Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Privitize VPN redirecting homepage


  • Please log in to reply
9 replies to this topic

#1 Kadoobie

Kadoobie

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 09 February 2013 - 11:34 AM

     After installing what I understood to be a VPN, I later find out that it is considered malware. Currently the only problems are that it is redirecting my homepage to "google.com/webhp", and it has changed the theme(?) the color scheme of the taskbar and start menu

      If i'm not mistaken this program also opens me up to other infections, so I would love to remove it asap. I've already tried some free basic scans like malwarebytes, avg and spyhunter but to no avail. Any assistance or guidance would be greatly appreciated.


Edited by Kadoobie, 09 February 2013 - 12:04 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:04 PM

Posted 09 February 2013 - 01:25 PM


  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results



#3 Kadoobie

Kadoobie
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 09 February 2013 - 03:53 PM

You weren't kidding about the ESET scan taking long, 15% at 1 hour 13 min. (although it has been stuck at 15% since like minuite 10) Currently it has found two threats, "Java/Exploit.Blacole.AN trojan" and "Java/TrojanDownloader.Agent.NDR trojan". (edit: found two more, "Win32/OpenCandy application

" and "a variant of Win32/HackKMS.A application") (edit2: found one more, "HTML/TrojanDownloader.IFrame trojan")

 

I'll link the other two scans for now, but before I do I want to thank a ton. This community is one of the best and most helpful I've ever seen. You volunteers are incredible!

 

Anyway here are the TDSSKiller and aswMBR files, I'll get you the ESET as soon as it is done.

 

(ps: Do you want me to use the Fix button on aswMBR?)

 

(pps: There's a folder that's been sitting in my root directory (C:) for at least a year, named "940ced62aea03cf359ee69c178". I've tried deleting it in the past, only to have it come back. Not sure if that is a problem.)

 

TDSSKiller log:

 

