2AA748B2} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/12/22 01:13:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tom\Desktop\Michael's Software
[2012/12/08 16:17:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tom\Desktop\Christmas Card 2012
[2012/11/30 14:32:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2006/09/29 07:27:01 | 000,089,680 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Tom\MSSSerif120.fon
[25 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/28 00:53:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/28 00:38:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/12/27 20:45:04 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012/12/27 18:26:04 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012/12/27 14:30:04 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012/12/27 11:57:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/12/27 10:26:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Tom.job
[2012/12/27 10:15:04 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/12/27 08:48:27 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{1CE909A1-8976-4257-A8F6-B516BC3E445C}.job
[2012/12/27 06:53:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/27 06:22:01 | 000,000,398 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Tom.job
[2012/12/27 02:48:24 | 000,000,187 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2012/12/27 02:19:36 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2997464920-1317662483-917087831-1009.job
[2012/12/27 02:18:59 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2997464920-1317662483-917087831-1009.job
[2012/12/27 02:18:58 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Tom.job
[2012/12/27 02:18:43 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/12/27 02:16:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/12/27 02:16:28 | 2145,857,536 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/26 12:14:05 | 000,002,533 | ---- | M] () -- C:\Documents and Settings\Tom\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2012/12/23 03:14:00 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job
[2012/12/22 01:20:59 | 000,461,232 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/12/16 20:49:48 | 000,000,444 | ---- | M] () -- C:\Documents and Settings\Tom\Desktop\Shared Documents.lnk
[2012/12/15 03:08:59 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/12/15 03:05:23 | 000,000,129 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012/12/01 08:00:24 | 000,133,120 | ---- | M] () -- C:\Documents and Settings\Tom\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/01 07:49:14 | 000,000,443 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Shortcut to TQ Work.lnk
[2012/11/30 14:32:34 | 000,001,615 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[25 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/14 10:18:00 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Tom.job
[2012/12/14 10:18:00 | 000,000,398 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Tom.job
[2012/12/14 10:18:00 | 000,000,394 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Tom.job
[2012/11/30 14:32:34 | 000,001,615 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2012/05/25 14:04:01 | 000,413,910 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2997464920-1317662483-917087831-1016-0.dat
[2012/04/06 14:25:43 | 001,467,228 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2997464920-1317662483-917087831-1009-0.dat
[2012/02/27 03:29:00 | 000,413,910 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/26 16:31:49 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2012/02/15 07:04:40 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/18 03:10:26 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/11/30 10:19:55 | 000,000,312 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~9i239IxhpPeQOh
[2011/11/30 10:19:55 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~9i239IxhpPeQOhr
[2011/11/30 10:19:53 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\9i239IxhpPeQOh
[2011/02/27 18:26:12 | 000,000,608 | -HS- | C] () -- C:\WINDOWS\System32\winzvprt5.sys
[2011/02/27 18:26:12 | 000,000,250 | ---- | C] () -- C:\WINDOWS\System32\hppfaxprinter5.ini
[2010/10/06 22:10:33 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Tom\Application Data\setup_ldm.iss
[2010/07/14 16:32:21 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tom\LOG
[2010/07/06 08:10:00 | 000,038,480 | ---- | C] () -- C:\Documents and Settings\Tom\Application Data\Comma Separated Values (Windows).ADR
[2010/01/12 12:26:07 | 000,072,080 | ---- | C] () -- C:\Documents and Settings\Tom\g2mdlhlpx.exe
[2009/06/10 07:23:09 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Tom\pool.bin
[2008/02/10 13:44:13 | 000,000,418 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2007/12/25 17:09:21 | 000,006,732 | ---- | C] () -- C:\Documents and Settings\Tom\UserCustomPreset_Adobe Premiere Elements 2.0.vpr
[2006/12/25 18:52:13 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\Tom\Application Data\wklnhst.dat
[2006/12/23 18:42:43 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2006/09/29 07:01:36 | 000,133,120 | ---- | C] () -- C:\Documents and Settings\Tom\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/28 21:29:31 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Tom\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2005/08/30 14:58:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/03/02 17:04:03 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 18:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/09/20 11:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2010/09/15 11:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2007/07/29 23:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2006/12/15 21:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2009/12/30 11:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KEDDS
[2010/10/27 14:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2006/09/28 20:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/12/30 11:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OrbNetworks
[2007/04/21 10:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Otto
[2010/10/27 14:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2010/09/16 14:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2011/12/22 11:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/09/28 20:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2011/06/07 09:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2010/09/24 21:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/10 13:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2007/06/13 17:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\acccore
[2011/12/22 13:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Amazon
[2010/12/13 08:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Juniper Networks
[2009/12/30 11:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\KEDDS
[2006/09/29 07:27:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Leadertech
[2006/09/30 17:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Netscape
[2010/09/16 12:17:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\No Company Name
[2006/09/30 11:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Opera
[2012/05/21 09:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Oracle
[2010/09/16 13:45:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Research In Motion
[2011/10/23 09:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Seagate
[2012/09/22 07:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Skinux
[2012/08/31 05:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\StartNow Toolbar
[2006/12/25 18:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Template
[2011/06/14 19:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Unity
[2010/02/01 18:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\webex
[2006/10/08 20:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\WildTangent
[2009/06/10 07:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\WinBatch
[2009/06/06 17:12:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Windows Desktop Search
[2009/06/10 16:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Windows Search
[2011/06/07 09:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\WindSolutions

========== Purity Check ==========



========== Custom Scans ==========

< c:\windows\*. /SL >
[2004/08/09 22:00:00 | 000,000,065 | R--- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2005/08/30 15:17:38 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/07/04 17:54:39 | 000,000,446 | ---- | C] () -- C:\WINDOWS\Tasks\Driver Robot.job
[2009/09/05 10:38:01 | 000,000,882 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2009/09/05 10:38:01 | 000,000,886 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2010/03/23 15:12:17 | 000,000,274 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-2997464920-1317662483-917087831-1009.job
[2010/03/23 15:12:17 | 000,000,282 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-2997464920-1317662483-917087831-1009.job
[2010/09/21 14:44:45 | 000,000,418 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{1CE909A1-8976-4257-A8F6-B516BC3E445C}.job
[2011/02/27 18:26:33 | 000,000,374 | ---- | C] () -- C:\WINDOWS\Tasks\At1.job
[2011/02/27 18:26:33 | 000,000,374 | ---- | C] () -- C:\WINDOWS\Tasks\At2.job
[2011/02/27 18:26:34 | 000,000,374 | ---- | C] () -- C:\WINDOWS\Tasks\At3.job
[2011/02/27 18:26:34 | 000,000,374 | ---- | C] () -- C:\WINDOWS\Tasks\At4.job
[2011/10/07 23:30:51 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2012/04/09 10:38:45 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012/12/14 10:18:00 | 000,000,394 | ---- | C] () -- C:\WINDOWS\Tasks\ReclaimerUpdateXML_Tom.job
[2012/12/14 10:18:00 | 000,000,398 | ---- | C] () -- C:\WINDOWS\Tasks\ReclaimerUpdateFiles_Tom.job
[2012/12/14 10:18:00 | 000,000,404 | ---- | C] () -- C:\WINDOWS\Tasks\RNUpgradeHelperLogonPrompt_Tom.job

< c:\windows\*. /RP >

< %ALLUSERSPROFILE%\Application Data\*. >
[2012/09/20 11:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/03/16 10:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012/05/23 22:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2009/02/26 20:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL Downloads
[2007/01/03 22:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2011/03/20 11:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/11/10 13:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/09/15 11:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2010/11/26 23:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ArcSoft
[2008/05/04 07:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2006/08/24 18:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2007/07/29 23:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2006/12/15 21:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2010/09/16 14:39:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2008/12/19 14:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2007/05/05 11:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2011/02/27 18:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2006/08/24 18:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2009/03/02 20:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2008/05/17 12:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2009/12/30 11:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KEDDS
[2009/12/30 11:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kodak
[2011/12/30 00:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logishrd
[2008/10/08 20:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2008/05/17 09:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/27 14:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2012/05/23 22:19:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012/12/15 03:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2007/02/02 09:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2006/09/28 20:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2012/07/17 16:14:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2009/09/10 10:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/06/11 15:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/11/03 13:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2006/09/30 17:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2009/12/30 11:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OrbNetworks
[2007/04/21 10:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Otto
[2011/12/22 11:17:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2012/07/13 11:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2010/09/16 13:42:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2006/08/24 18:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2010/10/27 14:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2012/08/29 02:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/09/16 14:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2009/06/08 15:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2010/08/26 16:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Corporation
[2008/05/10 14:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/04/09 21:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2009/09/10 10:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2011/12/22 11:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/09/28 20:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2007/03/05 18:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/06/07 09:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2010/09/24 21:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/10 13:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2012/08/21 12:01:28 | 001,977,816 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1\GEARDIFx.exe
[2012/08/21 12:01:22 | 000,115,672 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DifXInst32.exe
[2009/09/06 04:48:46 | 001,586,528 | ---- | M] (Macromedia, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\flashplayer\windows\SAFlashPlayer.exe
[2009/09/06 04:48:00 | 000,083,296 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\AuthSWF.exe
[2012/01/03 01:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\21639\AcrobatUpdater.exe
[2012/01/03 01:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\21639\AdobeARM.exe
[2012/01/03 01:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\21639\AdobeARMHelper.exe
[2012/01/03 01:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\21639\ReaderUpdater.exe
[2012/01/03 11:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-A95000000001}\Setup.exe
[2007/10/11 09:09:58 | 001,527,352 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4220\AIMinst.exe
[2007/10/11 09:09:40 | 000,572,960 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4220\AIMLang.exe
[2007/10/11 09:09:58 | 000,142,040 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4220\alsetup.exe
[2007/10/11 09:09:58 | 000,120,368 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4220\aoldlmgr.exe
[2007/10/11 09:09:58 | 000,228,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4220\migrator.exe
[2007/10/11 09:09:58 | 005,552,832 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4220\ocpinst.exe
[2007/10/11 09:10:00 | 000,036,912 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4220\postproc.exe
[2007/10/11 09:10:00 | 000,170,544 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4220\setup.exe
[2007/10/11 09:10:00 | 000,359,184 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4220\tbsetup.exe
[2007/10/11 09:10:00 | 000,376,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4220\unagi3.exe
[2007/10/11 09:10:00 | 002,882,640 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4220\Vwpt.exe
[2008/01/03 11:11:34 | 001,534,136 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\AIMinst.exe
[2008/01/03 11:11:36 | 000,561,928 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\AIMLang.exe
[2008/01/03 11:11:46 | 000,142,040 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\alsetup.exe
[2008/01/03 11:11:42 | 000,120,368 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\aoldlmgr.exe
[2008/01/03 11:11:46 | 000,096,608 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\bsetutil.exe
[2008/01/03 11:11:38 | 000,228,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\migrator.exe
[2008/01/03 11:11:38 | 005,572,272 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\ocpinst.exe
[2008/01/03 11:11:32 | 000,036,912 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\postproc.exe
[2008/01/03 11:11:30 | 000,170,848 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\setup.exe
[2008/01/03 11:11:40 | 000,383,128 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\tbsetup.exe
[2008/01/03 11:11:46 | 001,628,864 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\toolbar.exe
[2008/01/03 11:11:40 | 000,376,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\unagi3.exe
[2008/01/03 11:11:44 | 000,030,560 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\Uninstaller.exe
[2008/01/03 11:11:46 | 002,882,640 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\vwpt.exe
[2008/10/31 14:15:58 | 001,708,432 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\AIMinst.exe
[2008/10/31 14:15:58 | 000,566,248 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\AIMLang.exe
[2008/10/31 14:32:10 | 000,142,040 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\alsetup.exe
[2008/10/31 14:32:02 | 000,068,680 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\amos.exe
[2008/10/31 14:32:04 | 000,120,368 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\aoldlmgr.exe
[2008/10/31 14:32:10 | 000,096,560 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\bsetutil.exe
[2008/10/31 14:32:00 | 000,228,144 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\migrator.exe
[2008/10/31 14:32:02 | 005,005,648 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\ocpinst.exe
[2008/10/31 14:15:54 | 000,036,912 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\postproc.exe
[2008/10/31 14:15:52 | 000,170,848 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\setup.exe
[2008/10/31 14:32:04 | 000,383,128 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\tbsetup.exe
[2008/10/31 14:32:10 | 001,484,064 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\toolbar.exe
[2008/10/31 14:32:02 | 000,376,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\unagi3.exe
[2008/10/31 14:32:08 | 000,030,512 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\Uninstaller.exe
[2008/10/31 14:32:10 | 002,884,832 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\vwpt.exe
[2007/10/24 20:04:16 | 001,178,096 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\AIMinst.exe
[2007/10/24 20:04:53 | 000,560,784 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\AIMLang.exe
[2007/10/24 20:04:24 | 000,141,944 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\alsetup.exe
[2007/10/24 20:05:03 | 000,631,624 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\ampx.exe
[2007/10/24 20:04:22 | 000,164,912 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\inst.exe
[2007/10/24 20:04:59 | 000,055,200 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\instopts.exe
[2007/10/24 20:04:09 | 000,228,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\migrator.exe
[2007/10/24 20:04:27 | 000,579,248 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\muinst.exe
[2007/10/24 20:04:45 | 005,358,864 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\ocpinst.exe
[2007/10/24 20:05:00 | 000,035,888 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\postproc.exe
[2007/10/24 20:04:51 | 000,312,880 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\setup.exe
[2007/10/24 20:04:47 | 000,357,776 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\tbsetup.exe
[2007/10/24 20:04:20 | 001,082,064 | ---- | M] (AOL) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\toolbar.exe
[2007/10/24 20:04:59 | 000,409,640 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\vwpt.exe
[2008/10/31 14:15:58 | 001,708,432 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\AIMinst.exe
[2008/10/31 14:15:58 | 000,566,248 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\AIMLang.exe
[2008/10/31 14:32:10 | 000,142,040 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\alsetup.exe
[2008/10/31 14:32:02 | 000,068,680 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\amos.exe
[2008/10/31 14:32:04 | 000,120,368 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\aoldlmgr.exe
[2007/08/17 08:34:16 | 000,107,872 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\aolsetup.exe
[2008/10/31 14:32:10 | 000,096,560 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\bsetutil.exe
[2008/10/31 14:32:00 | 000,228,144 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\migrator.exe
[2008/10/31 14:32:02 | 005,005,648 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\ocpinst.exe
[2008/10/31 14:15:54 | 000,036,912 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\postproc.exe
[2008/10/31 14:15:52 | 000,170,848 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\setup.exe
[2008/10/31 14:32:04 | 000,383,128 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\tbsetup.exe
[2008/10/31 14:32:10 | 001,484,064 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\toolbar.exe
[2008/10/31 14:32:02 | 000,376,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\unagi3.exe
[2008/10/31 14:32:08 | 000,030,512 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\Uninstaller.exe
[2008/10/31 14:32:10 | 002,884,832 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4391.1.4\vwpt.exe
[2012/09/20 10:57:25 | 000,073,624 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.7.0.21\SetupAdmin.exe
[2010/09/24 21:23:19 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
[2011/11/17 19:25:59 | 000,073,584 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.34.51.22\SetupAdmin.exe
[2001/09/25 05:05:58 | 001,707,856 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Boot Optimizer\InstMsiA.Exe
[2001/09/11 08:04:42 | 001,821,008 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Boot Optimizer\InstMsiW.Exe
[2003/03/18 15:03:28 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Boot Optimizer\Setup.Exe
[2012/12/21 12:03:58 | 000,243,032 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\QWPATCH.EXE
[2009/11/12 17:48:52 | 000,026,472 | ---- | M] (Intuit Inc.) -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Sku\Deluxe\Custom\billmind.exe
[2009/11/12 17:48:52 | 000,026,472 | ---- | M] (Intuit Inc.) -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Sku\Hab\Custom\billmind.exe
[2009/11/12 17:48:52 | 000,026,472 | ---- | M] (Intuit Inc.) -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Sku\Premier\Custom\billmind.exe
[2009/11/12 17:48:52 | 000,026,472 | ---- | M] (Intuit Inc.) -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Sku\RPM\Custom\billmind.exe
[2009/12/30 11:52:53 | 002,684,304 | ---- | M] (Eastman Kodak Company) -- C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140001_2f36b265\Setup.exe
[2011/04/10 22:53:10 | 002,684,368 | ---- | M] (Eastman Kodak Company) -- C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140001_4fb534f8\Setup.exe
[2009/12/30 11:52:53 | 002,684,304 | ---- | M] (Eastman Kodak Company) -- C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140001_90a48aa\Setup.exe
[2008/07/17 10:45:44 | 002,258,312 | R--- | M] (Eastman Kodak Company) -- C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_320002_907d652\Setup.exe
[2010/03/23 14:30:48 | 000,175,104 | ---- | M] (InstallShield Software Corporation) -- C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\creative\app\setup.exe
[2010/03/23 14:31:45 | 000,062,976 | ---- | M] (InstallShield Software Corporation) -- C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\creative\content\setup.exe
[2011/04/10 22:54:29 | 000,077,824 | ---- | M] (Eastman Kodak Company) -- C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ess\bindbins\bindbins.exe
[2011/04/10 22:53:38 | 000,045,056 | ---- | M] (EASTMAN KODAK Company) -- C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\sysfiles\kb945060\kb945060.exe
[2011/12/28 06:49:12 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
[2009/06/11 15:57:38 | 000,086,016 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
[2011/12/17 11:36:04 | 037,904,960 | ---- | M] (PC Tools ) -- C:\Documents and Settings\All Users\Application Data\PC Tools\DownloadManager\Spyware Doctor8.0\sdsetup_revwire207_en_aff_dl.exe
[2007/04/06 21:33:04 | 003,778,727 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\WildTangent\My HP Game Console\Downloads\Installers\SetupGamesClient.exe
[2006/12/17 19:41:26 | 000,000,161 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\WildTangent\My HP Game Console\Downloads\Installers\SetupGamesClient.exe_filedata

< %APPDATA%\*. >
[2007/06/13 17:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\acccore
[2011/02/26 18:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Adobe
[2007/03/07 14:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\AdobeUM
[2011/12/22 13:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Amazon
[2012/03/29 11:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Apple Computer
[2010/03/24 14:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\ArcSoft
[2006/09/29 07:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\CyberLink
[2007/06/07 10:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Google
[2006/11/17 16:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Help
[2011/02/27 18:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Hewlett-Packard Company
[2007/05/06 13:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\HP
[2006/12/23 18:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\HPQ
[2012/06/22 10:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\HpUpdate
[2005/11/14 12:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Identities
[2009/09/18 09:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Intuit
[2010/12/13 08:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Juniper Networks
[2009/12/30 11:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\KEDDS
[2006/09/29 07:27:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Leadertech
[2009/07/08 12:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Macromedia
[2011/12/17 14:14:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Malwarebytes
[2012/01/24 15:25:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Tom\Application Data\Microsoft
[2007/02/02 10:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Motive
[2009/12/03 14:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Move Networks
[2008/08/28 16:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Mozilla
[2006/09/30 17:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Netscape
[2010/09/16 12:17:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\No Company Name
[2006/09/30 11:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Opera
[2012/05/21 09:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Oracle
[2011/12/22 15:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Real
[2010/09/16 13:45:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Research In Motion
[2009/10/06 10:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Roxio
[2011/10/23 09:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Seagate
[2012/09/22 07:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Skinux
[2012/08/29 02:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Skype
[2010/03/13 08:01:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\skypePM
[2009/11/16 20:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\SmartFTP
[2006/09/29 07:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Sonic
[2010/08/26 20:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Sony Corporation
[2012/08/31 05:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\StartNow Toolbar
[2006/12/17 10:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Sun
[2008/07/25 21:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Talkback
[2006/12/25 18:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Template
[2012/10/04 18:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\U3
[2011/06/14 19:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Unity
[2010/02/01 18:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\webex
[2006/10/08 20:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\WildTangent
[2009/06/10 07:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\WinBatch
[2009/06/06 17:12:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Windows Desktop Search
[2009/06/10 16:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Windows Search
[2011/06/07 09:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\WindSolutions

< %APPDATA%\*.exe /s >
[2007/03/07 14:31:59 | 021,277,080 | ---- | M] ( ) -- C:\Documents and Settings\Tom\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe
[2010/09/16 11:56:30 | 000,038,208 | ---- | M] () -- C:\Documents and Settings\Tom\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010/02/21 00:04:30 | 001,923,880 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Tom\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2011/07/10 11:45:18 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Tom\Application Data\Microsoft\Installer\{069730C2-755A-485B-A205-27A1AAFA836A}\ARPPRODUCTICON.exe
[2009/06/08 15:48:33 | 000,069,632 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Tom\Application Data\Microsoft\Installer\{7CB1E63B-C999-4D17-8133-E138F41D9ECF}\DesktopMgr.exe
[2009/06/08 15:48:33 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\Tom\Application Data\Microsoft\Installer\{7CB1E63B-C999-4D17-8133-E138F41D9ECF}\NewShortcut12_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2009/06/08 15:48:33 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\Tom\Application Data\Microsoft\Installer\{7CB1E63B-C999-4D17-8133-E138F41D9ECF}\NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2009/06/08 15:48:33 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\Tom\Application Data\Microsoft\Installer\{7CB1E63B-C999-4D17-8133-E138F41D9ECF}\NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2009/06/08 15:48:33 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\Tom\Application Data\Microsoft\Installer\{7CB1E63B-C999-4D17-8133-E138F41D9ECF}\NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2009/06/08 15:48:33 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\Tom\Application Data\Microsoft\Installer\{7CB1E63B-C999-4D17-8133-E138F41D9ECF}\NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2009/06/08 15:48:33 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\Tom\Application Data\Microsoft\Installer\{7CB1E63B-C999-4D17-8133-E138F41D9ECF}\NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2009/12/03 14:50:09 | 000,127,872 | ---- | M] () -- C:\Documents and Settings\Tom\Application Data\Move Networks\uninstall.exe
[2009/06/16 00:35:42 | 000,097,144 | ---- | M] () -- C:\Documents and Settings\Tom\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe
[2012/12/14 07:16:57 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Tom\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe
[2012/12/14 10:18:53 | 039,447,008 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Tom\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\stub_data\RealPlayer.exe
[2012/12/14 10:18:01 | 000,765,248 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Tom\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\stub_exe\RealPlayer.exe
[2007/10/23 08:27:20 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Tom\Application Data\U3\temp\cleanup.exe
[2008/05/02 09:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Tom\Application Data\U3\temp\Launchpad Removal.exe
[2011/06/07 09:32:48 | 003,455,768 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Tom\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe
[2011/06/07 09:33:33 | 007,648,728 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Tom\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTransManager.exe

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[25 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2005/08/30 07:51:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2005/08/30 07:51:10 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2005/08/30 07:51:10 | 000,888,832 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:242231A9
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B9D8E22
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

#9 Quevvy

Quevvy
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 28 December 2012 - 02:19 AM

OTL Extras logfile created on: 12/28/2012 12:50:12 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Tom\Desktop\Michael's Software
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 51.50% Memory free
3.84 Gb Paging File | 2.83 Gb Available in Paging File | 73.67% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 224.20 Gb Total Space | 16.20 Gb Free Space | 7.23% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 67.69 Gb Free Space | 29.07% Space Free | Partition Type: NTFS
Drive E: | 8.65 Gb Total Space | 0.42 Gb Free Space | 4.83% Space Free | Partition Type: FAT32
Drive L: | 1397.26 Gb Total Space | 1253.09 Gb Free Space | 89.68% Space Free | Partition Type: NTFS

Computer Name: ROY | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"3776:UDP" = 3776:UDP:*:Enabled:Media Center Extender Service
"3390:TCP" = 3390:TCP:*:Enabled:Remote Media Center Experience

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe" = C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server -- ()
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
"C:\Program Files\DISC\DISCover.exe" = C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System -- (Digital Interactive Systems Corporation)
"C:\Program Files\DISC\DiscStreamHub.exe" = C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub -- (Digital Interactive Systems Corporation, Inc.)
"C:\Program Files\DISC\myFTP.exe" = C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP
"C:\WINDOWS\ehome\ehshell.exe" = C:\WINDOWS\ehome\ehshell.exe:LocalSubNet:Enabled:Media Center -- (Microsoft Corporation)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"F:\setup\HPZNET01.EXE" = F:\setup\HPZNET01.EXE:*:Enabled:hpznet01.exe
"F:\setup\HPPAPD.EXE" = F:\setup\HPPAPD.EXE:*:Enabled:hppapd.exe
"F:\setup\HPPNICIFS01.EXE" = F:\setup\HPPNICIFS01.EXE:*:Enabled:hppnicifs01.exe
"F:\setup\HPNTWKEXE.EXE" = F:\setup\HPNTWKEXE.EXE:*:Enabled:hpntwkexe.exe
"C:\Program Files\SmartFTP Client\SmartFTP.exe" = C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 4.0 -- (SmartSoft Ltd.)
"C:\Program Files\Kodak\Digital Display\KodakDigitalDisplaySoftware.exe" = C:\Program Files\Kodak\Digital Display\KodakDigitalDisplaySoftware.exe:*:Enabled:Kodak digital display software -- (Orb Networks, Inc.)
"C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe" = C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe:*:Enabled:KodakDigitalDisplayService -- (Orb Networks, Inc.)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Seagate\BlackArmor Discovery\BlackArmor Discovery.exe" = C:\Program Files\Seagate\BlackArmor Discovery\BlackArmor Discovery.exe:*:Enabled:BlackArmor Discovery Application -- ()
"C:\Program Files\Seagate\BlackArmorBackup\BlackArmorBackup.exe" = C:\Program Files\Seagate\BlackArmorBackup\BlackArmorBackup.exe:*:Enabled:BlackArmor Backup -- (Seagate)
"C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe" = C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe:*:Enabled:AllShare -- ()
"C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe" = C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe:*:Enabled:PCSM_http_ss_win_pro -- ()
"C:\Program Files\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe" = C:\Program Files\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server -- (Adobe Systems Incorporated)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update v4 Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{01ADCC5D-45B4-45E4-AC5C-C06E044B16DF}" = hppIOFiles
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{069730C2-755A-485B-A205-27A1AAFA836A}" = InstantShareAlert
"{06F8CD93-C722-45E9-A9A4-F48F78E39E84}" = hppFaxUtilityCM1410
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0EF0EA0D-F945-4958-85CC-60FF1E86D216}" = HP LaserJet Professional CM1410 Series
"{0EF45FEA-E3C1-4660-854A-810C1BA169E2}" = hppLJ3390
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{11C98E1A-EC91-4B38-B44C-C562292D8453}" = Adobe Premiere Elements 2.0
"{1341D838-719C-4A05-B50F-49420CA1B4BB}" = HP Boot Optimizer
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{173D5E9E-8ABC-4EB2-B371-18AF8812A91D}" = hppFaxUtility
"{17C4A35A-2041-42C0-8D10-DEF55B47BE56}" = Adobe Premiere Elements 8.0 Templates
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}" = HP LJ CM1410 MFP Series HP Scan
"{229D6185-BD7E-494B-A73B-C5215BE0690E}" = HPLJUT
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{23FE964A-853B-4176-86D7-9E18B5CA1FC0}" = Media Center Extender
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java™ 7 Update 4
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{37CA4B50-EAA2-012B-AD81-000000000000}" = TurboTax 2009 widiper
"{37EBB600-EAA2-012B-AD89-000000000000}" = TurboTax 2009 wiliper
"{385E26E0-EAA2-012B-ADA5-000000000000}" = TurboTax 2009 winiper
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{395A57A6-E0E1-C599-3A28-19A96682B4C6}" = Adobe Photoshop.com Inspiration Browser
"{3A59F6E0-EAA2-012B-AE20-000000000000}" = TurboTax 2009 wmsiper
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{44432BD5-D968-460E-8DA4-1FFCC29DC692}" = TurboTax 2011 winiper
"{44A7867C-E3F4-4F96-8948-FDE62D23AD29}" = TurboTax 2008 wmsiper
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1
"{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}" = muvee autoProducer unPlugged 2.0
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{606E5C0D-6039-42A7-988E-9D51DE773AFF}" = hppFonts
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{6346B2AE-0DBB-45A3-9ECA-D23CAC27AB7E}" = TurboTax 2011 wiliper
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{663D8AAF-CB71-4056-8C60-1D85BC576C6E}" = hppTooCool
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{70632C41-BDAC-4128-9FBF-287F9FF53DE5}" = TurboTax 2010 wiliper
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7533F0BC-DE32-4AE1-97D2-D58703B76D7D}" = SmartFTP Client
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig
"{829DAAD6-BB11-4BB7-921B-07FFB703F944}" = CP_Package_Variety3
"{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config
"{84BC4E89-97BB-41A3-9254-06E7C675B945}" = TurboTax 2010 wmsiper
"{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic
"{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1" = Trojan Killer 2.1
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A534F71-3202-4464-A422-B767295E67B9}" = CP_Package_Variety2
"{8B677453-F9D2-4387-B030-E669B28B8A08}" = hppToolBoxFX
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PRJSTD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PRJSTD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PRJSTD_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-003A-0000-0000-0000000FF1CE}" = Microsoft Office Project Standard 2007
"{90120000-003A-0000-0000-0000000FF1CE}_PRJSTD_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{7DA87C7E-E8A7-473E-ADFF-1B6BECCCADA7}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PRJSTD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJSTD_{F3CD3F3F-726C-4414-A1FE-5CD0968313EA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PRJSTD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92F91A05-8241-4651-B9F4-9D04EE1F2634}" = hppSendFaxCM1410
"{937B232D-9776-471E-92BD-D424E514EF14}" = Logitech QuickCam
"{93E5A317-24EC-4744-812C-16FECFE86E6A}" = CP_Package_Variety1
"{95120000-0038-0409-0000-0000000FF1CE}" = Time Zone Data Update Tool for Microsoft Office Outlook
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{993CD8D4-AED6-45E2-8AA5-D7DFAA60DE6F}" = hppScanTo
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9DF6EC22-733E-4EDC-AC88-54CAD4BF4E7B}" = BlackArmor Backup
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{9F7AF7CD-E3D0-4C68-A3BA-C76C359B3AA8}" = LightScribe 1.4.105.1
"{9FA7A537-E6F6-4A6E-95B9-E4152756132D}" = hppCM1410LaserJetService
"{A0B42136-C813-4FB4-84A1-C41E6F12410B}" = hppSendFax
"{A0E583D1-23F7-4C35-9620-B169D7715E4B}" = Adobe Premiere Elements 8.0
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A5A93185-26A8-4F02-B021-D6E6A4396441}" = hppManuals3390
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A82D0C46-EBDF-4B27-A731-D06EF2056E81}" = HP FWUpdateEDO3
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AABE44D1-0B72-4C6B-9778-20B2317F8064}" = hpzTLBXFX
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AE29CC62-C835-40FD-99C6-292F90D58DF8}" = TurboTax 2010 widiper
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B52480BF-CCED-4DD4-8DC2-28BB750D703E}" = BlackArmor Discovery
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{BCC7E198-1D10-4B55-956E-550A196F8056}" = Microsoft Office Live Meeting 2007
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig
"{C7010632-E5EE-4263-B80E-BC9D45439EB0}" = TurboTax 2010 winiper
"{C7B99334-41CC-445A-AF7B-A210691A72AD}" = KEDDS
"{C9C16E4B-4FDD-4A31-8B8F-EC402082407A}" = HPLaserJetHelp_LearnCenter
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}" = Quicken 2010
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D5E31EEE-CD8A-4E01-87F1-119C4A3201FD}" = hppscan3390
"{D608C59B-424B-45D4-971C-5978F8564CEE}" = hppLaserJetService
"{DA5576B5-EF2A-4E3A-8763-FCA8BA84DA00}" = hppTLBXFXCM1410
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DB7F1657-6164-40AE-8A94-8F785C0C3E3F}" = hppFaxDrv3390
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E4C07CAB-99A1-4177-8EA1-67B0FE6474C8}" = TurboTax 2008 wiliper
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{E94E150C-762B-4cd1-8A54-7228A07C0710}" = HP LaserJet 3050/3052/3055/3390/3392 2.0
"{EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}" = Adobe Photoshop Elements 4.0
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEFEBB48-329E-46F6-AEB8-929A5BAFDB2F}" = Intel® Viiv™ Software
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F80239D8-7811-4D5E-B033-0D0BBFE32920}" = HP DigitalMedia Archive
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FB4740B3-2530-452D-A825-F7AB246CA7DF}" = muvee autoProducer 5.0
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FE3F3C9B-2C29-4FEE-A74F-11E436729F2C}" = Scan
"{FFD7B2D9-AC9D-468C-83A2-21017A811623}" = hppFaxDrvCM1410
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 4" = Adobe Photoshop Elements 4.0
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.15
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CCleaner" = CCleaner (remove only)
"Click'N Design 3D (V5)" = Click'N Design 3D (V5)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"Cribbage" = Cribbage
"Digital Media Converter_is1" = Digital Media Converter 2.78
"DISCover" = HP Games 3.43.97
"Draw Poker" = Draw Poker
"eGames GameButler" = eGames GameButler
"eGames Master's Edition 151" = eGames Master's Edition 151
"EHome Devices" = Media Center Extender
"EL" = Intel® Quick Resume Technology Drivers
"Eleven" = Eleven
"eMazing Mazes" = eMazing Mazes
"eTrust Antivirus" = CA eTrust Antivirus
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1
"Galaxy of Games 201" = Galaxy of Games 201
"Google Chrome" = Google Chrome
"Google Chrome Frame" = Google Chrome Frame
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Photosmart for Media Center PC" = HP Photosmart for Media Center PC
"HP PrecisionScan" = HP PrecisionScan
"HPOOVClient-9972322 Uninstaller" = Updates from HP (remove only)
"ie8" = Windows Internet Explorer 8
"Install WeatherBug" = Remove WeatherBug Installer
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
"InstallShield_{B52480BF-CCED-4DD4-8DC2-28BB750D703E}" = BlackArmor Discovery
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"lvdrivers_11.90" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Mpeg2Decoder_is1" = Mpeg2Decoder 1.3
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Picasa 3" = Picasa 3
"PremElem20" = Adobe Premiere Elements 2.0
"PremElem80" = Adobe Premiere Elements 8.0
"PremElem80Templates" = Adobe Premiere Elements 8.0 Templates
"PRJSTD" = Microsoft Office Project Standard 2007
"PROPLUS" = Microsoft Office Professional Plus 2007
"PROSet" = Intel® PRO Network Connections Drivers
"Puzzle Master 5" = Puzzle Master 5
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 15.0" = RealPlayer
"Rhapsody" = Rhapsody
"SmartFTP Client 4.0 Setup Files" = SmartFTP Client 4.0 Setup Files (remove only)
"TurboTax 2008" = TurboTax 2008
"TurboTax 2009" = TurboTax 2009
"TurboTax 2010" = TurboTax 2010
"TurboTax 2011" = TurboTax 2011
"TV Guide Crosswords" = TV Guide Crosswords
"VISPRO" = Microsoft Office Visio Professional 2007
"WildTangent hpmedia Master Uninstall" = My HP Games
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = CopyTrans Suite Remove Only
"GoToMeeting" = GoToMeeting 4.5.0.457
"Move Media Player" = Move Media Player
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/9/2012 12:31:45 PM | Computer Name = ROY | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x00000000.

Error - 11/9/2012 12:47:16 PM | Computer Name = ROY | Source = Application Error | ID = 1000
Description = Faulting application pmbvolumewatcher.exe, version 2.0.3.3240, faulting
module unknown, version 0.0.0.0, fault address 0x006e0069.

Error - 11/18/2012 12:53:12 PM | Computer Name = ROY | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 11/19/2012 5:36:37 AM | Computer Name = ROY | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 11/21/2012 8:01:42 PM | Computer Name = ROY | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.

Error - 12/9/2012 11:22:52 AM | Computer Name = ROY | Source = Windows Search Service | ID = 3079
Description = Notifications for the volume l:\ are not active. Context: Windows
Application Details: The device is not ready. (0x80070015)

Error - 12/14/2012 9:13:13 AM | Computer Name = ROY | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 12/23/2012 10:07:13 PM | Computer Name = ROY | Source = Application Hang | ID = 1002
Description = Hanging application InocIT.exe, version 7.0.139.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 12/23/2012 10:07:15 PM | Computer Name = ROY | Source = Application Hang | ID = 1001
Description = Fault bucket 39768252.

Error - 12/26/2012 2:43:41 PM | Computer Name = ROY | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ OSession Events ]
Error - 6/7/2009 12:54:33 PM | Computer Name = ROY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6215.1000. This session lasted 38
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/11/2009 1:41:16 PM | Computer Name = ROY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6215.1000. This session lasted 14399
seconds with 2040 seconds of active time. This session ended with a crash.

Error - 4/9/2010 5:12:46 PM | Computer Name = ROY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 113
seconds with 60 seconds of active time. This session ended with a crash.