14:23:29.0328 1948  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:23:29.0625 1948  ============================================================
14:23:29.0625 1948  Current date / time: 2013/02/09 14:23:29.0625
14:23:29.0625 1948  SystemInfo:
14:23:29.0625 1948  
14:23:29.0625 1948  OS Version: 5.1.2600 ServicePack: 3.0
14:23:29.0625 1948  Product type: Workstation
14:23:29.0625 1948  ComputerName: YOUR-D0F670B45A
14:23:29.0625 1948  UserName: Compaq_Owner
14:23:29.0625 1948  Windows directory: C:\WINDOWS
14:23:29.0625 1948  System windows directory: C:\WINDOWS
14:23:29.0625 1948  Processor architecture: Intel x86
14:23:29.0625 1948  Number of processors: 1
14:23:29.0625 1948  Page size: 0x1000
14:23:29.0625 1948  Boot type: Normal boot
14:23:29.0625 1948  ============================================================
14:23:30.0359 1948  BG loaded
14:23:30.0625 1948  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
14:23:30.0625 1948  ============================================================
14:23:30.0625 1948  \Device\Harddisk0\DR0:
14:23:30.0625 1948  MBR partitions:
14:23:30.0625 1948  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD0ECC51
14:23:30.0625 1948  \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0xD0F07A0, BlocksNum 0xEA2C70
14:23:30.0625 1948  ============================================================
14:23:30.0656 1948  C: <-> \Device\Harddisk0\DR0\Partition1
14:23:30.0671 1948  D: <-> \Device\Harddisk0\DR0\Partition2
14:23:30.0671 1948  ============================================================
14:23:30.0671 1948  Initialize success
14:23:30.0671 1948  ============================================================
14:23:41.0578 1136  ============================================================
14:23:41.0578 1136  Scan started
14:23:41.0578 1136  Mode: Manual; TDLFS;
14:23:41.0578 1136  ============================================================
14:23:41.0875 1136  ================ Scan system memory ========================
14:23:41.0875 1136  System memory - ok
14:23:41.0875 1136  ================ Scan services =============================
14:23:42.0078 1136  240A - ok
14:23:42.0078 1136  254C - ok
14:23:42.0093 1136  3d33 - ok
14:23:42.0109 1136  7408 - ok
14:23:42.0109 1136  88e2 - ok
14:23:42.0125 1136  8f4B - ok
14:23:42.0125 1136  9fc4 - ok
14:23:42.0140 1136  a976 - ok
14:23:42.0187 1136  Abiosdsk - ok
14:23:42.0203 1136  abp480n5 - ok
14:23:42.0265 1136  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:23:42.0265 1136  ACPI - ok
14:23:42.0296 1136  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
14:23:42.0296 1136  ACPIEC - ok
14:23:42.0390 1136  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:23:42.0390 1136  AdobeFlashPlayerUpdateSvc - ok
14:23:42.0390 1136  adpu160m - ok
14:23:42.0421 1136  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
14:23:42.0437 1136  aec - ok
14:23:42.0500 1136  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
14:23:42.0500 1136  AFD - ok
14:23:42.0500 1136  Aha154x - ok
14:23:42.0515 1136  aic78u2 - ok
14:23:42.0515 1136  aic78xx - ok
14:23:42.0546 1136  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
14:23:42.0546 1136  Alerter - ok
14:23:42.0593 1136  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
14:23:42.0593 1136  ALG - ok
14:23:42.0593 1136  AliIde - ok
14:23:42.0640 1136  [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
14:23:42.0640 1136  AmdK8 - ok
14:23:42.0640 1136  amsint - ok
14:23:42.0687 1136  [ 116BFF96077A4A724E0AAB800525CEB5 ] AN983           C:\WINDOWS\system32\DRIVERS\AN983.sys
14:23:42.0687 1136  AN983 - ok
14:23:42.0687 1136  AppMgmt - ok
14:23:42.0734 1136  [ 1FBB058304FD90EED99C6BEAF80AA602 ] ArcFltr         C:\WINDOWS\system32\Drivers\Arctosa.sys
14:23:42.0734 1136  ArcFltr - ok
14:23:42.0750 1136  asc - ok
14:23:42.0750 1136  asc3350p - ok
14:23:42.0765 1136  asc3550 - ok
14:23:42.0921 1136  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:23:42.0921 1136  aspnet_state - ok
14:23:42.0968 1136  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:23:42.0968 1136  AsyncMac - ok
14:23:43.0000 1136  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
14:23:43.0000 1136  atapi - ok
14:23:43.0000 1136  Atdisk - ok
14:23:43.0031 1136  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:23:43.0046 1136  Atmarpc - ok
14:23:43.0078 1136  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
14:23:43.0078 1136  AudioSrv - ok
14:23:43.0140 1136  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
14:23:43.0140 1136  audstub - ok
14:23:43.0453 1136  [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent     C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
14:23:43.0500 1136  AVGIDSAgent - ok
14:23:43.0531 1136  [ EF67527CC2AD77D22AB1405C6470407E ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
14:23:43.0531 1136  AVGIDSDriver - ok
14:23:43.0578 1136  [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter    C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
14:23:43.0578 1136  AVGIDSFilter - ok
14:23:43.0593 1136  [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
14:23:43.0593 1136  AVGIDSHX - ok
14:23:43.0640 1136  [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
14:23:43.0640 1136  AVGIDSShim - ok
14:23:43.0687 1136  [ 6671345A6E2669AF1966BAF68EC5620F ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
14:23:43.0687 1136  Avgldx86 - ok
14:23:43.0718 1136  [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
14:23:43.0718 1136  Avgmfx86 - ok
14:23:43.0734 1136  [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
14:23:43.0734 1136  Avgrkx86 - ok
14:23:43.0765 1136  [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
14:23:43.0781 1136  Avgtdix - ok
14:23:43.0812 1136  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Program Files\AVG\AVG2012\avgwdsvc.exe
14:23:43.0812 1136  avgwd - ok
14:23:43.0843 1136  [ 7270D070173B20AC9487EA16BB08B45F ] bb-run          C:\WINDOWS\system32\DRIVERS\bb-run.sys
14:23:43.0843 1136  bb-run - ok
14:23:43.0859 1136  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:23:43.0859 1136  Beep - ok
14:23:43.0921 1136  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
14:23:43.0921 1136  BITS - ok
14:23:43.0968 1136  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
14:23:43.0968 1136  Browser - ok
14:23:44.0000 1136  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
14:23:44.0000 1136  cbidf2k - ok
14:23:44.0015 1136  cd20xrnt - ok
14:23:44.0031 1136  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
14:23:44.0031 1136  Cdaudio - ok
14:23:44.0078 1136  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
14:23:44.0093 1136  Cdfs - ok
14:23:44.0109 1136  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:23:44.0109 1136  Cdrom - ok
14:23:44.0109 1136  Changer - ok
14:23:44.0156 1136  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
14:23:44.0156 1136  CiSvc - ok
14:23:44.0203 1136  [ B53F9635457B56DCFFEF750E18AEC6CB ] CLEDX           C:\WINDOWS\system32\DRIVERS\cledx.sys
14:23:44.0203 1136  CLEDX - ok
14:23:44.0250 1136  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
14:23:44.0250 1136  ClipSrv - ok
14:23:44.0343 1136  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:23:44.0343 1136  clr_optimization_v2.0.50727_32 - ok
14:23:44.0406 1136  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:23:44.0421 1136  clr_optimization_v4.0.30319_32 - ok
14:23:44.0421 1136  CmdIde - ok
14:23:44.0437 1136  COMSysApp - ok
14:23:44.0453 1136  Cpqarray - ok
14:23:44.0859 1136  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
14:23:44.0859 1136  CryptSvc - ok
14:23:44.0875 1136  dac2w2k - ok
14:23:44.0875 1136  dac960nt - ok
14:23:44.0953 1136  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:23:44.0953 1136  DcomLaunch - ok
14:23:45.0015 1136  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
14:23:45.0015 1136  Dhcp - ok
14:23:45.0078 1136  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
14:23:45.0078 1136  Disk - ok
14:23:45.0093 1136  dmadmin - ok
14:23:45.0140 1136  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
14:23:45.0140 1136  dmboot - ok
14:23:45.0171 1136  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
14:23:45.0171 1136  dmio - ok
14:23:45.0218 1136  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
14:23:45.0218 1136  dmload - ok
14:23:45.0265 1136  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
14:23:45.0265 1136  dmserver - ok
14:23:45.0296 1136  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
14:23:45.0312 1136  DMusic - ok
14:23:45.0359 1136  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:23:45.0359 1136  Dnscache - ok
14:23:45.0421 1136  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:23:45.0421 1136  Dot3svc - ok
14:23:45.0437 1136  dpti2o - ok
14:23:45.0484 1136  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
14:23:45.0484 1136  drmkaud - ok
14:23:45.0500 1136  e277 - ok
14:23:45.0531 1136  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
14:23:45.0531 1136  EapHost - ok
14:23:45.0593 1136  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
14:23:45.0593 1136  ERSvc - ok
14:23:45.0640 1136  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
14:23:45.0640 1136  Eventlog - ok
14:23:45.0703 1136  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
14:23:45.0703 1136  EventSystem - ok
14:23:45.0718 1136  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
14:23:45.0718 1136  Fastfat - ok
14:23:45.0750 1136  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:23:45.0750 1136  FastUserSwitchingCompatibility - ok
14:23:45.0765 1136  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
14:23:45.0765 1136  Fdc - ok
14:23:45.0812 1136  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
14:23:45.0812 1136  Fips - ok
14:23:45.0828 1136  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
14:23:45.0828 1136  Flpydisk - ok
14:23:45.0890 1136  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:23:45.0890 1136  FltMgr - ok
14:23:45.0984 1136  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:23:45.0984 1136  FontCache3.0.0.0 - ok
14:23:46.0046 1136  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:23:46.0046 1136  Fs_Rec - ok
14:23:46.0078 1136  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:23:46.0078 1136  Ftdisk - ok
14:23:46.0109 1136  [ 22399D3CE5840C6082844679CCA5D2FC ] ftsata2         C:\WINDOWS\system32\DRIVERS\ftsata2.sys
14:23:46.0109 1136  ftsata2 - ok
14:23:46.0171 1136  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
14:23:46.0171 1136  GEARAspiWDM - ok
14:23:46.0218 1136  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:23:46.0218 1136  Gpc - ok
14:23:46.0265 1136  [ 833051C6C6C42117191935F734CFBD97 ] hamachi         C:\WINDOWS\system32\DRIVERS\hamachi.sys
14:23:46.0265 1136  hamachi - ok
14:23:46.0328 1136  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:23:46.0328 1136  HDAudBus - ok
14:23:46.0453 1136  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:23:46.0453 1136  helpsvc - ok
14:23:46.0500 1136  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
14:23:46.0500 1136  HidServ - ok
14:23:46.0562 1136  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:23:46.0562 1136  HidUsb - ok
14:23:46.0609 1136  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
14:23:46.0609 1136  hkmsvc - ok
14:23:46.0609 1136  hpn - ok
14:23:46.0687 1136  [ 1F5C64B0C6B2E2F48735A77AE714CCB8 ] HSXHWBS2        C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys
14:23:46.0687 1136  HSXHWBS2 - ok
14:23:46.0734 1136  [ A7F8C9228898A1E871D2AE7082F50AC3 ] HSX_DP          C:\WINDOWS\system32\DRIVERS\HSX_DP.sys
14:23:46.0750 1136  HSX_DP - ok
14:23:46.0812 1136  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
14:23:46.0812 1136  HTTP - ok
14:23:46.0859 1136  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
14:23:46.0859 1136  HTTPFilter - ok
14:23:46.0859 1136  i2omgmt - ok
14:23:46.0875 1136  i2omp - ok
14:23:46.0921 1136  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:23:46.0921 1136  i8042prt - ok
14:23:47.0046 1136  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:23:47.0046 1136  IDriverT - ok
14:23:47.0187 1136  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:23:47.0187 1136  idsvc - ok
14:23:47.0218 1136  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
14:23:47.0218 1136  Imapi - ok
14:23:47.0296 1136  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
14:23:47.0296 1136  ImapiService - ok
14:23:47.0312 1136  ini910u - ok
14:23:47.0500 1136  [ AB2FE0FAA519880BD16E4A0792D633D2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:23:47.0531 1136  IntcAzAudAddService - ok
14:23:47.0546 1136  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
14:23:47.0546 1136  IntelIde - ok
14:23:47.0593 1136  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:23:47.0593 1136  intelppm - ok
14:23:47.0625 1136  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
14:23:47.0625 1136  Ip6Fw - ok
14:23:47.0656 1136  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:23:47.0656 1136  IpFilterDriver - ok
14:23:47.0703 1136  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:23:47.0703 1136  IpInIp - ok
14:23:47.0734 1136  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:23:47.0734 1136  IpNat - ok
14:23:47.0765 1136  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:23:47.0765 1136  IPSec - ok
14:23:47.0796 1136  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
14:23:47.0796 1136  IRENUM - ok
14:23:47.0828 1136  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:23:47.0843 1136  isapnp - ok
14:23:47.0953 1136  [ 7FBFEEE245821925129C9F86470BF33C ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
14:23:47.0953 1136  JavaQuickStarterService - ok
14:23:47.0968 1136  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:23:47.0968 1136  Kbdclass - ok
14:23:48.0046 1136  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:23:48.0046 1136  kbdhid - ok
14:23:48.0062 1136  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
14:23:48.0078 1136  kmixer - ok
14:23:48.0125 1136  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
14:23:48.0125 1136  KSecDD - ok
14:23:48.0187 1136  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
14:23:48.0203 1136  lanmanserver - ok
14:23:48.0265 1136  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:23:48.0281 1136  lanmanworkstation - ok
14:23:48.0281 1136  lbrtfdc - ok
14:23:48.0421 1136  [ 2D1389E05A807D956829F44BD4B60389 ] LiveUpdate Notice Service C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
14:23:48.0437 1136  LiveUpdate Notice Service - ok
14:23:48.0468 1136  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
14:23:48.0468 1136  LmHosts - ok
14:23:48.0515 1136  [ E246A32C445056996074A397DA56E815 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
14:23:48.0515 1136  mdmxsdk - ok
14:23:48.0546 1136  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
14:23:48.0546 1136  Messenger - ok
14:23:48.0578 1136  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
14:23:48.0578 1136  mnmdd - ok
14:23:48.0609 1136  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
14:23:48.0609 1136  mnmsrvc - ok
14:23:48.0656 1136  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
14:23:48.0656 1136  Modem - ok
14:23:48.0671 1136  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:23:48.0671 1136  Mouclass - ok
14:23:48.0734 1136  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:23:48.0734 1136  mouhid - ok
14:23:48.0781 1136  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
14:23:48.0781 1136  MountMgr - ok
14:23:48.0796 1136  mraid35x - ok
14:23:48.0828 1136  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:23:48.0828 1136  MRxDAV - ok
14:23:48.0890 1136  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:23:48.0890 1136  MRxSmb - ok
14:23:48.0906 1136  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
14:23:48.0906 1136  Msfs - ok
14:23:48.0906 1136  MSIServer - ok
14:23:48.0937 1136  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:23:48.0937 1136  MSKSSRV - ok
14:23:48.0953 1136  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:23:48.0953 1136  MSPCLOCK - ok
14:23:48.0968 1136  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
14:23:48.0968 1136  MSPQM - ok
14:23:49.0000 1136  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:23:49.0000 1136  mssmbios - ok
14:23:49.0046 1136  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
14:23:49.0046 1136  Mup - ok
14:23:49.0093 1136  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
14:23:49.0109 1136  napagent - ok
14:23:49.0156 1136  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
14:23:49.0156 1136  NDIS - ok
14:23:49.0203 1136  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:23:49.0203 1136  NdisTapi - ok
14:23:49.0218 1136  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:23:49.0218 1136  Ndisuio - ok
14:23:49.0265 1136  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:23:49.0281 1136  NdisWan - ok
14:23:49.0328 1136  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
14:23:49.0328 1136  NDProxy - ok
14:23:49.0343 1136  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
14:23:49.0343 1136  NetBIOS - ok
14:23:49.0375 1136  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
14:23:49.0375 1136  NetBT - ok
14:23:49.0421 1136  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
14:23:49.0421 1136  NetDDE - ok
14:23:49.0437 1136  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
14:23:49.0437 1136  NetDDEdsdm - ok
14:23:49.0468 1136  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
14:23:49.0484 1136  Netlogon - ok
14:23:49.0531 1136  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
14:23:49.0546 1136  Netman - ok
14:23:49.0609 1136  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:23:49.0609 1136  NetTcpPortSharing - ok
14:23:49.0671 1136  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
14:23:49.0671 1136  Nla - ok
14:23:49.0734 1136  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
14:23:49.0734 1136  Npfs - ok
14:23:49.0765 1136  [ 4B4A21E158C039EE0888741BFE1D24E0 ] Nsynas32        C:\WINDOWS\system32\drivers\Nsynas32.sys
14:23:49.0765 1136  Nsynas32 - ok
14:23:49.0843 1136  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
14:23:49.0843 1136  Ntfs - ok
14:23:49.0859 1136  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
14:23:49.0859 1136  NtLmSsp - ok
14:23:49.0921 1136  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
14:23:49.0921 1136  NtmsSvc - ok
14:23:49.0953 1136  [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr        C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
14:23:49.0953 1136  NuidFltr - ok
14:23:50.0000 1136  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
14:23:50.0000 1136  Null - ok
14:23:50.0468 1136  [ 68B8C35782FFD20973524F748234B5A9 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:23:50.0562 1136  nv - ok
14:23:50.0593 1136  [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD        C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
14:23:50.0593 1136  NVENETFD - ok
14:23:50.0625 1136  [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus        C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
14:23:50.0625 1136  nvnetbus - ok
14:23:50.0671 1136  [ FFD30DAAF62D605069F6EB42D2E807C3 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
14:23:50.0671 1136  NVSvc - ok
14:23:50.0765 1136  [ 210EE09CB9C2655E55BD48D851369DC1 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:23:50.0781 1136  nvUpdatusService - ok
14:23:50.0812 1136  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:23:50.0812 1136  NwlnkFlt - ok
14:23:50.0843 1136  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:23:50.0843 1136  NwlnkFwd - ok
14:23:50.0859 1136  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
14:23:50.0875 1136  Parport - ok
14:23:50.0906 1136  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
14:23:50.0906 1136  PartMgr - ok
14:23:50.0953 1136  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
14:23:50.0953 1136  ParVdm - ok
14:23:50.0984 1136  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
14:23:50.0984 1136  PCI - ok
14:23:51.0000 1136  PCIDump - ok
14:23:51.0031 1136  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
14:23:51.0031 1136  PCIIde - ok
14:23:51.0078 1136  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
14:23:51.0078 1136  Pcmcia - ok
14:23:51.0093 1136  PDCOMP - ok
14:23:51.0093 1136  PDFRAME - ok
14:23:51.0109 1136  PDRELI - ok
14:23:51.0109 1136  PDRFRAME - ok
14:23:51.0125 1136  perc2 - ok
14:23:51.0125 1136  perc2hib - ok
14:23:51.0171 1136  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
14:23:51.0171 1136  PlugPlay - ok
14:23:51.0187 1136  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
14:23:51.0187 1136  PolicyAgent - ok
14:23:51.0250 1136  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:23:51.0250 1136  PptpMiniport - ok
14:23:51.0296 1136  [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
14:23:51.0296 1136  Processor - ok
14:23:51.0312 1136  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:23:51.0312 1136  ProtectedStorage - ok
14:23:51.0328 1136  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
14:23:51.0328 1136  PSched - ok
14:23:51.0390 1136  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:23:51.0390 1136  Ptilink - ok
14:23:51.0406 1136  [ 0457E25BB122B854E267CF552DCDC370 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:23:51.0406 1136  PxHelp20 - ok
14:23:51.0406 1136  ql1080 - ok
14:23:51.0421 1136  Ql10wnt - ok
14:23:51.0421 1136  ql12160 - ok
14:23:51.0437 1136  ql1240 - ok
14:23:51.0437 1136  ql1280 - ok
14:23:51.0453 1136  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:23:51.0468 1136  RasAcd - ok
14:23:51.0500 1136  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
14:23:51.0515 1136  RasAuto - ok
14:23:51.0531 1136  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:23:51.0531 1136  Rasl2tp - ok
14:23:51.0609 1136  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
14:23:51.0609 1136  RasMan - ok
14:23:51.0656 1136  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:23:51.0656 1136  RasPppoe - ok
14:23:51.0687 1136  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
14:23:51.0687 1136  Raspti - ok
14:23:51.0718 1136  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:23:51.0718 1136  Rdbss - ok
14:23:51.0765 1136  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:23:51.0765 1136  RDPCDD - ok
14:23:51.0828 1136  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
14:23:51.0828 1136  RDPWD - ok
14:23:51.0859 1136  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
14:23:51.0859 1136  RDSessMgr - ok
14:23:51.0906 1136  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
14:23:51.0906 1136  redbook - ok
14:23:51.0937 1136  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
14:23:51.0937 1136  RemoteAccess - ok
14:23:51.0984 1136  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
14:23:51.0984 1136  RpcLocator - ok
14:23:52.0015 1136  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
14:23:52.0015 1136  RpcSs - ok
14:23:52.0078 1136  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
14:23:52.0078 1136  RSVP - ok
14:23:52.0093 1136  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
14:23:52.0093 1136  rtl8139 - ok
14:23:52.0125 1136  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
14:23:52.0125 1136  SamSs - ok
14:23:52.0171 1136  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
14:23:52.0171 1136  SCardSvr - ok
14:23:52.0218 1136  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
14:23:52.0218 1136  Schedule - ok
14:23:52.0265 1136  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:23:52.0265 1136  Secdrv - ok
14:23:52.0296 1136  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
14:23:52.0312 1136  seclogon - ok
14:23:52.0359 1136  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
14:23:52.0359 1136  SENS - ok
14:23:52.0406 1136  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
14:23:52.0421 1136  Serial - ok
14:23:52.0453 1136  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
14:23:52.0453 1136  Sfloppy - ok
14:23:52.0515 1136  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
14:23:52.0515 1136  SharedAccess - ok
14:23:52.0546 1136  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:23:52.0546 1136  ShellHWDetection - ok
14:23:52.0546 1136  Simbad - ok
14:23:52.0640 1136  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
14:23:52.0640 1136  SkypeUpdate - ok
14:23:52.0656 1136  Sparrow - ok
14:23:52.0703 1136  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
14:23:52.0703 1136  splitter - ok
14:23:52.0781 1136  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
14:23:52.0781 1136  Spooler - ok
14:23:52.0796 1136  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
14:23:52.0796 1136  sr - ok
14:23:52.0859 1136  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
14:23:52.0859 1136  srservice - ok
14:23:52.0921 1136  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
14:23:52.0921 1136  Srv - ok
14:23:52.0984 1136  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
14:23:52.0984 1136  SSDPSRV - ok
14:23:53.0031 1136  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
14:23:53.0046 1136  stisvc - ok
14:23:53.0093 1136  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
14:23:53.0093 1136  swenum - ok
14:23:53.0125 1136  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
14:23:53.0125 1136  swmidi - ok
14:23:53.0140 1136  SwPrv - ok
14:23:53.0156 1136  symc810 - ok
14:23:53.0156 1136  symc8xx - ok
14:23:53.0171 1136  sym_hi - ok
14:23:53.0171 1136  sym_u3 - ok
14:23:53.0234 1136  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
14:23:53.0234 1136  sysaudio - ok
14:23:53.0281 1136  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
14:23:53.0281 1136  SysmonLog - ok
14:23:53.0328 1136  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
14:23:53.0328 1136  TapiSrv - ok
14:23:53.0390 1136  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:23:53.0390 1136  Tcpip - ok
14:23:53.0437 1136  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
14:23:53.0437 1136  TDPIPE - ok
14:23:53.0453 1136  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
14:23:53.0453 1136  TDTCP - ok
14:23:53.0484 1136  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
14:23:53.0484 1136  TermDD - ok
14:23:53.0546 1136  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
14:23:53.0562 1136  TermService - ok
14:23:53.0578 1136  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
14:23:53.0578 1136  Themes - ok
14:23:53.0578 1136  TosIde - ok
14:23:53.0625 1136  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
14:23:53.0625 1136  TrkWks - ok
14:23:53.0656 1136  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
14:23:53.0656 1136  Udfs - ok
14:23:53.0671 1136  ultra - ok
14:23:53.0734 1136  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
14:23:53.0734 1136  Update - ok
14:23:53.0781 1136  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
14:23:53.0781 1136  upnphost - ok
14:23:53.0812 1136  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
14:23:53.0812 1136  UPS - ok
14:23:53.0828 1136  USBAAPL - ok
14:23:53.0859 1136  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
14:23:53.0859 1136  usbaudio - ok
14:23:53.0906 1136  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:23:53.0906 1136  usbccgp - ok
14:23:53.0921 1136  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:23:53.0921 1136  usbehci - ok
14:23:53.0953 1136  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:23:53.0953 1136  usbhub - ok
14:23:54.0000 1136  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:23:54.0000 1136  usbohci - ok
14:23:54.0015 1136  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:23:54.0015 1136  usbscan - ok
14:23:54.0031 1136  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:23:54.0031 1136  usbstor - ok
14:23:54.0062 1136  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:23:54.0062 1136  usbuhci - ok
14:23:54.0125 1136  [ B2ABAB4CA46BAD182E27763DC19C780F ] VCSVADHWSer     C:\WINDOWS\system32\DRIVERS\vcsvad.sys
14:23:54.0125 1136  VCSVADHWSer - ok
14:23:54.0140 1136  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
14:23:54.0140 1136  VgaSave - ok
14:23:54.0156 1136  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
14:23:54.0171 1136  ViaIde - ok
14:23:54.0296 1136  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
14:23:54.0312 1136  VolSnap - ok
14:23:54.0390 1136  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
14:23:54.0390 1136  VSS - ok
14:23:54.0437 1136  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
14:23:54.0453 1136  W32Time - ok
14:23:54.0500 1136  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:23:54.0500 1136  Wanarp - ok
14:23:54.0593 1136  [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:23:54.0640 1136  Wdf01000 - ok
14:23:54.0671 1136  WDICA - ok
14:23:54.0750 1136  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
14:23:54.0750 1136  wdmaud - ok
14:23:54.0796 1136  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
14:23:54.0796 1136  WebClient - ok
14:23:54.0859 1136  [ 11EC1AFCEB5C917CE73D3C301FF4291E ] winachsx        C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
14:23:54.0859 1136  winachsx - ok
14:23:54.0968 1136  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
14:23:54.0968 1136  winmgmt - ok
14:23:55.0125 1136  WinRing0_1_2_0 - ok
14:23:55.0171 1136  winvnc - ok
14:23:55.0218 1136  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
14:23:55.0218 1136  WmdmPmSN - ok
14:23:55.0250 1136  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:23:55.0265 1136  WmiApSrv - ok
14:23:55.0343 1136  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
14:23:55.0359 1136  WMPNetworkSvc - ok
14:23:55.0578 1136  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:23:55.0578 1136  WPFFontCache_v0400 - ok