Error - 11/8/2011 1:20:50 AM | Computer Name = ROY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 514
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/22/2011 1:23:50 PM | Computer Name = ROY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1048
seconds with 60 seconds of active time. This session ended with a crash.

Error - 6/29/2012 2:30:33 PM | Computer Name = ROY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 535030
seconds with 3060 seconds of active time. This session ended with a crash.

Error - 8/23/2012 4:28:24 AM | Computer Name = ROY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 36163
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 12/24/2012 7:09:16 PM | Computer Name = ROY | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053

Error - 12/24/2012 7:13:01 PM | Computer Name = ROY | Source = System Error | ID = 1003
Description = Error code 100000d1, parameter1 00310010, parameter2 00000002, parameter3
00000000, parameter4 b7e75e39.

Error - 12/24/2012 7:13:55 PM | Computer Name = ROY | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{59CD4F91-C08C-40FC-8651-0367F233A068}. The
backup browser is stopping.

Error - 12/24/2012 10:00:50 PM | Computer Name = ROY | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 12/25/2012 3:47:20 PM | Computer Name = ROY | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 12/25/2012 3:48:16 PM | Computer Name = ROY | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 12/25/2012 4:02:41 PM | Computer Name = ROY | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{59CD4F91-C08C-40FC-8651-0367F233A068}. The
backup browser is stopping.

Error - 12/27/2012 4:17:42 AM | Computer Name = ROY | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 12/27/2012 4:18:42 AM | Computer Name = ROY | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 12/27/2012 4:35:02 AM | Computer Name = ROY | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{59CD4F91-C08C-40FC-8651-0367F233A068}. The
backup browser is stopping.


< End of report >

#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:47 PM

Posted 28 December 2012 - 12:18 PM

1.
Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Posted Image
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


2.
We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word "Code"
    :otl
    File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TOM\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\RVFHT47V.DEFAULT\EXTENSIONS\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O4 - HKCU..\Run: [Aim6] File not found
    O4 - HKCU..\Run: [StartNow Search Protect] C:\Program Files\StartNow Toolbar\search_protect.exe ()
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
    ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
    ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
    ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error
    [2012/12/27 20:45:04 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
    [2012/12/27 18:26:04 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
    [2012/12/27 14:30:04 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
    [2012/12/27 10:15:04 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
    [2011/11/30 10:19:55 | 000,000,312 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~9i239IxhpPeQOh
    [2011/11/30 10:19:55 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~9i239IxhpPeQOhr
    [2011/11/30 10:19:53 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\9i239IxhpPeQOh
    [2012/08/31 05:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\StartNow Toolbar
    [2009/09/10 10:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
    [2012/08/31 05:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\StartNow Toolbar
    @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:242231A9
    @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B9D8E22
    @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
    
    :Commands
    [RESETHOSTS]
    [EMPTYTEMP]
    [CREATERESTOREPOINT]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click Posted Image.
  • A report will open. Copy and Paste that report in your next reply.


Things to include in your next reply::
TdssKiller log
Otl fix log
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 Quevvy

Quevvy
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 28 December 2012 - 01:59 PM

(First Part)