14:23:55.0625 1136  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
14:23:55.0625 1136  wscsvc - ok
14:23:55.0671 1136  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
14:23:55.0671 1136  wuauserv - ok
14:23:55.0718 1136  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:23:55.0718 1136  WudfPf - ok
14:23:55.0750 1136  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:23:55.0750 1136  WudfRd - ok
14:23:55.0781 1136  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
14:23:55.0781 1136  WudfSvc - ok
14:23:55.0828 1136  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
14:23:55.0843 1136  WZCSVC - ok
14:23:55.0843 1136  XDva386 - ok
14:23:55.0875 1136  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
14:23:55.0875 1136  xmlprov - ok
14:23:55.0890 1136  ================ Scan global ===============================
14:23:55.0937 1136  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:23:56.0000 1136  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
14:23:56.0015 1136  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
14:23:56.0015 1136  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
14:23:56.0015 1136  [Global] - ok
14:23:56.0031 1136  ================ Scan MBR ==================================
14:23:56.0046 1136  [ D11C727E03BB7318DCDA069B06E652F0 ] \Device\Harddisk0\DR0
14:23:56.0328 1136  \Device\Harddisk0\DR0 - ok
14:23:56.0328 1136  ================ Scan VBR ==================================
14:23:56.0343 1136  [ E9BF4BB60FD25D47257F8D8E3C705768 ] \Device\Harddisk0\DR0\Partition1
14:23:56.0343 1136  \Device\Harddisk0\DR0\Partition1 - ok
14:23:56.0390 1136  [ 317FE63570946A0926F9D27E2A352D39 ] \Device\Harddisk0\DR0\Partition2
14:23:56.0390 1136  \Device\Harddisk0\DR0\Partition2 - ok
14:23:56.0390 1136  ================ Scan active images ========================
14:23:56.0390 1136  [ 59301936898AE62245A6F09C0ABA9475 ] C:\WINDOWS\system32\drivers\AmdK8.sys
14:23:56.0390 1136  C:\WINDOWS\system32\drivers\AmdK8.sys - ok
14:23:56.0406 1136  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
14:23:56.0406 1136  C:\WINDOWS\system32\drivers\videoprt.sys - ok
14:23:56.0406 1136  [ 68B8C35782FFD20973524F748234B5A9 ] C:\WINDOWS\system32\drivers\nv4_mini.sys
14:23:56.0406 1136  C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
14:23:56.0406 1136  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
14:23:56.0406 1136  C:\WINDOWS\system32\drivers\usbport.sys - ok
14:23:56.0421 1136  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
14:23:56.0421 1136  C:\WINDOWS\system32\drivers\imapi.sys - ok
14:23:56.0421 1136  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
14:23:56.0421 1136  C:\WINDOWS\system32\drivers\usbehci.sys - ok
14:23:56.0421 1136  [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys
14:23:56.0421 1136  C:\WINDOWS\system32\drivers\usbohci.sys - ok
14:23:56.0437 1136  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
14:23:56.0437 1136  C:\WINDOWS\system32\drivers\cdrom.sys - ok
14:23:56.0437 1136  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
14:23:56.0437 1136  C:\WINDOWS\system32\drivers\ks.sys - ok
14:23:56.0453 1136  [ 116BFF96077A4A724E0AAB800525CEB5 ] C:\WINDOWS\system32\drivers\an983.sys
14:23:56.0453 1136  C:\WINDOWS\system32\drivers\an983.sys - ok
14:23:56.0453 1136  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
14:23:56.0453 1136  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
14:23:56.0453 1136  [ 1F5C64B0C6B2E2F48735A77AE714CCB8 ] C:\WINDOWS\system32\drivers\HSXHWBS2.sys
14:23:56.0453 1136  C:\WINDOWS\system32\drivers\HSXHWBS2.sys - ok
14:23:56.0468 1136  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
14:23:56.0468 1136  C:\WINDOWS\system32\drivers\redbook.sys - ok
14:23:56.0468 1136  [ A7F8C9228898A1E871D2AE7082F50AC3 ] C:\WINDOWS\system32\drivers\HSX_DP.sys
14:23:56.0468 1136  C:\WINDOWS\system32\drivers\HSX_DP.sys - ok
14:23:56.0468 1136  [ 11EC1AFCEB5C917CE73D3C301FF4291E ] C:\WINDOWS\system32\drivers\HSX_CNXT.sys
14:23:56.0468 1136  C:\WINDOWS\system32\drivers\HSX_CNXT.sys - ok
14:23:56.0484 1136  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
14:23:56.0484 1136  C:\WINDOWS\system32\drivers\modem.sys - ok
14:23:56.0484 1136  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
14:23:56.0484 1136  C:\WINDOWS\system32\drivers\audstub.sys - ok
14:23:56.0484 1136  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
14:23:56.0484 1136  C:\WINDOWS\system32\drivers\drmk.sys - ok
14:23:56.0500 1136  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
14:23:56.0500 1136  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
14:23:56.0500 1136  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
14:23:56.0500 1136  C:\WINDOWS\system32\drivers\portcls.sys - ok
14:23:56.0515 1136  [ B2ABAB4CA46BAD182E27763DC19C780F ] C:\WINDOWS\system32\drivers\vcsvad.sys
14:23:56.0515 1136  C:\WINDOWS\system32\drivers\vcsvad.sys - ok
14:23:56.0515 1136  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
14:23:56.0515 1136  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
14:23:56.0515 1136  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
14:23:56.0515 1136  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
14:23:56.0531 1136  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
14:23:56.0531 1136  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
14:23:56.0531 1136  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
14:23:56.0531 1136  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
14:23:56.0531 1136  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
14:23:56.0531 1136  C:\WINDOWS\system32\drivers\psched.sys - ok
14:23:56.0546 1136  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
14:23:56.0546 1136  C:\WINDOWS\system32\drivers\raspptp.sys - ok
14:23:56.0546 1136  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
14:23:56.0546 1136  C:\WINDOWS\system32\drivers\tdi.sys - ok
14:23:56.0546 1136  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
14:23:56.0546 1136  C:\WINDOWS\system32\drivers\msgpc.sys - ok
14:23:56.0562 1136  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
14:23:56.0562 1136  C:\WINDOWS\system32\drivers\ptilink.sys - ok
14:23:56.0562 1136  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
14:23:56.0562 1136  C:\WINDOWS\system32\drivers\raspti.sys - ok
14:23:56.0562 1136  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
14:23:56.0562 1136  C:\WINDOWS\system32\drivers\termdd.sys - ok
14:23:56.0578 1136  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
14:23:56.0578 1136  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
14:23:56.0578 1136  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
14:23:56.0578 1136  C:\WINDOWS\system32\drivers\mouclass.sys - ok
14:23:56.0578 1136  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
14:23:56.0578 1136  C:\WINDOWS\system32\drivers\swenum.sys - ok
14:23:56.0593 1136  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
14:23:56.0593 1136  C:\WINDOWS\system32\drivers\update.sys - ok
14:23:56.0593 1136  [ B53F9635457B56DCFFEF750E18AEC6CB ] C:\WINDOWS\system32\drivers\cledx.sys
14:23:56.0593 1136  C:\WINDOWS\system32\drivers\cledx.sys - ok
14:23:56.0593 1136  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
14:23:56.0593 1136  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
14:23:56.0609 1136  [ AB2FE0FAA519880BD16E4A0792D633D2 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:23:56.0609 1136  C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
14:23:56.0609 1136  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
14:23:56.0609 1136  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
14:23:56.0609 1136  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
14:23:56.0609 1136  C:\WINDOWS\system32\drivers\usbd.sys - ok
14:23:56.0625 1136  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
14:23:56.0625 1136  C:\WINDOWS\system32\drivers\usbhub.sys - ok
14:23:56.0625 1136  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
14:23:56.0625 1136  C:\WINDOWS\system32\drivers\fdc.sys - ok
14:23:56.0625 1136  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
14:23:56.0625 1136  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
14:23:56.0640 1136  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
14:23:56.0640 1136  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
14:23:56.0640 1136  [ CCDD61545AAEA265977E4B1EFDC74E8C ] C:\WINDOWS\system32\drivers\avgmfx86.sys
14:23:56.0640 1136  C:\WINDOWS\system32\drivers\avgmfx86.sys - ok
14:23:56.0640 1136  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
14:23:56.0640 1136  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
14:23:56.0656 1136  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
14:23:56.0656 1136  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
14:23:56.0656 1136  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
14:23:56.0656 1136  C:\WINDOWS\system32\drivers\null.sys - ok
14:23:56.0671 1136  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
14:23:56.0671 1136  C:\WINDOWS\system32\drivers\beep.sys - ok
14:23:56.0671 1136  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
14:23:56.0671 1136  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
14:23:56.0671 1136  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
14:23:56.0671 1136  C:\WINDOWS\system32\drivers\hidparse.sys - ok
14:23:56.0687 1136  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
14:23:56.0687 1136  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
14:23:56.0687 1136  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
14:23:56.0687 1136  C:\WINDOWS\system32\drivers\vga.sys - ok
14:23:56.0703 1136  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
14:23:56.0703 1136  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
14:23:56.0703 1136  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
14:23:56.0703 1136  C:\WINDOWS\system32\drivers\msfs.sys - ok
14:23:56.0718 1136  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
14:23:56.0718 1136  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
14:23:56.0718 1136  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
14:23:56.0718 1136  C:\WINDOWS\system32\drivers\npfs.sys - ok
14:23:56.0734 1136  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
14:23:56.0734 1136  C:\WINDOWS\system32\drivers\rasacd.sys - ok
14:23:56.0734 1136  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
14:23:56.0734 1136  C:\WINDOWS\system32\drivers\ipsec.sys - ok
14:23:56.0750 1136  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
14:23:56.0750 1136  C:\WINDOWS\system32\drivers\tcpip.sys - ok
14:23:56.0750 1136  [ C0BC3B2E3FD625E7F55E1FF863E94592 ] C:\WINDOWS\system32\drivers\avgtdix.sys
14:23:56.0750 1136  C:\WINDOWS\system32\drivers\avgtdix.sys - ok
14:23:56.0765 1136  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
14:23:56.0765 1136  C:\WINDOWS\system32\drivers\ipnat.sys - ok
14:23:56.0765 1136  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
14:23:56.0765 1136  C:\WINDOWS\system32\drivers\netbt.sys - ok
14:23:56.0781 1136  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
14:23:56.0781 1136  C:\WINDOWS\system32\drivers\wanarp.sys - ok
14:23:56.0781 1136  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
14:23:56.0781 1136  C:\WINDOWS\system32\drivers\afd.sys - ok
14:23:56.0781 1136  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
14:23:56.0781 1136  C:\WINDOWS\system32\drivers\netbios.sys - ok
14:23:56.0796 1136  [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
14:23:56.0796 1136  C:\WINDOWS\system32\drivers\processr.sys - ok
14:23:56.0796 1136  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
14:23:56.0796 1136  C:\WINDOWS\system32\drivers\rdbss.sys - ok
14:23:56.0812 1136  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
14:23:56.0812 1136  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
14:23:56.0812 1136  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
14:23:56.0812 1136  C:\WINDOWS\system32\drivers\fips.sys - ok
14:23:56.0828 1136  [ 6671345A6E2669AF1966BAF68EC5620F ] C:\WINDOWS\system32\drivers\avgldx86.sys
14:23:56.0828 1136  C:\WINDOWS\system32\drivers\avgldx86.sys - ok
14:23:56.0828 1136  [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
14:23:56.0828 1136  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
14:23:56.0828 1136  [ 1FBB058304FD90EED99C6BEAF80AA602 ] C:\WINDOWS\system32\drivers\Arctosa.sys
14:23:56.0828 1136  C:\WINDOWS\system32\drivers\Arctosa.sys - ok
14:23:56.0843 1136  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
14:23:56.0843 1136  C:\WINDOWS\system32\drivers\hidclass.sys - ok
14:23:56.0843 1136  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
14:23:56.0843 1136  C:\WINDOWS\system32\drivers\hidusb.sys - ok
14:23:56.0859 1136  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
14:23:56.0859 1136  C:\WINDOWS\system32\drivers\mouhid.sys - ok
14:23:56.0859 1136  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
14:23:56.0859 1136  C:\WINDOWS\system32\smss.exe - ok
14:23:56.0859 1136  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
14:23:56.0859 1136  C:\WINDOWS\system32\ntdll.dll - ok
14:23:56.0875 1136  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
14:23:56.0875 1136  C:\WINDOWS\system32\autochk.exe - ok
14:23:56.0875 1136  [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
14:23:56.0875 1136  C:\WINDOWS\system32\drivers\fastfat.sys - ok
14:23:56.0890 1136  [ DC904E6BC7024F32EB8E0EE578433774 ] C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
14:23:56.0890 1136  C:\PROGRA~1\AVG\AVG2012\avgrsx.exe - ok
14:23:56.0890 1136  [ 93312F83FD4D5C38CEE8AA1265C061EE ] C:\Program Files\AVG\AVG2012\avgsysx.dll
14:23:56.0890 1136  C:\Program Files\AVG\AVG2012\avgsysx.dll - ok
14:23:56.0890 1136  [ 91DC97F9DA3E2B59049D410870935C78 ] C:\Program Files\AVG\AVG2012\avgntopensslx.dll
14:23:56.0890 1136  C:\Program Files\AVG\AVG2012\avgntopensslx.dll - ok
14:23:56.0906 1136  [ 25CD97F030AE70AF458FF6AB0B7E9B2E ] C:\Program Files\AVG\AVG2012\avglogx.dll
14:23:56.0906 1136  C:\Program Files\AVG\AVG2012\avglogx.dll - ok
14:23:56.0906 1136  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
14:23:56.0906 1136  C:\WINDOWS\system32\drivers\cdfs.sys - ok
14:23:56.0906 1136  [ 49FB9F4A7CE25B82B1E00C402783F5C5 ] C:\WINDOWS\system32\ntoskrnl.exe
14:23:56.0906 1136  C:\WINDOWS\system32\ntoskrnl.exe - ok
14:23:56.0921 1136  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
14:23:56.0921 1136  C:\WINDOWS\system32\csrss.exe - ok
14:23:56.0921 1136  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
14:23:56.0921 1136  C:\WINDOWS\system32\kbdus.dll - ok
14:23:56.0937 1136  [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll
14:23:56.0937 1136  C:\WINDOWS\system32\lz32.dll - ok
14:23:56.0937 1136  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
14:23:56.0937 1136  C:\WINDOWS\system32\sfc.dll - ok
14:23:56.0937 1136  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
14:23:56.0937 1136  C:\WINDOWS\system32\dot3dlg.dll - ok