11:51:08.0312 5888 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:51:10.0296 5888 ============================================================
11:51:10.0296 5888 Current date / time: 2012/12/28 11:51:10.0296
11:51:10.0296 5888 SystemInfo:
11:51:10.0296 5888
11:51:10.0296 5888 OS Version: 5.1.2600 ServicePack: 3.0
11:51:10.0296 5888 Product type: Workstation
11:51:10.0296 5888 ComputerName: ROY
11:51:10.0296 5888 UserName: Tom
11:51:10.0296 5888 Windows directory: C:\WINDOWS
11:51:10.0296 5888 System windows directory: C:\WINDOWS
11:51:10.0296 5888 Processor architecture: Intel x86
11:51:10.0296 5888 Number of processors: 2
11:51:10.0296 5888 Page size: 0x1000
11:51:10.0296 5888 Boot type: Normal boot
11:51:10.0296 5888 ============================================================
11:51:31.0640 5888 BG loaded
11:51:34.0609 5888 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:51:34.0640 5888 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:51:34.0750 5888 Drive \Device\Harddisk6\DR10 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:51:34.0781 5888 ============================================================
11:51:34.0781 5888 \Device\Harddisk0\DR0:
11:51:34.0812 5888 MBR partitions:
11:51:34.0812 5888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C068915
11:51:34.0812 5888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x1C06C815, BlocksNum 0x1157D6C
11:51:34.0812 5888 \Device\Harddisk1\DR1:
11:51:34.0812 5888 MBR partitions:
11:51:34.0812 5888 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
11:51:34.0812 5888 \Device\Harddisk6\DR10:
11:51:34.0812 5888 MBR partitions:
11:51:34.0812 5888 \Device\Harddisk6\DR10\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA86702
11:51:34.0812 5888 ============================================================
11:51:35.0062 5888 C: <-> \Device\Harddisk0\DR0\Partition1
11:51:35.0078 5888 D: <-> \Device\Harddisk1\DR1\Partition1
11:51:35.0234 5888 E: <-> \Device\Harddisk0\DR0\Partition2
11:51:35.0234 5888 L: <-> \Device\Harddisk6\DR10\Partition1
11:51:35.0265 5888 ============================================================
11:51:35.0265 5888 Initialize success
11:51:35.0265 5888 ============================================================
11:54:32.0468 5628 ============================================================
11:54:32.0468 5628 Scan started
11:54:32.0468 5628 Mode: Manual; SigCheck; TDLFS;
11:54:32.0468 5628 ============================================================
11:54:34.0390 5628 ================ Scan system memory ========================
11:54:34.0406 5628 System memory - ok
11:54:34.0406 5628 ================ Scan services =============================
11:54:37.0578 5628 [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883 C:\WINDOWS\system32\DRIVERS\61883.sys
11:54:49.0515 5628 61883 - ok
11:54:49.0531 5628 Abiosdsk - ok
11:54:49.0531 5628 abp480n5 - ok
11:54:49.0828 5628 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:54:51.0031 5628 ACDaemon - ok
11:54:51.0140 5628 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:54:51.0390 5628 ACPI - ok
11:54:51.0468 5628 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:54:51.0687 5628 ACPIEC - ok
11:54:52.0093 5628 [ 2486C8E3F14496341E90CF2AB8BC82ED ] AdobeActiveFileMonitor4.0 C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
11:54:52.0265 5628 AdobeActiveFileMonitor4.0 ( UnsignedFile.Multi.Generic ) - warning
11:54:52.0265 5628 AdobeActiveFileMonitor4.0 - detected UnsignedFile.Multi.Generic (1)
11:54:52.0593 5628 [ 4451CC2275B04043EC2BCC757AF97291 ] AdobeActiveFileMonitor8.0 C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
11:54:53.0000 5628 AdobeActiveFileMonitor8.0 - ok
11:54:53.0218 5628 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:54:53.0765 5628 AdobeFlashPlayerUpdateSvc - ok
11:54:53.0765 5628 adpu160m - ok
11:54:53.0859 5628 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:54:54.0015 5628 aec - ok
11:54:54.0125 5628 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:54:54.0687 5628 AFD - ok
11:54:54.0703 5628 Aha154x - ok
11:54:54.0703 5628 aic78u2 - ok
11:54:54.0703 5628 aic78xx - ok
11:54:54.0781 5628 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:54:55.0000 5628 Alerter - ok
11:54:55.0109 5628 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
11:54:55.0250 5628 ALG - ok
11:54:55.0250 5628 AliIde - ok
11:54:56.0562 5628 [ AAA1F9D4CF4C976C21BCA8AFA2BAE6A4 ] AllShare C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
11:54:59.0609 5628 AllShare ( UnsignedFile.Multi.Generic ) - warning
11:54:59.0609 5628 AllShare - detected UnsignedFile.Multi.Generic (1)
11:54:59.0609 5628 amsint - ok
11:54:59.0984 5628 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:55:00.0093 5628 Apple Mobile Device - ok
11:55:00.0140 5628 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:55:00.0343 5628 AppMgmt - ok
11:55:00.0437 5628 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:55:00.0562 5628 Arp1394 - ok
11:55:00.0578 5628 asc - ok
11:55:00.0578 5628 asc3350p - ok
11:55:00.0578 5628 asc3550 - ok
11:55:00.0687 5628 [ 20D04091EBA710F6988F710507D85868 ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys
11:55:00.0765 5628 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
11:55:00.0765 5628 Aspi32 - detected UnsignedFile.Multi.Generic (1)
11:55:01.0265 5628 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:55:01.0359 5628 aspnet_state - ok
11:55:01.0406 5628 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:55:01.0546 5628 AsyncMac - ok
11:55:01.0593 5628 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:55:01.0812 5628 atapi - ok
11:55:01.0812 5628 Atdisk - ok
11:55:01.0843 5628 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:55:02.0031 5628 Atmarpc - ok
11:55:02.0078 5628 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:55:02.0203 5628 AudioSrv - ok
11:55:02.0250 5628 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:55:02.0406 5628 audstub - ok
11:55:02.0500 5628 [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc C:\WINDOWS\system32\DRIVERS\avc.sys
11:55:02.0656 5628 Avc - ok
11:55:02.0687 5628 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:55:02.0828 5628 Beep - ok
11:55:02.0937 5628 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
11:55:03.0140 5628 BITS - ok
11:55:03.0328 5628 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:55:03.0640 5628 Bonjour Service - ok
11:55:03.0781 5628 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
11:55:03.0921 5628 Browser - ok
11:55:04.0000 5628 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:55:04.0140 5628 cbidf2k - ok
11:55:04.0156 5628 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:55:04.0343 5628 CCDECODE - ok
11:55:04.0343 5628 cd20xrnt - ok
11:55:04.0375 5628 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:55:04.0546 5628 Cdaudio - ok
11:55:04.0625 5628 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:55:04.0750 5628 Cdfs - ok
11:55:04.0875 5628 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:55:04.0984 5628 Cdrom - ok
11:55:05.0000 5628 Changer - ok
11:55:05.0062 5628 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:55:05.0281 5628 CiSvc - ok
11:55:05.0312 5628 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:55:05.0484 5628 ClipSrv - ok
11:55:05.0625 5628 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:55:05.0687 5628 clr_optimization_v2.0.50727_32 - ok
11:55:05.0953 5628 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:55:06.0031 5628 clr_optimization_v4.0.30319_32 - ok
11:55:06.0031 5628 CmdIde - ok
11:55:06.0031 5628 COMSysApp - ok
11:55:06.0046 5628 Cpqarray - ok
11:55:06.0109 5628 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:55:06.0265 5628 CryptSvc - ok
11:55:06.0359 5628 [ B083323430C780F91FBD064CE19A7A6B ] CXFALCON C:\WINDOWS\system32\drivers\cxfalcon.sys
11:55:06.0484 5628 CXFALCON ( UnsignedFile.Multi.Generic ) - warning
11:55:06.0484 5628 CXFALCON - detected UnsignedFile.Multi.Generic (1)
11:55:06.0500 5628 dac2w2k - ok
11:55:06.0500 5628 dac960nt - ok
11:55:06.0593 5628 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:55:06.0875 5628 DcomLaunch - ok
11:55:06.0921 5628 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:55:07.0125 5628 Dhcp - ok
11:55:07.0171 5628 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:55:07.0328 5628 Disk - ok
11:55:07.0328 5628 dmadmin - ok
11:55:07.0546 5628 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:55:08.0703 5628 dmboot - ok
11:55:08.0750 5628 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:55:09.0000 5628 dmio - ok
11:55:09.0062 5628 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:55:09.0171 5628 dmload - ok
11:55:09.0218 5628 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:55:09.0375 5628 dmserver - ok
11:55:09.0453 5628 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:55:09.0578 5628 DMusic - ok
11:55:09.0640 5628 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:55:09.0859 5628 Dnscache - ok
11:55:09.0921 5628 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:55:10.0234 5628 Dot3svc - ok
11:55:10.0296 5628 [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
11:55:10.0468 5628 dot4 - ok
11:55:10.0531 5628 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
11:55:10.0671 5628 Dot4Print - ok
11:55:10.0734 5628 [ BD05306428DA63369692477DDC0F6F5F ] Dot4Scan C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
11:55:10.0859 5628 Dot4Scan - ok
11:55:10.0968 5628 [ 6EC3AF6BB5B30E488A0C559921F012E1 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
11:55:11.0125 5628 dot4usb - ok
11:55:11.0125 5628 dpti2o - ok
11:55:11.0156 5628 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:55:11.0281 5628 drmkaud - ok
11:55:11.0453 5628 [ B0ABABBBE2E61FC916A21182AC2CEFF1 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
11:55:11.0609 5628 e1express ( UnsignedFile.Multi.Generic ) - warning
11:55:11.0609 5628 e1express - detected UnsignedFile.Multi.Generic (1)
11:55:11.0687 5628 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:55:11.0890 5628 EapHost - ok
11:55:12.0218 5628 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
11:55:12.0562 5628 ehRecvr - ok
11:55:12.0609 5628 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
11:55:12.0687 5628 ehSched - ok
11:55:12.0781 5628 [ 0923AEC043F5D355B4EF0C2B29A362DE ] ELacpi C:\WINDOWS\system32\DRIVERS\ELacpi.sys
11:55:12.0875 5628 ELacpi ( UnsignedFile.Multi.Generic ) - warning
11:55:12.0875 5628 ELacpi - detected UnsignedFile.Multi.Generic (1)
11:55:12.0937 5628 [ CBD71E7772F92BFB85CCC302B2DEEFBA ] ELhid C:\WINDOWS\System32\Drivers\Elhid.sys
11:55:12.0984 5628 ELhid ( UnsignedFile.Multi.Generic ) - warning
11:55:12.0984 5628 ELhid - detected UnsignedFile.Multi.Generic (1)
11:55:13.0062 5628 [ AC75B576C45D144E146FD1F0576A1F53 ] ELkbd C:\WINDOWS\System32\Drivers\Elkbd.sys
11:55:13.0156 5628 ELkbd ( UnsignedFile.Multi.Generic ) - warning
11:55:13.0156 5628 ELkbd - detected UnsignedFile.Multi.Generic (1)
11:55:13.0156 5628 [ 483CCE5E40137D4E437F4DEF55C80007 ] ELmon C:\WINDOWS\System32\Drivers\Elmon.sys
11:55:13.0218 5628 ELmon ( UnsignedFile.Multi.Generic ) - warning
11:55:13.0218 5628 ELmon - detected UnsignedFile.Multi.Generic (1)
11:55:13.0234 5628 [ 8E88CAFEAC0812BF2D15BEEEDFCCE8BD ] ELmou C:\WINDOWS\System32\Drivers\Elmou.sys
11:55:13.0328 5628 ELmou ( UnsignedFile.Multi.Generic ) - warning
11:55:13.0328 5628 ELmou - detected UnsignedFile.Multi.Generic (1)
11:55:13.0531 5628 [ 47FCF6628E1A221C41F3F0130FBF258E ] ELService C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe
11:55:13.0562 5628 ELService ( UnsignedFile.Multi.Generic ) - warning
11:55:13.0562 5628 ELService - detected UnsignedFile.Multi.Generic (1)
11:55:13.0625 5628 [ E7587C11022880A9A6EABD534BFE90D0 ] epstwnt C:\WINDOWS\system32\Drivers\epstwnt.mpd
11:55:13.0687 5628 epstwnt ( UnsignedFile.Multi.Generic ) - warning
11:55:13.0687 5628 epstwnt - detected UnsignedFile.Multi.Generic (1)
11:55:13.0796 5628 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:55:14.0000 5628 ERSvc - ok
11:55:14.0140 5628 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
11:55:14.0312 5628 Eventlog - ok
11:55:14.0406 5628 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
11:55:14.0671 5628 EventSystem - ok
11:55:14.0734 5628 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:55:14.0875 5628 Fastfat - ok
11:55:14.0984 5628 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:55:15.0171 5628 FastUserSwitchingCompatibility - ok
11:55:15.0265 5628 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
11:55:15.0640 5628 Fax - ok
11:55:15.0656 5628 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
11:55:15.0875 5628 Fdc - ok
11:55:15.0921 5628 [ F83C0FD028DD37BE4A337B138EBA6B7B ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
11:55:15.0953 5628 FilterService - ok
11:55:15.0968 5628 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:55:16.0125 5628 Fips - ok
11:55:16.0375 5628 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:55:17.0390 5628 FLEXnet Licensing Service - ok
11:55:17.0500 5628 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
11:55:17.0640 5628 Flpydisk - ok
11:55:17.0750 5628 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:55:18.0093 5628 FltMgr - ok
11:55:18.0187 5628 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:55:18.0265 5628 FontCache3.0.0.0 - ok
11:55:18.0312 5628 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:55:18.0437 5628 Fs_Rec - ok
11:55:18.0468 5628 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:55:18.0640 5628 Ftdisk - ok
11:55:18.0640 5628 ftsata2 - ok
11:55:18.0734 5628 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:55:18.0781 5628 GEARAspiWDM - ok
11:55:18.0843 5628 [ FBF9A126F8F027AC4A35BBEC7BD3275B ] getPlus® Helper C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
11:55:18.0968 5628 getPlus® Helper - ok
11:55:19.0015 5628 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:55:19.0218 5628 Gpc - ok
11:55:19.0484 5628 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca2e455298b5a2 C:\Program Files\Google\Update\GoogleUpdate.exe
11:55:19.0625 5628 gupdate1ca2e455298b5a2 - ok
11:55:19.0640 5628 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:55:19.0656 5628 gupdatem - ok
11:55:19.0812 5628 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:55:19.0968 5628 gusvc - ok
11:55:20.0031 5628 [ 55E4DA7C8CBBA1F2D71720FCA7A5C086 ] hcwPP2 C:\WINDOWS\system32\DRIVERS\hcwPP2.sys
11:55:20.0187 5628 hcwPP2 ( UnsignedFile.Multi.Generic ) - warning
11:55:20.0187 5628 hcwPP2 - detected UnsignedFile.Multi.Generic (1)
11:55:20.0296 5628 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:55:20.0437 5628 HDAudBus - ok
11:55:20.0609 5628 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:55:20.0750 5628 helpsvc - ok
11:55:20.0812 5628 [ BB1A6FB7D35A91E599973FA74A619056 ] HidIr C:\WINDOWS\system32\DRIVERS\hidir.sys
11:55:20.0968 5628 HidIr - ok
11:55:21.0031 5628 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
11:55:21.0140 5628 HidServ - ok
11:55:21.0203 5628 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:55:21.0312 5628 HidUsb - ok
11:55:21.0421 5628 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:55:21.0562 5628 hkmsvc - ok
11:55:21.0796 5628 [ 16959F84844DC9B2CEF0D5B1A412370F ] HP LaserJet Service C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
11:55:21.0875 5628 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - warning
11:55:21.0875 5628 HP LaserJet Service - detected UnsignedFile.Multi.Generic (1)
11:55:21.0937 5628 [ E4E0B356A8756066CF89080D9DA69F22 ] HPFXBULK C:\WINDOWS\system32\drivers\hpfxbulk.sys
11:55:22.0062 5628 HPFXBULK - ok
11:55:22.0140 5628 [ 6F98A555ACF3C1B68FCC1F50E0FD2091 ] HPFXBULKLEDM C:\WINDOWS\system32\drivers\hppcbulkio.sys
11:55:22.0171 5628 HPFXBULKLEDM - ok
11:55:22.0250 5628 [ 7F854BD9C113B4569CE6579EA3847A2A ] HPFXFAX C:\WINDOWS\system32\drivers\hppcfaxio.sys
11:55:22.0406 5628 HPFXFAX - ok
11:55:22.0406 5628 hpn - ok
11:55:22.0437 5628 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:55:22.0578 5628 HPZid412 - ok
11:55:22.0625 5628 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:55:22.0796 5628 HPZipr12 - ok
11:55:22.0843 5628 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:55:22.0984 5628 HPZius12 - ok
11:55:23.0109 5628 [ 1F5C64B0C6B2E2F48735A77AE714CCB8 ] HSXHWBS2 C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys
11:55:23.0359 5628 HSXHWBS2 ( UnsignedFile.Multi.Generic ) - warning
11:55:23.0359 5628 HSXHWBS2 - detected UnsignedFile.Multi.Generic (1)
11:55:23.0531 5628 [ A7F8C9228898A1E871D2AE7082F50AC3 ] HSX_DP C:\WINDOWS\system32\DRIVERS\HSX_DP.sys
11:55:23.0843 5628 HSX_DP ( UnsignedFile.Multi.Generic ) - warning
11:55:23.0843 5628 HSX_DP - detected UnsignedFile.Multi.Generic (1)
11:55:23.0906 5628 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:55:24.0046 5628 HTTP - ok
11:55:24.0093 5628 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:55:24.0187 5628 HTTPFilter - ok
11:55:24.0203 5628 i2omgmt - ok
11:55:24.0203 5628 i2omp - ok
11:55:24.0218 5628 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:55:24.0390 5628 i8042prt - ok
11:55:24.0578 5628 [ B122BE74E283A2BC7FEBC180BFD2EFD5 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
11:55:24.0671 5628 IAANTMON ( UnsignedFile.Multi.Generic ) - warning
11:55:24.0671 5628 IAANTMON - detected UnsignedFile.Multi.Generic (1)
11:55:24.0796 5628 [ 019CF5F31C67030841233C545A0E217A ] iaStor C:\WINDOWS\system32\DRIVERS\iastor.sys
11:55:24.0828 5628 iaStor ( UnsignedFile.Multi.Generic ) - warning
11:55:24.0828 5628 iaStor - detected UnsignedFile.Multi.Generic (1)
11:55:25.0093 5628 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:55:25.0203 5628 IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:55:25.0203 5628 IDriverT - detected UnsignedFile.Multi.Generic (1)
11:55:25.0734 5628 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:55:26.0875 5628 idsvc - ok
11:55:26.0906 5628 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:55:27.0046 5628 Imapi - ok
11:55:27.0109 5628 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:55:27.0250 5628 ImapiService - ok
11:55:27.0250 5628 ini910u - ok
11:55:27.0406 5628 [ B611CB7FE91EBB8AD31C89B14912C35B ] InoRPC C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
11:55:27.0468 5628 InoRPC - ok
11:55:27.0546 5628 [ F30A2CFBCA7BD7032A65CD658015F004 ] InoRT C:\Program Files\CA\eTrust Antivirus\InoRT.exe
11:55:27.0578 5628 InoRT - ok
11:55:27.0609 5628 [ 97CD5E98FA0415B53448C098E979C9E8 ] InoTask C:\Program Files\CA\eTrust Antivirus\InoTask.exe
11:55:27.0625 5628 InoTask - ok
11:55:27.0671 5628 [ A7A507C4C8598B5BCB86548A4A8C1C96 ] INO_FLPY C:\WINDOWS\system32\Drivers\ino_flpy.sys
11:55:27.0718 5628 INO_FLPY ( UnsignedFile.Multi.Generic ) - warning
11:55:27.0718 5628 INO_FLPY - detected UnsignedFile.Multi.Generic (1)
11:55:27.0734 5628 [ F73969544CEA136A817CF5D18036D2CF ] INO_FLTR C:\WINDOWS\system32\Drivers\ino_fltr.sys
11:55:27.0765 5628 INO_FLTR ( UnsignedFile.Multi.Generic ) - warning
11:55:27.0765 5628 INO_FLTR - detected UnsignedFile.Multi.Generic (1)
11:55:28.0640 5628 [ AB2FE0FAA519880BD16E4A0792D633D2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:55:30.0312 5628 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - warning
11:55:30.0312 5628 IntcAzAudAddService - detected UnsignedFile.Multi.Generic (1)
11:55:30.0343 5628 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
11:55:30.0515 5628 IntelIde - ok
11:55:30.0562 5628 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:55:30.0750 5628 intelppm - ok
11:55:30.0984 5628 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
11:55:31.0000 5628 IntuitUpdateService - ok
11:55:31.0171 5628 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
11:55:31.0203 5628 IntuitUpdateServiceV4 - ok
11:55:31.0234 5628 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:55:31.0390 5628 Ip6Fw - ok
11:55:31.0484 5628 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:55:31.0718 5628 IpFilterDriver - ok
11:55:31.0906 5628 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:55:32.0031 5628 IpInIp - ok
11:55:32.0093 5628 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:55:32.0281 5628 IpNat - ok
11:55:32.0593 5628 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:55:32.0656 5628 iPod Service - ok
11:55:32.0671 5628 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:55:32.0812 5628 IPSec - ok
11:55:32.0984 5628 [ B43B36B382AEA10861F7C7A37F9D4AE2 ] IrBus C:\WINDOWS\system32\DRIVERS\IrBus.sys
11:55:33.0109 5628 IrBus - ok
11:55:33.0156 5628 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:55:33.0296 5628 IRENUM - ok
11:55:33.0343 5628 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:55:33.0500 5628 isapnp - ok
11:55:33.0578 5628 [ 5472D771C0197355C1D347F20392B982 ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
11:55:33.0671 5628 JavaQuickStarterService - ok
11:55:33.0687 5628 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:55:33.0812 5628 Kbdclass - ok
11:55:33.0843 5628 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:55:33.0937 5628 kbdhid - ok
11:55:34.0015 5628 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:55:34.0140 5628 kmixer - ok
11:55:34.0265 5628 [ 9646A100ACF21516DB1052BC419332BA ] KodakDigitalDisplayService C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe
11:55:34.0390 5628 KodakDigitalDisplayService ( UnsignedFile.Multi.Generic ) - warning
11:55:34.0390 5628 KodakDigitalDisplayService - detected UnsignedFile.Multi.Generic (1)
11:55:34.0421 5628 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:55:34.0640 5628 KSecDD - ok
11:55:34.0687 5628 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:55:34.0843 5628 lanmanserver - ok
11:55:34.0906 5628 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:55:35.0031 5628 lanmanworkstation - ok
11:55:35.0031 5628 lbrtfdc - ok
11:55:35.0156 5628 [ 5D4B38A8D8525356798F5E560C3A3090 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:55:35.0203 5628 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
11:55:35.0203 5628 LightScribeService - detected UnsignedFile.Multi.Generic (1)
11:55:35.0296 5628 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:55:35.0453 5628 LmHosts - ok
11:55:35.0515 5628 [ F96CFB47903854F228BAAF3E2D41A0A3 ] LVPr2Mon C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
11:55:35.0734 5628 LVPr2Mon - ok
11:55:35.0875 5628 [ FF23862146A682FCC3DBAA002E22F958 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
11:55:35.0984 5628 LVPrcSrv - ok
11:55:36.0140 5628 [ A198CD8A1C813D9CEBA29A29D45FC94C ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
11:55:36.0390 5628 LVRS - ok
11:55:36.0515 5628 [ 8B79A50360FC31DF6B7B979B686B4AA2 ] LVUSBSta C:\WINDOWS\system32\drivers\LVUSBSta.sys
11:55:36.0531 5628 LVUSBSta - ok
11:55:37.0296 5628 [ 5C20C4BE679842CBEE729B0CFF5928BD ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
11:55:39.0859 5628 LVUVC - ok
11:55:40.0000 5628 [ 69A6268D7F81E53D568AB4E7E991CAF3 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
11:55:40.0031 5628 MBAMProtector - ok
11:55:40.0125 5628 [ 94E920BE59B9AB65D95E582DBAA136AC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:55:40.0531 5628 MBAMService - ok
11:55:40.0531 5628 MBAMSwissArmy - ok
11:55:40.0578 5628 [ BEC8D118490817F93FBE620B30EC7264 ] McrdSvc C:\WINDOWS\ehome\McrdSvc.exe
11:55:40.0609 5628 McrdSvc ( UnsignedFile.Multi.Generic ) - warning
11:55:40.0609 5628 McrdSvc - detected UnsignedFile.Multi.Generic (1)
11:55:40.0703 5628 [ 5BB01B9F582259D1FB7653C5C1DA3653 ] MCSTRM C:\WINDOWS\system32\drivers\MCSTRM.sys
11:55:40.0750 5628 MCSTRM ( UnsignedFile.Multi.Generic ) - warning
11:55:40.0750 5628 MCSTRM - detected UnsignedFile.Multi.Generic (1)
11:55:40.0765 5628 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:55:40.0828 5628 mdmxsdk ( UnsignedFile.Multi.Generic ) - warning
11:55:40.0828 5628 mdmxsdk - detected UnsignedFile.Multi.Generic (1)
11:55:40.0875 5628 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:55:41.0031 5628 Messenger - ok
11:55:41.0156 5628 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
11:55:41.0250 5628 MHN ( UnsignedFile.Multi.Generic ) - warning
11:55:41.0250 5628 MHN - detected UnsignedFile.Multi.Generic (1)
11:55:41.0343 5628 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
11:55:41.0390 5628 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
11:55:41.0390 5628 MHNDRV - detected UnsignedFile.Multi.Generic (1)
11:55:41.0421 5628 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:55:41.0609 5628 mnmdd - ok
11:55:41.0718 5628 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:55:41.0875 5628 mnmsrvc - ok
11:55:41.0906 5628 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:55:42.0015 5628 Modem - ok
11:55:42.0046 5628 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:55:42.0171 5628 Mouclass - ok
11:55:42.0250 5628 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:55:42.0390 5628 mouhid - ok
11:55:42.0406 5628 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:55:42.0531 5628 MountMgr - ok
11:55:42.0531 5628 mraid35x - ok
11:55:42.0593 5628 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:55:42.0843 5628 MRxDAV - ok
11:55:42.0968 5628 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:55:43.0265 5628 MRxSmb - ok
11:55:43.0390 5628 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:55:43.0515 5628 MSDTC - ok
11:55:43.0562 5628 [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV C:\WINDOWS\system32\DRIVERS\msdv.sys
11:55:43.0718 5628 MSDV - ok
11:55:43.0750 5628 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:55:43.0875 5628 Msfs - ok
11:55:43.0875 5628 MSIServer - ok
11:55:43.0921 5628 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:55:44.0046 5628 MSKSSRV - ok
11:55:44.0062 5628 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:55:44.0203 5628 MSPCLOCK - ok
11:55:44.0218 5628 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:55:44.0343 5628 MSPQM - ok
11:55:44.0390 5628 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:55:44.0515 5628 mssmbios - ok
11:55:44.0531 5628 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:55:44.0640 5628 MSTEE - ok
11:55:44.0687 5628 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:55:44.0828 5628 Mup - ok
11:55:44.0875 5628 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:55:45.0250 5628 NABTSFEC - ok
11:55:45.0421 5628 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:55:45.0765 5628 napagent - ok
11:55:45.0843 5628 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:55:46.0062 5628 NDIS - ok
11:55:46.0093 5628 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:55:46.0218 5628 NdisIP - ok
11:55:46.0281 5628 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:55:46.0406 5628 NdisTapi - ok
11:55:46.0453 5628 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:55:46.0578 5628 Ndisuio - ok
11:55:46.0656 5628 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:55:46.0796 5628 NdisWan - ok
11:55:46.0859 5628 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:55:46.0984 5628 NDProxy - ok
11:55:47.0031 5628 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
11:55:47.0125 5628 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:55:47.0125 5628 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:55:47.0156 5628 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:55:47.0312 5628 NetBIOS - ok
11:55:47.0343 5628 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:55:47.0578 5628 NetBT - ok
11:55:47.0640 5628 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
11:55:48.0031 5628 NetDDE - ok
11:55:48.0046 5628 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:55:48.0140 5628 NetDDEdsdm - ok
11:55:48.0187 5628 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:55:48.0296 5628 Netlogon - ok
11:55:48.0453 5628 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
11:55:48.0671 5628 Netman - ok
11:55:48.0734 5628 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:55:48.0984 5628 NetTcpPortSharing - ok
11:55:49.0015 5628 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:55:49.0171 5628 NIC1394 - ok
11:55:49.0234 5628 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
11:55:49.0328 5628 Nla - ok
11:55:49.0453 5628 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:55:49.0593 5628 Npfs - ok
11:55:49.0765 5628 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:55:50.0281 5628 Ntfs - ok
11:55:50.0296 5628 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:55:50.0390 5628 NtLmSsp - ok
11:55:50.0593 5628 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:55:50.0937 5628 NtmsSvc - ok
11:55:51.0000 5628 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:55:51.0171 5628 Null - ok
11:55:52.0625 5628 [ B9B1BB146EB9A83DCF0F5635B09D3D43 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:55:57.0625 5628 nv - ok
11:55:57.0796 5628 [ CC4F8220EAD1F6A38D51679708F435B9 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
11:55:57.0906 5628 NVSvc - ok
11:55:57.0937 5628 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:55:58.0156 5628 NwlnkFlt - ok
11:55:58.0171 5628 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:55:58.0312 5628 NwlnkFwd - ok
11:55:58.0609 5628 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:55:58.0921 5628 odserv - ok
11:55:58.0953 5628 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:55:59.0062 5628 ohci1394 - ok
11:55:59.0250 5628 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:55:59.0640 5628 ose - ok
11:55:59.0718 5628 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:55:59.0875 5628 Parport - ok
11:55:59.0937 5628 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:56:00.0046 5628 PartMgr - ok
11:56:00.0125 5628 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:56:00.0281 5628 ParVdm - ok
11:56:00.0281 5628 PCAMPR5 - ok
11:56:00.0312 5628 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:56:00.0406 5628 PCI - ok
11:56:00.0421 5628 PCIDump - ok
11:56:00.0437 5628 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:56:00.0562 5628 PCIIde - ok
11:56:00.0609 5628 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:56:00.0750 5628 Pcmcia - ok
11:56:00.0750 5628 PDCOMP - ok
11:56:00.0765 5628 PDFRAME - ok
11:56:00.0765 5628 PDRELI - ok
11:56:00.0765 5628 PDRFRAME - ok
11:56:00.0781 5628 perc2 - ok
11:56:00.0781 5628 perc2hib - ok
11:56:00.0812 5628 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
11:56:00.0843 5628 PlugPlay - ok
11:56:01.0250 5628 [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
11:56:01.0765 5628 PMBDeviceInfoProvider - ok
11:56:01.0812 5628 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
11:56:01.0859 5628 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:56:01.0859 5628 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:56:01.0875 5628 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:56:01.0968 5628 PolicyAgent - ok
11:56:02.0031 5628 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:56:02.0171 5628 PptpMiniport - ok
11:56:02.0171 5628 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:56:02.0250 5628 ProtectedStorage - ok
11:56:02.0421 5628 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
11:56:02.0468 5628 Ps2 ( UnsignedFile.Multi.Generic ) - warning
11:56:02.0468 5628 Ps2 - detected UnsignedFile.Multi.Generic (1)
11:56:02.0593 5628 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:56:02.0781 5628 PSched - ok
11:56:02.0859 5628 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:56:03.0031 5628 Ptilink - ok
11:56:03.0171 5628 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:56:03.0218 5628 PxHelp20 - ok
11:56:03.0218 5628 ql1080 - ok
11:56:03.0218 5628 Ql10wnt - ok
11:56:03.0234 5628 ql12160 - ok
11:56:03.0234 5628 ql1240 - ok
11:56:03.0234 5628 ql1280 - ok
11:56:03.0281 5628 [ D2EA58899FCF66539FAD12897B787216 ] QWAVE C:\WINDOWS\system32\qwave.dll
11:56:03.0437 5628 QWAVE ( UnsignedFile.Multi.Generic ) - warning
11:56:03.0437 5628 QWAVE - detected UnsignedFile.Multi.Generic (1)
11:56:03.0484 5628 [ 2BB1D2BAF3493362E5C1949C5F210D5F ] QWAVEDRV C:\WINDOWS\system32\DRIVERS\qwavedrv.sys
11:56:03.0546 5628 QWAVEDRV ( UnsignedFile.Multi.Generic ) - warning
11:56:03.0546 5628 QWAVEDRV - detected UnsignedFile.Multi.Generic (1)
11:56:03.0578 5628 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:56:03.0703 5628 RasAcd - ok
11:56:03.0750 5628 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:56:03.0906 5628 RasAuto - ok
11:56:03.0906 5628 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:56:04.0046 5628 Rasl2tp - ok
11:56:04.0125 5628 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:56:04.0218 5628 RasMan - ok
11:56:04.0250 5628 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:56:04.0406 5628 RasPppoe - ok
11:56:04.0468 5628 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:56:04.0625 5628 Raspti - ok
11:56:04.0640 5628 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:56:04.0843 5628 Rdbss - ok
11:56:04.0906 5628 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:56:05.0062 5628 RDPCDD - ok
11:56:05.0109 5628 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:56:05.0312 5628 rdpdr - ok
11:56:05.0421 5628 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:56:05.0640 5628 RDPWD - ok
11:56:05.0796 5628 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:56:06.0015 5628 RDSessMgr - ok
11:56:06.0125 5628 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:56:06.0296 5628 redbook - ok
11:56:06.0375 5628 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:56:06.0500 5628 RemoteAccess - ok
11:56:06.0546 5628 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:56:06.0718 5628 RemoteRegistry - ok
11:56:06.0718 5628 RimUsb - ok
11:56:06.0750 5628 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
11:56:06.0843 5628 RimVSerPort - ok
11:56:06.0906 5628 [ 868E6C58E9B301A768AE50E2A8E3C5D5 ] RMSvc C:\WINDOWS\ehome\RMSvc.exe
11:56:06.0937 5628 RMSvc ( UnsignedFile.Multi.Generic ) - warning
11:56:06.0937 5628 RMSvc - detected UnsignedFile.Multi.Generic (1)
11:56:06.0968 5628 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
11:56:07.0171 5628 ROOTMODEM - ok
11:56:07.0218 5628 RoxLiveShare9 - ok
11:56:07.0234 5628 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
11:56:07.0515 5628 RpcLocator - ok
11:56:07.0531 5628 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:56:07.0656 5628 RpcSs - ok
11:56:07.0687 5628 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:56:07.0875 5628 RSVP - ok
11:56:08.0109 5628 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
11:56:08.0234 5628 rtl8139 - ok
11:56:08.0265 5628 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
11:56:08.0343 5628 SamSs - ok
11:56:08.0562 5628 [ 30D94039A729571146EB9D736EC1AADD ] SbcpHid C:\WINDOWS\system32\Drivers\SbcpHid.sys
11:56:08.0640 5628 SbcpHid ( UnsignedFile.Multi.Generic ) - warning
11:56:08.0640 5628 SbcpHid - detected UnsignedFile.Multi.Generic (1)
11:56:08.0687 5628 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:56:08.0843 5628 SCardSvr - ok
11:56:08.0937 5628 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:56:09.0093 5628 Schedule - ok
11:56:09.0187 5628 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:56:09.0296 5628 Secdrv - ok
11:56:09.0421 5628 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:56:09.0546 5628 seclogon - ok
11:56:09.0562 5628 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
11:56:09.0687 5628 SENS - ok
11:56:09.0750 5628 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
11:56:09.0875 5628 Serial - ok
11:56:09.0921 5628 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:56:10.0046 5628 Sfloppy - ok
11:56:10.0406 5628 [ 1E00A6496E303DD73924A0D29C0CDB48 ] SgtSch2Svc C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
11:56:10.0671 5628 SgtSch2Svc - ok
11:56:10.0812 5628 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:56:11.0031 5628 SharedAccess - ok
11:56:11.0078 5628 [ 0A988950F625145A0730BA717F9C1C05 ] SHARSHTL C:\WINDOWS\System32\Drivers\sharshtl.sys
11:56:11.0125 5628 SHARSHTL ( UnsignedFile.Multi.Generic ) - warning
11:56:11.0125 5628 SHARSHTL - detected UnsignedFile.Multi.Generic (1)
11:56:11.0171 5628 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:56:11.0281 5628 ShellHWDetection - ok
11:56:11.0281 5628 Simbad - ok
11:56:11.0343 5628 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
11:56:11.0484 5628 SkypeUpdate - ok
11:56:11.0500 5628 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:56:11.0625 5628 SLIP - ok
11:56:11.0906 5628 [ 5CE1CF27620B144E212D407CDB14D339 ] snapman380 C:\WINDOWS\system32\DRIVERS\snman380.sys
11:56:11.0968 5628 snapman380 - ok
11:56:11.0968 5628 Sparrow - ok
11:56:12.0000 5628 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:56:12.0093 5628 splitter - ok
11:56:12.0156 5628 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:56:12.0203 5628 Spooler - ok
11:56:12.0218 5628 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:56:12.0328 5628 sr - ok
11:56:12.0359 5628 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
11:56:12.0453 5628 srservice - ok
11:56:12.0484 5628 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:56:12.0609 5628 Srv - ok
11:56:12.0640 5628 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:56:12.0750 5628 SSDPSRV - ok
11:56:12.0781 5628 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
11:56:12.0890 5628 StillCam - ok
11:56:12.0921 5628 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:56:13.0156 5628 stisvc - ok
11:56:13.0187 5628 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:56:13.0312 5628 streamip - ok
11:56:13.0328 5628 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:56:13.0421 5628 swenum - ok
11:56:13.0437 5628 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:56:13.0531 5628 swmidi - ok
11:56:13.0531 5628 SwPrv - ok
11:56:13.0546 5628 symc810 - ok
11:56:13.0546 5628 symc8xx - ok
11:56:13.0546 5628 sym_hi - ok
11:56:13.0562 5628 sym_u3 - ok
11:56:13.0593 5628 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:56:13.0687 5628 sysaudio - ok
11:56:13.0718 5628 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:56:13.0843 5628 SysmonLog - ok
11:56:13.0906 5628 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:56:14.0046 5628 TapiSrv - ok
11:56:14.0093 5628 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:56:14.0109 5628 Tcpip - ok
11:56:14.0140 5628 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:56:14.0250 5628 TDPIPE - ok
11:56:14.0296 5628 [ D953F161177DAB3C8440844A9AB6E5A2 ] tdrpman174 C:\WINDOWS\system32\DRIVERS\tdrpm174.sys
11:56:14.0375 5628 tdrpman174 - ok
11:56:14.0390 5628 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:56:14.0500 5628 TDTCP - ok
11:56:14.0515 5628 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:56:14.0609 5628 TermDD - ok
11:56:14.0656 5628 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
11:56:14.0765 5628 TermService - ok
11:56:14.0781 5628 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
11:56:14.0812 5628 Themes - ok
11:56:14.0859 5628 [ A1124EBC672AA3AE1B327096C1DCC346 ] TIEHDUSB C:\WINDOWS\system32\drivers\tiehdusb.sys
11:56:14.0890 5628 TIEHDUSB ( UnsignedFile.Multi.Generic ) - warning
11:56:14.0890 5628 TIEHDUSB - detected UnsignedFile.Multi.Generic (1)
11:56:14.0968 5628 [ 711FCFF933B1E5DA14DCBAAA9655D282 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
11:56:15.0000 5628 timounter - ok
11:56:15.0062 5628 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
11:56:15.0187 5628 TlntSvr - ok
11:56:15.0187 5628 TosIde - ok
11:56:15.0218 5628 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:56:15.0328 5628 TrkWks - ok
11:56:15.0359 5628 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:56:15.0515 5628 Udfs - ok
11:56:15.0515 5628 ultra - ok
11:56:15.0546 5628 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:56:15.0656 5628 Update - ok
11:56:15.0703 5628 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:56:15.0812 5628 upnphost - ok
11:56:15.0843 5628 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
11:56:15.0937 5628 UPS - ok
11:56:15.0968 5628 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
11:56:16.0031 5628 USBAAPL - ok
11:56:16.0062 5628 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
11:56:16.0171 5628 usbaudio - ok
11:56:16.0187 5628 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:56:16.0281 5628 usbccgp - ok
11:56:16.0312 5628 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:56:16.0406 5628 usbehci - ok
11:56:16.0406 5628 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:56:16.0515 5628 usbhub - ok
11:56:16.0531 5628 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:56:16.0640 5628 usbprint - ok
11:56:16.0671 5628 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:56:16.0765 5628 usbscan - ok
11:56:16.0781 5628 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:56:16.0875 5628 usbstor - ok
11:56:16.0890 5628 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:56:17.0000 5628 usbuhci - ok
11:56:17.0015 5628 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:56:17.0125 5628 VgaSave - ok
11:56:17.0140 5628 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
11:56:17.0234 5628 ViaIde - ok
11:56:17.0250 5628 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:56:17.0343 5628 VolSnap - ok
11:56:17.0375 5628 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
11:56:17.0484 5628 VSS - ok
11:56:17.0515 5628 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
11:56:17.0609 5628 W32Time - ok
11:56:17.0625 5628 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:56:17.0718 5628 Wanarp - ok
11:56:17.0718 5628 WDICA - ok
11:56:17.0750 5628 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:56:17.0875 5628 wdmaud - ok
11:56:17.0906 5628 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:56:17.0984 5628 WebClient - ok
11:56:18.0031 5628 [ 11EC1AFCEB5C917CE73D3C301FF4291E ] winachsx C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
11:56:18.0078 5628 winachsx ( UnsignedFile.Multi.Generic ) - warning
11:56:18.0078 5628 winachsx - detected UnsignedFile.Multi.Generic (1)
11:56:18.0234 5628 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:56:18.0343 5628 winmgmt - ok
11:56:18.0406 5628 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:56:18.0500 5628 wlidsvc - ok
11:56:18.0531 5628 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:56:18.0578 5628 WmdmPmSN - ok
11:56:18.0625 5628 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:56:18.0687 5628 Wmi - ok
11:56:18.0750 5628 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:56:18.0859 5628 WmiApSrv - ok
11:56:19.0140 5628 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
11:56:19.0312 5628 WMPNetworkSvc - ok
11:56:19.0390 5628 [ B72D232E46FF5EE2BD8F61498B748DF7 ] WN5301 C:\WINDOWS\system32\DRIVERS\wn5301.sys
11:56:19.0546 5628 WN5301 ( UnsignedFile.Multi.Generic ) - warning
11:56:19.0546 5628 WN5301 - detected UnsignedFile.Multi.Generic (1)
11:56:19.0828 5628 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:56:19.0875 5628 WPFFontCache_v0400 - ok
11:56:19.0906 5628 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:56:20.0031 5628 WS2IFSL - ok
11:56:20.0062 5628 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:56:20.0156 5628 wscsvc - ok
11:56:20.0156 5628 WSearch - ok
11:56:20.0171 5628 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:56:20.0265 5628 WSTCODEC - ok
11:56:20.0281 5628 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:56:20.0406 5628 wuauserv - ok
11:56:20.0437 5628 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:56:20.0468 5628 WudfPf - ok
11:56:20.0500 5628 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:56:20.0515 5628 WudfRd - ok
11:56:20.0531 5628 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:56:20.0562 5628 WudfSvc - ok
11:56:20.0593 5628 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:56:20.0703 5628 WZCSVC - ok
11:56:20.0734 5628 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:56:20.0843 5628 xmlprov - ok
11:56:20.0859 5628 ================ Scan global ===============================
11:56:20.0890 5628 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:56:20.0921 5628 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:56:20.0937 5628 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:56:20.0953 5628 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:56:20.0953 5628 [Global] - ok
11:56:20.0953 5628 ================ Scan MBR ==================================
11:56:20.0968 5628 [ ED18B096BC416BFB306882A7C2EBA877 ] \Device\Harddisk0\DR0
11:56:21.0187 5628 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:56:21.0187 5628 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:56:21.0203 5628 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk1\DR1
11:56:21.0750 5628 \Device\Harddisk1\DR1 - ok
11:56:21.0765 5628 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR10
11:56:21.0875 5628 \Device\Harddisk6\DR10 - ok
11:56:21.0875 5628 ================ Scan VBR ==================================
11:56:21.0875 5628 [ EDAE0F87954496722AF14707E9A6F04E ] \Device\Harddisk0\DR0\Partition1
11:56:21.0890 5628 \Device\Harddisk0\DR0\Partition1 - ok
11:56:21.0921 5628 [ 9C82DEAAE58CE6B3E7B9C615FC871EAE ] \Device\Harddisk0\DR0\Partition2
11:56:21.0921 5628 \Device\Harddisk0\DR0\Partition2 - ok
11:56:21.0921 5628 [ 2C9AF33B891071DA04237139C66DCC60 ] \Device\Harddisk1\DR1\Partition1
11:56:21.0921 5628 \Device\Harddisk1\DR1\Partition1 - ok
11:56:21.0921 5628 [ B09CADBC63C475867DE5683D9456B09E ] \Device\Harddisk6\DR10\Partition1
11:56:21.0937 5628 \Device\Harddisk6\DR10\Partition1 - ok
11:56:21.0937 5628 ================ Scan active images ========================
11:56:21.0937 5628 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
11:56:21.0937 5628 C:\WINDOWS\system32\drivers\intelppm.sys - ok
11:56:21.0937 5628 [ 0923AEC043F5D355B4EF0C2B29A362DE ] C:\WINDOWS\system32\drivers\ELacpi.sys
11:56:21.0937 5628 C:\WINDOWS\system32\drivers\ELacpi.sys - ok
11:56:21.0937 5628 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
11:56:21.0937 5628 C:\WINDOWS\system32\drivers\videoprt.sys - ok
11:56:21.0937 5628 [ B9B1BB146EB9A83DCF0F5635B09D3D43 ] C:\WINDOWS\system32\drivers\nv4_mini.sys
11:56:21.0937 5628 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
11:56:21.0953 5628 [ B0ABABBBE2E61FC916A21182AC2CEFF1 ] C:\WINDOWS\system32\drivers\e1e5132.sys
11:56:21.0953 5628 C:\WINDOWS\system32\drivers\e1e5132.sys - ok
11:56:21.0953 5628 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
11:56:21.0953 5628 C:\WINDOWS\system32\drivers\usbport.sys - ok
11:56:21.0953 5628 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
11:56:21.0953 5628 C:\WINDOWS\system32\drivers\usbehci.sys - ok
11:56:21.0953 5628 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
11:56:21.0953 5628 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
11:56:21.0953 5628 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
11:56:21.0953 5628 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
11:56:21.0968 5628 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
11:56:21.0968 5628 C:\WINDOWS\system32\drivers\usbd.sys - ok
11:56:21.0968 5628 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
11:56:21.0968 5628 C:\WINDOWS\system32\drivers\ks.sys - ok
11:56:21.0968 5628 [ 8B79A50360FC31DF6B7B979B686B4AA2 ] C:\WINDOWS\system32\drivers\LVUSBSta.sys
11:56:21.0968 5628 C:\WINDOWS\system32\drivers\LVUSBSta.sys - ok
11:56:21.0968 5628 [ 55E4DA7C8CBBA1F2D71720FCA7A5C086 ] C:\WINDOWS\system32\drivers\hcwPP2.sys
11:56:21.0968 5628 C:\WINDOWS\system32\drivers\hcwPP2.sys - ok
11:56:21.0968 5628 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
11:56:21.0968 5628 C:\WINDOWS\system32\drivers\nic1394.sys - ok
11:56:21.0984 5628 [ B72D232E46FF5EE2BD8F61498B748DF7 ] C:\WINDOWS\system32\drivers\wn5301.sys
11:56:21.0984 5628 C:\WINDOWS\system32\drivers\wn5301.sys - ok
11:56:21.0984 5628 [ 1F5C64B0C6B2E2F48735A77AE714CCB8 ] C:\WINDOWS\system32\drivers\HSXHWBS2.sys
11:56:21.0984 5628 C:\WINDOWS\system32\drivers\HSXHWBS2.sys - ok
11:56:21.0984 5628 [ A7F8C9228898A1E871D2AE7082F50AC3 ] C:\WINDOWS\system32\drivers\HSX_DP.sys
11:56:21.0984 5628 C:\WINDOWS\system32\drivers\HSX_DP.sys - ok
11:56:21.0984 5628 [ 11EC1AFCEB5C917CE73D3C301FF4291E ] C:\WINDOWS\system32\drivers\HSX_CNXT.sys
11:56:21.0984 5628 C:\WINDOWS\system32\drivers\HSX_CNXT.sys - ok
11:56:22.0000 5628 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
11:56:22.0000 5628 C:\WINDOWS\system32\drivers\modem.sys - ok
11:56:22.0000 5628 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] C:\WINDOWS\system32\drivers\cdrom.sys
11:56:22.0000 5628 C:\WINDOWS\system32\drivers\cdrom.sys - ok
11:56:22.0000 5628 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
11:56:22.0000 5628 C:\WINDOWS\system32\drivers\redbook.sys - ok
11:56:22.0000 5628 [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
11:56:22.0000 5628 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
11:56:22.0000 5628 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
11:56:22.0000 5628 C:\WINDOWS\system32\drivers\imapi.sys - ok
11:56:22.0015 5628 [ A9573045BAA16EAB9B1085205B82F1ED ] C:\WINDOWS\system32\drivers\serscan.sys
11:56:22.0015 5628 C:\WINDOWS\system32\drivers\serscan.sys - ok
11:56:22.0015 5628 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] C:\WINDOWS\system32\drivers\usbscan.sys
11:56:22.0015 5628 C:\WINDOWS\system32\drivers\usbscan.sys - ok
11:56:22.0015 5628 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
11:56:22.0015 5628 C:\WINDOWS\system32\drivers\audstub.sys - ok
11:56:22.0015 5628 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
11:56:22.0015 5628 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
11:56:22.0031 5628 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
11:56:22.0031 5628 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
11:56:22.0031 5628 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
11:56:22.0031 5628 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
11:56:22.0031 5628 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
11:56:22.0031 5628 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
11:56:22.0031 5628 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
11:56:22.0031 5628 C:\WINDOWS\system32\drivers\tdi.sys - ok
11:56:22.0031 5628 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
11:56:22.0031 5628 C:\WINDOWS\system32\drivers\psched.sys - ok
11:56:22.0046 5628 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
11:56:22.0046 5628 C:\WINDOWS\system32\drivers\raspptp.sys - ok
11:56:22.0046 5628 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
11:56:22.0046 5628 C:\WINDOWS\system32\drivers\msgpc.sys - ok
11:56:22.0046 5628 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
11:56:22.0046 5628 C:\WINDOWS\system32\drivers\ptilink.sys - ok
11:56:22.0046 5628 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
11:56:22.0046 5628 C:\WINDOWS\system32\drivers\raspti.sys - ok
11:56:22.0046 5628 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
11:56:22.0046 5628 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
11:56:22.0062 5628 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
11:56:22.0062 5628 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
11:56:22.0062 5628 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
11:56:22.0062 5628 C:\WINDOWS\system32\drivers\mouclass.sys - ok
11:56:22.0062 5628 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
11:56:22.0062 5628 C:\WINDOWS\system32\drivers\termdd.sys - ok
11:56:22.0062 5628 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
11:56:22.0062 5628 C:\WINDOWS\system32\drivers\swenum.sys - ok
11:56:22.0062 5628 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
11:56:22.0062 5628 C:\WINDOWS\system32\drivers\update.sys - ok
11:56:22.0078 5628 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
11:56:22.0078 5628 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
11:56:22.0078 5628 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
11:56:22.0078 5628 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
11:56:22.0078 5628 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
11:56:22.0078 5628 C:\WINDOWS\system32\drivers\usbhub.sys - ok
11:56:22.0078 5628 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
11:56:22.0078 5628 C:\WINDOWS\system32\drivers\drmk.sys - ok
11:56:22.0093 5628 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
11:56:22.0093 5628 C:\WINDOWS\system32\drivers\portcls.sys - ok
11:56:22.0093 5628 [ AB2FE0FAA519880BD16E4A0792D633D2 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:56:22.0093 5628 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
11:56:22.0109 5628 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
11:56:22.0109 5628 C:\WINDOWS\system32\drivers\fdc.sys - ok
11:56:22.0109 5628 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
11:56:22.0109 5628 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
11:56:22.0109 5628 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
11:56:22.0109 5628 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
11:56:22.0109 5628 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
11:56:22.0109 5628 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
11:56:22.0109 5628 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
11:56:22.0109 5628 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
11:56:22.0125 5628 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
11:56:22.0125 5628 C:\WINDOWS\system32\drivers\beep.sys - ok
11:56:22.0125 5628 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
11:56:22.0125 5628 C:\WINDOWS\system32\drivers\null.sys - ok
11:56:22.0125 5628 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
11:56:22.0125 5628 C:\WINDOWS\system32\drivers\hidparse.sys - ok
11:56:22.0125 5628 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
11:56:22.0125 5628 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
11:56:22.0140 5628 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
11:56:22.0140 5628 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
11:56:22.0140 5628 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
11:56:22.0140 5628 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
11:56:22.0140 5628 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
11:56:22.0140 5628 C:\WINDOWS\system32\drivers\vga.sys - ok
11:56:22.0140 5628 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
11:56:22.0140 5628 C:\WINDOWS\system32\drivers\msfs.sys - ok
11:56:22.0140 5628 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
11:56:22.0140 5628 C:\WINDOWS\system32\drivers\npfs.sys - ok
11:56:22.0156 5628 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
11:56:22.0156 5628 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
11:56:22.0156 5628 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
11:56:22.0156 5628 C:\WINDOWS\system32\drivers\ipsec.sys - ok
11:56:22.0156 5628 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
11:56:22.0156 5628 C:\WINDOWS\system32\drivers\rasacd.sys - ok
11:56:22.0156 5628 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
11:56:22.0156 5628 C:\WINDOWS\system32\drivers\tcpip.sys - ok
11:56:22.0156 5628 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
11:56:22.0156 5628 C:\WINDOWS\system32\drivers\ipnat.sys - ok
11:56:22.0171 5628 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
11:56:22.0171 5628 C:\WINDOWS\system32\drivers\netbt.sys - ok
11:56:22.0171 5628 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
11:56:22.0171 5628 C:\WINDOWS\system32\drivers\wanarp.sys - ok
11:56:22.0171 5628 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
11:56:22.0171 5628 C:\WINDOWS\system32\drivers\afd.sys - ok
11:56:22.0171 5628 [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
11:56:22.0171 5628 C:\WINDOWS\system32\drivers\arp1394.sys - ok
11:56:22.0171 5628 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
11:56:22.0171 5628 C:\WINDOWS\system32\drivers\netbios.sys - ok
11:56:22.0187 5628 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
11:56:22.0187 5628 C:\WINDOWS\system32\drivers\rdbss.sys - ok
11:56:22.0187 5628 [ 30D94039A729571146EB9D736EC1AADD ] C:\WINDOWS\system32\drivers\SbcpHid.sys
11:56:22.0187 5628 C:\WINDOWS\system32\drivers\SbcpHid.sys - ok
11:56:22.0187 5628 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
11:56:22.0187 5628 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
11:56:22.0187 5628 [ 8E88CAFEAC0812BF2D15BEEEDFCCE8BD ] C:\WINDOWS\system32\drivers\Elmou.sys
11:56:22.0187 5628 C:\WINDOWS\system32\drivers\Elmou.sys - ok
11:56:22.0187 5628 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
11:56:22.0187 5628 C:\WINDOWS\system32\drivers\fips.sys - ok
11:56:22.0203 5628 [ CBD71E7772F92BFB85CCC302B2DEEFBA ] C:\WINDOWS\system32\drivers\Elhid.sys
11:56:22.0203 5628 C:\WINDOWS\system32\drivers\Elhid.sys - ok
11:56:22.0218 5628 [ AC75B576C45D144E146FD1F0576A1F53 ] C:\WINDOWS\system32\drivers\Elkbd.sys
11:56:22.0218 5628 C:\WINDOWS\system32\drivers\Elkbd.sys - ok
11:56:22.0218 5628 [ 483CCE5E40137D4E437F4DEF55C80007 ] C:\WINDOWS\system32\drivers\Elmon.sys
11:56:22.0218 5628 C:\WINDOWS\system32\drivers\Elmon.sys - ok
11:56:22.0218 5628 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
11:56:22.0218 5628 C:\WINDOWS\system32\ntdll.dll - ok
11:56:22.0218 5628 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
11:56:22.0218 5628 C:\WINDOWS\system32\smss.exe - ok
11:56:22.0218 5628 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
11:56:22.0218 5628 C:\WINDOWS\system32\autochk.exe - ok
11:56:22.0234 5628 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
11:56:22.0234 5628 C:\WINDOWS\system32\drivers\usbstor.sys - ok
11:56:22.0234 5628 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
11:56:22.0234 5628 C:\WINDOWS\system32\drivers\fastfat.sys - ok
11:56:22.0234 5628 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
11:56:22.0234 5628 C:\WINDOWS\system32\sfcfiles.dll - ok
11:56:22.0234 5628 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
11:56:22.0234 5628 C:\WINDOWS\system32\drivers\hidclass.sys - ok
11:56:22.0234 5628 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
11:56:22.0234 5628 C:\WINDOWS\system32\drivers\hidusb.sys - ok
11:56:22.0250 5628 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
11:56:22.0250 5628 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
11:56:22.0250 5628 [ B43B36B382AEA10861F7C7A37F9D4AE2 ] C:\WINDOWS\system32\drivers\irbus.sys
11:56:22.0250 5628 C:\WINDOWS\system32\drivers\irbus.sys - ok
11:56:22.0250 5628 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
11:56:22.0250 5628 C:\WINDOWS\system32\drivers\mouhid.sys - ok
11:56:22.0250 5628 [ BB1A6FB7D35A91E599973FA74A619056 ] C:\WINDOWS\system32\drivers\hidir.sys
11:56:22.0250 5628 C:\WINDOWS\system32\drivers\hidir.sys - ok
11:56:22.0265 5628 [ 019CF5F31C67030841233C545A0E217A ] C:\WINDOWS\system32\drivers\iaStor.sys
11:56:22.0265 5628 C:\WINDOWS\system32\drivers\iaStor.sys - ok
11:56:22.0265 5628 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
11:56:22.0265 5628 C:\WINDOWS\system32\drivers\dxapi.sys - ok
11:56:22.0265 5628 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
11:56:22.0265 5628 C:\WINDOWS\system32\watchdog.sys - ok
11:56:22.0265 5628 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
11:56:22.0265 5628 C:\WINDOWS\system32\csrsrv.dll - ok
11:56:22.0265 5628 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
11:56:22.0265 5628 C:\WINDOWS\system32\csrss.exe - ok
11:56:22.0281 5628 [ F984CAE54E536681B209F7816D8F68DA ] C:\WINDOWS\system32\win32k.sys
11:56:22.0281 5628 C:\WINDOWS\system32\win32k.sys - ok
11:56:22.0281 5628 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:56:22.0281 5628 C:\WINDOWS\system32\basesrv.dll - ok
11:56:22.0281 5628 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:56:22.0281 5628 C:\WINDOWS\system32\winsrv.dll - ok
11:56:22.0281 5628 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
11:56:22.0281 5628 C:\WINDOWS\system32\gdi32.dll - ok
11:56:22.0281 5628 [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
11:56:22.0281 5628 C:\WINDOWS\system32\kernel32.dll - ok
11:56:22.0296 5628 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
11:56:22.0296 5628 C:\WINDOWS\system32\user32.dll - ok
11:56:22.0296 5628 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
11:56:22.0296 5628 C:\WINDOWS\system32\drivers\dxg.sys - ok
11:56:22.0296 5628 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
11:56:22.0296 5628 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
11:56:22.0296 5628 [ 0B0DDC97D6E6B93C769EA61B2385F889 ] C:\WINDOWS\system32\nv4_disp.dll
11:56:22.0296 5628 C:\WINDOWS\system32\nv4_disp.dll - ok
11:56:22.0312 5628 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
11:56:22.0312 5628 C:\WINDOWS\system32\vga.dll - ok
11:56:22.0312 5628 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
11:56:22.0312 5628 C:\WINDOWS\system32\winlogon.exe - ok
11:56:22.0312 5628 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
11:56:22.0312 5628 C:\WINDOWS\system32\advapi32.dll - ok
11:56:22.0312 5628 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
11:56:22.0312 5628 C:\WINDOWS\system32\rpcrt4.dll - ok
11:56:22.0312 5628 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
11:56:22.0312 5628 C:\WINDOWS\system32\authz.dll - ok
11:56:22.0328 5628 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
11:56:22.0328 5628 C:\WINDOWS\system32\secur32.dll - ok
11:56:22.0328 5628 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
11:56:22.0328 5628 C:\WINDOWS\system32\crypt32.dll - ok
11:56:22.0328 5628 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
11:56:22.0328 5628 C:\WINDOWS\system32\msvcrt.dll - ok
11:56:22.0328 5628 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
11:56:22.0328 5628 C:\WINDOWS\system32\msasn1.dll - ok
11:56:22.0343 5628 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
11:56:22.0343 5628 C:\WINDOWS\system32\nddeapi.dll - ok
11:56:22.0343 5628 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
11:56:22.0343 5628 C:\WINDOWS\system32\profmap.dll - ok
11:56:22.0343 5628 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
11:56:22.0343 5628 C:\WINDOWS\system32\netapi32.dll - ok
11:56:22.0343 5628 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
11:56:22.0343 5628 C:\WINDOWS\system32\userenv.dll - ok
11:56:22.0343 5628 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
11:56:22.0343 5628 C:\WINDOWS\system32\psapi.dll - ok
11:56:22.0359 5628 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
11:56:22.0359 5628 C:\WINDOWS\system32\regapi.dll - ok
11:56:22.0359 5628 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
11:56:22.0359 5628 C:\WINDOWS\system32\setupapi.dll - ok
11:56:22.0359 5628 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
11:56:22.0359 5628 C:\WINDOWS\system32\version.dll - ok
11:56:22.0359 5628 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
11:56:22.0359 5628 C:\WINDOWS\system32\imagehlp.dll - ok
11:56:22.0359 5628 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
11:56:22.0359 5628 C:\WINDOWS\system32\winsta.dll - ok
11:56:22.0375 5628 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
11:56:22.0375 5628 C:\WINDOWS\system32\wintrust.dll - ok
11:56:22.0375 5628 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
11:56:22.0375 5628 C:\WINDOWS\system32\imm32.dll - ok
11:56:22.0375 5628 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
11:56:22.0375 5628 C:\WINDOWS\system32\ws2help.dll - ok
11:56:22.0375 5628 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
11:56:22.0375 5628 C:\WINDOWS\system32\ws2_32.dll - ok
11:56:22.0375 5628 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
11:56:22.0375 5628 C:\WINDOWS\system32\kbdus.dll - ok
11:56:22.0390 5628 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
11:56:22.0390 5628 C:\WINDOWS\system32\msgina.dll - ok
11:56:22.0390 5628 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
11:56:22.0390 5628 C:\WINDOWS\system32\comctl32.dll - ok
11:56:22.0390 5628 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
11:56:22.0390 5628 C:\WINDOWS\system32\odbc32.dll - ok
11:56:22.0390 5628 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
11:56:22.0390 5628 C:\WINDOWS\system32\comdlg32.dll - ok
11:56:22.0406 5628 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
11:56:22.0406 5628 C:\WINDOWS\system32\shell32.dll - ok
11:56:22.0406 5628 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
11:56:22.0406 5628 C:\WINDOWS\system32\shlwapi.dll - ok
11:56:22.0406 5628 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
11:56:22.0406 5628 C:\WINDOWS\system32\sxs.dll - ok
11:56:22.0406 5628 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
11:56:22.0406 5628 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
11:56:22.0406 5628 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
11:56:22.0406 5628 C:\WINDOWS\system32\odbcint.dll - ok
11:56:22.0421 5628 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
11:56:22.0421 5628 C:\WINDOWS\system32\sfc.dll - ok
11:56:22.0421 5628 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
11:56:22.0421 5628 C:\WINDOWS\system32\sfc_os.dll - ok
11:56:22.0421 5628 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
11:56:22.0421 5628 C:\WINDOWS\system32\shsvcs.dll - ok
11:56:22.0421 5628 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
11:56:22.0421 5628 C:\WINDOWS\system32\ole32.dll - ok
11:56:22.0437 5628 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
11:56:22.0437 5628 C:\WINDOWS\system32\apphelp.dll - ok
11:56:22.0437 5628 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
11:56:22.0437 5628 C:\WINDOWS\system32\lsass.exe - ok
11:56:22.0437 5628 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:56:22.0437 5628 C:\WINDOWS\system32\services.exe - ok
11:56:22.0437 5628 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
11:56:22.0437 5628 C:\WINDOWS\system32\lsasrv.dll - ok
11:56:22.0453 5628 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
11:56:22.0453 5628 C:\WINDOWS\system32\msvcp60.dll - ok
11:56:22.0453 5628 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
11:56:22.0453 5628 C:\WINDOWS\system32\ncobjapi.dll - ok
11:56:22.0453 5628 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
11:56:22.0453 5628 C:\WINDOWS\system32\scesrv.dll - ok
11:56:22.0453 5628 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
11:56:22.0453 5628 C:\WINDOWS\system32\mpr.dll - ok
11:56:22.0453 5628 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
11:56:22.0453 5628 C:\WINDOWS\system32\ntdsapi.dll - ok
11:56:22.0468 5628 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
11:56:22.0468 5628 C:\WINDOWS\system32\dnsapi.dll - ok
11:56:22.0468 5628 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
11:56:22.0468 5628 C:\WINDOWS\system32\umpnpmgr.dll - ok
11:56:22.0468 5628 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
11:56:22.0468 5628 C:\WINDOWS\AppPatch\acadproc.dll - ok
11:56:22.0468 5628 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
11:56:22.0468 5628 C:\WINDOWS\system32\samlib.dll - ok
11:56:22.0468 5628 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
11:56:22.0468 5628 C:\WINDOWS\system32\shimeng.dll - ok
11:56:22.0484 5628 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
11:56:22.0484 5628 C:\WINDOWS\system32\wldap32.dll - ok
11:56:22.0484 5628 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
11:56:22.0484 5628 C:\WINDOWS\system32\samsrv.dll - ok
11:56:22.0484 5628 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
11:56:22.0484 5628 C:\WINDOWS\AppPatch\acgenral.dll - ok
11:56:22.0484 5628 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
11:56:22.0484 5628 C:\WINDOWS\system32\cryptdll.dll - ok
11:56:22.0484 5628 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll
11:56:22.0484 5628 C:\WINDOWS\system32\oleaut32.dll - ok
11:56:22.0500 5628 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
11:56:22.0500 5628 C:\WINDOWS\system32\winmm.dll - ok
11:56:22.0500 5628 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
11:56:22.0500 5628 C:\WINDOWS\system32\msacm32.dll - ok
11:56:22.0500 5628 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
11:56:22.0500 5628 C:\WINDOWS\system32\uxtheme.dll - ok
11:56:22.0500 5628 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
11:56:22.0500 5628 C:\WINDOWS\system32\digest.dll - ok
11:56:22.0500 5628 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
11:56:22.0500 5628 C:\WINDOWS\system32\msapsspc.dll - ok
11:56:22.0515 5628 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
11:56:22.0515 5628 C:\WINDOWS\system32\msnsspc.dll - ok
11:56:22.0515 5628 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
11:56:22.0515 5628 C:\WINDOWS\system32\msvcrt40.dll - ok
11:56:22.0515 5628 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
11:56:22.0515 5628 C:\WINDOWS\system32\schannel.dll - ok
11:56:22.0515 5628 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
11:56:22.0515 5628 C:\WINDOWS\system32\kerberos.dll - ok
11:56:22.0515 5628 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
11:56:22.0515 5628 C:\WINDOWS\system32\msctfime.ime - ok
11:56:22.0531 5628 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
11:56:22.0531 5628 C:\WINDOWS\system32\msprivs.dll - ok
11:56:22.0531 5628 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
11:56:22.0531 5628 C:\WINDOWS\system32\msv1_0.dll - ok
11:56:22.0531 5628 [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
11:56:22.0531 5628 C:\WINDOWS\system32\atmfd.dll - ok
11:56:22.0531 5628 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
11:56:22.0531 5628 C:\WINDOWS\system32\iphlpapi.dll - ok
11:56:22.0531 5628 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
11:56:22.0531 5628 C:\WINDOWS\system32\netlogon.dll - ok
11:56:22.0546 5628 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
11:56:22.0546 5628 C:\WINDOWS\system32\w32time.dll - ok
11:56:22.0546 5628 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
11:56:22.0546 5628 C:\WINDOWS\system32\wdigest.dll - ok
11:56:22.0546 5628 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
11:56:22.0546 5628 C:\WINDOWS\system32\rsaenh.dll - ok
11:56:22.0546 5628 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
11:56:22.0546 5628 C:\WINDOWS\system32\winscard.dll - ok
11:56:22.0562 5628 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
11:56:22.0562 5628 C:\WINDOWS\system32\wtsapi32.dll - ok
11:56:22.0562 5628 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
11:56:22.0562 5628 C:\WINDOWS\system32\scecli.dll - ok
11:56:22.0562 5628 [ F73969544CEA136A817CF5D18036D2CF ] C:\WINDOWS\system32\drivers\ino_fltr.sys
11:56:22.0562 5628 C:\WINDOWS\system32\drivers\ino_fltr.sys - ok
11:56:22.0562 5628 [ CC4F8220EAD1F6A38D51679708F435B9 ] C:\WINDOWS\system32\nvsvc32.exe
11:56:22.0562 5628 C:\WINDOWS\system32\nvsvc32.exe - ok
11:56:22.0578 5628 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
11:56:22.0578 5628 C:\WINDOWS\system32\powrprof.dll - ok
11:56:22.0578 5628 [ F0E62893EAD9CA1782754DB1A362302C ] C:\WINDOWS\system32\nvcpl.dll
11:56:22.0578 5628 C:\WINDOWS\system32\nvcpl.dll - ok
11:56:22.0578 5628 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
11:56:22.0578 5628 C:\WINDOWS\system32\winspool.drv - ok
11:56:22.0578 5628 [ ED1E6778AA183E3F88F084D71D0D9ADB ] C:\WINDOWS\system32\nvapi.dll
11:56:22.0578 5628 C:\WINDOWS\system32\nvapi.dll - ok
11:56:22.0578 5628 [ 9DF110638531196E4946CD6A67F360E7 ] C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll
11:56:22.0578 5628 C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll - ok
11:56:22.0593 5628 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
11:56:22.0593 5628 C:\WINDOWS\system32\duser.dll - ok
11:56:22.0593 5628 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
11:56:22.0593 5628 C:\WINDOWS\system32\logonui.exe - ok
11:56:22.0593 5628 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
11:56:22.0593 5628 C:\WINDOWS\system32\msimg32.dll - ok
11:56:22.0593 5628 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
11:56:22.0593 5628 C:\WINDOWS\system32\oleacc.dll - ok
11:56:22.0593 5628 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
11:56:22.0593 5628 C:\WINDOWS\system32\clbcatq.dll - ok
11:56:22.0609 5628 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
11:56:22.0609 5628 C:\WINDOWS\system32\comres.dll - ok
11:56:22.0609 5628 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
11:56:22.0609 5628 C:\WINDOWS\system32\shgina.dll - ok
11:56:22.0609 5628 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
11:56:22.0609 5628 C:\WINDOWS\system32\svchost.exe - ok
11:56:22.0609 5628 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
11:56:22.0609 5628 C:\WINDOWS\system32\ntmarta.dll - ok
11:56:22.0609 5628 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
11:56:22.0609 5628 C:\WINDOWS\system32\rpcss.dll - ok
11:56:22.0609 5628 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
11:56:22.0609 5628 C:\WINDOWS\system32\xpsp2res.dll - ok
11:56:22.0625 5628 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
11:56:22.0625 5628 C:\WINDOWS\system32\eventlog.dll - ok
11:56:22.0625 5628 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
11:56:22.0625 5628 C:\WINDOWS\system32\mswsock.dll - ok
11:56:22.0625 5628 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
11:56:22.0625 5628 C:\WINDOWS\system32\hnetcfg.dll - ok
11:56:22.0625 5628 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
11:56:22.0625 5628 C:\Program Files\Bonjour\mdnsNSP.dll - ok
11:56:22.0640 5628 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
11:56:22.0640 5628 C:\WINDOWS\system32\rasadhlp.dll - ok
11:56:22.0640 5628 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
11:56:22.0640 5628 C:\WINDOWS\system32\winrnr.dll - ok
11:56:22.0640 5628 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
11:56:22.0640 5628 C:\WINDOWS\system32\wshtcpip.dll - ok
11:56:22.0656 5628 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
11:56:22.0656 5628 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
11:56:22.0656 5628 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
11:56:22.0656 5628 C:\WINDOWS\system32\dhcpcsvc.dll - ok
11:56:22.0656 5628 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
11:56:22.0656 5628 C:\WINDOWS\system32\cscdll.dll - ok
11:56:22.0656 5628 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
11:56:22.0656 5628 C:\WINDOWS\system32\dimsntfy.dll - ok
11:56:22.0671 5628 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
11:56:22.0671 5628 C:\WINDOWS\system32\dnsrslvr.dll - ok
11:56:22.0671 5628 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
11:56:22.0671 5628 C:\WINDOWS\system32\wlnotify.dll - ok
11:56:22.0671 5628 [ D7DCFB4D0C58FFB569DE93E1681FD37A ] C:\WINDOWS\system32\WgaLogon.dll
11:56:22.0671 5628 C:\WINDOWS\system32\WgaLogon.dll - ok
11:56:22.0671 5628 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
11:56:22.0671 5628 C:\WINDOWS\system32\msxml3.dll - ok
11:56:22.0687 5628 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
11:56:22.0687 5628 C:\WINDOWS\system32\lmhsvc.dll - ok
11:56:22.0687 5628 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
11:56:22.0687 5628 C:\WINDOWS\system32\wzcsvc.dll - ok
11:56:22.0687 5628 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
11:56:22.0687 5628 C:\WINDOWS\system32\rtutils.dll - ok
11:56:22.0687 5628 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
11:56:22.0687 5628 C:\WINDOWS\system32\eapolqec.dll - ok
11:56:22.0687 5628 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
11:56:22.0687 5628 C:\WINDOWS\system32\wmi.dll - ok
11:56:22.0703 5628 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
11:56:22.0703 5628 C:\WINDOWS\system32\atl.dll - ok
11:56:22.0703 5628 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
11:56:22.0703 5628 C:\WINDOWS\system32\dot3api.dll - ok
11:56:22.0703 5628 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
11:56:22.0703 5628 C:\WINDOWS\system32\esent.dll - ok
11:56:22.0703 5628 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
11:56:22.0703 5628 C:\WINDOWS\system32\qutil.dll - ok
11:56:22.0718 5628 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
11:56:22.0718 5628 C:\WINDOWS\system32\rastls.dll - ok
11:56:22.0718 5628 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
11:56:22.0718 5628 C:\WINDOWS\system32\cryptui.dll - ok
11:56:22.0718 5628 [ 9AD88EA663124336E88EB031F917CE20 ] C:\WINDOWS\system32\wininet.dll
11:56:22.0718 5628 C:\WINDOWS\system32\wininet.dll - ok
11:56:22.0718 5628 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
11:56:22.0718 5628 C:\WINDOWS\system32\normaliz.dll - ok
11:56:22.0718 5628 [ BCA608797A3E8EEC0094CD6D596D77D7 ] C:\WINDOWS\system32\urlmon.dll
11:56:22.0718 5628 C:\WINDOWS\system32\urlmon.dll - ok
11:56:22.0734 5628 [ 994B77915EA49A467CDA144806AE42D6 ] C:\WINDOWS\system32\iertutil.dll
11:56:22.0734 5628 C:\WINDOWS\system32\iertutil.dll - ok
11:56:22.0734 5628 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
11:56:22.0734 5628 C:\WINDOWS\system32\activeds.dll - ok
11:56:22.0734 5628 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
11:56:22.0734 5628 C:\WINDOWS\system32\adsldpc.dll - ok
11:56:22.0734 5628 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
11:56:22.0734 5628 C:\WINDOWS\system32\mprapi.dll - ok
11:56:22.0750 5628 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
11:56:22.0750 5628 C:\WINDOWS\system32\rasapi32.dll - ok
11:56:22.0750 5628 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
11:56:22.0750 5628 C:\WINDOWS\system32\rasman.dll - ok
11:56:22.0750 5628 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
11:56:22.0750 5628 C:\WINDOWS\system32\tapi32.dll - ok
11:56:22.0750 5628 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
11:56:22.0750 5628 C:\WINDOWS\system32\riched20.dll - ok
11:56:22.0750 5628 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
11:56:22.0750 5628 C:\WINDOWS\system32\raschap.dll - ok
11:56:22.0765 5628 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
11:56:22.0765 5628 C:\WINDOWS\system32\schedsvc.dll - ok
11:56:22.0765 5628 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
11:56:22.0765 5628 C:\WINDOWS\system32\msidle.dll - ok
11:56:22.0765 5628 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
11:56:22.0765 5628 C:\WINDOWS\system32\spoolsv.exe - ok
11:56:22.0765 5628 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
11:56:22.0765 5628 C:\WINDOWS\system32\audiosrv.dll - ok
11:56:22.0781 5628 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
11:56:22.0781 5628 C:\WINDOWS\system32\wkssvc.dll - ok
11:56:22.0781 5628 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
11:56:22.0781 5628 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
11:56:22.0781 5628 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
11:56:22.0781 5628 C:\WINDOWS\system32\webclnt.dll - ok
11:56:22.0781 5628 [ ADC420616C501B45D26C0FD3EF1E54E4 ] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:56:22.0781 5628 C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe - ok
11:56:22.0781 5628 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
11:56:22.0781 5628 C:\WINDOWS\system32\drivers\parport.sys - ok
11:56:22.0796 5628 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
11:56:22.0796 5628 C:\WINDOWS\system32\drivers\serial.sys - ok
11:56:22.0796 5628 [ 2486C8E3F14496341E90CF2AB8BC82ED ] C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
11:56:22.0796 5628 C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe - ok
11:56:22.0796 5628 [ 5077D7AEB25A6C0F912C78482061A22E ] C:\Program Files\Adobe\Photoshop Elements 4.0\platform.DLL
11:56:22.0796 5628 C:\Program Files\Adobe\Photoshop Elements 4.0\platform.DLL - ok
11:56:22.0796 5628 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Adobe\Photoshop Elements 4.0\MSVCP71.dll
11:56:22.0796 5628 C:\Program Files\Adobe\Photoshop Elements 4.0\MSVCP71.dll - ok
11:56:22.0812 5628 [ 7548C242D95CBFF76908360AD629C09F ] C:\Program Files\Common Files\ArcSoft\Bin\ArcCon.dll
11:56:22.0812 5628 C:\Program Files\Common Files\ArcSoft\Bin\ArcCon.dll - ok
11:56:22.0812 5628 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
11:56:22.0812 5628 C:\WINDOWS\system32\msi.dll - ok
11:56:22.0812 5628 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Adobe\Photoshop Elements 4.0\MSVCR71.dll
11:56:22.0812 5628 C:\Program Files\Adobe\Photoshop Elements 4.0\MSVCR71.dll - ok
11:56:22.0812 5628 [ AAA1F9D4CF4C976C21BCA8AFA2BAE6A4 ] C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
11:56:22.0812 5628 C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe - ok
11:56:22.0812 5628 [ 53E96C75F9B52F711ECC0B202F5A9BBC ] C:\Program Files\Samsung\SAMSUNG PC Share Manager\avformat-52.dll
11:56:22.0812 5628 C:\Program Files\Samsung\SAMSUNG PC Share Manager\avformat-52.dll - ok
11:56:22.0828 5628 [ E70DB255D15E92E3BB90ED49AA7778F2 ] C:\Program Files\Samsung\SAMSUNG PC Share Manager\avcodec-52.dll
11:56:22.0828 5628 C:\Program Files\Samsung\SAMSUNG PC Share Manager\avcodec-52.dll - ok
11:56:22.0828 5628 [ A6F0736559785A38180E38868E3CC03A ] C:\Program Files\Samsung\SAMSUNG PC Share Manager\avutil-50.dll
11:56:22.0828 5628 C:\Program Files\Samsung\SAMSUNG PC Share Manager\avutil-50.dll - ok
11:56:22.0828 5628 [ 1658011ABD5C67E8783366D3D8EFF650 ] C:\Program Files\Samsung\SAMSUNG PC Share Manager\id3lib.dll
11:56:22.0828 5628 C:\Program Files\Samsung\SAMSUNG PC Share Manager\id3lib.dll - ok
11:56:22.0828 5628 [ DB448D20039046010A31C2AFEF16E937 ] C:\Program Files\Samsung\SAMSUNG PC Share Manager\bass.dll
11:56:22.0828 5628 C:\Program Files\Samsung\SAMSUNG PC Share Manager\bass.dll - ok
11:56:22.0843 5628 [ 2EA0E4C11554A44E64633BE6B5371844 ] C:\Program Files\Samsung\SAMSUNG PC Share Manager\basswma.dll
11:56:22.0843 5628 C:\Program Files\Samsung\SAMSUNG PC Share Manager\basswma.dll - ok
11:56:22.0843 5628 [ B4AEF8C720D67364353EC52522C3AC2D ] C:\Program Files\Samsung\SAMSUNG PC Share Manager\PCAutoChapterLib.dll
11:56:22.0843 5628 C:\Program Files\Samsung\SAMSUNG PC Share Manager\PCAutoChapterLib.dll - ok
11:56:22.0843 5628 [ EC032D15B26F5AEE5F166CD0E702E733 ] C:\Program Files\Samsung\SAMSUNG PC Share Manager\bgd.dll
11:56:22.0843 5628 C:\Program Files\Samsung\SAMSUNG PC Share Manager\bgd.dll - ok
11:56:22.0843 5628 [ D5518F78EF709065BFD68A3F575397D7 ] C:\Program Files\Samsung\SAMSUNG PC Share Manager\libexpat.dll
11:56:22.0843 5628 C:\Program Files\Samsung\SAMSUNG PC Share Manager\libexpat.dll - ok
11:56:22.0859 5628 [ 79BCF4457CB4DBC324ED93A367F364BF ] C:\Program Files\Samsung\SAMSUNG PC Share Manager\swscale-0.dll
11:56:22.0859 5628 C:\Program Files\Samsung\SAMSUNG PC Share Manager\swscale-0.dll - ok
11:56:22.0859 5628 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:56:22.0859 5628 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
11:56:22.0859 5628 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
11:56:22.0859 5628 C:\WINDOWS\system32\cmd.exe - ok
11:56:22.0859 5628 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
11:56:22.0859 5628 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
11:56:22.0875 5628 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
11:56:22.0875 5628 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
11:56:22.0875 5628 [ 605C6370240FC79CADBCD34960A741D2 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
11:56:22.0875 5628 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
11:56:22.0875 5628 [ 7290A6DD34862278DF9E26D96E5A95D8 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
11:56:22.0875 5628 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
11:56:22.0875 5628 [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
11:56:22.0875 5628 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
11:56:22.0875 5628 [ 461EACD0992036129F4E6D6BD1CE333C ] C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
11:56:22.0875 5628 C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe - ok
11:56:22.0890 5628 [ 0E6367A19511EC37ACAF3906D1B22B74 ] C:\Program Files\Samsung\SAMSUNG PC Share Manager\lang.dll
11:56:22.0890 5628 C:\Program Files\Samsung\SAMSUNG PC Share Manager\lang.dll - ok
11:56:22.0890 5628 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
11:56:22.0890 5628 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
11:56:22.0890 5628 [ 4AA0527547BE16653D5ADF96F41E1E24 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
11:56:22.0890 5628 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
11:56:22.0890 5628 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
11:56:22.0890 5628 C:\WINDOWS\system32\wsock32.dll - ok
11:56:22.0906 5628 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
11:56:22.0906 5628 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
11:56:22.0906 5628 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
11:56:22.0906 5628 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
11:56:22.0906 5628 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
11:56:22.0906 5628 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
11:56:22.0906 5628 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
11:56:22.0906 5628 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
11:56:22.0921 5628 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
11:56:22.0921 5628 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
11:56:22.0921 5628 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
11:56:22.0921 5628 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
11:56:22.0921 5628 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\system32\dnssd.dll
11:56:22.0921 5628 C:\WINDOWS\system32\dnssd.dll - ok
11:56:22.0937 5628 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
11:56:22.0937 5628 C:\Program Files\Bonjour\mDNSResponder.exe - ok
11:56:22.0937 5628 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
11:56:22.0937 5628 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
11:56:22.0937 5628 [ 20D04091EBA710F6988F710507D85868 ] C:\WINDOWS\system32\drivers\aspi32.sys
11:56:22.0937 5628 C:\WINDOWS\system32\drivers\aspi32.sys - ok
11:56:22.0937 5628 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:56:22.0937 5628 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
11:56:22.0937 5628 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
11:56:22.0937 5628 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
11:56:22.0953 5628 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
11:56:22.0953 5628 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
11:56:22.0953 5628 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
11:56:22.0953 5628 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
11:56:22.0953 5628 [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
11:56:22.0953 5628 C:\WINDOWS\system32\mscoree.dll - ok
11:56:22.0953 5628 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
11:56:22.0953 5628 C:\WINDOWS\system32\cryptsvc.dll - ok
11:56:22.0968 5628 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] C:\WINDOWS\ehome\ehrecvr.exe
11:56:22.0968 5628 C:\WINDOWS\ehome\ehrecvr.exe - ok
11:56:22.0968 5628 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
11:56:22.0968 5628 C:\WINDOWS\system32\certcli.dll - ok
11:56:22.0968 5628 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
11:56:22.0968 5628 C:\WINDOWS\system32\faultrep.dll - ok
11:56:22.0968 5628 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
11:56:22.0968 5628 C:\WINDOWS\system32\dmserver.dll - ok
11:56:22.0968 5628 [ 6D280BC969218AE4A72180F907C32913 ] C:\WINDOWS\ehome\ehTrace.dll
11:56:22.0968 5628 C:\WINDOWS\ehome\ehTrace.dll - ok
11:56:22.0984 5628 [ A53243709439AC2A4C216B817F8D7411 ] C:\WINDOWS\ehome\ehSched.exe
11:56:22.0984 5628 C:\WINDOWS\ehome\ehSched.exe - ok
11:56:22.0984 5628 [ 626A24ED1228580B9518C01930936DF9 ] C:\Program Files\Google\Update\GoogleUpdate.exe
11:56:22.0984 5628 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
11:56:22.0984 5628 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
11:56:22.0984 5628 C:\WINDOWS\system32\es.dll - ok
11:56:23.0000 5628 [ 008DF0C9D81BD814480DD9C052893E8C ] C:\WINDOWS\ehome\ehRec.exe
11:56:23.0000 5628 C:\WINDOWS\ehome\ehRec.exe - ok
11:56:23.0000 5628 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll
11:56:23.0000 5628 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok
11:56:23.0000 5628 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
11:56:23.0000 5628 C:\WINDOWS\system32\ersvc.dll - ok
11:56:23.0000 5628 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
11:56:23.0000 5628 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
11:56:23.0015 5628 [ 83BA5E873164A3711B44052F58C8FE9F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
11:56:23.0015 5628 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
11:56:23.0015 5628 [ 926AFC4848FF3297BB264333BF51E21F ] C:\WINDOWS\system32\sbe.dll
11:56:23.0015 5628 C:\WINDOWS\system32\sbe.dll - ok
11:56:23.0015 5628 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
11:56:23.0015 5628 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
11:56:23.0015 5628 [ E325BCDBB6DED6C89F679B8AE89E975C ] C:\WINDOWS\system32\msvidctl.dll
11:56:23.0015 5628 C:\WINDOWS\system32\msvidctl.dll - ok
11:56:23.0031 5628 [ 7C87A5FB95777E4132B11FC3D92CAAF5 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
11:56:23.0031 5628 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll - ok
11:56:23.0031 5628 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
11:56:23.0031 5628 C:\WINDOWS\system32\dbghelp.dll - ok
11:56:23.0031 5628 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
11:56:23.0031 5628 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll - ok
11:56:23.0031 5628 [ CE07EC3A1BE1EA0CCDE20C45D757FE32 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
11:56:23.0031 5628 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll - ok
11:56:23.0046 5628 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
11:56:23.0046 5628 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
11:56:23.0046 5628 [ 16959F84844DC9B2CEF0D5B1A412370F ] C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
11:56:23.0046 5628 C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe - ok
11:56:23.0046 5628 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
11:56:23.0046 5628 C:\WINDOWS\system32\hidserv.dll - ok
11:56:23.0046 5628 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
11:56:23.0046 5628 C:\WINDOWS\system32\hid.dll - ok
11:56:23.0046 5628 [ 34FFB6ABA2DA398BB33422E1E9275BA9 ] C:\WINDOWS\system32\quartz.dll
11:56:23.0046 5628 C:\WINDOWS\system32\quartz.dll - ok
11:56:23.0062 5628 [ FB53A700132D9A97D1E10E9F80BD6174 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
11:56:23.0062 5628 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
11:56:23.0062 5628 [ 994AD0D8550B8B26990A6E3AA0791502 ] C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll
11:56:23.0062 5628 C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll - ok
11:56:23.0062 5628 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
11:56:23.0062 5628 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
11:56:23.0062 5628 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
11:56:23.0062 5628 C:\WINDOWS\system32\mstask.dll - ok
11:56:23.0078 5628 [ AA5E22854F56C68148EB3345DBD62970 ] C:\WINDOWS\system32\devenum.dll
11:56:23.0078 5628 C:\WINDOWS\system32\devenum.dll - ok
11:56:23.0078 5628 [ D25C03D04159D462D69F294BA7142BDB ] C:\WINDOWS\system32\msdmo.dll
11:56:23.0078 5628 C:\WINDOWS\system32\msdmo.dll - ok
11:56:23.0078 5628 [ F1941197A42F9F373CC70042FC82C950 ] C:\WINDOWS\system32\ksproxy.ax
11:56:23.0078 5628 C:\WINDOWS\system32\ksproxy.ax - ok
11:56:23.0078 5628 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9 ] C:\WINDOWS\system32\ksuser.dll
11:56:23.0078 5628 C:\WINDOWS\system32\ksuser.dll - ok
11:56:23.0093 5628 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
11:56:23.0093 5628 C:\WINDOWS\system32\drivers\aec.sys - ok
11:56:23.0093 5628 [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll
11:56:23.0093 5628 C:\WINDOWS\system32\msvfw32.dll - ok
11:56:23.0093 5628 [ 577E496F0D41411BF149394D80959D53 ] C:\WINDOWS\system32\imaadp32.acm
11:56:23.0093 5628 C:\WINDOWS\system32\imaadp32.acm - ok
11:56:23.0093 5628 [ C5648BE5409E0AABDA8C9047BAC8F603 ] C:\WINDOWS\system32\msadp32.acm
11:56:23.0093 5628 C:\WINDOWS\system32\msadp32.acm - ok
11:56:23.0109 5628 [ 33271A2667334B9A8842C65A079EF375 ] C:\WINDOWS\system32\msg711.acm
11:56:23.0109 5628 C:\WINDOWS\system32\msg711.acm - ok
11:56:23.0109 5628 [ 3A9846E207DAFC13009C048A2F6F8C2A ] C:\WINDOWS\system32\msgsm32.acm
11:56:23.0109 5628 C:\WINDOWS\system32\msgsm32.acm - ok
11:56:23.0109 5628 [ E8CD0D7E169ECCE2D4FD829DAAB786ED ] C:\WINDOWS\system32\tssoft32.acm
11:56:23.0109 5628 C:\WINDOWS\system32\tssoft32.acm - ok
11:56:23.0109 5628 [ B87F759738C52E8D6FBCDAAA84C6486F ] C:\WINDOWS\system32\msg723.acm
11:56:23.0109 5628 C:\WINDOWS\system32\msg723.acm - ok
11:56:23.0109 5628 [ 735F504DEEFE4E2AD06360FCE2842DD4 ] C:\WINDOWS\system32\tsd32.dll
11:56:23.0109 5628 C:\WINDOWS\system32\tsd32.dll - ok
11:56:23.0125 5628 [ 55AEEA66C5E84E3FD6CD3E933397D478 ] C:\WINDOWS\system32\msaud32.acm
11:56:23.0125 5628 C:\WINDOWS\system32\msaud32.acm - ok
11:56:23.0125 5628 [ D3B05D063A0929BFCA6C6D7FE2F3129C ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
11:56:23.0125 5628 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - ok
11:56:23.0125 5628 [ 0DBB250A89E2E1C9281009AC269F0805 ] C:\WINDOWS\system32\sl_anet.acm
11:56:23.0125 5628 C:\WINDOWS\system32\sl_anet.acm - ok
11:56:23.0125 5628 [ 877C90686858D899B042BBA45E9B7F2C ] C:\WINDOWS\system32\iac25_32.ax
11:56:23.0125 5628 C:\WINDOWS\system32\iac25_32.ax - ok
11:56:23.0125 5628 [ C30B851A482C4549125F4209788791E6 ] C:\WINDOWS\system32\iacenc.dll
11:56:23.0125 5628 C:\WINDOWS\system32\iacenc.dll - ok
11:56:23.0140 5628 [ F3946B534CC197CBFFD9A2ECFD1F556F ] C:\WINDOWS\system32\l3codeca.acm
11:56:23.0140 5628 C:\WINDOWS\system32\l3codeca.acm - ok
11:56:23.0140 5628 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
11:56:23.0140 5628 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
11:56:23.0140 5628 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
11:56:23.0140 5628 C:\WINDOWS\system32\wdmaud.drv - ok
11:56:23.0140 5628 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
11:56:23.0140 5628 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
11:56:23.0156 5628 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
11:56:23.0156 5628 C:\WINDOWS\system32\drivers\splitter.sys - ok
11:56:23.0156 5628 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
11:56:23.0156 5628 C:\WINDOWS\system32\drivers\swmidi.sys - ok
11:56:23.0156 5628 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
11:56:23.0156 5628 C:\WINDOWS\system32\drivers\dmusic.sys - ok
11:56:23.0156 5628 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
11:56:23.0156 5628 C:\WINDOWS\system32\drivers\kmixer.sys - ok
11:56:23.0156 5628 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
11:56:23.0156 5628 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
11:56:23.0171 5628 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
11:56:23.0171 5628 C:\WINDOWS\system32\midimap.dll - ok
11:56:23.0171 5628 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
11:56:23.0171 5628 C:\WINDOWS\system32\msacm32.drv - ok
11:56:23.0171 5628 [ 01CFA88F8DEE91EC9F8E0988F49D106E ] C:\WINDOWS\system32\avicap32.dll
11:56:23.0171 5628 C:\WINDOWS\system32\avicap32.dll - ok
11:56:23.0171 5628 [ 0950B89D1F305FEDB247D8BAD9EE7FA1 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ffb303da\mscorlib.dll
11:56:23.0171 5628 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ffb303da\mscorlib.dll - ok
11:56:23.0187 5628 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
11:56:23.0187 5628 C:\WINDOWS\system32\dsound.dll - ok
11:56:23.0187 5628 [ 264C642770CB6269A67AC8E0ED74419F ] C:\WINDOWS\system32\kstvtune.ax
11:56:23.0187 5628 C:\WINDOWS\system32\kstvtune.ax - ok
11:56:23.0187 5628 [ 09515D23C06928F749546E57C2400B0E ] C:\WINDOWS\system32\encapi.dll
11:56:23.0187 5628 C:\WINDOWS\system32\encapi.dll - ok
11:56:23.0187 5628 [ FBEB20D66CF0B17E46DCD62D1BD28EC4 ] C:\WINDOWS\system32\hcwECP.ax
11:56:23.0187 5628 C:\WINDOWS\system32\hcwECP.ax - ok
11:56:23.0187 5628 [ 94BA90C6AF5C50FF5F7A6392514C4642 ] C:\WINDOWS\system32\vidcap.ax
11:56:23.0187 5628 C:\WINDOWS\system32\vidcap.ax - ok
11:56:23.0203 5628 [ 114B7AC86CC74A8252136D58E8356647 ] C:\WINDOWS\system32\hcwUtl32.dll
11:56:23.0203 5628 C:\WINDOWS\system32\hcwUtl32.dll - ok
11:56:23.0203 5628 [ A5DA3A37C6F530BE959E0ADA669F61BB ] C:\WINDOWS\system32\cpnotify.ax
11:56:23.0203 5628 C:\WINDOWS\system32\cpnotify.ax - ok
11:56:23.0203 5628 [ C9EF69B25DFA1C0E7932CB02FB8A7E91 ] C:\WINDOWS\system32\kswdmcap.ax
11:56:23.0203 5628 C:\WINDOWS\system32\kswdmcap.ax - ok
11:56:23.0203 5628 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
11:56:23.0203 5628 C:\WINDOWS\system32\mfc42.dll - ok
11:56:23.0218 5628 [ 7A4D7B91BC815ED33E63122CA7078FD0 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll
11:56:23.0218 5628 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll - ok
11:56:23.0218 5628 [ BAD59648BA099DA4A17680B39730CB3D ] C:\WINDOWS\system32\drivers\mspqm.sys
11:56:23.0218 5628 C:\WINDOWS\system32\drivers\mspqm.sys - ok
11:56:23.0218 5628 [ D5C3D43D0616FF699DB771928AC0E2CD ] C:\WINDOWS\system32\ksxbar.ax
11:56:23.0218 5628 C:\WINDOWS\system32\ksxbar.ax - ok
11:56:23.0218 5628 [ 84BBA0BE8B158949AFFB18047386C461 ] C:\WINDOWS\system32\mpg2splt.ax
11:56:23.0218 5628 C:\WINDOWS\system32\mpg2splt.ax - ok
11:56:23.0234 5628 [ 708ACD96E3FF9D2517C90FBA27489A4E ] C:\WINDOWS\system32\VBICodec.ax
11:56:23.0234 5628 C:\WINDOWS\system32\VBICodec.ax - ok
11:56:23.0234 5628 [ A4BD412FA3BE813C7BCC61F8ED21AEEB ] C:\WINDOWS\system32\encdec.dll
11:56:23.0234 5628 C:\WINDOWS\system32\encdec.dll - ok
11:56:23.0234 5628 [ 55C30168142479C602BD456AC4E230B0 ] C:\WINDOWS\system32\MFPLAT.dll
11:56:23.0234 5628 C:\WINDOWS\system32\MFPLAT.dll - ok
11:56:23.0234 5628 [ 84B68C6EC17C99943F0EA68215BB2238 ] C:\WINDOWS\system32\wmdrmsdk.dll
11:56:23.0234 5628 C:\WINDOWS\system32\wmdrmsdk.dll - ok
11:56:23.0234 5628 [ 773E0B3E52D00AAE61AAAD1DD87FEBEF ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
11:56:23.0234 5628 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - ok
11:56:23.0250 5628 [ E989E4BADCCCF78E18AABF3D42B306CE ] C:\WINDOWS\system32\drmv2clt.dll
11:56:23.0250 5628 C:\WINDOWS\system32\drmv2clt.dll - ok
11:56:23.0250 5628 [ 515383A387685564CA99542739D48E55 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
11:56:23.0250 5628 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - ok
11:56:23.0250 5628 [ 73B44FE5423982B2709D6EA2F674B807 ] C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
11:56:23.0250 5628 C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll - ok
11:56:23.0250 5628 [ 28BD81378C1D1B267E66827B628114DD ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
11:56:23.0250 5628 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - ok
11:56:23.0265 5628 [ 8BA39E5F79366F45AF9759C1DAE346AE ] C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll
11:56:23.0265 5628 C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll - ok
11:56:23.0265 5628 [ 0967D9749326622FA8FDE688CA126736 ] C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll
11:56:23.0265 5628 C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll - ok
11:56:23.0265 5628 [ CF9EEA7F51101A281B99FCA7AFFA2524 ] C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll
11:56:23.0265 5628 C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll - ok
11:56:23.0265 5628 [ B6335A2EFBF0B4B7D4080E8B933A9F9B ] C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll
11:56:23.0265 5628 C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll - ok
11:56:23.0265 5628 [ 2F1C8714F66F3F0DDCB6D5A16F8CB32E ] C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
11:56:23.0265 5628 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - ok
11:56:23.0281 5628 [ 134CF3ECFD1F68751F1439D74545503E ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_4b9850ce\System.dll
11:56:23.0281 5628 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_4b9850ce\System.dll - ok
11:56:23.0281 5628 [ B560A085EED4D5D72B039929F9AE4991 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
11:56:23.0281 5628 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
11:56:23.0281 5628 [ C2B9B86D3037AD3902058939954D6109 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\90ad0c96693527ae685ff40019bb33b0\System.ni.dll
11:56:23.0281 5628 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\90ad0c96693527ae685ff40019bb33b0\System.ni.dll - ok
11:56:23.0281 5628 [ 52ABC8C57DFEE5A7AAA210CE2E9DFE73 ] C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll
11:56:23.0281 5628 C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll - ok
11:56:23.0296 5628 [ 69521DDF3A32580C8013A5B5957985CA ] C:\Documents and Settings\All Users\DRM\Cache\Indiv01.key
11:56:23.0296 5628 C:\Documents and Settings\All Users\DRM\Cache\Indiv01.key - ok
11:56:23.0296 5628 [ 66946DE593185983B6D05F837D452262 ] C:\WINDOWS\ehome\ehui.dll
11:56:23.0296 5628 C:\WINDOWS\ehome\ehui.dll - ok
11:56:23.0296 5628 [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
11:56:23.0296 5628 C:\WINDOWS\system32\msftedit.dll - ok
11:56:23.0296 5628 [ D2FBC74144EB74D3C87385B70D8299FF ] C:\WINDOWS\system32\hcwXDS.dll
11:56:23.0296 5628 C:\WINDOWS\system32\hcwXDS.dll - ok
11:56:23.0312 5628 [ 254CCDC043DFADC5D5EF99B533BB1DC2 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
11:56:23.0312 5628 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll - ok
11:56:23.0312 5628 [ 7AC813E17BD960987C5DA788AF295361 ] C:\WINDOWS\ehome\ehdebug.dll
11:56:23.0312 5628 C:\WINDOWS\ehome\ehdebug.dll - ok
11:56:23.0312 5628 [ DFFEC6479C5E00A103A44AC33A1058AA ] C:\WINDOWS\system32\WMVCore.dll
11:56:23.0312 5628 C:\WINDOWS\system32\WMVCore.dll - ok
11:56:23.0312 5628 [ A5205B3AF85B1477AB2C2A1E12201598 ] C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
11:56:23.0312 5628 C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll - ok
11:56:23.0312 5628 [ EEA5B7193C5B90454A387FB86752830D ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_8243ded2\System.Xml.dll
11:56:23.0312 5628 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_8243ded2\System.Xml.dll - ok
11:56:23.0328 5628 [ 7DD59B0FF41EA39D320FFCD825D61B4F ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\31b7eef43a23e7c6e93594be583f3d08\System.ServiceProcess.ni.dll
11:56:23.0328 5628 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\31b7eef43a23e7c6e93594be583f3d08\System.ServiceProcess.ni.dll - ok
11:56:23.0328 5628 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
11:56:23.0328 5628 C:\WINDOWS\system32\shfolder.dll - ok
11:56:23.0328 5628 [ 487542538EC051570B84F63656118D48 ] C:\Program Files\HP\HPLaserJetService\HPTools.dll
11:56:23.0328 5628 C:\Program Files\HP\HPLaserJetService\HPTools.dll - ok
11:56:23.0328 5628 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
11:56:23.0328 5628 C:\WINDOWS\system32\drivers\http.sys - ok
11:56:23.0343 5628 [ 89BE7F1E47ADE757E0460027EC5CD998 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d35b50eb6bb7b1bfb6592419d9feba47\System.Xml.ni.dll
11:56:23.0343 5628 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d35b50eb6bb7b1bfb6592419d9feba47\System.Xml.ni.dll - ok
11:56:23.0343 5628 [ B122BE74E283A2BC7FEBC180BFD2EFD5 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
11:56:23.0343 5628 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
11:56:23.0343 5628 [ B611CB7FE91EBB8AD31C89B14912C35B ] C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
11:56:23.0343 5628 C:\Program Files\CA\eTrust Antivirus\InoRpc.exe - ok
11:56:23.0343 5628 [ 7BD5AA9360945422001792D66F377BE1 ] C:\Program Files\CA\eTrust Antivirus\InConfig.dll
11:56:23.0343 5628 C:\Program Files\CA\eTrust Antivirus\InConfig.dll - ok
11:56:23.0359 5628 [ 9F7E8CCC3213CF52EC8A06C90A25B466 ] C:\Program Files\CA\eTrust Antivirus\Inocore.dll
11:56:23.0359 5628 C:\Program Files\CA\eTrust Antivirus\Inocore.dll - ok
11:56:23.0359 5628 [ E347D5F4004D469291EE28E4195232C1 ] C:\Program Files\CA\eTrust Antivirus\InoOEM.dll
11:56:23.0359 5628 C:\Program Files\CA\eTrust Antivirus\InoOEM.dll - ok
11:56:23.0359 5628 [ F54C43007FCF313820C4D088ECB671A1 ] C:\Program Files\CA\eTrust Antivirus\ScanLog.dll
11:56:23.0359 5628 C:\Program Files\CA\eTrust Antivirus\ScanLog.dll - ok
11:56:23.0359 5628 [ 96DE6A8AA9D4435F3D00DE3C36E58CAB ] C:\Program Files\CA\SharedComponents\ScanEngine\DistCfg.dll
11:56:23.0359 5628 C:\Program Files\CA\SharedComponents\ScanEngine\DistCfg.dll - ok
11:56:23.0375 5628 [ FA3781BF477D69ECBECCACE65ADD5D0B ] C:\Program Files\CA\eTrust Antivirus\InocDB.dll
11:56:23.0375 5628 C:\Program Files\CA\eTrust Antivirus\InocDB.dll - ok
11:56:23.0375 5628 [ 7365B5CA9747C84178D42CCA72486277 ] C:\WINDOWS\system32\wmasf.dll
11:56:23.0375 5628 C:\WINDOWS\system32\wmasf.dll - ok
11:56:23.0375 5628 [ 27FFC4A02954ED0F7F546B9D604A0447 ] C:\Program Files\CA\eTrust Antivirus\wBkRsrc.dll
11:56:23.0375 5628 C:\Program Files\CA\eTrust Antivirus\wBkRsrc.dll - ok
11:56:23.0375 5628 [ F30A2CFBCA7BD7032A65CD658015F004 ] C:\Program Files\CA\eTrust Antivirus\InoRT.exe
11:56:23.0375 5628 C:\Program Files\CA\eTrust Antivirus\InoRT.exe - ok
11:56:23.0375 5628 [ 97CD5E98FA0415B53448C098E979C9E8 ] C:\Program Files\CA\eTrust Antivirus\InoTask.exe
11:56:23.0375 5628 C:\Program Files\CA\eTrust Antivirus\InoTask.exe - ok
11:56:23.0390 5628 [ B6BB578AE3D512150F7D251C234BE893 ] C:\Program Files\CA\eTrust Antivirus\secAddIn.dll
11:56:23.0390 5628 C:\Program Files\CA\eTrust Antivirus\secAddIn.dll - ok
11:56:23.0390 5628 [ 30C038A09DFB949F38EE35B3BB09B7E2 ] C:\Program Files\CA\SharedComponents\ScanEngine\InoScan.dll
11:56:23.0390 5628 C:\Program Files\CA\SharedComponents\ScanEngine\InoScan.dll - ok
11:56:23.0390 5628 [ CE09401CB87A61EDEAA912ADB3D7EE4B ] C:\Program Files\CA\eTrust Antivirus\InoAlert.dll
11:56:23.0390 5628 C:\Program Files\CA\eTrust Antivirus\InoAlert.dll - ok
11:56:23.0390 5628 [ DE0F55D45CDE8E6EB1D5B7B837DCE79F ] C:\Program Files\CA\eTrust Antivirus\InocAdn.dll
11:56:23.0390 5628 C:\Program Files\CA\eTrust Antivirus\InocAdn.dll - ok
11:56:23.0406 5628 [ 0F2466F2DF240475F1E8A56653EBAC8F ] C:\Program Files\CA\SharedComponents\ScanEngine\ScanRes.dll
11:56:23.0406 5628 C:\Program Files\CA\SharedComponents\ScanEngine\ScanRes.dll - ok
11:56:23.0406 5628 [ 0185B553D587C574912C88E723D24C0D ] C:\Program Files\CA\eTrust Antivirus\InDrvCfg.dll
11:56:23.0406 5628 C:\Program Files\CA\eTrust Antivirus\InDrvCfg.dll - ok
11:56:23.0406 5628 [ D4D144857B26890D51C50E596B1C0BA5 ] C:\Program Files\CA\eTrust Antivirus\secAPI.dll
11:56:23.0406 5628 C:\Program Files\CA\eTrust Antivirus\secAPI.dll - ok
11:56:23.0406 5628 [ 50B0A1227DFF020506F846458F67E1B9 ] C:\Program Files\CA\SharedComponents\ScanEngine\arclib.dll
11:56:23.0406 5628 C:\Program Files\CA\SharedComponents\ScanEngine\arclib.dll - ok
11:56:23.0421 5628 [ 6843A3155F26FDA75974E779ECD953EB ] C:\Program Files\CA\eTrust Antivirus\poldecod.dll
11:56:23.0421 5628 C:\Program Files\CA\eTrust Antivirus\poldecod.dll - ok
11:56:23.0421 5628 [ 7DCC139FD374152A1F6111ABC29C7B4C ] C:\Program Files\CA\eTrust Antivirus\polAdn.dll
11:56:23.0421 5628 C:\Program Files\CA\eTrust Antivirus\polAdn.dll - ok
11:56:23.0421 5628 [ 694B601BFE5A50EC12B819B34D948279 ] C:\Program Files\CA\eTrust Antivirus\RPCMtAPI.dll
11:56:23.0421 5628 C:\Program Files\CA\eTrust Antivirus\RPCMtAPI.dll - ok
11:56:23.0421 5628 [ 0101D9B1B3264BA495398C1EFA4EBD32 ] C:\Program Files\CA\eTrust Antivirus\RPCMtAdn.dll
11:56:23.0421 5628 C:\Program Files\CA\eTrust Antivirus\RPCMtAdn.dll - ok
11:56:23.0437 5628 [ C1DEEA7A47F3AC4D87EAB6084D4520D1 ] C:\Program Files\CA\eTrust Antivirus\NameAPIX.dll
11:56:23.0437 5628 C:\Program Files\CA\eTrust Antivirus\NameAPIX.dll - ok
11:56:23.0437 5628 [ 003436C12CEC3AF36A6E409E9E91EF08 ] C:\Program Files\CA\SharedComponents\ScanEngine\avh32dll.dll
11:56:23.0437 5628 C:\Program Files\CA\SharedComponents\ScanEngine\avh32dll.dll - ok
11:56:23.0437 5628 [ 0F0F5B564C5A3C9B38A6220230252567 ] C:\WINDOWS\ehome\ehProxy.dll
11:56:23.0437 5628 C:\WINDOWS\ehome\ehProxy.dll - ok
11:56:23.0453 5628 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
11:56:23.0453 5628 C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe - ok
11:56:23.0453 5628 [ 3550DFA6FFFBD7604DABB28DF4ABF096 ] C:\WINDOWS\ehome\custsat.dll
11:56:23.0453 5628 C:\WINDOWS\ehome\custsat.dll - ok
11:56:23.0453 5628 [ 576FF75D51B79536C3AE7659B482B7D5 ] C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll
11:56:23.0453 5628 C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll - ok
11:56:23.0453 5628 [ 1663A135865F0BA6E853353E98E67F2A ] C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
11:56:23.0453 5628 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe - ok
11:56:23.0453 5628 [ CEB7495E17D7E2B6E519180CCD2AD0EE ] C:\PROGRA~1\CA\SHARED~1\SCANEN~1\Inodist.exe
11:56:23.0453 5628 C:\PROGRA~1\CA\SHARED~1\SCANEN~1\Inodist.exe - ok
11:56:23.0468 5628 [ 515D0E89532FA76488BE97427DE4207F ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
11:56:23.0468 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll - ok
11:56:23.0468 5628 [ 54B21273AAF8A0BA1C06494FFB21BB29 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
11:56:23.0468 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll - ok
11:56:23.0468 5628 [ F64FD5C7FEF7FC25CBA37974FF3584D7 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
11:56:23.0468 5628 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
11:56:23.0468 5628 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
11:56:23.0468 5628 C:\WINDOWS\system32\mlang.dll - ok
11:56:23.0484 5628 [ 6F640DC052CF77161A23E29261593793 ] C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
11:56:23.0484 5628 C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll - ok
11:56:23.0484 5628 [ 55C9B75102B54FA486A0BC5462E95FE4 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
11:56:23.0484 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll - ok
11:56:23.0484 5628 [ 375FD11C25F5E43E0D1620FD6114BABA ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
11:56:23.0484 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll - ok
11:56:23.0484 5628 [ 7EDF1A41E9C31DCE28BD71D6142534CC ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll
11:56:23.0484 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll - ok
11:56:23.0484 5628 [ 878F6183CEF9BEF0019FE03EE10AD269 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\41cac4885974d07de06f0b4fec9883f0\System.Configuration.ni.dll
11:56:23.0484 5628 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\41cac4885974d07de06f0b4fec9883f0\System.Configuration.ni.dll - ok
11:56:23.0500 5628 [ 30D9CFDDDE206082A5A3CF71AAB6C9C3 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
11:56:23.0500 5628 C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - ok
11:56:23.0500 5628 [ 2AE953FABED346BD0EC046E3855050DB ] C:\WINDOWS\assembly\GAC\ehiUserXp\6.0.3000.0__31bf3856ad364e35\ehiuserxp.dll
11:56:23.0500 5628 C:\WINDOWS\assembly\GAC\ehiUserXp\6.0.3000.0__31bf3856ad364e35\ehiuserxp.dll - ok
11:56:23.0500 5628 [ E247301B09B5CFFA332A00F1B7BB55F7 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
11:56:23.0500 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll - ok
11:56:23.0500 5628 [ 05E44012A70EE016945E5D6F118E4E78 ] C:\WINDOWS\system32\hcwCCnv2.ax
11:56:23.0500 5628 C:\WINDOWS\system32\hcwCCnv2.ax - ok
11:56:23.0515 5628 [ 5AC46A3A31BC58E512C4CAFD87327922 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll
11:56:23.0515 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll - ok
11:56:23.0515 5628 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
11:56:23.0515 5628 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
11:56:23.0515 5628 [ 34DCF0E4754F8FA599E33AA444742481 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll
11:56:23.0515 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll - ok
11:56:23.0515 5628 [ EA08C74D9BE05E53D3C92456413AA656 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
11:56:23.0515 5628 C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll - ok
11:56:23.0531 5628 [ BD7BD4E342AB3AB84C1441AA76213605 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll
11:56:23.0531 5628 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll - ok
11:56:23.0531 5628 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
11:56:23.0531 5628 C:\WINDOWS\system32\comsvcs.dll - ok
11:56:23.0531 5628 [ C1C268094DD3BAC9026755F8F8626F22 ] C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
11:56:23.0531 5628 C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - ok
11:56:23.0531 5628 [ 51301ACC5E5FDA65CFA1968395E5D951 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
11:56:23.0531 5628 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
11:56:23.0546 5628 [ 4E48EA036F83BD5286578F44DDB4A6B2 ] C:\WINDOWS\system32\qasf.dll
11:56:23.0546 5628 C:\WINDOWS\system32\qasf.dll - ok
11:56:23.0546 5628 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
11:56:23.0546 5628 C:\WINDOWS\system32\colbact.dll - ok
11:56:23.0546 5628 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
11:56:23.0546 5628 C:\WINDOWS\system32\mtxclu.dll - ok
11:56:23.0546 5628 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
11:56:23.0546 5628 C:\WINDOWS\system32\clusapi.dll - ok
11:56:23.0562 5628 [ DA00B148E85819771D47A357708C0B1E ] C:\WINDOWS\system32\WMVXENCD.dll
11:56:23.0562 5628 C:\WINDOWS\system32\WMVXENCD.dll - ok
11:56:23.0562 5628 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
11:56:23.0562 5628 C:\WINDOWS\system32\resutils.dll - ok
11:56:23.0562 5628 [ 2B8B64AA14F817BDF3E3204FB041A61D ] C:\WINDOWS\system32\mtxoci.dll
11:56:23.0562 5628 C:\WINDOWS\system32\mtxoci.dll - ok
11:56:23.0562 5628 [ 98B17BDA1D0BEA2FC8313DB218C0139F ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
11:56:23.0562 5628 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
11:56:23.0578 5628 [ BA26DDBB7C725C2914D125377777E24F ] C:\WINDOWS\system32\WMVDECOD.dll
11:56:23.0578 5628 C:\WINDOWS\system32\WMVDECOD.dll - ok
11:56:23.0578 5628 [ 30B5A2254561E21CCC7BA21F80165D0B ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
11:56:23.0578 5628 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
11:56:23.0578 5628 [ 44DE39CB56D1919346C09C92A4B57C69 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
11:56:23.0578 5628 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
11:56:23.0578 5628 [ 88E05F3B2031980A48D458EB78C67659 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
11:56:23.0578 5628 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
11:56:23.0578 5628 [ 58ED45BFB06EC7C6B7D151B77247E4B3 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll
11:56:23.0578 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll - ok
11:56:23.0593 5628 [ 8DA93D9A662E4BA18802BC6C2CCACD66 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll
11:56:23.0593 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll - ok
11:56:23.0593 5628 [ C1C4025B5F5311AC8BCC318B0C244D58 ] C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
11:56:23.0593 5628 C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - ok
11:56:23.0593 5628 [ EB97291E3C9E0035B47B45DBB1AF710D ] C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
11:56:23.0593 5628 C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - ok
11:56:23.0593 5628 [ 5472D771C0197355C1D347F20392B982 ] C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
11:56:23.0593 5628 C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe - ok
11:56:23.0609 5628 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\msvcr100.dll
11:56:23.0609 5628 C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\msvcr100.dll - ok
11:56:23.0609 5628 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
11:56:23.0609 5628 C:\WINDOWS\system32\pdh.dll - ok
11:56:23.0609 5628 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
11:56:23.0609 5628 C:\WINDOWS\system32\odbcbcp.dll - ok
11:56:23.0609 5628 [ 860FAD57B4668A9F5F350A9D5444AE89 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
11:56:23.0609 5628 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
11:56:23.0625 5628 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
11:56:23.0625 5628 C:\WINDOWS\system32\perfos.dll - ok
11:56:23.0625 5628 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
11:56:23.0625 5628 C:\WINDOWS\system32\perfdisk.dll - ok
11:56:23.0625 5628 [ 9646A100ACF21516DB1052BC419332BA ] C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe
11:56:23.0625 5628 C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe - ok
11:56:23.0625 5628 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
11:56:23.0625 5628 C:\WINDOWS\system32\drivers\cdfs.sys - ok
11:56:23.0640 5628 [ DB5AC0F93742D926BDEAA7BB6CE591C1 ] C:\WINDOWS\system32\wmvds32.ax
11:56:23.0640 5628 C:\WINDOWS\system32\wmvds32.ax - ok
11:56:23.0640 5628 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
11:56:23.0640 5628 C:\WINDOWS\system32\srvsvc.dll - ok
11:56:23.0640 5628 [ 5D4B38A8D8525356798F5E560C3A3090 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:56:23.0640 5628 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
11:56:23.0640 5628 [ 834F0F9C80EDF4C80026F3F13DE995F5 ] C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\CabDirectory.dll
11:56:23.0640 5628 C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\CabDirectory.dll - ok
11:56:23.0640 5628 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
11:56:23.0640 5628 C:\WINDOWS\system32\netmsg.dll - ok
11:56:23.0656 5628 [ C8DBF703BA6788A51DB342F6A366DDCD ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
11:56:23.0656 5628 C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
11:56:23.0656 5628 [ D9644240103E4C16F18FACD4A1B7AD72 ] C:\Program Files\Common Files\LightScribe\LSLog.dll
11:56:23.0656 5628 C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
11:56:23.0656 5628 [ CF081BB874C40AC94BAA309C16877392 ] C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\Cab.dll
11:56:23.0656 5628 C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\Cab.dll - ok
11:56:23.0656 5628 [ FF23862146A682FCC3DBAA002E22F958 ] C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
11:56:23.0656 5628 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe - ok
11:56:23.0671 5628 [ BF986DA81F1BBFF6542073AB52976972 ] C:\Program Files\HP\HPLaserJetService\HPServiceCommunicator.dll
11:56:23.0671 5628 C:\Program Files\HP\HPLaserJetService\HPServiceCommunicator.dll - ok
11:56:23.0671 5628 [ 6E1C294DDC4460CBB9E56817BD4C01F5 ] C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\OrbMedia.dll
11:56:23.0671 5628 C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\OrbMedia.dll - ok
11:56:23.0671 5628 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
11:56:23.0671 5628 C:\WINDOWS\system32\drivers\srv.sys - ok
11:56:23.0671 5628 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
11:56:23.0687 5628 C:\WINDOWS\system32\spoolss.dll - ok
11:56:23.0687 5628 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
11:56:23.0687 5628 C:\WINDOWS\system32\localspl.dll - ok
11:56:23.0687 5628 [ 7C300C535ECE3301C029DFE0E17930BC ] C:\WINDOWS\system32\wmv8ds32.ax
11:56:23.0687 5628 C:\WINDOWS\system32\wmv8ds32.ax - ok
11:56:23.0687 5628 [ 5BB01B9F582259D1FB7653C5C1DA3653 ] C:\WINDOWS\system32\drivers\mcstrm.sys
11:56:23.0687 5628 C:\WINDOWS\system32\drivers\mcstrm.sys - ok
11:56:23.0687 5628 [ E246A32C445056996074A397DA56E815 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
11:56:23.0687 5628 C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
11:56:23.0703 5628 [ 3A762241E46508D042FC91387660A038 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7ec47c4afad694faa491abd6b45928a\System.Runtime.Remoting.ni.dll
11:56:23.0703 5628 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7ec47c4afad694faa491abd6b45928a\System.Runtime.Remoting.ni.dll - ok
11:56:23.0703 5628 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
11:56:23.0703 5628 C:\WINDOWS\system32\cnbjmon.dll - ok
11:56:23.0703 5628 [ 24291B61AB7A21CDEB3FAC7A03995BBE ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
11:56:23.0703 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll - ok
11:56:23.0703 5628 [ 24BCBC462D2254269C54A522818F6A94 ] C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\sqlite3.dll
11:56:23.0703 5628 C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\sqlite3.dll - ok
11:56:23.0718 5628 [ C7A34FE6A489BDE549A2A77CBCB3029C ] C:\WINDOWS\system32\hppaecpm.dll
11:56:23.0718 5628 C:\WINDOWS\system32\hppaecpm.dll - ok
11:56:23.0718 5628 [ C8FDD26CBF4426F0B4528FF53E6C15B3 ] C:\WINDOWS\system32\WMVENCOD.dll
11:56:23.0718 5628 C:\WINDOWS\system32\WMVENCOD.dll - ok
11:56:23.0718 5628 [ D0F8A744D21FD65DF736A0133E3B9728 ] C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\libeay32.dll
11:56:23.0718 5628 C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\libeay32.dll - ok
11:56:23.0718 5628 [ D773437CF8ACAD89D87A830B663FD225 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
11:56:23.0718 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll - ok
11:56:23.0718 5628 [ 0268E31EA510A41900B2A3CDC25E6520 ] C:\WINDOWS\system32\ltkrn11n.dll
11:56:23.0718 5628 C:\WINDOWS\system32\ltkrn11n.dll - ok
11:56:23.0734 5628 [ A081CB6FB9A12668F233EB5414BE3A0E ] C:\WINDOWS\system32\HPZinw12.dll
11:56:23.0734 5628 C:\WINDOWS\system32\HPZinw12.dll - ok
11:56:23.0734 5628 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
11:56:23.0734 5628 C:\WINDOWS\system32\netman.dll - ok
11:56:23.0734 5628 [ 8AD6C40752596EB339D809250CF8A8E4 ] C:\WINDOWS\system32\ltfil11n.DLL
11:56:23.0734 5628 C:\WINDOWS\system32\ltfil11n.DLL - ok
11:56:23.0734 5628 [ 627FA58ADC043704F9D14CA44340956F ] C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
11:56:23.0734 5628 C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe - ok
11:56:23.0750 5628 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
11:56:23.0750 5628 C:\WINDOWS\system32\netshell.dll - ok
11:56:23.0750 5628 [ 090F0C209849DF6BF42C4BC3A212ED24 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
11:56:23.0750 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll - ok
11:56:23.0750 5628 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
11:56:23.0750 5628 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
11:56:23.0750 5628 [ 78B62E4C13378F737603136975A07E1A ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
11:56:23.0750 5628 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll - ok
11:56:23.0750 5628 [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
11:56:23.0750 5628 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
11:56:23.0765 5628 [ 5473708A73F6096A043735D2E14676A7 ] C:\Program Files\Mpeg2Decoder\ac3filter.ax
11:56:23.0765 5628 C:\Program Files\Mpeg2Decoder\ac3filter.ax - ok
11:56:23.0765 5628 [ BD1E2BB8C96105353078AD23FF5489D0 ] C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.DLL
11:56:23.0765 5628 C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.DLL - ok
11:56:23.0765 5628 [ 3B337C082CBB08B828E1DC57D3D2AA7A ] C:\WINDOWS\system32\hppfaxprintermon5.dll
11:56:23.0765 5628 C:\WINDOWS\system32\hppfaxprintermon5.dll - ok
11:56:23.0765 5628 [ 1160C00D30B0BEE83F84C8F2EE1D9B0E ] C:\WINDOWS\system32\HPTcpMon.dll
11:56:23.0765 5628 C:\WINDOWS\system32\HPTcpMon.dll - ok
11:56:23.0781 5628 [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
11:56:23.0781 5628 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
11:56:23.0781 5628 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
11:56:23.0781 5628 C:\WINDOWS\system32\credui.dll - ok
11:56:23.0781 5628 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
11:56:23.0781 5628 C:\WINDOWS\system32\dot3dlg.dll - ok
11:56:23.0781 5628 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
11:56:23.0781 5628 C:\WINDOWS\system32\onex.dll - ok
11:56:23.0781 5628 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
11:56:23.0781 5628 C:\WINDOWS\system32\eappcfg.dll - ok
11:56:23.0796 5628 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
11:56:23.0796 5628 C:\WINDOWS\system32\eappprxy.dll - ok
11:56:23.0796 5628 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
11:56:23.0796 5628 C:\WINDOWS\system32\wzcsapi.dll - ok
11:56:23.0796 5628 [ C8F849B7762ED250793B66BABD99AFA4 ] C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\id3lib.dll
11:56:23.0796 5628 C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\id3lib.dll - ok
11:56:23.0796 5628 [ 16F96C1496CBD0965285AB19A9271D02 ] C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
11:56:23.0796 5628 C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
11:56:23.0812 5628 [ 81BA5D3CE0BD3C52F1E443B4211DE97E ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\b809681da85a58046cb39f268b6697ad\System.Web.ni.dll
11:56:23.0812 5628 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\b809681da85a58046cb39f268b6697ad\System.Web.ni.dll - ok
11:56:23.0812 5628 [ 32945996A75D379CD2C64EE9D0295DAD ] C:\WINDOWS\system32\HPTcpMUI.dll
11:56:23.0812 5628 C:\WINDOWS\system32\HPTcpMUI.dll - ok
11:56:23.0812 5628 [ 3584A093E8778C9E5F80CED99F0B7F35 ] C:\WINDOWS\system32\hpzjrd01.dll
11:56:23.0812 5628 C:\WINDOWS\system32\hpzjrd01.dll - ok
11:56:23.0812 5628 [ 60528039DC5FC91DCF4B3E44DCCEC370 ] C:\Program Files\Adobe\Adobe Premiere Elements 8.0\ad2l2ae.ax
11:56:23.0812 5628 C:\Program Files\Adobe\Adobe Premiere Elements 8.0\ad2l2ae.ax - ok
11:56:23.0812 5628 [ 9434183B53AFDEBAFF427CEC3EA21783 ] C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\ogg.dll
11:56:23.0812 5628 C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\ogg.dll - ok
11:56:23.0828 5628 [ A49D931EFD7473A18FA061D824AB7A98 ] C:\WINDOWS\system32\HPTcpMib.dll
11:56:23.0828 5628 C:\WINDOWS\system32\HPTcpMib.dll - ok
11:56:23.0828 5628 [ 1E744353BD534405187A404667DA3DC3 ] C:\WINDOWS\system32\mgmtapi.dll
11:56:23.0828 5628 C:\WINDOWS\system32\mgmtapi.dll - ok
11:56:23.0828 5628 [ F223A912D62C4A97C387B49D7A7CB515 ] C:\Program Files\Adobe\Adobe Premiere Elements 8.0\ad2mpgaout.dll
11:56:23.0828 5628 C:\Program Files\Adobe\Adobe Premiere Elements 8.0\ad2mpgaout.dll - ok
11:56:23.0828 5628 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
11:56:23.0828 5628 C:\WINDOWS\system32\snmpapi.dll - ok
11:56:23.0843 5628 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
11:56:23.0843 5628 C:\WINDOWS\system32\ipsecsvc.dll - ok
11:56:23.0843 5628 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
11:56:23.0843 5628 C:\WINDOWS\system32\regsvc.dll - ok
11:56:23.0843 5628 [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll
11:56:23.0843 5628 C:\WINDOWS\system32\wsnmp32.dll - ok
11:56:23.0843 5628 [ 65BC271F337637731D3C71455AE1F476 ] C:\WINDOWS\system32\HPZipm12.dll
11:56:23.0843 5628 C:\WINDOWS\system32\HPZipm12.dll - ok
11:56:23.0843 5628 [ 868E6C58E9B301A768AE50E2A8E3C5D5 ] C:\WINDOWS\ehome\RMSvc.exe
11:56:23.0843 5628 C:\WINDOWS\ehome\RMSvc.exe - ok
11:56:23.0859 5628 [ 79637AFFD8B1D24E674D51A1E7930C0A ] C:\WINDOWS\system32\lmdimon8.dll
11:56:23.0859 5628 C:\WINDOWS\system32\lmdimon8.dll - ok
11:56:23.0859 5628 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
11:56:23.0859 5628 C:\WINDOWS\system32\oakley.dll - ok
11:56:23.0859 5628 [ C1E63D2385E9B717B0A9BFA27121F7BA ] C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\OrbRequestProxy.dll
11:56:23.0859 5628 C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\OrbRequestProxy.dll - ok
11:56:23.0859 5628 [ CC6292CA575E851E5B74BF8883AB967A ] C:\WINDOWS\system32\fxsmon.dll
11:56:23.0859 5628 C:\WINDOWS\system32\fxsmon.dll - ok
11:56:23.0859 5628 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
11:56:23.0859 5628 C:\WINDOWS\system32\seclogon.dll - ok
11:56:23.0875 5628 [ BDB83C844EDEC9BD01A94750D2C38DDF ] C:\WINDOWS\system32\fxsevent.dll
11:56:23.0875 5628 C:\WINDOWS\system32\fxsevent.dll - ok
11:56:23.0875 5628 [ D6E858F9496F7869D18B559AC5565C08 ] C:\WINDOWS\system32\WMSPDMOE.dll
11:56:23.0875 5628 C:\WINDOWS\system32\WMSPDMOE.dll - ok
11:56:23.0875 5628 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
11:56:23.0875 5628 C:\WINDOWS\system32\sens.dll - ok
11:56:23.0875 5628 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
11:56:23.0875 5628 C:\WINDOWS\system32\winipsec.dll - ok
11:56:23.0875 5628 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
11:56:23.0875 5628 C:\WINDOWS\system32\pjlmon.dll - ok
11:56:23.0890 5628 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
11:56:23.0890 5628 C:\WINDOWS\system32\tcpmon.dll - ok
11:56:23.0890 5628 [ 39E32722DF857705A62435AF1D191665 ] C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\OrbDMS.dll
11:56:23.0890 5628 C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\OrbDMS.dll - ok
11:56:23.0890 5628 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
11:56:23.0890 5628 C:\WINDOWS\system32\usbmon.dll - ok