14:23:56.0953 1136  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
14:23:56.0953 1136  C:\WINDOWS\system32\msidle.dll - ok
14:23:56.0953 1136  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
14:23:56.0953 1136  C:\WINDOWS\system32\msimg32.dll - ok
14:23:56.0968 1136  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
14:23:56.0968 1136  C:\WINDOWS\system32\rasadhlp.dll - ok
14:23:56.0968 1136  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
14:23:56.0968 1136  C:\WINDOWS\system32\sensapi.dll - ok
14:23:56.0968 1136  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
14:23:56.0968 1136  C:\WINDOWS\system32\wmi.dll - ok
14:23:56.0984 1136  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
14:23:56.0984 1136  C:\WINDOWS\system32\lsass.exe - ok
14:23:56.0984 1136  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
14:23:56.0984 1136  C:\WINDOWS\system32\nddeapi.dll - ok
14:23:57.0000 1136  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
14:23:57.0000 1136  C:\WINDOWS\system32\svchost.exe - ok
14:23:57.0000 1136  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
14:23:57.0000 1136  C:\WINDOWS\system32\version.dll - ok
14:23:57.0000 1136  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
14:23:57.0000 1136  C:\WINDOWS\system32\vga.dll - ok
14:23:57.0015 1136  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
14:23:57.0015 1136  C:\WINDOWS\system32\wuauserv.dll - ok
14:23:57.0015 1136  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
14:23:57.0015 1136  C:\WINDOWS\system32\dimsntfy.dll - ok
14:23:57.0015 1136  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
14:23:57.0015 1136  C:\WINDOWS\system32\netrap.dll - ok
14:23:57.0031 1136  [ 99F59B3392AD68F08BB528791F5D880D ] C:\WINDOWS\system32\oleaccrc.dll
14:23:57.0031 1136  C:\WINDOWS\system32\oleaccrc.dll - ok
14:23:57.0031 1136  [ D8361BEAB7109AB8B069F7F5028E37B1 ] C:\WINDOWS\system32\olesvr32.dll
14:23:57.0031 1136  C:\WINDOWS\system32\olesvr32.dll - ok
14:23:57.0031 1136  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
14:23:57.0031 1136  C:\WINDOWS\system32\pjlmon.dll - ok
14:23:57.0046 1136  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
14:23:57.0046 1136  C:\WINDOWS\system32\profmap.dll - ok
14:23:57.0046 1136  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
14:23:57.0046 1136  C:\WINDOWS\system32\psapi.dll - ok
14:23:57.0062 1136  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
14:23:57.0062 1136  C:\WINDOWS\system32\csrsrv.dll - ok
14:23:57.0062 1136  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
14:23:57.0062 1136  C:\WINDOWS\system32\dot3api.dll - ok
14:23:57.0062 1136  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
14:23:57.0062 1136  C:\WINDOWS\system32\hid.dll - ok
14:23:57.0078 1136  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
14:23:57.0078 1136  C:\WINDOWS\system32\hidserv.dll - ok
14:23:57.0078 1136  [ 86440EDFF27095E03741AEDC5752AA51 ] C:\WINDOWS\system32\olecnv32.dll
14:23:57.0078 1136  C:\WINDOWS\system32\olecnv32.dll - ok
14:23:57.0078 1136  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
14:23:57.0078 1136  C:\WINDOWS\system32\powrprof.dll - ok
14:23:57.0093 1136  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
14:23:57.0093 1136  C:\WINDOWS\system32\winrnr.dll - ok
14:23:57.0093 1136  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
14:23:57.0093 1136  C:\WINDOWS\system32\ws2help.dll - ok
14:23:57.0093 1136  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
14:23:57.0093 1136  C:\WINDOWS\system32\wshtcpip.dll - ok
14:23:57.0109 1136  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
14:23:57.0109 1136  C:\WINDOWS\system32\wtsapi32.dll - ok
14:23:57.0109 1136  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
14:23:57.0109 1136  C:\WINDOWS\system32\cfgmgr32.dll - ok
14:23:57.0109 1136  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
14:23:57.0109 1136  C:\WINDOWS\system32\midimap.dll - ok
14:23:57.0125 1136  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
14:23:57.0125 1136  C:\WINDOWS\system32\usbmon.dll - ok
14:23:57.0125 1136  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
14:23:57.0125 1136  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
14:23:57.0140 1136  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
14:23:57.0140 1136  C:\WINDOWS\system32\wsock32.dll - ok
14:23:57.0140 1136  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
14:23:57.0140 1136  C:\WINDOWS\system32\cryptdll.dll - ok
14:23:57.0140 1136  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
14:23:57.0140 1136  C:\WINDOWS\system32\eapolqec.dll - ok
14:23:57.0156 1136  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
14:23:57.0156 1136  C:\WINDOWS\system32\ncobjapi.dll - ok
14:23:57.0156 1136  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
14:23:57.0156 1136  C:\WINDOWS\system32\odbcbcp.dll - ok
14:23:57.0156 1136  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
14:23:57.0156 1136  C:\WINDOWS\system32\userinit.exe - ok
14:23:57.0171 1136  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
14:23:57.0171 1136  C:\WINDOWS\AppPatch\acadproc.dll - ok
14:23:57.0171 1136  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:23:57.0171 1136  C:\WINDOWS\system32\basesrv.dll - ok
14:23:57.0171 1136  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
14:23:57.0171 1136  C:\WINDOWS\system32\eappprxy.dll - ok
14:23:57.0187 1136  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
14:23:57.0187 1136  C:\WINDOWS\system32\secur32.dll - ok
14:23:57.0187 1136  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
14:23:57.0187 1136  C:\WINDOWS\system32\mpr.dll - ok
14:23:57.0203 1136  [ FA1B9CAE64B23C950DA3D96ABBF23BD0 ] C:\WINDOWS\system32\olecli32.dll
14:23:57.0203 1136  C:\WINDOWS\system32\olecli32.dll - ok
14:23:57.0203 1136  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
14:23:57.0203 1136  C:\WINDOWS\system32\regapi.dll - ok
14:23:57.0203 1136  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
14:23:57.0203 1136  C:\WINDOWS\system32\apphelp.dll - ok
14:23:57.0218 1136  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
14:23:57.0218 1136  C:\WINDOWS\system32\msasn1.dll - ok
14:23:57.0218 1136  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
14:23:57.0218 1136  C:\WINDOWS\system32\mspatcha.dll - ok
14:23:57.0218 1136  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
14:23:57.0218 1136  C:\WINDOWS\system32\msprivs.dll - ok
14:23:57.0234 1136  [ AE9543F20FCC1E7BCAA13051CC076147 ] C:\WINDOWS\system32\olethk32.dll
14:23:57.0234 1136  C:\WINDOWS\system32\olethk32.dll - ok
14:23:57.0234 1136  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
14:23:57.0234 1136  C:\WINDOWS\system32\perfdisk.dll - ok
14:23:57.0250 1136  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
14:23:57.0250 1136  C:\WINDOWS\system32\rtutils.dll - ok
14:23:57.0250 1136  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
14:23:57.0250 1136  C:\WINDOWS\system32\authz.dll - ok
14:23:57.0250 1136  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
14:23:57.0250 1136  C:\WINDOWS\system32\dnsrslvr.dll - ok
14:23:57.0265 1136  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
14:23:57.0265 1136  C:\WINDOWS\system32\imagehlp.dll - ok
14:23:57.0265 1136  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
14:23:57.0265 1136  C:\WINDOWS\system32\perfos.dll - ok
14:23:57.0265 1136  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
14:23:57.0265 1136  C:\WINDOWS\system32\winsta.dll - ok
14:23:57.0281 1136  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
14:23:57.0281 1136  C:\WINDOWS\system32\msvcrt40.dll - ok
14:23:57.0281 1136  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
14:23:57.0281 1136  C:\WINDOWS\system32\ntdsapi.dll - ok
14:23:57.0281 1136  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
14:23:57.0281 1136  C:\WINDOWS\system32\samlib.dll - ok
14:23:57.0296 1136  [ C5FD010A21EF7BBCC23F9D1F55BE4AF1 ] C:\WINDOWS\system32\url.dll
14:23:57.0296 1136  C:\WINDOWS\system32\url.dll - ok
14:23:57.0296 1136  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
14:23:57.0296 1136  C:\WINDOWS\system32\comdlg32.dll - ok
14:23:57.0296 1136  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
14:23:57.0296 1136  C:\WINDOWS\system32\odbcint.dll - ok
14:23:57.0312 1136  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
14:23:57.0312 1136  C:\WINDOWS\system32\user32.dll - ok
14:23:57.0312 1136  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
14:23:57.0312 1136  C:\WINDOWS\system32\wdigest.dll - ok
14:23:57.0312 1136  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
14:23:57.0312 1136  C:\WINDOWS\system32\shell32.dll - ok
14:23:57.0328 1136  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
14:23:57.0328 1136  C:\WINDOWS\system32\audiosrv.dll - ok
14:23:57.0328 1136  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
14:23:57.0328 1136  C:\WINDOWS\system32\shlwapi.dll - ok
14:23:57.0328 1136  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
14:23:57.0328 1136  C:\WINDOWS\system32\gdi32.dll - ok
14:23:57.0343 1136  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
14:23:57.0343 1136  C:\WINDOWS\system32\ole32.dll - ok
14:23:57.0343 1136  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
14:23:57.0343 1136  C:\WINDOWS\system32\comctl32.dll - ok
14:23:57.0343 1136  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
14:23:57.0343 1136  C:\WINDOWS\system32\sfcfiles.dll - ok
14:23:57.0359 1136  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
14:23:57.0359 1136  C:\WINDOWS\system32\advapi32.dll - ok
14:23:57.0359 1136  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
14:23:57.0359 1136  C:\WINDOWS\system32\odbc32.dll - ok
14:23:57.0359 1136  [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll
14:23:57.0359 1136  C:\WINDOWS\system32\oleaut32.dll - ok
14:23:57.0375 1136  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
14:23:57.0375 1136  C:\WINDOWS\system32\rpcrt4.dll - ok
14:23:57.0375 1136  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
14:23:57.0375 1136  C:\WINDOWS\system32\msvcrt.dll - ok
14:23:57.0375 1136  [ 681B807E53BDADA337735C28C0E48A1B ] C:\WINDOWS\system32\ntvdm.exe
14:23:57.0375 1136  C:\WINDOWS\system32\ntvdm.exe - ok
14:23:57.0390 1136  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
14:23:57.0390 1136  C:\WINDOWS\system32\wldap32.dll - ok
14:23:57.0390 1136  [ 3FB23A33267123AD64CCA4A284E85624 ] C:\WINDOWS\system32\browseui.dll
14:23:57.0390 1136  C:\WINDOWS\system32\browseui.dll - ok
14:23:57.0390 1136  [ 045DF7AE14CAAED71338916D6FB66812 ] C:\WINDOWS\system32\wow32.dll
14:23:57.0390 1136  C:\WINDOWS\system32\wow32.dll - ok
14:23:57.0406 1136  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
14:23:57.0406 1136  C:\WINDOWS\system32\crypt32.dll - ok
14:23:57.0406 1136  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
14:23:57.0406 1136  C:\WINDOWS\system32\userenv.dll - ok
14:23:57.0406 1136  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
14:23:57.0406 1136  C:\WINDOWS\system32\netapi32.dll - ok
14:23:57.0421 1136  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
14:23:57.0421 1136  C:\WINDOWS\system32\cryptui.dll - ok
14:23:57.0421 1136  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
14:23:57.0421 1136  C:\WINDOWS\system32\eventlog.dll - ok
14:23:57.0437 1136  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
14:23:57.0437 1136  C:\WINDOWS\system32\winsrv.dll - ok
14:23:57.0437 1136  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
14:23:57.0437 1136  C:\WINDOWS\system32\wintrust.dll - ok
14:23:57.0437 1136  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
14:23:57.0437 1136  C:\WINDOWS\system32\ws2_32.dll - ok
14:23:57.0453 1136  [ 634139B3D18F5E70E3691498FE4CAF1C ] C:\WINDOWS\system32\nv4_disp.dll
14:23:57.0453 1136  C:\WINDOWS\system32\nv4_disp.dll - ok
14:23:57.0453 1136  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
14:23:57.0453 1136  C:\WINDOWS\system32\services.exe - ok
14:23:57.0453 1136  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
14:23:57.0453 1136  C:\WINDOWS\system32\shimeng.dll - ok
14:23:57.0468 1136  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
14:23:57.0468 1136  C:\WINDOWS\system32\winlogon.exe - ok
14:23:57.0468 1136  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
14:23:57.0468 1136  C:\WINDOWS\system32\msacm32.dll - ok
14:23:57.0500 1136  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
14:23:57.0500 1136  C:\WINDOWS\system32\shsvcs.dll - ok
14:23:57.0500 1136  [ 72F2CFC7653FB5ABB85789D28E26A643 ] C:\WINDOWS\system32\atl.dll
14:23:57.0500 1136  C:\WINDOWS\system32\atl.dll - ok
14:23:57.0500 1136  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
14:23:57.0500 1136  C:\WINDOWS\system32\msvcp60.dll - ok
14:23:57.0515 1136  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
14:23:57.0515 1136  C:\WINDOWS\system32\sfc_os.dll - ok
14:23:57.0531 1136  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
14:23:57.0531 1136  C:\WINDOWS\system32\wups.dll - ok
14:23:57.0531 1136  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
14:23:57.0531 1136  C:\WINDOWS\system32\wzcsapi.dll - ok
14:23:57.0531 1136  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
14:23:57.0531 1136  C:\WINDOWS\system32\cnbjmon.dll - ok
14:23:57.0546 1136  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
14:23:57.0546 1136  C:\WINDOWS\system32\msapsspc.dll - ok
14:23:57.0562 1136  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
14:23:57.0562 1136  C:\WINDOWS\system32\sxs.dll - ok
14:23:57.0562 1136  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
14:23:57.0562 1136  C:\WINDOWS\system32\umpnpmgr.dll - ok
14:23:57.0562 1136  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
14:23:57.0562 1136  C:\WINDOWS\system32\digest.dll - ok
14:23:57.0578 1136  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
14:23:57.0578 1136  C:\WINDOWS\system32\dnsapi.dll - ok
14:23:57.0578 1136  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
14:23:57.0578 1136  C:\WINDOWS\system32\samsrv.dll - ok
14:23:57.0578 1136  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
14:23:57.0578 1136  C:\WINDOWS\system32\scesrv.dll - ok
14:23:57.0593 1136  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
14:23:57.0593 1136  C:\WINDOWS\system32\setupapi.dll - ok
14:23:57.0593 1136  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
14:23:57.0593 1136  C:\WINDOWS\system32\winmm.dll - ok
14:23:57.0609 1136  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
14:23:57.0609 1136  C:\WINDOWS\system32\uxtheme.dll - ok
14:23:57.0609 1136  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
14:23:57.0609 1136  C:\WINDOWS\system32\rasman.dll - ok
14:23:57.0609 1136  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
14:23:57.0609 1136  C:\WINDOWS\system32\schannel.dll - ok
14:23:57.0625 1136  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
14:23:57.0625 1136  C:\WINDOWS\system32\iphlpapi.dll - ok
14:23:57.0625 1136  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