(Second Part)


11:56:23.0890 5628 [ 1E00A6496E303DD73924A0D29C0CDB48 ] C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
11:56:23.0890 5628 C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe - ok
11:56:23.0906 5628 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
11:56:23.0906 5628 C:\WINDOWS\system32\pstorsvc.dll - ok
11:56:23.0906 5628 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
11:56:23.0906 5628 C:\WINDOWS\system32\psbase.dll - ok
11:56:23.0906 5628 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
11:56:23.0906 5628 C:\WINDOWS\system32\dssenh.dll - ok
11:56:23.0906 5628 [ 43FDC928AB1CA0CD27E0CE1D15051024 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\hpcpp103.dll
11:56:23.0906 5628 C:\WINDOWS\system32\spool\prtprocs\w32x86\hpcpp103.dll - ok
11:56:23.0906 5628 [ F054572A92573CA32D5F3AA8C15D2BAC ] C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
11:56:23.0906 5628 C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
11:56:23.0921 5628 [ 735DAAFB0F8B1421E99DE44191095CEC ] C:\WINDOWS\system32\spool\prtprocs\w32x86\HPZPP3Y0.DLL
11:56:23.0921 5628 C:\WINDOWS\system32\spool\prtprocs\w32x86\HPZPP3Y0.DLL - ok
11:56:23.0921 5628 [ 033F4C2023DDFC096C0877CAAEAB9872 ] C:\WINDOWS\system32\WMADMOE.dll
11:56:23.0921 5628 C:\WINDOWS\system32\WMADMOE.dll - ok
11:56:23.0921 5628 [ 07E9E2E77B3A54C9A2FB1FDED65C423F ] C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\OrbImageProcessing.dll
11:56:23.0921 5628 C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\OrbImageProcessing.dll - ok
11:56:23.0921 5628 [ 597EE79CB8F514695DF87F01D39C74D8 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\lmdippr8.dll
11:56:23.0921 5628 C:\WINDOWS\system32\spool\prtprocs\w32x86\lmdippr8.dll - ok
11:56:23.0937 5628 [ 58E13A2292839321D3CDC918D5A4F5AE ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
11:56:23.0937 5628 C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
11:56:23.0937 5628 [ 04DE2774C2A6602DA45E9E76D46BC071 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
11:56:23.0937 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll - ok
11:56:23.0937 5628 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
11:56:23.0937 5628 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
11:56:23.0937 5628 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\Skype\Updater\Updater.exe
11:56:23.0937 5628 C:\Program Files\Skype\Updater\Updater.exe - ok
11:56:23.0953 5628 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
11:56:23.0953 5628 C:\WINDOWS\system32\win32spl.dll - ok
11:56:23.0953 5628 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
11:56:23.0953 5628 C:\WINDOWS\system32\srsvc.dll - ok
11:56:23.0953 5628 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
11:56:23.0953 5628 C:\WINDOWS\system32\ssdpsrv.dll - ok
11:56:23.0953 5628 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
11:56:23.0953 5628 C:\WINDOWS\system32\termsrv.dll - ok
11:56:23.0953 5628 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
11:56:23.0953 5628 C:\WINDOWS\system32\netrap.dll - ok
11:56:23.0968 5628 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
11:56:23.0968 5628 C:\WINDOWS\system32\trkwks.dll - ok
11:56:23.0968 5628 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
11:56:23.0968 5628 C:\WINDOWS\system32\wiaservc.dll - ok
11:56:23.0968 5628 [ 51BEB8C80F32DF6361ACF75841F972C3 ] C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\OrbUPnPControlPoint.dll
11:56:23.0968 5628 C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\OrbUPnPControlPoint.dll - ok
11:56:23.0968 5628 [ 5144AE67D60EC653F97DDF3FEED29E77 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:56:23.0968 5628 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
11:56:23.0984 5628 [ 8255FCEEF3566C44E6F2BCFE15EB198F ] C:\WINDOWS\system32\WMADMOD.dll
11:56:23.0984 5628 C:\WINDOWS\system32\WMADMOD.dll - ok
11:56:23.0984 5628 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
11:56:23.0984 5628 C:\WINDOWS\system32\cfgmgr32.dll - ok
11:56:23.0984 5628 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
11:56:23.0984 5628 C:\WINDOWS\system32\inetpp.dll - ok
11:56:23.0984 5628 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
11:56:23.0984 5628 C:\WINDOWS\system32\icaapi.dll - ok
11:56:23.0984 5628 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
11:56:23.0984 5628 C:\WINDOWS\system32\mscms.dll - ok
11:56:24.0000 5628 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
11:56:24.0000 5628 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
11:56:24.0000 5628 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
11:56:24.0000 5628 C:\WINDOWS\system32\mstlsapi.dll - ok
11:56:24.0000 5628 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
11:56:24.0000 5628 C:\WINDOWS\system32\vssapi.dll - ok
11:56:24.0000 5628 [ 1337566B0A156B97AACF49274D81617A ] C:\WINDOWS\assembly\GAC_32\KEDDS.EasyShareLibrary\1.4.0.514__242c5d71c1afd5bb\KEDDS.EasyShareLibrary.dll
11:56:24.0000 5628 C:\WINDOWS\assembly\GAC_32\KEDDS.EasyShareLibrary\1.4.0.514__242c5d71c1afd5bb\KEDDS.EasyShareLibrary.dll - ok
11:56:24.0000 5628 [ 9631B15DB7C43C267636FF43C3075E07 ] C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
11:56:24.0000 5628 C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - ok
11:56:24.0015 5628 [ 3AED76082731F7DA2E6E0F58E525F186 ] C:\WINDOWS\system32\msadds32.ax
11:56:24.0015 5628 C:\WINDOWS\system32\msadds32.ax - ok
11:56:24.0015 5628 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
11:56:24.0015 5628 C:\WINDOWS\system32\sensapi.dll - ok
11:56:24.0015 5628 [ 5EB87BA0B93CA7E894FC8002E3CE4C2A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
11:56:24.0015 5628 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
11:56:24.0015 5628 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
11:56:24.0015 5628 C:\WINDOWS\system32\winhttp.dll - ok
11:56:24.0031 5628 [ FC592D8A1D6244D2F78F669244A93822 ] C:\WINDOWS\system32\hpgwiamd.dll
11:56:24.0031 5628 C:\WINDOWS\system32\hpgwiamd.dll - ok
11:56:24.0031 5628 [ 742370CC4C68D9394F7B3F20CDB6E335 ] C:\Program Files\HP\Shared Files\claud.ax
11:56:24.0031 5628 C:\Program Files\HP\Shared Files\claud.ax - ok
11:56:24.0031 5628 [ 217D2535A65B87016534CCAD845606CD ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\log4net\d2c2a2239c28d1439dc4ba92b5c77b0b\log4net.ni.dll
11:56:24.0031 5628 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\log4net\d2c2a2239c28d1439dc4ba92b5c77b0b\log4net.ni.dll - ok
11:56:24.0031 5628 [ F9791E71FAD17DE100F135FDFBD27A5C ] C:\WINDOWS\system32\hpxp1410.dll
11:56:24.0031 5628 C:\WINDOWS\system32\hpxp1410.dll - ok
11:56:24.0046 5628 [ 2849F13593D2712CCB97FFBDD3C1232E ] C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
11:56:24.0046 5628 C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - ok
11:56:24.0046 5628 [ C7C84DF7233F4834CD190F3DCCAF50CA ] C:\WINDOWS\system32\rdpwsx.dll
11:56:24.0046 5628 C:\WINDOWS\system32\rdpwsx.dll - ok
11:56:24.0046 5628 [ 905FEDED93EAD3DC973C3D7CC0F1F332 ] C:\WINDOWS\assembly\GAC_32\EastmanKodakCompany.EasyShare\2.0.4523.7930__e736f44e197b3380\EastmanKodakCompany.EasyShare.dll
11:56:24.0046 5628 C:\WINDOWS\assembly\GAC_32\EastmanKodakCompany.EasyShare\2.0.4523.7930__e736f44e197b3380\EastmanKodakCompany.EasyShare.dll - ok
11:56:24.0046 5628 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
11:56:24.0046 5628 C:\WINDOWS\system32\wscsvc.dll - ok
11:56:24.0046 5628 [ 7778BDFA3F6F6FBA0E75B9594098F737 ] C:\WINDOWS\system32\searchindexer.exe
11:56:24.0046 5628 C:\WINDOWS\system32\searchindexer.exe - ok
11:56:24.0062 5628 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
11:56:24.0062 5628 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
11:56:24.0062 5628 [ E81AAFE1D1B682711BF6E974A1ABC446 ] C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
11:56:24.0062 5628 C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
11:56:24.0062 5628 [ E0D080E322FA3B26A05E070FAD0CB4A4 ] C:\WINDOWS\system32\hpptsp08.dll
11:56:24.0062 5628 C:\WINDOWS\system32\hpptsp08.dll - ok
11:56:24.0062 5628 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
11:56:24.0062 5628 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
11:56:24.0078 5628 [ 0CBD1906F74BEB539FCEF6493095B933 ] C:\WINDOWS\system32\tquery.dll
11:56:24.0078 5628 C:\WINDOWS\system32\tquery.dll - ok
11:56:24.0078 5628 [ 65AB29D27BFA16E343F6457F5623788E ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\709bb78b419d5d5e30f2acfd722abb29\System.Runtime.Serialization.Formatters.Soap.ni.dll
11:56:24.0078 5628 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\709bb78b419d5d5e30f2acfd722abb29\System.Runtime.Serialization.Formatters.Soap.ni.dll - ok
11:56:24.0078 5628 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
11:56:24.0078 5628 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
11:56:24.0078 5628 [ FD1FEF05E280B10C9618A2240F7E3E80 ] C:\Program Files\Adobe\Adobe Premiere Elements 8.0\ad2l2ad.ax
11:56:24.0078 5628 C:\Program Files\Adobe\Adobe Premiere Elements 8.0\ad2l2ad.ax - ok
11:56:24.0078 5628 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
11:56:24.0078 5628 C:\WINDOWS\system32\wbem\esscli.dll - ok
11:56:24.0093 5628 [ 1D109ED0D660654EA7FF1574558031C4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
11:56:24.0093 5628 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll - ok
11:56:24.0093 5628 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
11:56:24.0093 5628 C:\WINDOWS\system32\wbem\fastprox.dll - ok
11:56:24.0093 5628 [ FD5EAC0C148E96DF4E2160354C54360C ] C:\WINDOWS\system32\shdocvw.dll
11:56:24.0093 5628 C:\WINDOWS\system32\shdocvw.dll - ok
11:56:24.0109 5628 [ 89D74683C859B7982056D15938BACA3E ] C:\WINDOWS\system32\propsys.dll
11:56:24.0109 5628 C:\WINDOWS\system32\propsys.dll - ok
11:56:24.0109 5628 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
11:56:24.0109 5628 C:\WINDOWS\system32\actxprxy.dll - ok
11:56:24.0109 5628 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
11:56:24.0109 5628 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
11:56:24.0109 5628 [ C56B6D0402371CF3700EB322EF3AAF61 ] C:\WINDOWS\system32\drivers\tdtcp.sys
11:56:24.0109 5628 C:\WINDOWS\system32\drivers\tdtcp.sys - ok
11:56:24.0125 5628 [ 6C9DDCB878A92F31804C9D5E7F890F97 ] C:\Program Files\HP\HPLaserJetService\LEDMXMLObjects.dll
11:56:24.0125 5628 C:\Program Files\HP\HPLaserJetService\LEDMXMLObjects.dll - ok
11:56:24.0125 5628 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] C:\WINDOWS\system32\drivers\rdpwd.sys
11:56:24.0125 5628 C:\WINDOWS\system32\drivers\rdpwd.sys - ok
11:56:24.0125 5628 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
11:56:24.0125 5628 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
11:56:24.0125 5628 [ 461BE0C1231917C9604C296BCEC88C6E ] C:\WINDOWS\assembly\GAC_MSIL\Interop.CABLib\1.0.0.0__22d4e935d6ab0180\Interop.CABLib.dll
11:56:24.0125 5628 C:\WINDOWS\assembly\GAC_MSIL\Interop.CABLib\1.0.0.0__22d4e935d6ab0180\Interop.CABLib.dll - ok
11:56:24.0140 5628 [ E65C5F612400B39D7AA83E7057D798C2 ] C:\WINDOWS\system32\mssrch.dll
11:56:24.0140 5628 C:\WINDOWS\system32\mssrch.dll - ok
11:56:24.0140 5628 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
11:56:24.0140 5628 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
11:56:24.0140 5628 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
11:56:24.0140 5628 C:\WINDOWS\system32\mydocs.dll - ok
11:56:24.0140 5628 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
11:56:24.0140 5628 C:\WINDOWS\system32\ntshrui.dll - ok
11:56:24.0156 5628 [ C23A0AA0A88E776839C559A056CC0852 ] C:\Program Files\HP\HPLaserJetService\HPHTTPProxy.dll
11:56:24.0156 5628 C:\Program Files\HP\HPLaserJetService\HPHTTPProxy.dll - ok
11:56:24.0156 5628 [ D8A271A5AA143A378B3B4E253A42637C ] C:\Program Files\Adobe\Adobe Premiere Elements 8.0\ad2mpgadec.dll
11:56:24.0156 5628 C:\Program Files\Adobe\Adobe Premiere Elements 8.0\ad2mpgadec.dll - ok
11:56:24.0156 5628 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Adobe\Adobe Premiere Elements 8.0\msvcr71.dll
11:56:24.0156 5628 C:\Program Files\Adobe\Adobe Premiere Elements 8.0\msvcr71.dll - ok
11:56:24.0156 5628 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
11:56:24.0156 5628 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
11:56:24.0171 5628 [ DEC20189F9DD6D193E16096A9C661097 ] C:\Program Files\HP\HPLaserJetService\HPLogger.dll
11:56:24.0171 5628 C:\Program Files\HP\HPLaserJetService\HPLogger.dll - ok
11:56:24.0171 5628 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Adobe\Adobe Premiere Elements 8.0\msvcp71.dll
11:56:24.0171 5628 C:\Program Files\Adobe\Adobe Premiere Elements 8.0\msvcp71.dll - ok
11:56:24.0171 5628 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
11:56:24.0171 5628 C:\WINDOWS\system32\wbem\wbemess.dll - ok
11:56:24.0171 5628 [ CA8F147526086A49D7B308C3CDF3FB28 ] C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
11:56:24.0171 5628 C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - ok
11:56:24.0187 5628 [ 937205B9483FE3B4F80DCF681AF8B2DE ] C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveedsmpeg.ax
11:56:24.0187 5628 C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveedsmpeg.ax - ok
11:56:24.0187 5628 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
11:56:24.0187 5628 C:\WINDOWS\system32\wuauserv.dll - ok
11:56:24.0187 5628 [ 55A7A2FDEB8613FE308D44D3F76F3A30 ] C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveempgdec.dll
11:56:24.0187 5628 C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveempgdec.dll - ok
11:56:24.0187 5628 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
11:56:24.0187 5628 C:\WINDOWS\system32\wuaueng.dll - ok
11:56:24.0187 5628 [ 43E4758953F454090CAD65C303796ED5 ] C:\WINDOWS\system32\query.dll
11:56:24.0187 5628 C:\WINDOWS\system32\query.dll - ok
11:56:24.0203 5628 [ 47FCF6628E1A221C41F3F0130FBF258E ] C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\ELService.exe
11:56:24.0203 5628 C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\ELService.exe - ok
11:56:24.0203 5628 [ CC03743E3756ACE6699D9B1504F52385 ] C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140001_4fb534f8\EasyShrx.Dll
11:56:24.0203 5628 C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140001_4fb534f8\EasyShrx.Dll - ok
11:56:24.0203 5628 [ BEC8D118490817F93FBE620B30EC7264 ] C:\WINDOWS\ehome\McrdSvc.exe
11:56:24.0203 5628 C:\WINDOWS\ehome\McrdSvc.exe - ok
11:56:24.0203 5628 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
11:56:24.0203 5628 C:\WINDOWS\system32\cabinet.dll - ok
11:56:24.0203 5628 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
11:56:24.0203 5628 C:\WINDOWS\system32\mspatcha.dll - ok
11:56:24.0218 5628 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
11:56:24.0218 5628 C:\WINDOWS\system32\ssdpapi.dll - ok
11:56:24.0218 5628 [ F5CB6E56546FCB5114E0E9BD60BA57EB ] C:\WINDOWS\ehome\RMCtl.dll
11:56:24.0218 5628 C:\WINDOWS\ehome\RMCtl.dll - ok
11:56:24.0218 5628 [ 640E9896DC011D42535D9811D0323032 ] C:\Program Files\Adobe\Adobe Premiere Elements 8.0\ad2ddad.ax
11:56:24.0218 5628 C:\Program Files\Adobe\Adobe Premiere Elements 8.0\ad2ddad.ax - ok
11:56:24.0218 5628 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
11:56:24.0218 5628 C:\WINDOWS\system32\browser.dll - ok
11:56:24.0218 5628 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
11:56:24.0218 5628 C:\WINDOWS\system32\ipnathlp.dll - ok
11:56:24.0234 5628 [ 9EF228D89B652765777F3E97CC771999 ] C:\Program Files\Adobe\Adobe Premiere Elements 8.0\ad2dddec.dll
11:56:24.0234 5628 C:\Program Files\Adobe\Adobe Premiere Elements 8.0\ad2dddec.dll - ok
11:56:24.0234 5628 [ C05B6758FE8D0FF2FCE7C274E0D5A9AB ] C:\Program Files\Common Files\Adobe\DVA\COM\Rel1\ad2mcdsmpeg.ax
11:56:24.0234 5628 C:\Program Files\Common Files\Adobe\DVA\COM\Rel1\ad2mcdsmpeg.ax - ok
11:56:24.0234 5628 [ 9C25274FA7AD0A4B1FE4C9917C45F349 ] C:\Program Files\Common Files\Adobe\DVA\COM\Rel1\ad2mcmpgdec.dll
11:56:24.0234 5628 C:\Program Files\Common Files\Adobe\DVA\COM\Rel1\ad2mcmpgdec.dll - ok
11:56:24.0234 5628 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
11:56:24.0234 5628 C:\WINDOWS\system32\wups.dll - ok
11:56:24.0234 5628 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
11:56:24.0234 5628 C:\WINDOWS\system32\wups2.dll - ok
11:56:24.0250 5628 [ 246BBA8CDE36ABB028DAEFE4100CF9E2 ] C:\WINDOWS\system32\xmllite.dll
11:56:24.0250 5628 C:\WINDOWS\system32\xmllite.dll - ok
11:56:24.0250 5628 [ 24E491D74B4A90D95658684DA9363D83 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
11:56:24.0250 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll - ok
11:56:24.0250 5628 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
11:56:24.0250 5628 C:\WINDOWS\system32\wuapi.dll - ok
11:56:24.0250 5628 [ 06352C04CBC62FBC82F70485D45F9F12 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
11:56:24.0250 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll - ok
11:56:24.0265 5628 [ 7E1174E9A3D17855680E144AA5D130A1 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
11:56:24.0265 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll - ok
11:56:24.0265 5628 [ 26D5EFEC0C05150B93305A939490D71A ] C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
11:56:24.0265 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll - ok
11:56:24.0265 5628 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
11:56:24.0265 5628 C:\WINDOWS\system32\wbem\ncprov.dll - ok
11:56:24.0265 5628 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
11:56:24.0265 5628 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
11:56:24.0265 5628 [ 759FD48B5FA46D634E92BC8820B44D01 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\MediaEngine.dll
11:56:24.0281 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\MediaEngine.dll - ok
11:56:24.0281 5628 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
11:56:24.0281 5628 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
11:56:24.0281 5628 [ E91B5FA739CCF7F0CE3282B0FCFA5108 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
11:56:24.0281 5628 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
11:56:24.0281 5628 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
11:56:24.0281 5628 C:\WINDOWS\system32\wuauclt.exe - ok
11:56:24.0281 5628 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
11:56:24.0281 5628 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
11:56:24.0296 5628 [ 50D2943D426BA91771AD87FDEC802AC3 ] C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
11:56:24.0296 5628 C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - ok
11:56:24.0296 5628 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
11:56:24.0296 5628 C:\WINDOWS\system32\wbem\framedyn.dll - ok
11:56:24.0296 5628 [ A125CBFE55C05735417786DD15A5BE76 ] C:\WINDOWS\system32\tscfgwmi.dll
11:56:24.0296 5628 C:\WINDOWS\system32\tscfgwmi.dll - ok
11:56:24.0296 5628 [ D6F5D2245D53B5F5D3939137A7EC97EC ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
11:56:24.0296 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll - ok
11:56:24.0312 5628 [ A71A91C57D2832C5D6D3F1917830BEE8 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
11:56:24.0312 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll - ok
11:56:24.0312 5628 [ 68A84E7D86995088127F30E5D118C4E2 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
11:56:24.0312 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll - ok
11:56:24.0312 5628 [ 712FA98F6794152B349FD74A702F40F7 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
11:56:24.0312 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll - ok
11:56:24.0312 5628 [ FFB3115AA757ABEFBA7FBA90BAD5DD0A ] C:\WINDOWS\system32\en-us\tquery.dll.mui
11:56:24.0312 5628 C:\WINDOWS\system32\en-us\tquery.dll.mui - ok
11:56:24.0328 5628 [ B89CB7F3F1A1E2807E708F5435DEB13D ] C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
11:56:24.0328 5628 C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll - ok
11:56:24.0328 5628 [ 8F580BCC5296ECC9DC8A649D75BE6BA5 ] C:\WINDOWS\system32\msscb.dll
11:56:24.0328 5628 C:\WINDOWS\system32\msscb.dll - ok
11:56:24.0328 5628 [ 5CA12FFDF8507FE0EABC52C06E2AAF45 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESAppGScan.dll
11:56:24.0328 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESAppGScan.dll - ok
11:56:24.0328 5628 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
11:56:24.0328 5628 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll - ok
11:56:24.0328 5628 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
11:56:24.0328 5628 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll - ok
11:56:24.0343 5628 [ 2C62186C279BD9DE97234412C6C49170 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\UIFx.dll
11:56:24.0343 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\UIFx.dll - ok
11:56:24.0343 5628 [ 3B5F33AC40444A25F31E9F58FC53A36D ] C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaImage.dll
11:56:24.0343 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaImage.dll - ok
11:56:24.0343 5628 [ E43C3D10E560DBEACFBC12BF888703A7 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
11:56:24.0343 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll - ok
11:56:24.0343 5628 [ AED8B65C3B2ADB9B55648F2AF17419A2 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaDB.esx
11:56:24.0343 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaDB.esx - ok
11:56:24.0359 5628 [ CE652D887DE875B24BE66901C8C05F62 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
11:56:24.0359 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll - ok
11:56:24.0359 5628 [ 4F7AB39DB439A2AF35550262F52B57BA ] C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
11:56:24.0359 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll - ok
11:56:24.0359 5628 [ 0C06A80DFFA51E0EB9C5CE3DF703BC46 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
11:56:24.0359 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll - ok
11:56:24.0359 5628 [ 610BD5277537CF9D1189E763100EE08B ] C:\Program Files\Kodak\Kodak EasyShare software\bin\KCat40.dll
11:56:24.0359 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\KCat40.dll - ok
11:56:24.0375 5628 [ 937FBD23997A91AF923D5E89286126BD ] C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.DLL
11:56:24.0375 5628 C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.DLL - ok
11:56:24.0375 5628 [ BE9D67C75E78DB0EC28C2350BEC3C5F5 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\kcor40.dll
11:56:24.0375 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\kcor40.dll - ok
11:56:24.0375 5628 [ AAB999405878AB28FB2DD79A8C8FA475 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ltdis10N.dll
11:56:24.0375 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ltdis10N.dll - ok
11:56:24.0375 5628 [ ECA75C45A071E727E9428FB197F79519 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ltkrn10N.dll
11:56:24.0375 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ltkrn10N.dll - ok
11:56:24.0375 5628 [ 693CBB8206FD64401C27E4E09306EDB1 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ltfil10N.dll
11:56:24.0375 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ltfil10N.dll - ok
11:56:24.0375 5628 [ 2C18E52D22F6E6BDE1416C207C9D81C4 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ltimg10N.dll
11:56:24.0375 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ltimg10N.dll - ok
11:56:24.0390 5628 [ D149EDF6D9126853792962FDB8C3794B ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ltefx10N.dll
11:56:24.0390 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ltefx10N.dll - ok
11:56:24.0390 5628 [ 333244713F41C02DE8502061C0A11622 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
11:56:24.0390 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll - ok
11:56:24.0390 5628 [ B2C226B27E936177376CFED291A6394E ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESApp.dll
11:56:24.0390 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESApp.dll - ok
11:56:24.0390 5628 [ B84CA0589E6ABBFF5CDB6172FC8EFAF8 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
11:56:24.0390 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx - ok
11:56:24.0406 5628 [ 6DF8BC07AD8C884237BBD08E5CD7D140 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaControls.dll
11:56:24.0406 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaControls.dll - ok
11:56:24.0406 5628 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
11:56:24.0406 5628 C:\WINDOWS\system32\icmp.dll - ok
11:56:24.0406 5628 [ B334FCA2F0878C2AF77826211DBE55BB ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
11:56:24.0406 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll - ok
11:56:24.0406 5628 [ 7A08A5578BC9B290B614F48C37612951 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocESApp.dll
11:56:24.0406 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocESApp.dll - ok
11:56:24.0421 5628 [ E5210EB71E2017951050550067C30093 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
11:56:24.0421 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll - ok
11:56:24.0421 5628 [ 26D2B399E87F2DF5DBCE2DAC24D94CFF ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
11:56:24.0421 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll - ok
11:56:24.0421 5628 [ FE88E72F1B01EF8334E47EC44117559F ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
11:56:24.0421 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll - ok
11:56:24.0421 5628 [ B37A7C2B855FA1523A6840246C250FB2 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
11:56:24.0421 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll - ok
11:56:24.0421 5628 [ F71A731E236FB55E3585DC5391D286D3 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
11:56:24.0421 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll - ok
11:56:24.0437 5628 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
11:56:24.0437 5628 C:\WINDOWS\system32\riched32.dll - ok
11:56:24.0437 5628 [ 335B5BFB36EF4A8B9D083F89BFEBA50C ] C:\Program Files\Kodak\Kodak EasyShare software\bin\Acqmod.esx
11:56:24.0437 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\Acqmod.esx - ok
11:56:24.0437 5628 [ C0770E006D0556D359F586ED86EAD004 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
11:56:24.0437 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll - ok
11:56:24.0437 5628 [ 11D49163820ACF9451DC04817C196D64 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
11:56:24.0437 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll - ok
11:56:24.0453 5628 [ 12500E86FAFEB5CB22C0ABA370CFFFBD ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
11:56:24.0453 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll - ok
11:56:24.0453 5628 [ 61D170B215333AADCA8BC1C0E7A4CF75 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\EGCreatives.esx
11:56:24.0453 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\EGCreatives.esx - ok
11:56:24.0453 5628 [ 1D114E646E5CC8B6D18238EBA210F9AE ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
11:56:24.0453 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll - ok
11:56:24.0453 5628 [ FF48FBC6974E08D0C0E790EE3FDF9309 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocEGCreatives.dll
11:56:24.0453 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocEGCreatives.dll - ok
11:56:24.0468 5628 [ 5753100F605D8B7F0981DA2863034E16 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
11:56:24.0468 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx - ok
11:56:24.0468 5628 [ B88C554317CD418F3CF07DA6D98E13F1 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESColl.esx
11:56:24.0468 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESColl.esx - ok
11:56:24.0468 5628 [ BC204CE4CD9D08D6B178DFC77095B850 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
11:56:24.0468 5628 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll - ok
11:56:24.0468 5628 [ 1793CC660605F63B14FB96C7707F75BA ] C:\WINDOWS\system32\perfproc.dll
11:56:24.0468 5628 C:\WINDOWS\system32\perfproc.dll - ok
11:56:24.0468 5628 [ 5CF5F7D7CCC128539F87E08F48A9E7A1 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
11:56:24.0468 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx - ok
11:56:24.0484 5628 [ B61E76254CCE48D7E312888CEDCCBC82 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocEsColl.dll
11:56:24.0484 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocEsColl.dll - ok
11:56:24.0484 5628 [ 10798699787A91C3EA9C47B3246BEEB4 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESDeviceSetup.esx
11:56:24.0484 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESDeviceSetup.esx - ok
11:56:24.0484 5628 [ B2919692AF764B5B34C0383285B92872 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocESDeviceSetup.dll
11:56:24.0484 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocESDeviceSetup.dll - ok
11:56:24.0484 5628 [ ED0A268000EE11BE482E85C960C0BFA2 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\PTP.esx
11:56:24.0484 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\PTP.esx - ok
11:56:24.0500 5628 [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\WINDOWS\system32\msxml4.dll
11:56:24.0500 5628 C:\WINDOWS\system32\msxml4.dll - ok
11:56:24.0500 5628 [ 0B1254CE5B32451312E4E9E5BC4DB8AC ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
11:56:24.0500 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll - ok
11:56:24.0500 5628 [ 3CAEAE7608F1BD7BA873A3B02895B106 ] C:\WINDOWS\system32\sti.dll
11:56:24.0500 5628 C:\WINDOWS\system32\sti.dll - ok
11:56:24.0500 5628 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
11:56:24.0500 5628 C:\WINDOWS\system32\drprov.dll - ok
11:56:24.0500 5628 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
11:56:24.0500 5628 C:\WINDOWS\system32\ntlanman.dll - ok
11:56:24.0515 5628 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
11:56:24.0515 5628 C:\WINDOWS\system32\netui0.dll - ok
11:56:24.0515 5628 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
11:56:24.0515 5628 C:\WINDOWS\system32\netui1.dll - ok
11:56:24.0515 5628 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
11:56:24.0515 5628 C:\WINDOWS\system32\davclnt.dll - ok
11:56:24.0515 5628 [ 0E876FC0327377F08657A1A0383DDA59 ] C:\WINDOWS\system32\wiadefui.dll
11:56:24.0515 5628 C:\WINDOWS\system32\wiadefui.dll - ok
11:56:24.0515 5628 [ 81D2A27C916C7830743E4AFA454099F7 ] C:\WINDOWS\system32\WpdShext.dll
11:56:24.0515 5628 C:\WINDOWS\system32\WpdShext.dll - ok
11:56:24.0531 5628 [ 4C48F1B30A82583CAEE0DA02DD7259EE ] C:\WINDOWS\system32\audiodev.dll
11:56:24.0531 5628 C:\WINDOWS\system32\audiodev.dll - ok
11:56:24.0531 5628 [ BF67AC2C1F41BE892B98E9B8E91C0CB8 ] C:\WINDOWS\system32\wiashext.dll
11:56:24.0531 5628 C:\WINDOWS\system32\wiashext.dll - ok
11:56:24.0531 5628 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
11:56:24.0531 5628 C:\WINDOWS\system32\cscui.dll - ok
11:56:24.0531 5628 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
11:56:24.0531 5628 C:\WINDOWS\system32\dpcdll.dll - ok
11:56:24.0531 5628 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
11:56:24.0531 5628 C:\WINDOWS\system32\userinit.exe - ok
11:56:24.0546 5628 [ 8BEAF2B4BCDE405AF7EC46A9E03B2D65 ] C:\WINDOWS\system32\mssprxy.dll
11:56:24.0546 5628 C:\WINDOWS\system32\mssprxy.dll - ok
11:56:24.0546 5628 [ 047CD344AC7B76BA3C224FAE1A4627C9 ] C:\WINDOWS\system32\WgaTray.exe
11:56:24.0546 5628 C:\WINDOWS\system32\WgaTray.exe - ok
11:56:24.0546 5628 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
11:56:24.0546 5628 C:\WINDOWS\explorer.exe - ok
11:56:24.0546 5628 [ A2B34AF33854036D88441EB965D83D3D ] C:\Documents and Settings\Tom\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe
11:56:24.0546 5628 C:\Documents and Settings\Tom\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe - ok
11:56:24.0562 5628 [ F6CC2FD47787F6E7045D544E1B568458 ] C:\Program Files\real\RealUpgrade\realupgrade.exe
11:56:24.0562 5628 C:\Program Files\real\RealUpgrade\realupgrade.exe - ok
11:56:24.0562 5628 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
11:56:24.0562 5628 C:\WINDOWS\system32\browseui.dll - ok
11:56:24.0562 5628 [ 2E0CE587C0ADC8D055090491DA86ECCD ] C:\WINDOWS\assembly\GAC_32\KEDDS.StoryShareLibrary\1.4.0.514__22d4e935d6ab0180\KEDDS.StoryShareLibrary.dll
11:56:24.0562 5628 C:\WINDOWS\assembly\GAC_32\KEDDS.StoryShareLibrary\1.4.0.514__22d4e935d6ab0180\KEDDS.StoryShareLibrary.dll - ok
11:56:24.0562 5628 [ 8A4FC52B98E8CA135B90008FFB979C2A ] C:\Program Files\real\RealUpgrade\Common\hxmedpltfm.dll
11:56:24.0562 5628 C:\Program Files\real\RealUpgrade\Common\hxmedpltfm.dll - ok
11:56:24.0578 5628 [ C6981CEB9A4EED02AA83CFA55DD0D399 ] C:\Program Files\SmartFTP Client\sfShellTools.dll
11:56:24.0578 5628 C:\Program Files\SmartFTP Client\sfShellTools.dll - ok
11:56:24.0578 5628 [ 9B799C2D73A9BC4ED8213A6FC664BB52 ] C:\Program Files\real\RealUpgrade\Plugins\upgrade.dll
11:56:24.0578 5628 C:\Program Files\real\RealUpgrade\Plugins\upgrade.dll - ok
11:56:24.0578 5628 [ 2317A7455773100BD749CDB4E8D34402 ] C:\Program Files\SmartFTP Client\en-US\sfShellTools.dll.mui
11:56:24.0578 5628 C:\Program Files\SmartFTP Client\en-US\sfShellTools.dll.mui - ok
11:56:24.0578 5628 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
11:56:24.0578 5628 C:\WINDOWS\system32\desk.cpl - ok
11:56:24.0578 5628 [ D1CB99ADBA9397D7D02B0B2DCFE47F1A ] C:\WINDOWS\system32\LegitCheckControl.dll
11:56:24.0578 5628 C:\WINDOWS\system32\LegitCheckControl.dll - ok
11:56:24.0593 5628 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
11:56:24.0593 5628 C:\WINDOWS\system32\themeui.dll - ok
11:56:24.0593 5628 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
11:56:24.0593 5628 C:\WINDOWS\system32\licwmi.dll - ok
11:56:24.0593 5628 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
11:56:24.0593 5628 C:\WINDOWS\system32\licdll.dll - ok
11:56:24.0593 5628 [ 903C8C110131B8A71501514B61A17761 ] C:\WINDOWS\system32\ieframe.dll
11:56:24.0593 5628 C:\WINDOWS\system32\ieframe.dll - ok
11:56:24.0609 5628 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
11:56:24.0609 5628 C:\WINDOWS\system32\security.dll - ok
11:56:24.0609 5628 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
11:56:24.0609 5628 C:\WINDOWS\system32\qmgr.dll - ok
11:56:24.0609 5628 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
11:56:24.0609 5628 C:\WINDOWS\system32\tapisrv.dll - ok
11:56:24.0609 5628 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
11:56:24.0609 5628 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
11:56:24.0609 5628 [ 0A9BA6AF531AFE7FA5E4FB973852D863 ] C:\WINDOWS\system32\dllhost.exe
11:56:24.0609 5628 C:\WINDOWS\system32\dllhost.exe - ok
11:56:24.0625 5628 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
11:56:24.0625 5628 C:\WINDOWS\system32\rasmans.dll - ok
11:56:24.0625 5628 [ F96CFB47903854F228BAAF3E2D41A0A3 ] C:\WINDOWS\system32\drivers\LVPr2Mon.sys
11:56:24.0625 5628 C:\WINDOWS\system32\drivers\LVPr2Mon.sys - ok
11:56:24.0625 5628 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
11:56:24.0625 5628 C:\WINDOWS\system32\netcfgx.dll - ok
11:56:24.0625 5628 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
11:56:24.0625 5628 C:\WINDOWS\system32\rastapi.dll - ok
11:56:24.0625 5628 [ 17E0CF9C8CBB717D05948656BCD86EFA ] C:\WINDOWS\system32\txflog.dll
11:56:24.0625 5628 C:\WINDOWS\system32\txflog.dll - ok
11:56:24.0625 5628 [ D20DA789C445936988C8B83F53522374 ] C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll
11:56:24.0625 5628 C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll - ok
11:56:24.0640 5628 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
11:56:24.0640 5628 C:\WINDOWS\system32\unimdm.tsp - ok
11:56:24.0640 5628 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
11:56:24.0640 5628 C:\WINDOWS\system32\uniplat.dll - ok
11:56:24.0640 5628 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\DOCUME~1\Tom\LOCALS~1\Temp\D248E02F-1953-4E35-A2D9-C58475076578.exe
11:56:24.0640 5628 C:\DOCUME~1\Tom\LOCALS~1\Temp\D248E02F-1953-4E35-A2D9-C58475076578.exe - ok
11:56:24.0640 5628 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
11:56:24.0640 5628 C:\WINDOWS\system32\unimdmat.dll - ok
11:56:24.0656 5628 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
11:56:24.0656 5628 C:\WINDOWS\system32\modemui.dll - ok
11:56:24.0656 5628 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
11:56:24.0656 5628 C:\WINDOWS\system32\alg.exe - ok
11:56:24.0656 5628 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
11:56:24.0656 5628 C:\WINDOWS\system32\kmddsp.tsp - ok
11:56:24.0656 5628 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
11:56:24.0656 5628 C:\WINDOWS\system32\ndptsp.tsp - ok
11:56:24.0656 5628 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
11:56:24.0656 5628 C:\WINDOWS\system32\ipconf.tsp - ok
11:56:24.0671 5628 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
11:56:24.0671 5628 C:\WINDOWS\system32\h323.tsp - ok
11:56:24.0671 5628 [ 9627EE26C7F3FD023D87DB50C62F5111 ] C:\WINDOWS\ehome\sqldb20.dll
11:56:24.0671 5628 C:\WINDOWS\ehome\sqldb20.dll - ok
11:56:24.0671 5628 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
11:56:24.0671 5628 C:\WINDOWS\system32\linkinfo.dll - ok
11:56:24.0671 5628 [ F92E1076C42FCD6DB3D72D8CFE9816D5 ] C:\WINDOWS\system32\wscntfy.exe
11:56:24.0671 5628 C:\WINDOWS\system32\wscntfy.exe - ok
11:56:24.0671 5628 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
11:56:24.0671 5628 C:\WINDOWS\system32\hidphone.tsp - ok
11:56:24.0687 5628 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
11:56:24.0687 5628 C:\WINDOWS\system32\imapi.exe - ok
11:56:24.0687 5628 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
11:56:24.0687 5628 C:\WINDOWS\system32\rasppp.dll - ok
11:56:24.0687 5628 [ 160762386084A0BB69F91BB694114D14 ] C:\WINDOWS\ehome\sqlse20.dll
11:56:24.0687 5628 C:\WINDOWS\ehome\sqlse20.dll - ok
11:56:24.0687 5628 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
11:56:24.0687 5628 C:\WINDOWS\system32\ntlsapi.dll - ok
11:56:24.0687 5628 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
11:56:24.0687 5628 C:\WINDOWS\system32\rasqec.dll - ok
11:56:24.0703 5628 [ A3AE51C21160328EA11F734392A0F269 ] C:\WINDOWS\ehome\sqlqp20.dll
11:56:24.0703 5628 C:\WINDOWS\ehome\sqlqp20.dll - ok
11:56:24.0703 5628 [ 003436C12CEC3AF36A6E409E9E91EF08 ] C:\Program Files\CA\SharedComponents\ScanEngine\VetE.dll
11:56:24.0703 5628 C:\Program Files\CA\SharedComponents\ScanEngine\VetE.dll - ok
11:56:24.0703 5628 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\24056171.sys
11:56:24.0703 5628 C:\WINDOWS\system32\drivers\24056171.sys - ok
11:56:24.0703 5628 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
11:56:24.0703 5628 C:\WINDOWS\system32\webcheck.dll - ok
11:56:24.0703 5628 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
11:56:24.0703 5628 C:\WINDOWS\system32\stobject.dll - ok
11:56:24.0718 5628 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
11:56:24.0718 5628 C:\WINDOWS\system32\batmeter.dll - ok
11:56:24.0718 5628 [ 5C4ADB808B54126C1ED2FBA0EAE06C63 ] C:\WINDOWS\system32\upnpui.dll
11:56:24.0718 5628 C:\WINDOWS\system32\upnpui.dll - ok
11:56:24.0718 5628 [ FF3BF3DCBB9603ECFE22DEA8D6A02D78 ] C:\WINDOWS\system32\sbeio.dll
11:56:24.0718 5628 C:\WINDOWS\system32\sbeio.dll - ok
11:56:24.0718 5628 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
11:56:24.0718 5628 C:\WINDOWS\system32\upnp.dll - ok
11:56:24.0718 5628 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
11:56:24.0734 5628 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
11:56:24.0734 5628 [ 7E48B4958C131E9643DDCD2E7CA3FE9F ] C:\WINDOWS\ehome\ehtray.exe
11:56:24.0734 5628 C:\WINDOWS\ehome\ehtray.exe - ok
11:56:24.0734 5628 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
11:56:24.0734 5628 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
11:56:24.0734 5628 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
11:56:24.0734 5628 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
11:56:24.0734 5628 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
11:56:24.0734 5628 C:\WINDOWS\system32\rundll32.exe - ok
11:56:24.0734 5628 [ B8ED44B59233B1872AE4CC246C6BBFE2 ] C:\WINDOWS\system32\ftutil2.dll
11:56:24.0734 5628 C:\WINDOWS\system32\ftutil2.dll - ok
11:56:24.0750 5628 [ 03A905FBA1D62317087DB5C21C0F8F62 ] C:\WINDOWS\ehome\ehmsas.exe
11:56:24.0750 5628 C:\WINDOWS\ehome\ehmsas.exe - ok
11:56:24.0750 5628 [ F1DAC7969C1337AF790BD1D981AA780C ] C:\WINDOWS\system32\qmgrprxy.dll
11:56:24.0750 5628 C:\WINDOWS\system32\qmgrprxy.dll - ok
11:56:24.0750 5628 [ 7ED41E534AD1ECB7C75FFDA0C2917144 ] C:\WINDOWS\RTHDCPL.EXE
11:56:24.0750 5628 C:\WINDOWS\RTHDCPL.EXE - ok
11:56:24.0750 5628 [ 8D1805727E8642FF88DE9DAEB088ADEF ] C:\WINDOWS\system32\fpalsu.dll
11:56:24.0750 5628 C:\WINDOWS\system32\fpalsu.dll - ok
11:56:24.0765 5628 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
11:56:24.0765 5628 C:\WINDOWS\system32\httpapi.dll - ok
11:56:24.0765 5628 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
11:56:24.0765 5628 C:\WINDOWS\system32\rasdlg.dll - ok
11:56:24.0765 5628 [ 3765535734DAEB53E783E239E5D6475B ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
11:56:24.0765 5628 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
11:56:24.0765 5628 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
11:56:24.0765 5628 C:\WINDOWS\system32\w3ssl.dll - ok
11:56:24.0765 5628 [ 9E1992C27ECF7F08C154DCACF32F1AAB ] C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
11:56:24.0765 5628 C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe - ok
11:56:24.0781 5628 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
11:56:24.0781 5628 C:\WINDOWS\system32\strmfilt.dll - ok
11:56:24.0781 5628 [ 914194C97F00E34074CAD76A21F721CF ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
11:56:24.0781 5628 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
11:56:24.0781 5628 [ F3EAEA279F09A7779C18793C87640794 ] C:\WINDOWS\SMINST\Recguard.exe
11:56:24.0781 5628 C:\WINDOWS\SMINST\Recguard.exe - ok
11:56:24.0781 5628 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\HP DigitalMedia Archive\msvcr71.dll
11:56:24.0781 5628 C:\Program Files\HP DigitalMedia Archive\msvcr71.dll - ok
11:56:24.0781 5628 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
11:56:24.0781 5628 C:\WINDOWS\system32\oledlg.dll - ok
11:56:24.0796 5628 [ C4894B3B448B647BEDC9E916D181BDBE ] C:\WINDOWS\system32\searchprotocolhost.exe
11:56:24.0796 5628 C:\WINDOWS\system32\searchprotocolhost.exe - ok
11:56:24.0796 5628 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
11:56:24.0796 5628 C:\WINDOWS\system32\olepro32.dll - ok
11:56:24.0796 5628 [ 6C094B5C32EF99085CB557809B8E0C0B ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll
11:56:24.0796 5628 C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll - ok
11:56:24.0796 5628 [ A789B145F17FA5C2326907F4872FE173 ] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
11:56:24.0796 5628 C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe - ok
11:56:24.0812 5628 [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx
11:56:24.0812 5628 C:\WINDOWS\system32\hhctrl.ocx - ok
11:56:24.0812 5628 [ 496C470F6F2F1A381BBBF753353285AD ] C:\Program Files\Intel\IntelDH\bin\IntelDH.dll
11:56:24.0812 5628 C:\Program Files\Intel\IntelDH\bin\IntelDH.dll - ok
11:56:24.0812 5628 [ B7166C6CAD2CA92E047CAD3082CB6B7E ] C:\PROGRA~1\CA\ETRUST~1\Realmon.exe
11:56:24.0812 5628 C:\PROGRA~1\CA\ETRUST~1\Realmon.exe - ok
11:56:24.0812 5628 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\msvcr71.dll
11:56:24.0812 5628 C:\WINDOWS\system32\msvcr71.dll - ok
11:56:24.0812 5628 [ FD5F202B1FC7801735C9743B6A38E515 ] C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
11:56:24.0812 5628 C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe - ok
11:56:24.0812 5628 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\msvcp71.dll
11:56:24.0812 5628 C:\WINDOWS\system32\msvcp71.dll - ok
11:56:24.0828 5628 [ DE0BCA7763AE5939D448AC887F9748F9 ] C:\Program Files\Adobe\Photoshop Elements 4.0\apdboot.dll
11:56:24.0828 5628 C:\Program Files\Adobe\Photoshop Elements 4.0\apdboot.dll - ok
11:56:24.0828 5628 [ 6A24BAC693EBC81A5248F0CDD7F978F1 ] C:\Program Files\DISC\DISCover.exe
11:56:24.0828 5628 C:\Program Files\DISC\DISCover.exe - ok
11:56:24.0828 5628 [ 4774D83BE60B7F47C612E25D6FE0F010 ] C:\WINDOWS\system32\msshooks.dll
11:56:24.0828 5628 C:\WINDOWS\system32\msshooks.dll - ok
11:56:24.0828 5628 [ 416681ACCACB7E5661F6AF3862EF455F ] C:\Program Files\DISC\DiscDLL.DLL
11:56:24.0828 5628 C:\Program Files\DISC\DiscDLL.DLL - ok
11:56:24.0843 5628 [ 25DF346804BDBB9973AF9645F13A6793 ] C:\PROGRA~1\PESTPA~1\PPControl.exe
11:56:24.0843 5628 C:\PROGRA~1\PESTPA~1\PPControl.exe - ok
11:56:24.0843 5628 [ 6E914EEDD145C5ACCE56F4D5F3D606FC ] C:\WINDOWS\system32\mssph.dll
11:56:24.0843 5628 C:\WINDOWS\system32\mssph.dll - ok
11:56:24.0843 5628 [ E81BBE78A8EF85ACD490B3E64EF63A7C ] C:\WINDOWS\system32\mapi32.dll
11:56:24.0843 5628 C:\WINDOWS\system32\mapi32.dll - ok
11:56:24.0843 5628 [ 6C83A5C482B7BFE439AE1AF28A407A43 ] C:\Program Files\DISC\mytdlib.dll
11:56:24.0843 5628 C:\Program Files\DISC\mytdlib.dll - ok
11:56:24.0843 5628 [ D59A7119054D70FC745A1BF9C06DCC65 ] C:\WINDOWS\system32\oeph.dll
11:56:24.0843 5628 C:\WINDOWS\system32\oeph.dll - ok
11:56:24.0859 5628 [ E59D3930AE25FE77A9C49A425A0AC96B ] C:\Program Files\DISC\downloadMgr.dll
11:56:24.0859 5628 C:\Program Files\DISC\downloadMgr.dll - ok
11:56:24.0859 5628 [ 79ED352549EB6D5B1A454916C37D2E85 ] C:\WINDOWS\system32\UncPH.dll
11:56:24.0859 5628 C:\WINDOWS\system32\UncPH.dll - ok
11:56:24.0859 5628 [ 8783DB0B018082051FB4BA3B9E0237CD ] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
11:56:24.0859 5628 C:\PROGRA~1\PESTPA~1\PPMemCheck.exe - ok
11:56:24.0859 5628 [ 9602E3EA608CF813942B348B78C50BEC ] C:\Program Files\DISC\StdDisc.dll
11:56:24.0859 5628 C:\Program Files\DISC\StdDisc.dll - ok
11:56:24.0875 5628 [ BD4D9D7B6A3880D42CDA8492452C9E71 ] C:\WINDOWS\system32\msfeeds.dll
11:56:24.0875 5628 C:\WINDOWS\system32\msfeeds.dll - ok
11:56:24.0875 5628 [ DC3078BA1B58562416C843582A42284C ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
11:56:24.0875 5628 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
11:56:24.0875 5628 [ AA0507F0516A4DFF1B1279AB4A2ABB37 ] C:\WINDOWS\system32\dinput8.dll
11:56:24.0875 5628 C:\WINDOWS\system32\dinput8.dll - ok
11:56:24.0875 5628 [ 3E5A70FB3E83B0B3B688E7A3BEAC45D2 ] C:\PROGRA~1\PESTPA~1\PPServer.dll
11:56:24.0875 5628 C:\PROGRA~1\PESTPA~1\PPServer.dll - ok
11:56:24.0875 5628 [ F1430F5D20F4BB71A003209C3DB3ADDF ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
11:56:24.0875 5628 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll - ok
11:56:24.0890 5628 [ 87889A983C015080FA813D7E32910D1E ] C:\WINDOWS\system32\searchfilterhost.exe
11:56:24.0890 5628 C:\WINDOWS\system32\searchfilterhost.exe - ok
11:56:24.0890 5628 [ 5A4F817B49902B9E4DEEF845C5E8EA7D ] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
11:56:24.0890 5628 C:\PROGRA~1\PESTPA~1\CookiePatrol.exe - ok
11:56:24.0890 5628 [ 6B5070F063CE5536A6C883B671E05884 ] C:\WINDOWS\twain_32.dll
11:56:24.0890 5628 C:\WINDOWS\twain_32.dll - ok
11:56:24.0890 5628 [ 19F959D9C9BBF638181FF307FC042E6A ] C:\PROGRA~1\PESTPA~1\unzip32.dll
11:56:24.0890 5628 C:\PROGRA~1\PESTPA~1\unzip32.dll - ok
11:56:24.0906 5628 [ 5B97C73BAB11AFBC72154085C7B9B037 ] C:\Program Files\CA\eTrust Antivirus\InoPrf.dll
11:56:24.0906 5628 C:\Program Files\CA\eTrust Antivirus\InoPrf.dll - ok
11:56:24.0906 5628 [ 796AE3FD7E60D52D51279D048946187D ] C:\PROGRA~1\PESTPA~1\PPEngine.dll
11:56:24.0906 5628 C:\PROGRA~1\PESTPA~1\PPEngine.dll - ok
11:56:24.0906 5628 [ 90A9B542C9300E540864D9FE1C42A130 ] C:\WINDOWS\system32\fxsst.dll
11:56:24.0906 5628 C:\WINDOWS\system32\fxsst.dll - ok
11:56:24.0906 5628 [ F1AA467825079B05D590D475432B4066 ] C:\WINDOWS\system32\msscntrs.dll
11:56:24.0906 5628 C:\WINDOWS\system32\msscntrs.dll - ok
11:56:24.0921 5628 [ 2C88B7A18EE8FDB4135B64C603CCBD16 ] C:\PROGRA~1\MICROS~4\Office12\OLMAPI32.DLL
11:56:24.0921 5628 C:\PROGRA~1\MICROS~4\Office12\OLMAPI32.DLL - ok
11:56:24.0921 5628 [ 92E36B00F3A9732581E98A7C743DE7FB ] C:\WINDOWS\system32\offfilt.dll
11:56:24.0921 5628 C:\WINDOWS\system32\offfilt.dll - ok
11:56:24.0921 5628 [ 1F1175F9C6FBF4F3EF0FFC9265B0E9D0 ] C:\WINDOWS\twain_32\HP LJ CM1410 MFP Series\hpxsTwain.ds
11:56:24.0921 5628 C:\WINDOWS\twain_32\HP LJ CM1410 MFP Series\hpxsTwain.ds - ok
11:56:24.0921 5628 [ 51EF8A7B3CA6B9D824FE2B7FDB5E1422 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\OPHPROXY.DLL
11:56:24.0921 5628 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\OPHPROXY.DLL - ok
11:56:24.0937 5628 [ AD93E72E404D62982F35A0E8C1BF5BEB ] C:\WINDOWS\twain_32\hppa3300\hppadsr0.ds
11:56:24.0937 5628 C:\WINDOWS\twain_32\hppa3300\hppadsr0.ds - ok
11:56:24.0937 5628 [ 0329D0A4F230094B669A87BB3B85606E ] C:\WINDOWS\system32\fxsapi.dll
11:56:24.0937 5628 C:\WINDOWS\system32\fxsapi.dll - ok
11:56:24.0937 5628 [ 3F62E5E41E3333707E14B4422154A8F6 ] C:\WINDOWS\twain_32\hpprscan.ds
11:56:24.0937 5628 C:\WINDOWS\twain_32\hpprscan.ds - ok
11:56:24.0937 5628 [ CB94432242EE917D5A39A8A4741E4691 ] C:\Program Files\DISC\DiscStreamHub.exe
11:56:24.0937 5628 C:\Program Files\DISC\DiscStreamHub.exe - ok
11:56:24.0937 5628 [ B48E7B4C95CCE0C6C0C3F7B1A97FBC8F ] C:\WINDOWS\system32\wzcdlg.dll
11:56:24.0937 5628 C:\WINDOWS\system32\wzcdlg.dll - ok
11:56:24.0953 5628 [ 7043D485AEAE435312659FF1461F1491 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSO.DLL
11:56:24.0953 5628 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSO.DLL - ok
11:56:24.0953 5628 [ E5E80B945E202BBF0F213AF04696C2D8 ] C:\WINDOWS\twain_32\hpsj_0003\hpsj_0003.ds
11:56:24.0953 5628 C:\WINDOWS\twain_32\hpsj_0003\hpsj_0003.ds - ok
11:56:24.0953 5628 [ 4D83DC461F8F4370274CF6E9AC9A34F4 ] C:\Program Files\HP\HP Software Update\hpwuschd2.exe
11:56:24.0953 5628 C:\Program Files\HP\HP Software Update\hpwuschd2.exe - ok
11:56:24.0953 5628 [ 7AC23E98BEC7A2E9C9F5754506C50C14 ] C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
11:56:24.0953 5628 C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll - ok
11:56:24.0953 5628 [ E5E80B945E202BBF0F213AF04696C2D8 ] C:\WINDOWS\twain_32\hpsj_0007\hpsj_0007.ds
11:56:24.0953 5628 C:\WINDOWS\twain_32\hpsj_0007\hpsj_0007.ds - ok
11:56:24.0968 5628 [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll
11:56:24.0968 5628 C:\WINDOWS\system32\mmcshext.dll - ok
11:56:24.0968 5628 [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll
11:56:24.0968 5628 C:\WINDOWS\system32\hhsetup.dll - ok
11:56:24.0968 5628 [ FBC54E5EEBE895A19AFA015609FB5101 ] C:\WINDOWS\twain_32\TITWAIN.ds
11:56:24.0968 5628 C:\WINDOWS\twain_32\TITWAIN.ds - ok
11:56:24.0968 5628 [ A7810B302294793DE88542AAE177D1B1 ] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
11:56:24.0968 5628 C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe - ok
11:56:24.0968 5628 [ 944F5A8AD85A77340B0A435A1D50B271 ] C:\WINDOWS\twain_32\wiatwain.ds
11:56:24.0968 5628 C:\WINDOWS\twain_32\wiatwain.ds - ok
11:56:24.0984 5628 [ 52B198BBC1AB0B351CDF2F7635CF6901 ] C:\WINDOWS\ehome\ehepgdec.dll
11:56:24.0984 5628 C:\WINDOWS\ehome\ehepgdec.dll - ok
11:56:24.0984 5628 [ 4F2CE4BCE2E82DEE16385D17118A5B98 ] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPPPT.exe
11:56:24.0984 5628 C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPPPT.exe - ok
11:56:24.0984 5628 [ 7A81D6CEFB55C0ABD620EF817B6248EE ] C:\WINDOWS\system32\wiadss.dll
11:56:24.0984 5628 C:\WINDOWS\system32\wiadss.dll - ok
11:56:24.0984 5628 [ DD0FA95DE6657CA43C8EE7D83F866B2B ] C:\WINDOWS\system32\wnaspi32.dll
11:56:24.0984 5628 C:\WINDOWS\system32\wnaspi32.dll - ok
11:56:24.0984 5628 [ 381DD4BFF578139CB063FC9B302C2896 ] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe
11:56:24.0984 5628 C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe - ok
11:56:25.0000 5628 [ 5AA09365BE6D138C9A2E0F6E7D224C50 ] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppt.dll
11:56:25.0000 5628 C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppt.dll - ok
11:56:25.0000 5628 [ 766E24A20116AFA41F380B57FFE7AF02 ] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
11:56:25.0000 5628 C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe - ok
11:56:25.0000 5628 [ 6831435F0D42ACD32C4FD7A5D5915D33 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_21d543f5\System.Windows.Forms.dll
11:56:25.0000 5628 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_21d543f5\System.Windows.Forms.dll - ok
11:56:25.0000 5628 [ EEA0857F5B1B787BFF470982F9AA81EE ] C:\WINDOWS\system32\hpscnmgr.dll
11:56:25.0000 5628 C:\WINDOWS\system32\hpscnmgr.dll - ok
11:56:25.0000 5628 [ 3417E5691AC9E5B6C3176D2B66DAE82D ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
11:56:25.0000 5628 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe - ok
11:56:25.0015 5628 [ B4459D13473D07FCB43365C02732DE16 ] C:\WINDOWS\system32\pschdprf.dll
11:56:25.0015 5628 C:\WINDOWS\system32\pschdprf.dll - ok
11:56:25.0015 5628 [ 1F3A82333046F4B97B2BB148ABF38D54 ] C:\WINDOWS\system32\traffic.dll
11:56:25.0015 5628 C:\WINDOWS\system32\traffic.dll - ok
11:56:25.0015 5628 [ D8236DDB66D859D4D245FEB7841518D8 ] C:\WINDOWS\system32\hpsmui.dll
11:56:25.0015 5628 C:\WINDOWS\system32\hpsmui.dll - ok
11:56:25.0015 5628 [ 2D0AAF0AD4E68197CAF1A1ED1455D29F ] C:\Program Files\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe
11:56:25.0015 5628 C:\Program Files\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe - ok
11:56:25.0015 5628 [ 33B8669CF96D0D06902BDB93FE3EEA1E ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll
11:56:25.0015 5628 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll - ok
11:56:25.0031 5628 [ F9DD799E07ED5028DB2F1FFEA72C9357 ] C:\WINDOWS\system32\rsvpperf.dll
11:56:25.0031 5628 C:\WINDOWS\system32\rsvpperf.dll - ok
11:56:25.0031 5628 [ 6951B89B4F591AA694048A6CD0E5224A ] C:\WINDOWS\system32\tapiperf.dll
11:56:25.0031 5628 C:\WINDOWS\system32\tapiperf.dll - ok
11:56:25.0031 5628 [ B6141D4EA90FD3DFBB339A3C178EC701 ] C:\Program Files\Seagate\BlackArmorBackup\TimounterMonitor.exe
11:56:25.0031 5628 C:\Program Files\Seagate\BlackArmorBackup\TimounterMonitor.exe - ok
11:56:25.0031 5628 [ 9845EF2DE06CC6803962D1E989CCB60B ] C:\Program Files\DISC\DiscObjsLib.dll
11:56:25.0031 5628 C:\Program Files\DISC\DiscObjsLib.dll - ok
11:56:25.0031 5628 [ 9B9AD41C54241ACC79F6EBDFCFE6E5D7 ] C:\Program Files\Sony\PMB\XpStorageDevice_WinXp2k.dll
11:56:25.0031 5628 C:\Program Files\Sony\PMB\XpStorageDevice_WinXp2k.dll - ok
11:56:25.0046 5628 [ 3EBFCA246E1EA7836D32FC1C0F11DC8F ] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
11:56:25.0046 5628 C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe - ok
11:56:25.0046 5628 [ EE982B1CCBF00C6C07C9AA57DCD5CC7C ] C:\Program Files\Seagate\BlackArmorBackup\fox.dll
11:56:25.0046 5628 C:\Program Files\Seagate\BlackArmorBackup\fox.dll - ok
11:56:25.0046 5628 [ 5133FF52B9D436D560C593CA7C8F484B ] C:\Program Files\DISC\BITSDownloadManager.dll
11:56:25.0046 5628 C:\Program Files\DISC\BITSDownloadManager.dll - ok
11:56:25.0046 5628 [ 55BC290755F545FF16910799F3D86B59 ] C:\WINDOWS\system32\nvmctray.dll
11:56:25.0046 5628 C:\WINDOWS\system32\nvmctray.dll - ok
11:56:25.0046 5628 [ B59219C4E8BE972EF08CE7CC5E26F0D7 ] C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll
11:56:25.0046 5628 C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll - ok
11:56:25.0062 5628 [ 8C2DB4B2962D47DF7F21935DBEAF5E88 ] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe
11:56:25.0062 5628 C:\Program Files\NVIDIA Corporation\nView\nwiz.exe - ok
11:56:25.0062 5628 [ ADC90EBBE2823C23A0406ACD3D6E9312 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
11:56:25.0062 5628 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL - ok
11:56:25.0062 5628 [ 2C25CEB603DCF2455D11A38EE6004818 ] C:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
11:56:25.0062 5628 C:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll - ok
11:56:25.0062 5628 [ 78AB92E3B0AAEC820CEF88F49C6C007E ] C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
11:56:25.0062 5628 C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe - ok
11:56:25.0062 5628 [ 3721A1448E752C822F2518835590AEA0 ] C:\Program Files\Seagate\BlackArmorBackup\Common\resource.dll
11:56:25.0062 5628 C:\Program Files\Seagate\BlackArmorBackup\Common\resource.dll - ok
11:56:25.0078 5628 [ D2DAD71C96C113ED07F7BB79AD831C28 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:56:25.0078 5628 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
11:56:25.0078 5628 [ A1C2B6553DC4F9D137A3B8C2AE5C8D06 ] C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\PxWrap.dll
11:56:25.0078 5628 C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\PxWrap.dll - ok
11:56:25.0078 5628 [ 4022BC4ABCE309F433101911BE83C61C ] C:\Program Files\Logitech\QuickCam\Quickcam.exe
11:56:25.0078 5628 C:\Program Files\Logitech\QuickCam\Quickcam.exe - ok
11:56:25.0078 5628 [ F282D4EDD85D53E20D902CC92190C5F5 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
11:56:25.0093 5628 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
11:56:25.0093 5628 [ 83F59DF33950CC21AEAB737C681AFC6F ] C:\Program Files\NVIDIA Corporation\nView\nView.dll
11:56:25.0093 5628 C:\Program Files\NVIDIA Corporation\nView\nView.dll - ok
11:56:25.0093 5628 [ F77051BCA83E7BAFDB13189ABA68816E ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll
11:56:25.0093 5628 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll - ok
11:56:25.0093 5628 [ BC1E7C65E04CC4688B6CE6AD8EA2FF43 ] C:\Program Files\DISC\DISCSniffer.dll
11:56:25.0093 5628 C:\Program Files\DISC\DISCSniffer.dll - ok
11:56:25.0093 5628 [ 3AE8BC6B4A1992795F5CD6914D0E3570 ] C:\Program Files\Seagate\BlackArmorBackup\Common\gc.dll
11:56:25.0093 5628 C:\Program Files\Seagate\BlackArmorBackup\Common\gc.dll - ok
11:56:25.0109 5628 [ 691771D7570A53130E7E885D8266E6C0 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
11:56:25.0109 5628 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
11:56:25.0109 5628 [ 0600CB2613BEA0C6C0987B58D56D77B9 ] C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
11:56:25.0109 5628 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
11:56:25.0109 5628 [ 691F05F73E5A6DFC35D874B179515FE2 ] C:\Program Files\Sony\PMB\PMBVolumeWatcherLOC.dll
11:56:25.0109 5628 C:\Program Files\Sony\PMB\PMBVolumeWatcherLOC.dll - ok
11:56:25.0109 5628 [ 602C708E729A4F01878310393E936823 ] C:\Program Files\DISC\YummyPack.dll
11:56:25.0109 5628 C:\Program Files\DISC\YummyPack.dll - ok
11:56:25.0109 5628 [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
11:56:25.0109 5628 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
11:56:25.0125 5628 [ 71CFAFD099A56E41A3443C28421BF87D ] C:\Program Files\DISC\EBGamesPack.dll
11:56:25.0125 5628 C:\Program Files\DISC\EBGamesPack.dll - ok
11:56:25.0125 5628 [ B02FC80F1C71788E42E20237D6473B1C ] C:\Program Files\Seagate\BlackArmorBackup\Common\icu38.dll
11:56:25.0125 5628 C:\Program Files\Seagate\BlackArmorBackup\Common\icu38.dll - ok
11:56:25.0125 5628 [ F5738C25F69C68E835C842B69294FCAF ] C:\WINDOWS\system32\Px.dll
11:56:25.0125 5628 C:\WINDOWS\system32\Px.dll - ok
11:56:25.0125 5628 [ FEDA097D62369B6FB0030F0AEBE2C3B7 ] C:\WINDOWS\system32\snapapi.dll
11:56:25.0125 5628 C:\WINDOWS\system32\snapapi.dll - ok
11:56:25.0125 5628 [ A05602FCF939A0A051D0CDF8C5CEDA98 ] C:\Program Files\real\realplayer\Update\realsched.exe
11:56:25.0125 5628 C:\Program Files\real\realplayer\Update\realsched.exe - ok
11:56:25.0140 5628 [ C1A1F10BD3839C6C583AE84C9D6D0B22 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\da4bcb702feb770ce40cf1371b0c4d02\System.Drawing.ni.dll
11:56:25.0140 5628 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\da4bcb702feb770ce40cf1371b0c4d02\System.Drawing.ni.dll - ok
11:56:25.0140 5628 [ E4B8653BA3C780334F0246EF63EE7800 ] C:\Program Files\Seagate\BlackArmorBackup\Common\icudt38.dll
11:56:25.0140 5628 C:\Program Files\Seagate\BlackArmorBackup\Common\icudt38.dll - ok
11:56:25.0140 5628 [ 30E88ECA3D5D0B75E954E18181B9E6E5 ] C:\WINDOWS\system32\capicom.dll
11:56:25.0140 5628 C:\WINDOWS\system32\capicom.dll - ok
11:56:25.0140 5628 [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC ] C:\Program Files\iTunes\iTunesHelper.exe
11:56:25.0140 5628 C:\Program Files\iTunes\iTunesHelper.exe - ok
11:56:25.0140 5628 [ 58D8F10B1F2C2C4F8C3A57830EB72852 ] C:\WINDOWS\system32\nvwddi.dll
11:56:25.0156 5628 C:\WINDOWS\system32\nvwddi.dll - ok
11:56:25.0156 5628 [ 7B845BFE314509D08AB5865CB141E332 ] C:\Program Files\iTunes\iTunesHelper.dll
11:56:25.0156 5628 C:\Program Files\iTunes\iTunesHelper.dll - ok
11:56:25.0156 5628 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\msvcp71.DLL
11:56:25.0156 5628 C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\msvcp71.DLL - ok
11:56:25.0156 5628 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files\QuickTime\QTTask.exe
11:56:25.0156 5628 C:\Program Files\QuickTime\QTTask.exe - ok
11:56:25.0156 5628 [ 20FA028CB6506591A99C51432A3C0174 ] C:\WINDOWS\system32\langwrbk.dll
11:56:25.0156 5628 C:\WINDOWS\system32\langwrbk.dll - ok
11:56:25.0171 5628 [ 16E5BFC2CDBB29A41C5233824EA7A435 ] C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll
11:56:25.0171 5628 C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll - ok
11:56:25.0171 5628 [ F0BCBE931C2528FB813BEE5A1E0CC096 ] C:\Program Files\real\realplayer\Update\setu3270.dll
11:56:25.0171 5628 C:\Program Files\real\realplayer\Update\setu3270.dll - ok
11:56:25.0171 5628 [ 8E16BF5600797E678EA97051CF93E6BF ] C:\WINDOWS\system32\dumprep.exe
11:56:25.0171 5628 C:\WINDOWS\system32\dumprep.exe - ok
11:56:25.0171 5628 [ B6932761058DC21BEAA7A1245B1B20E6 ] C:\WINDOWS\system32\infosoft.dll
11:56:25.0171 5628 C:\WINDOWS\system32\infosoft.dll - ok
11:56:25.0187 5628 [ 64169D60AFEE39A0E54B4583466441AE ] C:\Program Files\DISC\SocketComm.dll
11:56:25.0187 5628 C:\Program Files\DISC\SocketComm.dll - ok
11:56:25.0187 5628 [ 4D8B6AFE50BAE7BD301967BB38675221 ] C:\WINDOWS\system32\mssign32.dll
11:56:25.0187 5628 C:\WINDOWS\system32\mssign32.dll - ok
11:56:25.0187 5628 [ 3E930C641079443D4DE036167A69CAA2 ] C:\Program Files\Messenger\msmsgs.exe
11:56:25.0187 5628 C:\Program Files\Messenger\msmsgs.exe - ok
11:56:25.0187 5628 [ 9DEE004269DADEE715BD572410AA6076 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
11:56:25.0187 5628 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
11:56:25.0187 5628 [ A7146C0C90D7BA0F251AC073E655D4D2 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
11:56:25.0187 5628 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
11:56:25.0203 5628 [ 16DEFCB5F3FAC44D5EB35B19DA337FE5 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe
11:56:25.0203 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe - ok
11:56:25.0203 5628 [ DF695E9850F66CCCC70659975184DF2A ] C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
11:56:25.0203 5628 C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll - ok
11:56:25.0203 5628 [ 5B9C42DE541D7A0E292E803883864CF3 ] C:\Program Files\real\realplayer\realplay.exe
11:56:25.0203 5628 C:\Program Files\real\realplayer\realplay.exe - ok
11:56:25.0218 5628 [ 77B4BE0C9AA0AC78884D8E7CFB315463 ] C:\WINDOWS\system32\wmp.dll
11:56:25.0218 5628 C:\WINDOWS\system32\wmp.dll - ok
11:56:25.0218 5628 [ 6D6FBE6465D1F496257C3C422DD1F4B7 ] C:\Program Files\StartNow Toolbar\search_protect.exe
11:56:25.0218 5628 C:\Program Files\StartNow Toolbar\search_protect.exe - ok
11:56:25.0218 5628 [ EE09EA3462CF0068E3B39D4EE174F1DD ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ScCore.dll
11:56:25.0218 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ScCore.dll - ok
11:56:25.0218 5628 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
11:56:25.0218 5628 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
11:56:25.0234 5628 [ BB5B7E95212D816AFF7A329F248A1ADF ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6585a5fcaaa1b49b9a1bd9ca5c5c306e\System.Windows.Forms.ni.dll
11:56:25.0234 5628 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6585a5fcaaa1b49b9a1bd9ca5c5c306e\System.Windows.Forms.ni.dll - ok
11:56:25.0234 5628 [ 7FACB452456EF5C053AF3EE4B228FE0D ] C:\WINDOWS\system32\xpob2res.dll
11:56:25.0234 5628 C:\WINDOWS\system32\xpob2res.dll - ok
11:56:25.0234 5628 [ E8CBE671239EEDC3F2B8F9CB72B00032 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_ab12f5b7\System.Drawing.dll
11:56:25.0234 5628 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_ab12f5b7\System.Drawing.dll - ok
11:56:25.0234 5628 [ 97DFEE06B608A6D2ECAE2105918564B2 ] C:\Program Files\real\realplayer\rpwa3260.dll
11:56:25.0234 5628 C:\Program Files\real\realplayer\rpwa3260.dll - ok
11:56:25.0234 5628 [ E616A6A6E91B0A86F2F6217CDE835FFE ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
11:56:25.0234 5628 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
11:56:25.0250 5628 [ C22296762389251D6EB04A2B3BE88184 ] C:\Program Files\Seagate\BlackArmorBackup\Common\thread_pool.dll
11:56:25.0250 5628 C:\Program Files\Seagate\BlackArmorBackup\Common\thread_pool.dll - ok
11:56:25.0250 5628 [ BE56D0547E24644DEEB19397521B1EAA ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll
11:56:25.0250 5628 C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll - ok
11:56:25.0250 5628 [ 39D44F085923BFF62024F503ED8F3AC7 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ExtendScript.dll
11:56:25.0250 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ExtendScript.dll - ok
11:56:25.0250 5628 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
11:56:25.0250 5628 C:\WINDOWS\system32\msisip.dll - ok
11:56:25.0250 5628 [ C17103AE9072A06DA581DEC998343FC1 ] C:\DOCUME~1\Tom\LOCALS~1\Temp\nsj13.tmp\System.dll
11:56:25.0250 5628 C:\DOCUME~1\Tom\LOCALS~1\Temp\nsj13.tmp\System.dll - ok
11:56:25.0265 5628 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
11:56:25.0265 5628 C:\WINDOWS\system32\wshext.dll - ok
11:56:25.0265 5628 [ F34EF8262BF810AB13C5299293C2C294 ] C:\DOCUME~1\Tom\LOCALS~1\Temp\nsj13.tmp\zplugins.dll
11:56:25.0265 5628 C:\DOCUME~1\Tom\LOCALS~1\Temp\nsj13.tmp\zplugins.dll - ok
11:56:25.0265 5628 [ EF9F69074FF0A48DD30FEF5A33518D86 ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
11:56:25.0265 5628 C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll - ok
11:56:25.0265 5628 [ 40FA2F035ED88108850757CA51DAD942 ] C:\PROGRA~1\MICROS~4\OFFICE11\MCPS.DLL
11:56:25.0265 5628 C:\PROGRA~1\MICROS~4\OFFICE11\MCPS.DLL - ok
11:56:25.0265 5628 [ 867AF9BEA8B24C78736BF8D0FDB5A78E ] C:\DOCUME~1\Tom\LOCALS~1\Temp\nsj13.tmp\stack.dll
11:56:25.0265 5628 C:\DOCUME~1\Tom\LOCALS~1\Temp\nsj13.tmp\stack.dll - ok
11:56:25.0281 5628 [ A25EC74C5EB1BE6F53DDC7D1A1EFB0AF ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\CrashReporter.dll
11:56:25.0281 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\CrashReporter.dll - ok
11:56:25.0281 5628 [ 69E9237B04A212A96931D3E04DFFCC66 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\LogUtils.dll
11:56:25.0281 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\LogUtils.dll - ok
11:56:25.0281 5628 [ 412586C946CC5F52F3325AF020ED9C4C ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ContentAnalysisDBCache.dll
11:56:25.0281 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ContentAnalysisDBCache.dll - ok
11:56:25.0281 5628 [ 0689622E6484934EB6E5F4D3A96311F9 ] C:\WINDOWS\system32\jscript.dll
11:56:25.0281 5628 C:\WINDOWS\system32\jscript.dll - ok
11:56:25.0281 5628 [ E8885A533A3D46209851433E3B9B3BC4 ] C:\WINDOWS\system32\wmploc.dll
11:56:25.0281 5628 C:\WINDOWS\system32\wmploc.dll - ok
11:56:25.0296 5628 [ 7DD35BE16E2094655409A2E3A4AF43D1 ] C:\Program Files\DISC\Interop.YummyPlayer.dll
11:56:25.0296 5628 C:\Program Files\DISC\Interop.YummyPlayer.dll - ok
11:56:25.0296 5628 [ 6F3DD17D5E7E24D55E3B195DF6A1B615 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ASLFoundation.dll
11:56:25.0296 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ASLFoundation.dll - ok
11:56:25.0296 5628 [ E9AF8B12CFFC04C0F4399ED8E4D3826E ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
11:56:25.0296 5628 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
11:56:25.0296 5628 [ 6359BEA592855F9C85D9535EA5C4D3A4 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
11:56:25.0296 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe - ok
11:56:25.0312 5628 [ A32966A3A601AE97AFD351CB075D3A1D ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\PRM.dll
11:56:25.0312 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\PRM.dll - ok
11:56:25.0312 5628 [ 8450B29EE8D592C208BA1AAF6EE50267 ] C:\DOCUME~1\Tom\LOCALS~1\Temp\nsj13.tmp\linker.dll
11:56:25.0312 5628 C:\DOCUME~1\Tom\LOCALS~1\Temp\nsj13.tmp\linker.dll - ok
11:56:25.0312 5628 [ 236B31C60D401F1AB428CA14D808DC95 ] C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
11:56:25.0312 5628 C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll - ok
11:56:25.0312 5628 [ C17103AE9072A06DA581DEC998343FC1 ] C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\System.dll
11:56:25.0312 5628 C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\System.dll - ok
11:56:25.0328 5628 [ B5C9F63C01FCFEC3F64EC6A0940A1825 ] C:\Program Files\Windows Desktop Search\WindowsSearch.exe
11:56:25.0328 5628 C:\Program Files\Windows Desktop Search\WindowsSearch.exe - ok
11:56:25.0328 5628 [ 6380625DD0480ED60960A149A087C848 ] C:\hp\bin\cloaker.exe
11:56:25.0328 5628 C:\hp\bin\cloaker.exe - ok
11:56:25.0328 5628 [ C9CCAE646AA05CD8D11FBAF961B431E5 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\dvacore.dll
11:56:25.0328 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\dvacore.dll - ok
11:56:25.0328 5628 [ 463427A8129BF4BCEE6FD9F1A115814E ] C:\Program Files\Kodak\Kodak EasyShare software\bin\dbghelp.dll
11:56:25.0328 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\dbghelp.dll - ok
11:56:25.0328 5628 [ BA8FDF82D0B1316D5EAF60F5A0498DE1 ] C:\WINDOWS\system32\UncDMS.dll
11:56:25.0328 5628 C:\WINDOWS\system32\UncDMS.dll - ok
11:56:25.0343 5628 [ BC0EA61246F8D940FBC5F652D337D6BD ] C:\Program Files\iPod\bin\iPodService.exe
11:56:25.0343 5628 C:\Program Files\iPod\bin\iPodService.exe - ok
11:56:25.0343 5628 [ C18FA5FE6ADCB2BA6900ED299C965263 ] C:\Program Files\HP\ToolBoxFX\bin\HPTools.dll
11:56:25.0343 5628 C:\Program Files\HP\ToolBoxFX\bin\HPTools.dll - ok
11:56:25.0343 5628 [ F34EF8262BF810AB13C5299293C2C294 ] C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\zplugins.dll
11:56:25.0343 5628 C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\zplugins.dll - ok
11:56:25.0343 5628 [ 0451EE4D8E083C1139CD2ADAA0288FA3 ] C:\Program Files\DISC\SecureComm.dll
11:56:25.0343 5628 C:\Program Files\DISC\SecureComm.dll - ok
11:56:25.0359 5628 [ E698235FE26505F2B0F4A60CBBE7A27A ] C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
11:56:25.0359 5628 C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe - ok
11:56:25.0359 5628 [ FFD3DCFB0FF28CF4E9A3F9AAB274DCD5 ] C:\Program Files\HP\ToolBoxFX\bin\AppConstants.dll
11:56:25.0359 5628 C:\Program Files\HP\ToolBoxFX\bin\AppConstants.dll - ok
11:56:25.0359 5628 [ 56183FB6413B7C5CB42B8AC1541A4EE8 ] C:\Program Files\Windows Desktop Search\en-US\WindowsSearchRes.dll.mui
11:56:25.0359 5628 C:\Program Files\Windows Desktop Search\en-US\WindowsSearchRes.dll.mui - ok
11:56:25.0359 5628 [ 867AF9BEA8B24C78736BF8D0FDB5A78E ] C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\stack.dll
11:56:25.0359 5628 C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\stack.dll - ok
11:56:25.0359 5628 [ 75A03382EDD5162C9292CE7A4061A1A8 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\AMocWrapper.dll
11:56:25.0359 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\AMocWrapper.dll - ok
11:56:25.0375 5628 [ CBFD0FB0A9491ED3F1BAB4C64A04D2F1 ] C:\Program Files\Windows Desktop Search\WindowsSearchRes.dll
11:56:25.0375 5628 C:\Program Files\Windows Desktop Search\WindowsSearchRes.dll - ok
11:56:25.0375 5628 [ 975CAA86225BA7A1CB77520DD9F1754A ] C:\hp\bin\HPCONTXT.exe
11:56:25.0375 5628 C:\hp\bin\HPCONTXT.exe - ok
11:56:25.0375 5628 [ F23A5D407B753F2E5E2BB6A95AB6D12B ] C:\Program Files\Windows Desktop Search\WdsMktTools.dll
11:56:25.0375 5628 C:\Program Files\Windows Desktop Search\WdsMktTools.dll - ok
11:56:25.0375 5628 [ C1561312448395907CBFC0A2D9B98C62 ] C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
11:56:25.0375 5628 C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll - ok
11:56:25.0375 5628 [ 90AD32B25EC59F5301DAA366109E0386 ] C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\deploy.dll
11:56:25.0375 5628 C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\deploy.dll - ok
11:56:25.0390 5628 [ B7E4CF820409952C68EC19762C587E9A ] C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2native.dll
11:56:25.0390 5628 C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2native.dll - ok
11:56:25.0390 5628 [ 05E76942E01D6D40B41E70D5ED530172 ] C:\Program Files\HP\ToolBoxFX\bin\HPAppTools.dll
11:56:25.0390 5628 C:\Program Files\HP\ToolBoxFX\bin\HPAppTools.dll - ok
11:56:25.0390 5628 [ CDBBFFD3ADAA56C4C8E0A9690FE83476 ] C:\Program Files\Outlook Express\msoe.dll
11:56:25.0390 5628 C:\Program Files\Outlook Express\msoe.dll - ok
11:56:25.0390 5628 [ B248A451721CF86A6CDBA18B379EC80C ] C:\WINDOWS\system32\pxdrv.dll
11:56:25.0390 5628 C:\WINDOWS\system32\pxdrv.dll - ok
11:56:25.0406 5628 [ B4B6B581AF50C5A0B5D1DAC7DEDCF98C ] C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManagerPS.dll
11:56:25.0406 5628 C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManagerPS.dll - ok
11:56:25.0406 5628 [ FC509EAAC8CFA34A961BB84147D66076 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
11:56:25.0406 5628 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
11:56:25.0406 5628 [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll
11:56:25.0406 5628 C:\WINDOWS\system32\advpack.dll - ok
11:56:25.0406 5628 [ 240DBC4B5E382CA2F63A2562062E9A08 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
11:56:25.0406 5628 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
11:56:25.0421 5628 [ 20092B3CB351E23E82699917509058D6 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\AddressBook.esx
11:56:25.0421 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\AddressBook.esx - ok
11:56:25.0421 5628 [ 99EB84256BFA43C3A2A32341EDB8189E ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
11:56:25.0421 5628 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe - ok
11:56:25.0421 5628 [ 40B4E278D0A948A9E8879867549DD846 ] C:\Program Files\Mozilla Firefox\sqlite3.dll
11:56:25.0421 5628 C:\Program Files\Mozilla Firefox\sqlite3.dll - ok
11:56:25.0421 5628 [ 63183B7E2D3B77A8BE5CD137B32A555E ] C:\Program Files\HP\ToolBoxFX\bin\HPToolkit.dll
11:56:25.0421 5628 C:\Program Files\HP\ToolBoxFX\bin\HPToolkit.dll - ok
11:56:25.0437 5628 [ 92A588C16C7C3F5D09046C69AEB84C36 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\CameraCollection.esx
11:56:25.0437 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\CameraCollection.esx - ok
11:56:25.0437 5628 [ 79A4462A5F3956FF9F485AF85C783F89 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\MediaFoundation.dll
11:56:25.0437 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\MediaFoundation.dll - ok
11:56:25.0437 5628 [ 0485AB01B862FB91C21D39BD60BDF2AC ] C:\WINDOWS\system32\msoert2.dll
11:56:25.0437 5628 C:\WINDOWS\system32\msoert2.dll - ok
11:56:25.0437 5628 [ 0FBB3E8C2BD09679A8AC40CE7B7E6784 ] C:\WINDOWS\system32\PxMas.dll
11:56:25.0437 5628 C:\WINDOWS\system32\PxMas.dll - ok
11:56:25.0437 5628 [ 15BB4DD28E7E2BA5D22D1F14AF2E4262 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\CreativeProjects.esx
11:56:25.0437 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\CreativeProjects.esx - ok
11:56:25.0453 5628 [ DB0B2544198BA6EAF2EC3A860485BA49 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\processcoordinationclient.dll
11:56:25.0453 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\processcoordinationclient.dll - ok
11:56:25.0453 5628 [ 7425C32BA15AFD9ECE75029B00843F64 ] C:\Program Files\Google\Update\1.3.21.123\psmachine.dll
11:56:25.0453 5628 C:\Program Files\Google\Update\1.3.21.123\psmachine.dll - ok
11:56:25.0453 5628 [ 871888B4AA0CA343E73C81E94AD4ED93 ] C:\WINDOWS\system32\msoeacct.dll
11:56:25.0453 5628 C:\WINDOWS\system32\msoeacct.dll - ok
11:56:25.0453 5628 [ 11E19171255D683DE352673E477D7FE2 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
11:56:25.0453 5628 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll - ok
11:56:25.0468 5628 [ A350F4512F3F71EB48B34C6DBFC2EB02 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
11:56:25.0468 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx - ok
11:56:25.0468 5628 [ 48119A2A19F4D638A32697AECD32BE5E ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\processcoordinationsupport.dll
11:56:25.0468 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\processcoordinationsupport.dll - ok
11:56:25.0468 5628 [ BAD8E4F17AE51FAFA768FD3B3119BCAA ] C:\WINDOWS\system32\PxSFS.DLL
11:56:25.0468 5628 C:\WINDOWS\system32\PxSFS.DLL - ok
11:56:25.0468 5628 [ 26F231D1AE593AE7FC25632D2CA4ECB2 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
11:56:25.0468 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll - ok
11:56:25.0468 5628 [ 23528E1F9B696F9D6A88B4F31C48470A ] C:\Program Files\Mozilla Firefox\mozcrt19.dll
11:56:25.0468 5628 C:\Program Files\Mozilla Firefox\mozcrt19.dll - ok
11:56:25.0484 5628 [ 57AA18B2896055E8CB269B19DD85E7F3 ] C:\WINDOWS\system32\inetcomm.dll
11:56:25.0484 5628 C:\WINDOWS\system32\inetcomm.dll - ok
11:56:25.0484 5628 [ 13026F123B51837223DA8A7071A60663 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ASLMessaging.dll
11:56:25.0484 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ASLMessaging.dll - ok
11:56:25.0484 5628 [ DFE16ABDB88D10AD7930E827996FCF07 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
11:56:25.0484 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll - ok
11:56:25.0484 5628 [ C2519574A865895C9ABE932F6386F437 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\VideoFrame.dll
11:56:25.0484 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\VideoFrame.dll - ok
11:56:25.0500 5628 [ 441086F355F0DEA94621984C9A3BE765 ] C:\WINDOWS\system32\acctres.dll
11:56:25.0500 5628 C:\WINDOWS\system32\acctres.dll - ok
11:56:25.0500 5628 [ 0745FF646F5AF1F1CDD784C06F40FCE9 ] C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\md5dll.dll
11:56:25.0500 5628 C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\md5dll.dll - ok
11:56:25.0500 5628 [ 47BCD03C2C15E2FC4B358C4EBF650C41 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ImageRenderer.dll
11:56:25.0500 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ImageRenderer.dll - ok
11:56:25.0500 5628 [ A6F6923B46802785B9A47A03AE3CD8BF ] C:\WINDOWS\system32\inetres.dll
11:56:25.0500 5628 C:\WINDOWS\system32\inetres.dll - ok
11:56:25.0500 5628 [ 24BB2810506502DAF47E956103A2FCE0 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\alink.dll
11:56:25.0500 5628 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\alink.dll - ok
11:56:25.0515 5628 [ 6EEAC88D5164CF376232C71B4557BBA7 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\msvcp71.dll
11:56:25.0515 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\msvcp71.dll - ok
11:56:25.0515 5628 [ 5C9D79CCBD4B1869EE331B35157EAB9F ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll
11:56:25.0515 5628 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll - ok
11:56:25.0515 5628 [ 116AA2B169ABD0B620961CAFF0AEAC84 ] C:\Program Files\Outlook Express\msoeres.dll
11:56:25.0515 5628 C:\Program Files\Outlook Express\msoeres.dll - ok
11:56:25.0515 5628 [ 4CCC82B2EE8ED6D744CC635325B18EDA ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe
11:56:25.0515 5628 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe - ok
11:56:25.0531 5628 [ E36F3389AC1DBBBB4EFBD13BE3350275 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\msvcr71.dll
11:56:25.0531 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\msvcr71.dll - ok
11:56:25.0531 5628 [ CEA8F7E45B7B098F5FB085BB6A6A4432 ] C:\WINDOWS\system32\wscript.exe
11:56:25.0531 5628 C:\WINDOWS\system32\wscript.exe - ok
11:56:25.0531 5628 [ 63AE668F783DF28772D200F41CB40873 ] C:\WINDOWS\system32\scrobj.dll
11:56:25.0531 5628 C:\WINDOWS\system32\scrobj.dll - ok
11:56:25.0531 5628 [ E60BD85A2029A3BE5AEAEC01D155AE95 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\MCDVD_32.DLL
11:56:25.0531 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\MCDVD_32.DLL - ok
11:56:25.0531 5628 [ 6472932F2B6084EA1FB3F7F9493AC640 ] C:\WINDOWS\system32\wshom.ocx
11:56:25.0531 5628 C:\WINDOWS\system32\wshom.ocx - ok
11:56:25.0546 5628 [ 9384F4007C492D4FA040924F31C00166 ] C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\LangDLL.dll
11:56:25.0546 5628 C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\LangDLL.dll - ok
11:56:25.0546 5628 [ 85AC5F11D4759D13674B3E92EAC3F140 ] C:\WINDOWS\system32\msident.dll
11:56:25.0546 5628 C:\WINDOWS\system32\msident.dll - ok
11:56:25.0546 5628 [ F0A0EBF086597E645BC14B0D98F8BA58 ] C:\WINDOWS\system32\scrrun.dll
11:56:25.0546 5628 C:\WINDOWS\system32\scrrun.dll - ok
11:56:25.0546 5628 [ 194AECF7D68B475CF31C10C56F5B26CF ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliFacebookAPI.esx
11:56:25.0546 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliFacebookAPI.esx - ok
11:56:25.0546 5628 [ 7ED041C7F82A381417AA3F43AB55F95A ] C:\WINDOWS\system32\msidntld.dll
11:56:25.0546 5628 C:\WINDOWS\system32\msidntld.dll - ok
11:56:25.0562 5628 [ A14D324C50EB71FB480DDD60481D0C04 ] C:\WINDOWS\system32\pstorec.dll
11:56:25.0562 5628 C:\WINDOWS\system32\pstorec.dll - ok
11:56:25.0562 5628 [ A0C2CB21F4B521429F033FDEB18D63D7 ] C:\Program Files\Common Files\System\directdb.dll
11:56:25.0562 5628 C:\Program Files\Common Files\System\directdb.dll - ok
11:56:25.0562 5628 [ 46BBC83B350765284A6D54504DCF9240 ] C:\WINDOWS\system32\PxAFS.DLL
11:56:25.0562 5628 C:\WINDOWS\system32\PxAFS.DLL - ok
11:56:25.0562 5628 [ 24D52ADF2166C504EFEDFBA7924E24BD ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\libmmd.dll
11:56:25.0562 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\libmmd.dll - ok
11:56:25.0578 5628 [ C65122B94F7C82065FE86C32CF271F6D ] C:\WINDOWS\system32\reg.exe
11:56:25.0578 5628 C:\WINDOWS\system32\reg.exe - ok
11:56:25.0578 5628 [ 76869901617DEC95E110110A5DFF5C20 ] C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\inetc.dll
11:56:25.0578 5628 C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\inetc.dll - ok
11:56:25.0578 5628 [ D1BDC7FC1249B62F713EFE417F62B679 ] C:\WINDOWS\system32\PxWave.dll
11:56:25.0578 5628 C:\WINDOWS\system32\PxWave.dll - ok
11:56:25.0578 5628 [ CB89865671F6A5AF831C223E40D364F6 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
11:56:25.0578 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx - ok
11:56:25.0578 5628 [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
11:56:25.0578 5628 C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
11:56:25.0593 5628 [ 518F9552356D82FE59B875ACF55FFCFE ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\188d6391f7485a07e1218b5fc4ec2207\System.Deployment.ni.dll
11:56:25.0593 5628 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\188d6391f7485a07e1218b5fc4ec2207\System.Deployment.ni.dll - ok
11:56:25.0593 5628 [ 8450B29EE8D592C208BA1AAF6EE50267 ] C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\linker.dll
11:56:25.0593 5628 C:\DOCUME~1\Tom\LOCALS~1\Temp\nso16.tmp\linker.dll - ok
11:56:25.0593 5628 [ 81FE513A592C6A72813E7383E3C19ED6 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
11:56:25.0593 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll - ok
11:56:25.0593 5628 [ DAB2F696A0F81B784237AFCA432DC21B ] C:\Program Files\Seagate\BlackArmorBackup\Common\rpc_client.dll
11:56:25.0593 5628 C:\Program Files\Seagate\BlackArmorBackup\Common\rpc_client.dll - ok
11:56:25.0609 5628 [ 5B04227A81A4AEB33175C0CE693946D3 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\MemoryShell.dll
11:56:25.0609 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\MemoryShell.dll - ok
11:56:25.0609 5628 [ 5732522600A171870497B07EAA656B44 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocESEmail.dll
11:56:25.0609 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocESEmail.dll - ok
11:56:25.0609 5628 [ DC788BE50CB8DBBA0171C28107AE67E1 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\BackendLegacyLib.dll
11:56:25.0609 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\BackendLegacyLib.dll - ok
11:56:25.0609 5628 [ 1DDAEB2BCE39D372F99208FE9A31D37A ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\Memory.dll
11:56:25.0609 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\Memory.dll - ok
11:56:25.0609 5628 [ D0E0EC349400C3124FBDF7D4DF4B76E9 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\Backend.dll
11:56:25.0609 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\Backend.dll - ok
11:56:25.0625 5628 [ 28584774FAC6AEF16AC11B9BC1C0042D ] C:\Program Files\Common Files\Seagate\BlackArmorBackup\tdrpapi.dll
11:56:25.0625 5628 C:\Program Files\Common Files\Seagate\BlackArmorBackup\tdrpapi.dll - ok
11:56:25.0625 5628 [ 511FAE23EC6F02699418538DB875C836 ] C:\Program Files\DISC\Microsoft.Msdn.Samples.BITS.dll
11:56:25.0625 5628 C:\Program Files\DISC\Microsoft.Msdn.Samples.BITS.dll - ok
11:56:25.0625 5628 [ 23C98662461CA549487676E3E4E16C4F ] C:\WINDOWS\system32\vxblock.dll
11:56:25.0625 5628 C:\WINDOWS\system32\vxblock.dll - ok
11:56:25.0625 5628 [ 57AA81C8F01281F8F8FCE95694A25513 ] C:\Program Files\DISC\BackgroundCopyManager.DLL
11:56:25.0625 5628 C:\Program Files\DISC\BackgroundCopyManager.DLL - ok
11:56:25.0625 5628 [ 2C7C02E9A4F9F792E7B402918E1CA435 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEverestEditPipe.esx
11:56:25.0625 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEverestEditPipe.esx - ok
11:56:25.0625 5628 [ 46CBC0127A6CBD1A921F5033F5850F0B ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESFacialRetouch.dll
11:56:25.0625 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESFacialRetouch.dll - ok
11:56:25.0640 5628 [ 00AB99E13C24AEE11A547BE3301EAF59 ] C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
11:56:25.0640 5628 C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - ok
11:56:25.0640 5628 [ 062B76DC2523B8337A4C4D5DD49DC779 ] C:\Program Files\DISC\LogitechProfilerPack.dll
11:56:25.0640 5628 C:\Program Files\DISC\LogitechProfilerPack.dll - ok
11:56:25.0640 5628 [ FA945D157336B012E1AC63CBA0CA2763 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESFlickrAPI.esx
11:56:25.0640 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESFlickrAPI.esx - ok
11:56:25.0640 5628 [ C42B9F1945C35EE8B15695F0B2C863A9 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\FlickrAPI.dll
11:56:25.0640 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\FlickrAPI.dll - ok
11:56:25.0656 5628 [ 53E50FF8B808A7FBDDACBE727BB12978 ] C:\Program Files\HP\ToolBoxFX\bin\HPServiceCommunicator.dll
11:56:25.0656 5628 C:\Program Files\HP\ToolBoxFX\bin\HPServiceCommunicator.dll - ok
11:56:25.0656 5628 [ E93BAAF8313E5DF9350358F519E8716A ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESPrint.esx
11:56:25.0656 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESPrint.esx - ok
11:56:25.0656 5628 [ C60B02D181F0FA2455F73C03340135D7 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
11:56:25.0656 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll - ok
11:56:25.0656 5628 [ 6502C585EA4A2F3665CBED15242255E6 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocESPrint.dll
11:56:25.0656 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocESPrint.dll - ok
11:56:25.0656 5628 [ 92BDA121BB6306EB8E5797C453368A04 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESShastaEditPipe.esx
11:56:25.0656 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESShastaEditPipe.esx - ok
11:56:25.0671 5628 [ 566B6A38ED3226437861114AD1AD16F7 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ShastaPath.dll
11:56:25.0671 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ShastaPath.dll - ok
11:56:25.0671 5628 [ D8B91D94ECB123862B390FDE3250D3BB ] C:\WINDOWS\system32\dciman32.dll
11:56:25.0671 5628 C:\WINDOWS\system32\dciman32.dll - ok
11:56:25.0671 5628 [ 8212D4A4C673C49D5EC2F4BFB7ADF1F0 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
11:56:25.0671 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx - ok
11:56:25.0671 5628 [ 37281C0569D2A38CBCAB8811322C0512 ] C:\Program Files\HP\ToolBoxFX\bin\PLSDMMapperObjects.dll
11:56:25.0671 5628 C:\Program Files\HP\ToolBoxFX\bin\PLSDMMapperObjects.dll - ok
11:56:25.0687 5628 [ 2C5F6FCC66AF16FBD33BBA1A401DEE30 ] C:\Program Files\HP\ToolBoxFX\bin\DMBaseObjects.dll
11:56:25.0687 5628 C:\Program Files\HP\ToolBoxFX\bin\DMBaseObjects.dll - ok
11:56:25.0687 5628 [ 43634E573D265254FF0AFDF51A26EECF ] C:\Program Files\HP\ToolBoxFX\bin\HPLogger.dll
11:56:25.0687 5628 C:\Program Files\HP\ToolBoxFX\bin\HPLogger.dll - ok
11:56:25.0687 5628 [ 5336ACF087C46C72EED85B33A6D59C5A ] C:\Program Files\HP\ToolBoxFX\bin\HPFaxUtilities.dll
11:56:25.0687 5628 C:\Program Files\HP\ToolBoxFX\bin\HPFaxUtilities.dll - ok
11:56:25.0687 5628 [ 3A5DE3B3D5D9116BC3457D3360C867E5 ] C:\Program Files\HP\ToolBoxFX\bin\Alerts.dll
11:56:25.0687 5628 C:\Program Files\HP\ToolBoxFX\bin\Alerts.dll - ok
11:56:25.0687 5628 [ C1CCA96E2B97CA0D65400FE3E91F1C00 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
11:56:25.0687 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll - ok
11:56:25.0703 5628 [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
11:56:25.0703 5628 C:\WINDOWS\system32\usp10.dll - ok
11:56:25.0703 5628 [ 0CB8D0AC88ED0DE082BBF17B5B93B055 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
11:56:25.0703 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll - ok
11:56:25.0703 5628 [ 992D9D6F307D42A29F8DCF86B51BC068 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\xerces-c_2_7.dll
11:56:25.0703 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\xerces-c_2_7.dll - ok
11:56:25.0703 5628 [ 72B8E0E2446E86091949D05140626EE2 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
11:56:25.0703 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll - ok
11:56:25.0703 5628 [ 87AE2B01E773957C332744E9EF98E63F ] C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
11:56:25.0703 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll - ok
11:56:25.0718 5628 [ 853899B1D122E71F5A05A69B8CE7AA28 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
11:56:25.0718 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll - ok
11:56:25.0718 5628 [ 57F6A8DD958774583D81B43F4700EB2D ] C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
11:56:25.0718 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll - ok
11:56:25.0718 5628 [ 288F6C70518A7C443A4085AE24692416 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\AudioRenderer.dll
11:56:25.0718 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\AudioRenderer.dll - ok
11:56:25.0718 5628 [ 21969BF870B82BA2E6898A8571E99B0D ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ASLUnitTesting.dll
11:56:25.0718 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ASLUnitTesting.dll - ok
11:56:25.0734 5628 [ 603F5601DF289A75D37F336925EF7D10 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ImporterHost.dll
11:56:25.0734 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\ImporterHost.dll - ok
11:56:25.0734 5628 [ A58E822E3D297EEE6B6248AFD9F42062 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
11:56:25.0734 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll - ok
11:56:25.0734 5628 [ 145E1FD67A2BA896C342B9057697723B ] C:\Program Files\HP\ToolBoxFX\bin\PLSDMXMLObjects.dll
11:56:25.0734 5628 C:\Program Files\HP\ToolBoxFX\bin\PLSDMXMLObjects.dll - ok
11:56:25.0734 5628 [ D2551FF3189D378AAA6FAD627096C226 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\AdobeXMP.dll
11:56:25.0734 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\AdobeXMP.dll - ok
11:56:25.0734 5628 [ D281E6BCEB78C8D2FA77C9E105BB2BAC ] C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
11:56:25.0734 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll - ok
11:56:25.0734 5628 [ 59DC6615DD3DF7810959D06E2E449EC9 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\AdobeXMPFiles.dll
11:56:25.0734 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\AdobeXMPFiles.dll - ok
11:56:25.0750 5628 [ D394D43CC48EF0E8E7D18576359AC729 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\QTMutex.dll
11:56:25.0750 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\QTMutex.dll - ok
11:56:25.0750 5628 [ 4FF06E4EA4042BC3B93544E6CA940345 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\MediaUtils.dll
11:56:25.0750 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\MediaUtils.dll - ok
11:56:25.0750 5628 [ 532E0505C5CC5516F99A5F2572D97648 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\AudioSupport.dll
11:56:25.0750 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\AudioSupport.dll - ok
11:56:25.0750 5628 [ 5875D70BF365F68EE16B0FC64590C368 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\SweetPeaSupport.dll
11:56:25.0750 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\SweetPeaSupport.dll - ok
11:56:25.0765 5628 [ FCE4DF485813523FB369AD43242B28CA ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\PluginSupport.dll
11:56:25.0765 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\PluginSupport.dll - ok
11:56:25.0765 5628 [ CC11956CDB9D29C6568A85C3E67E1FFD ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\MLFoundation.dll
11:56:25.0765 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\MLFoundation.dll - ok
11:56:25.0765 5628 [ 224EAD1CC7C5F4A8CD56B12644B959DA ] C:\Program Files\HP\Digital Imaging\bin\hppscan3.exe
11:56:25.0765 5628 C:\Program Files\HP\Digital Imaging\bin\hppscan3.exe - ok
11:56:25.0765 5628 [ 39CA31E278E1A4F73C7FA87000F4A868 ] C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\VideoRenderer.dll
11:56:25.0765 5628 C:\Program Files\Adobe\Elements Organizer 8.0\CAHeadless\VideoRenderer.dll - ok
11:56:25.0765 5628 [ E5353F4F3751B7EB51D73755B54E02C7 ] C:\Program Files\HP\Digital Imaging\bin\hppscan3.dll
11:56:25.0765 5628 C:\Program Files\HP\Digital Imaging\bin\hppscan3.dll - ok
11:56:25.0781 5628 [ C4291843688B8D722E4B2D224910DC0F ] C:\Program Files\HP\ToolBoxFX\bin\LEDMMapperObjects.dll
11:56:25.0781 5628 C:\Program Files\HP\ToolBoxFX\bin\LEDMMapperObjects.dll - ok
11:56:25.0781 5628 [ 3D5F2C7F804E996F4062281099C424D3 ] C:\Program Files\HP\ToolBoxFX\bin\LEDMXMLObjects.dll
11:56:25.0781 5628 C:\Program Files\HP\ToolBoxFX\bin\LEDMXMLObjects.dll - ok
11:56:25.0781 5628 [ 4305DC7829C9B4596B14759EF8F900C9 ] C:\Program Files\QuickTime\QTSystem\QuickTime.qts
11:56:25.0781 5628 C:\Program Files\QuickTime\QTSystem\QuickTime.qts - ok
11:56:25.0781 5628 [ B2613E6710BB1F43841395B1BAB73BAF ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSlideShow.esx
11:56:25.0781 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSlideShow.esx - ok
11:56:25.0781 5628 [ 0943EFBC769AE1DE85DABD8FE04F518C ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESUIWireless.esx
11:56:25.0781 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESUIWireless.esx - ok
11:56:25.0796 5628 [ 667781F539EB122C5520E14F490F715B ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocESUIWireless.dll
11:56:25.0796 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocESUIWireless.dll - ok
11:56:25.0796 5628 [ 7C53FBB66F29AA074925AEA100C316C3 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESUpload.esx
11:56:25.0796 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESUpload.esx - ok
11:56:25.0796 5628 [ 51D5FE1531D5D7399C02FB7D63A3FA4A ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocESUpload.dll
11:56:25.0796 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocESUpload.dll - ok
11:56:25.0796 5628 [ 779EDF6249B4DD2B7E9C6854071BE9A2 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\ESWireless.esx
11:56:25.0796 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\ESWireless.esx - ok
11:56:25.0812 5628 [ F86E9C93C345CBEFC873D418ECF7E9C0 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\KDCImagePath.esx
11:56:25.0812 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\KDCImagePath.esx - ok
11:56:25.0812 5628 [ ACA57BA96A51229CC4574FDE502D03DD ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\d8ca3b9fefcda19eeecd55c239f504ba\System.Management.ni.dll
11:56:25.0812 5628 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\d8ca3b9fefcda19eeecd55c239f504ba\System.Management.ni.dll - ok
11:56:25.0812 5628 [ 1F1774FEBE8A2B632B3DAB2D1F27C662 ] C:\Program Files\QuickTime\QTSystem\QTCF.dll
11:56:25.0812 5628 C:\Program Files\QuickTime\QTSystem\QTCF.dll - ok
11:56:25.0812 5628 [ 35A936C7C029A5B705D3FFD40518D660 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
11:56:25.0812 5628 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok
11:56:25.0812 5628 [ 595F27EBC2B0492AC3C91D7C40D5A870 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
11:56:25.0812 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx - ok
11:56:25.0828 5628 [ 262DB10A967AFDB8B1134DD9357B0791 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
11:56:25.0828 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll - ok
11:56:25.0828 5628 [ 5CAEAEDBC668E7A90FE218D374792DF6 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
11:56:25.0828 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll - ok
11:56:25.0828 5628 [ 2A2BFCCFDDFA3D70A71E9A1B13025905 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\locPcd.dll
11:56:25.0828 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\locPcd.dll - ok
11:56:25.0828 5628 [ 79BB74574A5D3A39B647BD423A0D7E42 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
11:56:25.0828 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx - ok
11:56:25.0828 5628 [ F6A89AAEF85630D3FAF9BF747085CF87 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
11:56:25.0828 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll - ok
11:56:25.0843 5628 [ 31866BE04326F537826AFF72B8E4C48A ] C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
11:56:25.0843 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx - ok
11:56:25.0843 5628 [ 490B2A44EDB2B056F0489341BEE2BD86 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaAdapter.dll
11:56:25.0843 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaAdapter.dll - ok
11:56:25.0843 5628 [ 6E98F985C1488B7CBFF89272EEB5310F ] C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaBBook.esx
11:56:25.0843 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaBBook.esx - ok
11:56:25.0843 5628 [ 5801808CF9420EA44A421050445090FB ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaBBook.dll
11:56:25.0843 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaBBook.dll - ok
11:56:25.0843 5628 [ 43FFD01B05413B22A9C6120EEAB98481 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaBrowser.esx
11:56:25.0843 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaBrowser.esx - ok
11:56:25.0859 5628 [ 4AA9CF025554DECCBB758A61D9709C25 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaBrowser.dll
11:56:25.0859 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaBrowser.dll - ok
11:56:25.0859 5628 [ A340CD71EB535A3DD751B5F28723E50C ] C:\WINDOWS\system32\ddraw.dll
11:56:25.0859 5628 C:\WINDOWS\system32\ddraw.dll - ok
11:56:25.0859 5628 [ 6DC56096A64C6228D12BC5BC7C51ED88 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
11:56:25.0859 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx - ok
11:56:25.0859 5628 [ 9C92F8E5BD191C9FF2E237F243011CB1 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaCDBackup.dll
11:56:25.0859 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaCDBackup.dll - ok
11:56:25.0875 5628 [ 38E0523AD15765A1B2BAFFC3316D6B50 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaEdit.esx
11:56:25.0875 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaEdit.esx - ok
11:56:25.0875 5628 [ 440F312DB081DD3EF34C4C20D3BCADD5 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaEdit.dll
11:56:25.0875 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaEdit.dll - ok
11:56:25.0875 5628 [ E8915D371E397DD3473933E44053130E ] C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
11:56:25.0875 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx - ok
11:56:25.0875 5628 [ F85F87A7D5F3E3E348C629D879AFDEB6 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
11:56:25.0875 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll - ok
11:56:25.0875 5628 [ 339B963E07A471F85C34092E87179249 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaPrintOnLine.dll
11:56:25.0875 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaPrintOnLine.dll - ok
11:56:25.0890 5628 [ 42E62E537A06C97206C97000A3CA7870 ] C:\Program Files\Kodak\Kodak EasyShare software\bin\XMIApi.esx
11:56:25.0890 5628 C:\Program Files\Kodak\Kodak EasyShare software\bin\XMIApi.esx - ok
11:56:25.0890 5628 [ 2B15C033BEE98B7E6F9315F4319CBEDA ] C:\Program Files\HP\ToolBoxFX\bin\NativeUtils.dll
11:56:25.0890 5628 C:\Program Files\HP\ToolBoxFX\bin\NativeUtils.dll - ok
11:56:25.0890 5628 ============================================================
11:56:25.0890 5628 Scan finished
11:56:25.0890 5628 ============================================================
11:56:26.0031 5504 Detected object count: 41
11:56:26.0031 5504 Actual detected object count: 41
12:30:33.0375 5504 AdobeActiveFileMonitor4.0 ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0375 5504 AdobeActiveFileMonitor4.0 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0375 5504 AllShare ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0375 5504 AllShare ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0375 5504 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0375 5504 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0375 5504 CXFALCON ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0375 5504 CXFALCON ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0375 5504 e1express ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0375 5504 e1express ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0375 5504 ELacpi ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0375 5504 ELacpi ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0375 5504 ELhid ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0375 5504 ELhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0375 5504 ELkbd ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0375 5504 ELkbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 ELmon ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 ELmon ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 ELmou ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 ELmou ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 ELService ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 ELService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 epstwnt ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 epstwnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 hcwPP2 ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 hcwPP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 HSXHWBS2 ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 HSXHWBS2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 HSX_DP ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 HSX_DP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 IAANTMON ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 IAANTMON ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 iaStor ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 iaStor ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 INO_FLPY ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 INO_FLPY ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 INO_FLTR ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 INO_FLTR ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0390 5504 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0390 5504 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0406 5504 KodakDigitalDisplayService ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0406 5504 KodakDigitalDisplayService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0406 5504 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0406 5504 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0406 5504 McrdSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0406 5504 McrdSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0406 5504 MCSTRM ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0406 5504 MCSTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0406 5504 mdmxsdk ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0406 5504 mdmxsdk ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0406 5504 MHN ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0406 5504 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0406 5504 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0406 5504 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0406 5504 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0406 5504 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0406 5504 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0406 5504 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0406 5504 Ps2 ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0406 5504 Ps2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0406 5504 QWAVE ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0406 5504 QWAVE ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0406 5504 QWAVEDRV ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0406 5504 QWAVEDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0406 5504 RMSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0406 5504 RMSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0421 5504 SbcpHid ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0421 5504 SbcpHid ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0421 5504 SHARSHTL ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0421 5504 SHARSHTL ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0421 5504 TIEHDUSB ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0421 5504 TIEHDUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0421 5504 winachsx ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0421 5504 winachsx ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0421 5504 WN5301 ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:33.0421 5504 WN5301 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:33.0421 5504 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:30:33.0421 5504 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
12:31:39.0890 2280 Deinitialize success