14:23:57.0625 1136  C:\WINDOWS\system32\msgina.dll - ok
14:23:57.0640 1136  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
14:23:57.0640 1136  C:\WINDOWS\system32\msv1_0.dll - ok
14:23:57.0640 1136  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
14:23:57.0640 1136  C:\WINDOWS\system32\w32time.dll - ok
14:23:57.0640 1136  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
14:23:57.0640 1136  C:\WINDOWS\system32\msnsspc.dll - ok
14:23:57.0656 1136  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
14:23:57.0656 1136  C:\WINDOWS\system32\rsaenh.dll - ok
14:23:57.0656 1136  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
14:23:57.0656 1136  C:\WINDOWS\system32\winscard.dll - ok
14:23:57.0656 1136  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
14:23:57.0671 1136  C:\WINDOWS\system32\scecli.dll - ok
14:23:57.0671 1136  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
14:23:57.0671 1136  C:\WINDOWS\system32\spoolsv.exe - ok
14:23:57.0671 1136  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
14:23:57.0671 1136  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
14:23:57.0687 1136  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
14:23:57.0687 1136  C:\WINDOWS\system32\lsasrv.dll - ok
14:23:57.0687 1136  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
14:23:57.0687 1136  C:\WINDOWS\AppPatch\acgenral.dll - ok
14:23:57.0703 1136  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
14:23:57.0703 1136  C:\WINDOWS\system32\kerberos.dll - ok
14:23:57.0703 1136  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
14:23:57.0703 1136  C:\WINDOWS\system32\netlogon.dll - ok
14:23:57.0703 1136  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
14:23:57.0703 1136  C:\WINDOWS\system32\wlnotify.dll - ok
14:23:57.0718 1136  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
14:23:57.0718 1136  C:\WINDOWS\system32\ntmarta.dll - ok
14:23:57.0718 1136  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
14:23:57.0718 1136  C:\WINDOWS\system32\cscdll.dll - ok
14:23:57.0734 1136  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
14:23:57.0734 1136  C:\WINDOWS\system32\dhcpcsvc.dll - ok
14:23:57.0734 1136  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
14:23:57.0734 1136  C:\WINDOWS\system32\qutil.dll - ok
14:23:57.0734 1136  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
14:23:57.0750 1136  C:\WINDOWS\system32\shgina.dll - ok
14:23:57.0750 1136  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
14:23:57.0750 1136  C:\WINDOWS\system32\tcpmon.dll - ok
14:23:57.0750 1136  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
14:23:57.0750 1136  C:\WINDOWS\system32\wups2.dll - ok
14:23:57.0765 1136  [ DA45AD502B4F2B7FC4ADEBA2E309F384 ] C:\WINDOWS\system32\netevent.dll
14:23:57.0765 1136  C:\WINDOWS\system32\netevent.dll - ok
14:23:57.0765 1136  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
14:23:57.0765 1136  C:\WINDOWS\system32\rpcss.dll - ok
14:23:57.0781 1136  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
14:23:57.0781 1136  C:\WINDOWS\system32\hnetcfg.dll - ok
14:23:57.0781 1136  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
14:23:57.0781 1136  C:\WINDOWS\system32\mswsock.dll - ok
14:23:57.0796 1136  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
14:23:57.0796 1136  C:\WINDOWS\system32\rastls.dll - ok
14:23:57.0796 1136  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
14:23:57.0796 1136  C:\WINDOWS\system32\logonui.exe - ok
14:23:57.0812 1136  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
14:23:57.0812 1136  C:\WINDOWS\system32\duser.dll - ok
14:23:57.0812 1136  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
14:23:57.0812 1136  C:\WINDOWS\system32\mprapi.dll - ok
14:23:57.0812 1136  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
14:23:57.0812 1136  C:\WINDOWS\system32\oleacc.dll - ok
14:23:57.0828 1136  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
14:23:57.0828 1136  C:\WINDOWS\system32\raschap.dll - ok
14:23:57.0828 1136  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
14:23:57.0828 1136  C:\WINDOWS\system32\clbcatq.dll - ok
14:23:57.0843 1136  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
14:23:57.0843 1136  C:\WINDOWS\system32\cryptsvc.dll - ok
14:23:57.0843 1136  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
14:23:57.0843 1136  C:\WINDOWS\system32\wzcsvc.dll - ok
14:23:57.0859 1136  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
14:23:57.0859 1136  C:\WINDOWS\system32\adsldpc.dll - ok
14:23:57.0859 1136  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
14:23:57.0859 1136  C:\WINDOWS\system32\cabinet.dll - ok
14:23:57.0875 1136  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
14:23:57.0875 1136  C:\WINDOWS\system32\activeds.dll - ok
14:23:57.0875 1136  [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
14:23:57.0875 1136  C:\WINDOWS\system32\dpcdll.dll - ok
14:23:57.0875 1136  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
14:23:57.0875 1136  C:\WINDOWS\system32\tapi32.dll - ok
14:23:57.0890 1136  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
14:23:57.0890 1136  C:\WINDOWS\system32\comres.dll - ok
14:23:57.0890 1136  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
14:23:57.0890 1136  C:\WINDOWS\system32\schedsvc.dll - ok
14:23:57.0906 1136  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
14:23:57.0906 1136  C:\WINDOWS\system32\mscms.dll - ok
14:23:57.0906 1136  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
14:23:57.0906 1136  C:\WINDOWS\system32\rasapi32.dll - ok
14:23:57.0906 1136  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
14:23:57.0906 1136  C:\WINDOWS\system32\esent.dll - ok
14:23:57.0921 1136  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
14:23:57.0921 1136  C:\WINDOWS\system32\riched20.dll - ok
14:23:57.0921 1136  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
14:23:57.0921 1136  C:\WINDOWS\system32\cscui.dll - ok
14:23:57.0937 1136  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
14:23:57.0937 1136  C:\WINDOWS\system32\inetpp.dll - ok
14:23:57.0937 1136  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
14:23:57.0937 1136  C:\WINDOWS\system32\onex.dll - ok
14:23:57.0953 1136  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
14:23:57.0953 1136  C:\WINDOWS\system32\win32spl.dll - ok
14:23:57.0953 1136  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
14:23:57.0953 1136  C:\WINDOWS\system32\wuauclt.exe - ok
14:23:57.0968 1136  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
14:23:57.0968 1136  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
14:23:57.0968 1136  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
14:23:57.0968 1136  C:\WINDOWS\explorer.exe - ok
14:23:57.0968 1136  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
14:23:57.0968 1136  C:\WINDOWS\system32\winhttp.dll - ok
14:23:57.0984 1136  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
14:23:57.0984 1136  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
14:23:57.0984 1136  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
14:23:57.0984 1136  C:\WINDOWS\system32\certcli.dll - ok
14:23:58.0000 1136  [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
14:23:58.0000 1136  C:\WINDOWS\system32\mscoree.dll - ok
14:23:58.0000 1136  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
14:23:58.0000 1136  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
14:23:58.0000 1136  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
14:23:58.0000 1136  C:\WINDOWS\system32\xpsp2res.dll - ok
14:23:58.0015 1136  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
14:23:58.0015 1136  C:\WINDOWS\system32\credui.dll - ok
14:23:58.0015 1136  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
14:23:58.0015 1136  C:\WINDOWS\system32\es.dll - ok
14:23:58.0015 1136  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
14:23:58.0015 1136  C:\WINDOWS\system32\eappcfg.dll - ok
14:23:58.0031 1136  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
14:23:58.0031 1136  C:\WINDOWS\system32\spoolss.dll - ok
14:23:58.0031 1136  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
14:23:58.0031 1136  C:\WINDOWS\system32\pdh.dll - ok
14:23:58.0046 1136  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
14:23:58.0046 1136  C:\WINDOWS\system32\netman.dll - ok
14:23:58.0046 1136  [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
14:23:58.0046 1136  C:\WINDOWS\system32\olepro32.dll - ok
14:23:58.0046 1136  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
14:23:58.0046 1136  C:\WINDOWS\system32\imm32.dll - ok
14:23:58.0062 1136  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
14:23:58.0062 1136  C:\WINDOWS\system32\themeui.dll - ok
14:23:58.0062 1136  [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
14:23:58.0062 1136  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
14:23:58.0062 1136  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
14:23:58.0062 1136  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
14:23:58.0078 1136  [ 5951565A53AEF39C958EB11C6101D365 ] C:\WINDOWS\system32\urlmon.dll
14:23:58.0078 1136  C:\WINDOWS\system32\urlmon.dll - ok
14:23:58.0078 1136  [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\SKYPE\Updater\Updater.exe
14:23:58.0078 1136  C:\Program Files\SKYPE\Updater\Updater.exe - ok
14:23:58.0078 1136  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
14:23:58.0078 1136  C:\WINDOWS\system32\kernel32.dll - ok
14:23:58.0093 1136  [ 0607CBC6FA20114CB491EFE4B2F9EFAD ] C:\WINDOWS\system32\d3d9.dll
14:23:58.0093 1136  C:\WINDOWS\system32\d3d9.dll - ok
14:23:58.0093 1136  [ 2877FA0BE5B45E8A6A5A54C77B9B4DB9 ] C:\WINDOWS\system32\shdocvw.dll
14:23:58.0093 1136  C:\WINDOWS\system32\shdocvw.dll - ok
14:23:58.0093 1136  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
14:23:58.0093 1136  C:\WINDOWS\system32\srsvc.dll - ok
14:23:58.0109 1136  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
14:23:58.0109 1136  C:\WINDOWS\system32\netshell.dll - ok
14:23:58.0109 1136  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
14:23:58.0109 1136  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
14:23:58.0109 1136  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
14:23:58.0109 1136  C:\WINDOWS\system32\wiaservc.dll - ok
14:23:58.0125 1136  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
14:23:58.0125 1136  C:\WINDOWS\system32\localspl.dll - ok
14:23:58.0125 1136  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
14:23:58.0125 1136  C:\WINDOWS\system32\vssapi.dll - ok
14:23:58.0140 1136  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:23:58.0140 1136  C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
14:23:58.0140 1136  [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
14:23:58.0140 1136  C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
14:23:58.0140 1136  [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
14:23:58.0140 1136  C:\WINDOWS\system32\oledlg.dll - ok
14:23:58.0156 1136  [ 93EE430371FA5A724F843316490372C0 ] C:\WINDOWS\system32\nvapi.dll
14:23:58.0156 1136  C:\WINDOWS\system32\nvapi.dll - ok
14:23:58.0156 1136  [ A5675206B80C4127BC687DCCA9A57212 ] C:\Program Files\AVG\AVG2012\avgntsqlitex.dll
14:23:58.0156 1136  C:\Program Files\AVG\AVG2012\avgntsqlitex.dll - ok
14:23:58.0156 1136  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:23:58.0156 1136  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
14:23:58.0171 1136  [ 2D1389E05A807D956829F44BD4B60389 ] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
14:23:58.0171 1136  C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe - ok
14:23:58.0171 1136  [ EFDA24669DDE48AD06EF75F4D704DE58 ] C:\Program Files\AVG\AVG2012\avgnsx.exe
14:23:58.0171 1136  C:\Program Files\AVG\AVG2012\avgnsx.exe - ok
14:23:58.0171 1136  [ 7FBFEEE245821925129C9F86470BF33C ] C:\Program Files\Java\jre7\bin\jqs.exe
14:23:58.0171 1136  C:\Program Files\Java\jre7\bin\jqs.exe - ok
14:23:58.0187 1136  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
14:23:58.0187 1136  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
14:23:58.0187 1136  [ 3C09CC7992A8ADECD1FDDFD5D8E69BAE ] C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
14:23:58.0187 1136  C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe - ok
14:23:58.0187 1136  [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
14:23:58.0187 1136  C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
14:23:58.0203 1136  [ FFD30DAAF62D605069F6EB42D2E807C3 ] C:\WINDOWS\system32\nvsvc32.exe
14:23:58.0203 1136  C:\WINDOWS\system32\nvsvc32.exe - ok
14:23:58.0203 1136  [ EA1145DEBCD508FD25BD1E95C4346929 ] C:\Program Files\AVG\AVG2012\avgwdsvc.exe
14:23:58.0203 1136  C:\Program Files\AVG\AVG2012\avgwdsvc.exe - ok
14:23:58.0203 1136  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
14:23:58.0203 1136  C:\WINDOWS\system32\atmfd.dll - ok
14:23:58.0218 1136  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
14:23:58.0218 1136  C:\WINDOWS\system32\wuaueng.dll - ok
14:23:58.0218 1136  [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] C:\Program Files\AVG\AVG2012\avgidsagent.exe
14:23:58.0218 1136  C:\Program Files\AVG\AVG2012\avgidsagent.exe - ok
14:23:58.0218 1136  [ 6868006E4560838285235546EDED2A8B ] C:\PROGRA~1\AVG\AVG2012\avgclitx.dll
14:23:58.0218 1136  C:\PROGRA~1\AVG\AVG2012\avgclitx.dll - ok
14:23:58.0234 1136  [ B2D4FD49DDEF6DEF6900DAAC5730F425 ] C:\WINDOWS\system32\ntkrnlpa.exe
14:23:58.0234 1136  C:\WINDOWS\system32\ntkrnlpa.exe - ok
14:23:58.0234 1136  [ E3C6062F89195673F7C9D629F4CAEE47 ] C:\WINDOWS\system32\wininet.dll
14:23:58.0234 1136  C:\WINDOWS\system32\wininet.dll - ok
14:23:58.0250 1136  [ 9EC06CA9F3D6ED3B1D0AB2F2BAC338D3 ] C:\Program Files\AVG\AVG2012\avgwdwsc.dll
14:23:58.0250 1136  C:\Program Files\AVG\AVG2012\avgwdwsc.dll - ok
14:23:58.0250 1136  [ EE9E286E203D1B87F0696332B6B42B8D ] C:\Program Files\AVG\AVG2012\avgsched.dll
14:23:58.0250 1136  C:\Program Files\AVG\AVG2012\avgsched.dll - ok
14:23:58.0250 1136  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
14:23:58.0250 1136  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
14:23:58.0265 1136  [ 5B8D71AC2074550D78BC188A8888054F ] C:\Program Files\AVG\AVG2012\avgidpsdkx.dll
14:23:58.0265 1136  C:\Program Files\AVG\AVG2012\avgidpsdkx.dll - ok
14:23:58.0265 1136  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
14:23:58.0265 1136  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
14:23:58.0265 1136  [ 43B6BD4F2702A4704DCB02172E7B6C30 ] C:\Program Files\AVG\AVG2012\avgcorex.dll
14:23:58.0265 1136  C:\Program Files\AVG\AVG2012\avgcorex.dll - ok
14:23:58.0281 1136  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
14:23:58.0281 1136  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
14:23:58.0281 1136  [ 9CE7E61E07EBD3CCF05055CC3FBC0C19 ] C:\Program Files\AVG\AVG2012\avgemcx.exe
14:23:58.0281 1136  C:\Program Files\AVG\AVG2012\avgemcx.exe - ok
14:23:58.0281 1136  [ C6311800DDC987F3788548E0470CF447 ] C:\Program Files\AVG\AVG2012\avgcfgx.dll