(TDSS smaller part)



11:42:29.0543 22172 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:42:29.0918 22172 ============================================================
11:42:29.0918 22172 Current date / time: 2012/12/28 11:42:29.0918
11:42:29.0918 22172 SystemInfo:
11:42:29.0918 22172
11:42:29.0918 22172 OS Version: 5.1.2600 ServicePack: 3.0
11:42:29.0918 22172 Product type: Workstation
11:42:29.0918 22172 ComputerName: ROY
11:42:29.0918 22172 UserName: Tom
11:42:29.0918 22172 Windows directory: C:\WINDOWS
11:42:29.0918 22172 System windows directory: C:\WINDOWS
11:42:29.0918 22172 Processor architecture: Intel x86
11:42:29.0918 22172 Number of processors: 2
11:42:29.0918 22172 Page size: 0x1000
11:42:29.0918 22172 Boot type: Normal boot
11:42:29.0918 22172 ============================================================
11:42:30.0262 22172 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:42:30.0277 22172 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:42:30.0402 22172 Drive \Device\Harddisk6\DR10 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:42:30.0418 22172 ============================================================
11:42:30.0418 22172 \Device\Harddisk0\DR0:
11:42:30.0418 22172 MBR partitions:
11:42:30.0418 22172 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C068915
11:42:30.0418 22172 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x1C06C815, BlocksNum 0x1157D6C
11:42:30.0418 22172 \Device\Harddisk1\DR1:
11:42:30.0418 22172 MBR partitions:
11:42:30.0418 22172 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
11:42:30.0418 22172 \Device\Harddisk6\DR10:
11:42:30.0418 22172 MBR partitions:
11:42:30.0418 22172 \Device\Harddisk6\DR10\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA86702
11:42:30.0418 22172 ============================================================
11:42:30.0433 22172 C: <-> \Device\Harddisk0\DR0\Partition1
11:42:30.0449 22172 D: <-> \Device\Harddisk1\DR1\Partition1
11:42:30.0480 22172 E: <-> \Device\Harddisk0\DR0\Partition2
11:42:30.0496 22172 L: <-> \Device\Harddisk6\DR10\Partition1
11:42:30.0496 22172 ============================================================
11:42:30.0496 22172 Initialize success
11:42:30.0496 22172 ============================================================
11:44:45.0965 25476 Deinitialize success

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Aim6 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\StartNow Search Protect deleted successfully.
C:\Program Files\StartNow Toolbar\search_protect.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0291E591-EA41-4c82-8106-3DC6CE7F7664}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0291E591-EA41-4c82-8106-3DC6CE7F7664}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{0291E591-EA41-4c82-8106-3DC6CE7F7664}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0291E591-EA41-4c82-8106-3DC6CE7F7664}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}\ not found.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
C:\WINDOWS\tasks\At1.job moved successfully.
C:\Documents and Settings\All Users\Application Data\~9i239IxhpPeQOh moved successfully.
C:\Documents and Settings\All Users\Application Data\~9i239IxhpPeQOhr moved successfully.
C:\Documents and Settings\All Users\Application Data\9i239IxhpPeQOh moved successfully.
C:\Documents and Settings\Tom\Application Data\StartNow Toolbar\CR folder moved successfully.
C:\Documents and Settings\Tom\Application Data\StartNow Toolbar folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Symantec folder moved successfully.
Folder C:\Documents and Settings\Tom\Application Data\StartNow Toolbar\ not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:242231A9 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0B9D8E22 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: All Users

User: Beth
->Temp folder emptied: 217274351 bytes
->Temporary Internet Files folder emptied: 328479170 bytes
->Java cache emptied: 35970329 bytes
->FireFox cache emptied: 114394473 bytes
->Flash cache emptied: 186872 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33036 bytes
->Flash cache emptied: 41044 bytes

User: HP_Administrator
->Temp folder emptied: 41399410 bytes
->Temporary Internet Files folder emptied: 217318473 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 17430444 bytes
->Flash cache emptied: 5059 bytes

User: Jacqui
->Temp folder emptied: 1890047 bytes
->Temporary Internet Files folder emptied: 7455146 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 36412999 bytes
->Google Chrome cache emptied: 100201187 bytes
->Flash cache emptied: 1576 bytes

User: kodak
->Temp folder emptied: 2310144 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 42876249 bytes

User: MCX1
->Temp folder emptied: 642310 bytes
->Temporary Internet Files folder emptied: 873866 bytes
->Flash cache emptied: 348 bytes

User: Mike-Pike
->Temp folder emptied: 1411244 bytes
->Temporary Internet Files folder emptied: 209776140 bytes
->Java cache emptied: 14618005 bytes
->FireFox cache emptied: 2856568 bytes
->Google Chrome cache emptied: 349739630 bytes
->Flash cache emptied: 11869 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Tom
->Temp folder emptied: 960521184 bytes
->Temporary Internet Files folder emptied: 516589743 bytes
->Java cache emptied: 27019700 bytes
->FireFox cache emptied: 74766483 bytes
->Google Chrome cache emptied: 51997766 bytes
->Apple Safari cache emptied: 16384 bytes
->Flash cache emptied: 1969040 bytes

User: Tommy
->Temp folder emptied: 603977 bytes
->Temporary Internet Files folder emptied: 25261035 bytes
->Google Chrome cache emptied: 363846798 bytes
->Flash cache emptied: 43394 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 8429073 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 169320399 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 298242292 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 708940373 bytes

Total Files Cleaned = 4,722.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 12282012_123410

Files\Folders moved on Reboot...
C:\Documents and Settings\kodak\Local Settings\Temp\Perflib_Perfdata_e30.dat moved successfully.
File move failed. C:\WINDOWS\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_824.dat not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:47 PM

Posted 28 December 2012 - 02:12 PM

12:30:33.0421 5504 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:30:33.0421 5504 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


Please re run TdssKiller and select delete on these entries only.


How is your machine running now after this is done?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 Quevvy

Quevvy
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 29 December 2012 - 03:04 AM

The computer is definitely running better and all the StartNow stuff is gone. I think that the AnswerWorks software might actually be something that another application uses, but still not completely sure.

#14 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:47 PM

Posted 29 December 2012 - 11:22 AM

AnswerWorks

This is part of a Quicken installation.

Lets go ahead and run a couple other scanners to make sure no leftovers.


1.
Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

2.
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Things to include in your next reply::
MBAM log
Eset log
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#15 Quevvy

Quevvy
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 30 December 2012 - 05:12 PM

The computer continually seems to be doing better!







Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2012.12.30.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Tom :: ROY [administrator]

12/30/2012 9:56:00 AM
mbam-log-2012-12-30 (09-56-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 403733
Time elapsed: 9 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
















C:\Documents and Settings\Beth\Desktop\trojankiller2113-setup.exe a variant of Win32/1AntiVirus application cleaned by deleting - quarantined
C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe a variant of Win32/1AntiVirus application cleaned by deleting - quarantined
C:\Program Files\StartNow Toolbar\Reactivate.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files\StartNow Toolbar\Toolbar32.dll a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files\StartNow Toolbar\ToolbarBroker.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.12.2012_00.57.46\tdlfs0000\tsk0005.dta a variant of Win32/Kryptik.XEZ trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.12.2012_00.57.46\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.12.2012_00.57.46\tdlfs0000\tsk0008.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.12.2012_00.57.46\tdlfs0000\tsk0009.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.12.2012_00.57.46\tdlfs0000\tsk0010.dta Win64/Olmasco.R trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.12.2012_00.57.46\tdlfs0000\tsk0011.dta Win32/Olmasco.Q trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.12.2012_00.57.46\tdlfs0000\tsk0012.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
L:\Jacqui\Local Settings\Temporary Internet Files\Content.IE5\IS0GLJQ3\watch-chicago-blackhawks-vs-san-jose-sharks-game-3-live-online[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
L:\Tommy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000a30 JS/Kryptik.AQ.Gen trojan deleted - quarantined




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users