14:23:58.0296 1136  C:\Program Files\AVG\AVG2012\avgcfgx.dll - ok
14:23:58.0296 1136  [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
14:23:58.0296 1136  C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
14:23:58.0296 1136  [ 7853D2AB445C10F97610B2B05FA4CF0A ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
14:23:58.0296 1136  C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
14:23:58.0312 1136  [ 64FD8E9BD93F465A04FB0C6169130826 ] C:\Program Files\AVG\AVG2012\avgwd.dll
14:23:58.0312 1136  C:\Program Files\AVG\AVG2012\avgwd.dll - ok
14:23:58.0312 1136  [ ED43760C9A61C0ABD91A473762E5A791 ] C:\WINDOWS\system32\nvcpl.dll
14:23:58.0312 1136  C:\WINDOWS\system32\nvcpl.dll - ok
14:23:58.0312 1136  [ 788577F50A7676BA38089A8064B445C5 ] C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll
14:23:58.0312 1136  C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll - ok
14:23:58.0328 1136  [ 483288CDA81482A615C6B5F8F7BC00E5 ] C:\PROGRA~1\AVG\AVG2012\avgchjwx.dll
14:23:58.0328 1136  C:\PROGRA~1\AVG\AVG2012\avgchjwx.dll - ok
14:23:58.0328 1136  [ 11790A73767FBC981BA961D2231907E2 ] C:\PROGRA~1\AVG\AVG2012\avgcclix.dll
14:23:58.0328 1136  C:\PROGRA~1\AVG\AVG2012\avgcclix.dll - ok
14:23:58.0328 1136  [ ECC96985954185DFCF455FBBB8037A1B ] C:\Program Files\AVG\AVG2012\avgcsrvx.exe
14:23:58.0328 1136  C:\Program Files\AVG\AVG2012\avgcsrvx.exe - ok
14:23:58.0343 1136  [ 583D2AB70DA4BDC7DCB5EC5C7B87A57C ] C:\Program Files\AVG\AVG2012\avgcertx.dll
14:23:58.0343 1136  C:\Program Files\AVG\AVG2012\avgcertx.dll - ok
14:23:58.0343 1136  [ 3466855DE825F86C484A3454AD090967 ] C:\Program Files\AVG\AVG2012\avgchclx.dll
14:23:58.0343 1136  C:\Program Files\AVG\AVG2012\avgchclx.dll - ok
14:23:58.0343 1136  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
14:23:58.0343 1136  C:\WINDOWS\system32\drivers\wmilib.sys - ok
14:23:58.0359 1136  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
14:23:58.0359 1136  C:\WINDOWS\system32\drivers\atapi.sys - ok
14:23:58.0359 1136  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
14:23:58.0359 1136  C:\WINDOWS\system32\drivers\dxapi.sys - ok
14:23:58.0375 1136  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
14:23:58.0375 1136  C:\WINDOWS\system32\watchdog.sys - ok
14:23:58.0375 1136  [ F984CAE54E536681B209F7816D8F68DA ] C:\WINDOWS\system32\win32k.sys
14:23:58.0375 1136  C:\WINDOWS\system32\win32k.sys - ok
14:23:58.0375 1136  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
14:23:58.0375 1136  C:\WINDOWS\system32\drivers\dxg.sys - ok
14:23:58.0390 1136  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
14:23:58.0390 1136  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
14:23:58.0390 1136  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
14:23:58.0390 1136  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
14:23:58.0390 1136  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
14:23:58.0390 1136  C:\WINDOWS\system32\winspool.drv - ok
14:23:58.0406 1136  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
14:23:58.0406 1136  C:\WINDOWS\system32\desk.cpl - ok
14:23:58.0406 1136  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
14:23:58.0406 1136  C:\WINDOWS\system32\cmd.exe - ok
14:23:58.0406 1136  [ 4B4A21E158C039EE0888741BFE1D24E0 ] C:\WINDOWS\system32\drivers\NSynas32.sys
14:23:58.0406 1136  C:\WINDOWS\system32\drivers\NSynas32.sys - ok
14:23:58.0421 1136  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
14:23:58.0421 1136  C:\WINDOWS\system32\drivers\serial.sys - ok
14:23:58.0421 1136  [ BAF975B72062F53D327788E99D64197E ] C:\WINDOWS\system32\drivers\avgidsshimx.sys
14:23:58.0421 1136  C:\WINDOWS\system32\drivers\avgidsshimx.sys - ok
14:23:58.0437 1136  [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
14:23:58.0437 1136  C:\WINDOWS\system32\qmgr.dll - ok
14:23:58.0437 1136  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
14:23:58.0437 1136  C:\WINDOWS\system32\shfolder.dll - ok
14:23:58.0437 1136  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
14:23:58.0437 1136  C:\WINDOWS\system32\wdmaud.drv - ok
14:23:58.0453 1136  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
14:23:58.0453 1136  C:\WINDOWS\system32\cryptnet.dll - ok
14:23:58.0453 1136  [ E246A32C445056996074A397DA56E815 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
14:23:58.0453 1136  C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
14:23:58.0453 1136  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
14:23:58.0453 1136  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
14:23:58.0468 1136  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
14:23:58.0468 1136  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
14:23:58.0468 1136  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
14:23:58.0468 1136  C:\WINDOWS\system32\drivers\splitter.sys - ok
14:23:58.0468 1136  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
14:23:58.0468 1136  C:\WINDOWS\system32\drivers\aec.sys - ok
14:23:58.0484 1136  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
14:23:58.0484 1136  C:\WINDOWS\system32\drivers\swmidi.sys - ok
14:23:58.0484 1136  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
14:23:58.0484 1136  C:\WINDOWS\system32\drivers\dmusic.sys - ok
14:23:58.0500 1136  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
14:23:58.0500 1136  C:\WINDOWS\system32\drivers\kmixer.sys - ok
14:23:58.0500 1136  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
14:23:58.0500 1136  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
14:23:58.0500 1136  [ 210EE09CB9C2655E55BD48D851369DC1 ] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:23:58.0500 1136  C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe - ok
14:23:58.0515 1136  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
14:23:58.0515 1136  C:\WINDOWS\system32\msacm32.drv - ok
14:23:58.0515 1136  [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] C:\WINDOWS\system32\drivers\avgidsfilterx.sys
14:23:58.0515 1136  C:\WINDOWS\system32\drivers\avgidsfilterx.sys - ok
14:23:58.0515 1136  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
14:23:58.0515 1136  C:\WINDOWS\system32\ipnathlp.dll - ok
14:23:58.0531 1136  [ EF67527CC2AD77D22AB1405C6470407E ] C:\WINDOWS\system32\drivers\avgidsdriverx.sys
14:23:58.0531 1136  C:\WINDOWS\system32\drivers\avgidsdriverx.sys - ok
14:23:58.0531 1136  [ AFF2E23E4E867140F07ABADC9E29ACDC ] C:\Program Files\AVG\AVG2012\avgopensslx.dll
14:23:58.0531 1136  C:\Program Files\AVG\AVG2012\avgopensslx.dll - ok
14:23:58.0531 1136  [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
14:23:58.0531 1136  C:\WINDOWS\system32\rundll32.exe - ok
14:23:58.0546 1136  [ BAE0C0BCFCABB119E936AA886E910ADE ] C:\Program Files\Java\jre7\bin\awt.dll
14:23:58.0546 1136  C:\Program Files\Java\jre7\bin\awt.dll - ok
14:23:58.0546 1136  [ C5D682E5BD418C4D2B4D4A46662C396A ] C:\Program Files\Java\jre7\bin\client\jvm.dll
14:23:58.0546 1136  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
14:23:58.0546 1136  [ 1B70925D72DC625765707B225288BFB1 ] C:\Program Files\Java\jre7\bin\dcpr.dll
14:23:58.0546 1136  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
14:23:58.0562 1136  [ EB9497707719FD325D0763FFC68CB1AF ] C:\Program Files\Java\jre7\bin\deploy.dll
14:23:58.0562 1136  C:\Program Files\Java\jre7\bin\deploy.dll - ok
14:23:58.0562 1136  [ 9BC2AC9C04E36270840E25DB746BD843 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
14:23:58.0562 1136  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
14:23:58.0578 1136  [ 62D7278B4D9B32459A715C4052AAC743 ] C:\Program Files\Java\jre7\bin\java.dll
14:23:58.0578 1136  C:\Program Files\Java\jre7\bin\java.dll - ok
14:23:58.0578 1136  [ 94FFE355A61070D2B4B83D05F1BE4FEB ] C:\Program Files\Java\jre7\bin\javaw.exe
14:23:58.0578 1136  C:\Program Files\Java\jre7\bin\javaw.exe - ok
14:23:58.0578 1136  [ 03C149B9606E302AC52CE21C14734168 ] C:\Program Files\Java\jre7\bin\jp2native.dll
14:23:58.0578 1136  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
14:23:58.0593 1136  [ 63A4D0A9585BE032C32D2758213251AB ] C:\Program Files\Java\jre7\bin\jpeg.dll
14:23:58.0593 1136  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
14:23:58.0593 1136  [ 7FC78A70C99780C4E3392D62EF45EF76 ] C:\Program Files\Java\jre7\bin\net.dll
14:23:58.0593 1136  C:\Program Files\Java\jre7\bin\net.dll - ok
14:23:58.0593 1136  [ D79D6B5B47600483EA78F36DF842FF3F ] C:\Program Files\Java\jre7\bin\nio.dll
14:23:58.0593 1136  C:\Program Files\Java\jre7\bin\nio.dll - ok
14:23:58.0609 1136  [ 134E16398E1E6BDF872DD417F3FEA806 ] C:\Program Files\Java\jre7\bin\verify.dll
14:23:58.0609 1136  C:\Program Files\Java\jre7\bin\verify.dll - ok
14:23:58.0609 1136  [ 613F8F6C07C53F39227A70819BE914AB ] C:\Program Files\Java\jre7\bin\zip.dll
14:23:58.0609 1136  C:\Program Files\Java\jre7\bin\zip.dll - ok
14:23:58.0609 1136  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
14:23:58.0609 1136  C:\WINDOWS\system32\msxml3.dll - ok
14:23:58.0625 1136  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
14:23:58.0625 1136  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
14:23:58.0625 1136  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
14:23:58.0625 1136  C:\WINDOWS\system32\wbem\esscli.dll - ok
14:23:58.0625 1136  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
14:23:58.0625 1136  C:\WINDOWS\system32\wbem\fastprox.dll - ok
14:23:58.0640 1136  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
14:23:58.0640 1136  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
14:23:58.0640 1136  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
14:23:58.0640 1136  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
14:23:58.0640 1136  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
14:23:58.0640 1136  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
14:23:58.0656 1136  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
14:23:58.0656 1136  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
14:23:58.0656 1136  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
14:23:58.0656 1136  C:\WINDOWS\system32\wbem\wbemess.dll - ok
14:23:58.0656 1136  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
14:23:58.0656 1136  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
14:23:58.0671 1136  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
14:23:58.0671 1136  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
14:23:58.0671 1136  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
14:23:58.0671 1136  C:\WINDOWS\system32\wbem\framedyn.dll - ok
14:23:58.0671 1136  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
14:23:58.0671 1136  C:\WINDOWS\system32\security.dll - ok
14:23:58.0687 1136  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
14:23:58.0687 1136  C:\WINDOWS\system32\dssenh.dll - ok
14:23:58.0687 1136  [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
14:23:58.0687 1136  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
14:23:58.0687 1136  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
14:23:58.0687 1136  C:\WINDOWS\system32\msi.dll - ok
14:23:58.0703 1136  [ 774348DE1DEA6262E06BFE1906D13D4D ] C:\WINDOWS\system32\advpack.dll
14:23:58.0703 1136  C:\WINDOWS\system32\advpack.dll - ok
14:23:58.0703 1136  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
14:23:58.0703 1136  C:\WINDOWS\system32\wbem\ncprov.dll - ok
14:23:58.0718 1136  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
14:23:58.0718 1136  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
14:23:58.0718 1136  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
14:23:58.0718 1136  C:\WINDOWS\system32\termsrv.dll - ok
14:23:58.0718 1136  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
14:23:58.0718 1136  C:\WINDOWS\system32\icaapi.dll - ok
14:23:58.0734 1136  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
14:23:58.0734 1136  C:\WINDOWS\system32\mstlsapi.dll - ok
14:23:58.0734 1136  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
14:23:58.0734 1136  C:\WINDOWS\system32\comsvcs.dll - ok
14:23:58.0734 1136  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
14:23:58.0734 1136  C:\WINDOWS\system32\colbact.dll - ok
14:23:58.0750 1136  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
14:23:58.0750 1136  C:\WINDOWS\system32\mtxclu.dll - ok
14:23:58.0750 1136  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
14:23:58.0750 1136  C:\WINDOWS\system32\clusapi.dll - ok
14:23:58.0750 1136  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
14:23:58.0750 1136  C:\WINDOWS\system32\resutils.dll - ok
14:23:58.0765 1136  [ 2CD1C3506A85B38E2D17E61ADED175C4 ] C:\WINDOWS\system32\taskmgr.exe
14:23:58.0765 1136  C:\WINDOWS\system32\taskmgr.exe - ok
14:23:58.0765 1136  [ 2B8B64AA14F817BDF3E3204FB041A61D ] C:\WINDOWS\system32\mtxoci.dll
14:23:58.0765 1136  C:\WINDOWS\system32\mtxoci.dll - ok
14:23:58.0765 1136  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
14:23:58.0781 1136  C:\WINDOWS\system32\sens.dll - ok
14:23:58.0781 1136  [ 0DFA4D5E8205614EDA53394E637812E4 ] C:\WINDOWS\system32\vdmdbg.dll
14:23:58.0781 1136  C:\WINDOWS\system32\vdmdbg.dll - ok
14:23:58.0781 1136  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
14:23:58.0781 1136  C:\WINDOWS\system32\actxprxy.dll - ok
14:23:58.0796 1136  [ 9D39D9E07C180127252E176EC2B41487 ] C:\WINDOWS\system32\utildll.dll
14:23:58.0796 1136  C:\WINDOWS\system32\utildll.dll - ok
14:23:58.0796 1136  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
14:23:58.0796 1136  C:\WINDOWS\system32\linkinfo.dll - ok
14:23:58.0796 1136  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
14:23:58.0796 1136  C:\WINDOWS\system32\ntshrui.dll - ok
14:23:58.0812 1136  [ EB38E8A5805D0D15E9545C2A471F0763 ] C:\Program Files\Razer\Arctosa\razerhid.exe
14:23:58.0812 1136  C:\Program Files\Razer\Arctosa\razerhid.exe - ok
14:23:58.0812 1136  [ C0858DF74342AB6DC3E8B0A99C646612 ] C:\Program Files\Razer\Arctosa\razerlan.dll
14:23:58.0812 1136  C:\Program Files\Razer\Arctosa\razerlan.dll - ok
14:23:58.0812 1136  [ 8E16BF5600797E678EA97051CF93E6BF ] C:\WINDOWS\system32\dumprep.exe
14:23:58.0812 1136  C:\WINDOWS\system32\dumprep.exe - ok
14:23:58.0828 1136  [ B698A49CA095FB8DBAA5DDF6538311DE ] C:\Program Files\AVG\AVG2012\avgxpl.dll
14:23:58.0828 1136  C:\Program Files\AVG\AVG2012\avgxpl.dll - ok
14:23:58.0828 1136  [ 371BA71B566260932DCCCF843BF6C7E7 ] C:\Program Files\AVG\AVG2012\avgtray.exe
14:23:58.0828 1136  C:\Program Files\AVG\AVG2012\avgtray.exe - ok
14:23:58.0828 1136  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
14:23:58.0828 1136  C:\WINDOWS\system32\netcfgx.dll - ok
14:23:58.0843 1136  [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:23:58.0843 1136  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
14:23:58.0843 1136  [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
14:23:58.0843 1136  C:\WINDOWS\system32\msisip.dll - ok
14:23:58.0843 1136  [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
14:23:58.0843 1136  C:\WINDOWS\system32\faultrep.dll - ok
14:23:58.0859 1136  [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
14:23:58.0859 1136  C:\WINDOWS\system32\wshext.dll - ok
14:23:58.0859 1136  [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
14:23:58.0859 1136  C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
14:23:58.0859 1136  [ E9AF8B12CFFC04C0F4399ED8E4D3826E ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
14:23:58.0859 1136  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
14:23:58.0875 1136  [ 58ED0528F2B1BFB3301BC10E0E707C35 ] C:\Program Files\Mozilla Firefox\firefox.exe
14:23:58.0875 1136  C:\Program Files\Mozilla Firefox\firefox.exe - ok
14:23:58.0875 1136  [ E535E0A413655208D7180154150881C6 ] C:\WINDOWS\system32\webcheck.dll
14:23:58.0875 1136  C:\WINDOWS\system32\webcheck.dll - ok
14:23:58.0875 1136  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
14:23:58.0875 1136  C:\WINDOWS\system32\imapi.exe - ok
14:23:58.0890 1136  [ F41D82EAF620AC7094956D4F3E872728 ] C:\Program Files\Roccat\Kova[+] Mouse\Kova[+]Monitor.exe
14:23:58.0890 1136  C:\Program Files\Roccat\Kova[+] Mouse\Kova[+]Monitor.exe - ok
14:23:58.0890 1136  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
14:23:58.0890 1136  C:\WINDOWS\system32\stobject.dll - ok
14:23:58.0890 1136  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
14:23:58.0890 1136  C:\WINDOWS\system32\batmeter.dll - ok
14:23:58.0906 1136  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
14:23:58.0906 1136  C:\WINDOWS\system32\rasmans.dll - ok
14:23:58.0906 1136  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
14:23:58.0906 1136  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
14:23:58.0921 1136  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
14:23:58.0921 1136  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
14:23:58.0921 1136  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
14:23:58.0921 1136  C:\WINDOWS\system32\winipsec.dll - ok
14:23:58.0921 1136  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
14:23:58.0921 1136  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
14:23:58.0937 1136  [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
14:23:58.0937 1136  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll - ok
14:23:58.0937 1136  [ 324012CF4DBFE021A1BA3E286723464E ] C:\Program Files\Roccat\Kova[+] Mouse\hiddriver.dll
14:23:58.0937 1136  C:\Program Files\Roccat\Kova[+] Mouse\hiddriver.dll - ok
14:23:58.0937 1136  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
14:23:58.0937 1136  C:\WINDOWS\system32\alg.exe - ok
14:23:58.0953 1136  [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
14:23:58.0953 1136  C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
14:23:58.0953 1136  [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll
14:23:58.0953 1136  C:\WINDOWS\system32\msvfw32.dll - ok
14:23:58.0953 1136  [ BF9ADDB37C6F5F3159AA78DF586DDA8D ] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe
14:23:58.0953 1136  C:\Program Files\NVIDIA Corporation\nView\nwiz.exe - ok
14:23:58.0968 1136  [ B3C1BA5F5AB8F9D8FC3B00F907522631 ] C:\WINDOWS\system32\nvmctray.dll
14:23:58.0968 1136  C:\WINDOWS\system32\nvmctray.dll - ok
14:23:58.0968 1136  [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
14:23:58.0968 1136  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll - ok
14:23:58.0968 1136  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
14:23:58.0968 1136  C:\WINDOWS\system32\tapisrv.dll - ok
14:23:58.0984 1136  [ 0BA077EFEDBD024029D2F77C355CADDE ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
14:23:58.0984 1136  C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
14:23:58.0984 1136  [ 79D59391600984117795F2AA47880C68 ] C:\Program Files\NVIDIA Corporation\nView\nView.dll
14:23:58.0984 1136  C:\Program Files\NVIDIA Corporation\nView\nView.dll - ok
14:23:58.0984 1136  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
14:23:58.0984 1136  C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
14:23:59.0000 1136  [ 262D86B6E19F7A4766402981B07D9F61 ] C:\Program Files\Mozilla Firefox\mozglue.dll
14:23:59.0000 1136  C:\Program Files\Mozilla Firefox\mozglue.dll - ok
14:23:59.0000 1136  [ 5294E28996A54959E53FDF1956CF8888 ] C:\Program Files\Mozilla Firefox\nspr4.dll
14:23:59.0000 1136  C:\Program Files\Mozilla Firefox\nspr4.dll - ok
14:23:59.0015 1136  [ E79E3FEEF5A1A811614CB5996E3AB629 ] C:\Program Files\Razer\Arctosa\razertra.exe
14:23:59.0015 1136  C:\Program Files\Razer\Arctosa\razertra.exe - ok
14:23:59.0015 1136  [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Mozilla Firefox\msvcp100.dll
14:23:59.0015 1136  C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
14:23:59.0015 1136  [ 577A365E730736D3DC2FB870156D1BB8 ] C:\Program Files\Mozilla Firefox\mozjs.dll
14:23:59.0015 1136  C:\Program Files\Mozilla Firefox\mozjs.dll - ok
14:23:59.0031 1136  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
14:23:59.0031 1136  C:\WINDOWS\system32\rastapi.dll - ok
14:23:59.0031 1136  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
14:23:59.0031 1136  C:\WINDOWS\system32\unimdm.tsp - ok
14:23:59.0031 1136  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
14:23:59.0031 1136  C:\WINDOWS\system32\uniplat.dll - ok
14:23:59.0046 1136  [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
14:23:59.0046 1136  C:\WINDOWS\system32\unimdmat.dll - ok
14:23:59.0046 1136  [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
14:23:59.0046 1136  C:\WINDOWS\system32\modemui.dll - ok
14:23:59.0046 1136  [ 8B9D6D070113CFD8E20793768AFA26FC ] C:\Program Files\AVG\AVG2012\avglngx.dll
14:23:59.0046 1136  C:\Program Files\AVG\AVG2012\avglngx.dll - ok
14:23:59.0062 1136  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
14:23:59.0062 1136  C:\WINDOWS\system32\kmddsp.tsp - ok
14:23:59.0062 1136  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
14:23:59.0062 1136  C:\WINDOWS\system32\ndptsp.tsp - ok
14:23:59.0062 1136  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
14:23:59.0062 1136  C:\WINDOWS\system32\ipconf.tsp - ok
14:23:59.0078 1136  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
14:23:59.0078 1136  C:\WINDOWS\system32\h323.tsp - ok
14:23:59.0078 1136  [ FBDB9D0935B9907B809B381FDDF1627F ] C:\WINDOWS\system32\regsvr32.exe
14:23:59.0078 1136  C:\WINDOWS\system32\regsvr32.exe - ok
14:23:59.0078 1136  [ E4AFF2A55D76AC47095889D425DD5673 ] C:\WINDOWS\system32\nvwddi.dll
14:23:59.0078 1136  C:\WINDOWS\system32\nvwddi.dll - ok
14:23:59.0093 1136  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
14:23:59.0093 1136  C:\WINDOWS\system32\hidphone.tsp - ok
14:23:59.0093 1136  [ 31B067C412FA1A9BAD3CA2A63D7DA440 ] C:\WINDOWS\system32\d3d8thk.dll
14:23:59.0093 1136  C:\WINDOWS\system32\d3d8thk.dll - ok
14:23:59.0093 1136  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
14:23:59.0093 1136  C:\WINDOWS\system32\rasppp.dll - ok
14:23:59.0109 1136  [ 810D3D884387DAE0E1C1A5010C12508A ] C:\Program Files\Mozilla Firefox\nssutil3.dll
14:23:59.0109 1136  C:\Program Files\Mozilla Firefox\nssutil3.dll - ok
14:23:59.0109 1136  [ FCDB95CAD0F44BA045CB6E7620F2E3D4 ] C:\Program Files\Mozilla Firefox\plc4.dll
14:23:59.0109 1136  C:\Program Files\Mozilla Firefox\plc4.dll - ok
14:23:59.0109 1136  [ CC6B544120760F0AE1146927447AF319 ] C:\Program Files\Mozilla Firefox\plds4.dll
14:23:59.0109 1136  C:\Program Files\Mozilla Firefox\plds4.dll - ok
14:23:59.0125 1136  [ 06798CDC2698C0798089B44124C77253 ] C:\Program Files\Mozilla Firefox\nss3.dll
14:23:59.0125 1136  C:\Program Files\Mozilla Firefox\nss3.dll - ok
14:23:59.0125 1136  [ 165BEB6D3C856AD618E6E95B4D69217A ] C:\Program Files\Mozilla Firefox\smime3.dll
14:23:59.0125 1136  C:\Program Files\Mozilla Firefox\smime3.dll - ok
14:23:59.0140 1136  [ F7868F18670E0D7D7D161C5F093F19CB ] C:\Program Files\Mozilla Firefox\ssl3.dll
14:23:59.0140 1136  C:\Program Files\Mozilla Firefox\ssl3.dll - ok
14:23:59.0140 1136  [ 574299294DB5E98F963BBA61E0112C58 ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll
14:23:59.0140 1136  C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok
14:23:59.0140 1136  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
14:23:59.0140 1136  C:\WINDOWS\system32\ntlsapi.dll - ok
14:23:59.0156 1136  [ 7240EA3FA768ED1E6E52741AE47EA08A ] C:\Program Files\AVG\AVG2012\avgabout.dll
14:23:59.0156 1136  C:\Program Files\AVG\AVG2012\avgabout.dll - ok
14:23:59.0156 1136  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
14:23:59.0156 1136  C:\WINDOWS\system32\rasqec.dll - ok
14:23:59.0156 1136  [ 12439FD1B08CE5EAD888A7467086CFF6 ] C:\Program Files\Mozilla Firefox\gkmedias.dll
14:23:59.0156 1136  C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
14:23:59.0171 1136  [ F6886DA015E93A5B42304BA3A5FD8E23 ] C:\Program Files\Mozilla Firefox\mozalloc.dll
14:23:59.0171 1136  C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
14:23:59.0171 1136  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
14:23:59.0171 1136  C:\WINDOWS\system32\rasdlg.dll - ok
14:23:59.0171 1136  [ 6F20729E802D5CC643A73A7F0339032B ] C:\Program Files\AVG\AVG2012\avguires.dll
14:23:59.0171 1136  C:\Program Files\AVG\AVG2012\avguires.dll - ok
14:23:59.0187 1136  [ D9C2C7C1552093DA582E1AB9B3432B55 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll
14:23:59.0187 1136  C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll - ok
14:23:59.0187 1136  [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
14:23:59.0187 1136  C:\WINDOWS\system32\usp10.dll - ok
14:23:59.0187 1136  [ A15B420EEB9850B22D803A676E3423CC ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
14:23:59.0187 1136  C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
14:23:59.0203 1136  [ 2D74DA2F9DCFA013158BAA5D5B17C5B3 ] C:\Program Files\Mozilla Firefox\xul.dll
14:23:59.0203 1136  C:\Program Files\Mozilla Firefox\xul.dll - ok
14:23:59.0203 1136  [ B2E9DB5E5F4091FCDA0C9249C1E3F974 ] C:\Program Files\AVG\AVG2012\avgidpmx.dll
14:23:59.0203 1136  C:\Program Files\AVG\AVG2012\avgidpmx.dll - ok
14:23:59.0203 1136  [ D25C03D04159D462D69F294BA7142BDB ] C:\WINDOWS\system32\msdmo.dll
14:23:59.0203 1136  C:\WINDOWS\system32\msdmo.dll - ok
14:23:59.0218 1136  [ 0098E4B99614900C33F795A81635EAE1 ] C:\Program Files\Mozilla Firefox\xpcom.dll
14:23:59.0218 1136  C:\Program Files\Mozilla Firefox\xpcom.dll - ok
14:23:59.0218 1136  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
14:23:59.0218 1136  C:\WINDOWS\system32\dbghelp.dll - ok
14:23:59.0218 1136  [ E34CA3DE924143F693A5E22B87C5CC4F ] C:\Program Files\Mozilla Firefox\components\browsercomps.dll
14:23:59.0218 1136  C:\Program Files\Mozilla Firefox\components\browsercomps.dll - ok
14:23:59.0234 1136  [ D0049860B63DD87A73A5D165C829C65F ] C:\WINDOWS\system32\t2embed.dll
14:23:59.0234 1136  C:\WINDOWS\system32\t2embed.dll - ok
14:23:59.0234 1136  [ 303A63F4B913AA5D8998161CB77A8CE7 ] C:\WINDOWS\system32\feclient.dll
14:23:59.0234 1136  C:\WINDOWS\system32\feclient.dll - ok
14:23:59.0234 1136  [ 4C99AED2AABDEDD7B0C99B62A7E24B3D ] C:\Program Files\Mozilla Firefox\softokn3.dll
14:23:59.0234 1136  C:\Program Files\Mozilla Firefox\softokn3.dll - ok
14:23:59.0250 1136  [ D31E86BA9D9D3C5608CC916D0C38410D ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
14:23:59.0250 1136  C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
14:23:59.0250 1136  [ B06643DB1CFFF911F80F03A80FDD6203 ] C:\Program Files\Mozilla Firefox\freebl3.dll
14:23:59.0250 1136  C:\Program Files\Mozilla Firefox\freebl3.dll - ok
14:23:59.0250 1136  [ 585F0850AEACE07B6D095CA9CBF02226 ] C:\Program Files\Mozilla Firefox\nssckbi.dll
14:23:59.0250 1136  C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
14:23:59.0265 1136  [ 268915665D11D28AAD2EB9E806FA3974 ] C:\Program Files\NVIDIA Corporation\nView\nvwimg.dll
14:23:59.0265 1136  C:\Program Files\NVIDIA Corporation\nView\nvwimg.dll - ok
14:23:59.0265 1136  [ 7A19B952DD4918509E67E99BC12C1AC7 ] C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
14:23:59.0265 1136  C:\Program Files\NVIDIA Corporation\nView\nvShell.dll - ok
14:23:59.0281 1136  [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
14:23:59.0281 1136  C:\WINDOWS\system32\drprov.dll - ok
14:23:59.0281 1136  [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
14:23:59.0281 1136  C:\WINDOWS\system32\ntlanman.dll - ok
14:23:59.0281 1136  [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
14:23:59.0281 1136  C:\WINDOWS\system32\netui0.dll - ok
14:23:59.0296 1136  [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
14:23:59.0296 1136  C:\WINDOWS\system32\netui1.dll - ok
14:23:59.0296 1136  [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
14:23:59.0296 1136  C:\WINDOWS\system32\davclnt.dll - ok
14:23:59.0296 1136  [ F3370C98F4981EDA6036689D298E67B9 ] C:\WINDOWS\system32\browselc.dll
14:23:59.0296 1136  C:\WINDOWS\system32\browselc.dll - ok
14:23:59.0312 1136  [ 7ACD107E71CAD25731C70600E2A4F84C ] C:\Program Files\AVG\AVG2012\avgssie.dll
14:23:59.0312 1136  C:\Program Files\AVG\AVG2012\avgssie.dll - ok
14:23:59.0312 1136  [ BEBDF2293F53049569285B9B2FA7EC68 ] C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
14:23:59.0312 1136  C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll - ok
14:23:59.0312 1136  [ 36FB831C6BDA449730DEAD22901C7FC0 ] C:\WINDOWS\srchasst\srchui.dll
14:23:59.0312 1136  C:\WINDOWS\srchasst\srchui.dll - ok
14:23:59.0328 1136  [ F7B835130EA8A6D900ED425CFF42E394 ] C:\WINDOWS\srchasst\srchctls.dll
14:23:59.0328 1136  C:\WINDOWS\srchasst\srchctls.dll - ok
14:23:59.0328 1136  [ 44F0F16BF6EB8E1443AE788CA4EAB04D ] C:\WINDOWS\msagent\agentdp2.dll
14:23:59.0328 1136  C:\WINDOWS\msagent\agentdp2.dll - ok
14:23:59.0328 1136  [ F7B098A08EFCF4AB4247264C0AC225D2 ] C:\WINDOWS\system32\jscript.dll
14:23:59.0328 1136  C:\WINDOWS\system32\jscript.dll - ok
14:23:59.0343 1136  [ 04A6FACEBFB8B02CEDFF39BD4D5E0714 ] C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
14:23:59.0343 1136  C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll - ok
14:23:59.0343 1136  [ 8F08F3D3A15C6A82F70DDC04554CA808 ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
14:23:59.0343 1136  C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok
14:23:59.0359 1136  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
14:23:59.0359 1136  C:\WINDOWS\system32\mlang.dll - ok
14:23:59.0359 1136  [ 81D2A27C916C7830743E4AFA454099F7 ] C:\WINDOWS\system32\WpdShext.dll
14:23:59.0359 1136  C:\WINDOWS\system32\WpdShext.dll - ok
14:23:59.0359 1136  [ 41E107E57DD21B2A119709F0BB8CE576 ] C:\WINDOWS\system32\dfshim.dll
14:23:59.0359 1136  C:\WINDOWS\system32\dfshim.dll - ok
14:23:59.0375 1136  [ 83BA5E873164A3711B44052F58C8FE9F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
14:23:59.0375 1136  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
14:23:59.0375 1136  [ AB6D0A4EBA0B43A83A21F698F3E1BCC8 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\dfdll.dll
14:23:59.0375 1136  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\dfdll.dll - ok
14:23:59.0375 1136  [ 82A98D0EB83505529AD81E4C1FADC37D ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
14:23:59.0375 1136  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
14:23:59.0390 1136  [ 4C48F1B30A82583CAEE0DA02DD7259EE ] C:\WINDOWS\system32\audiodev.dll
14:23:59.0390 1136  C:\WINDOWS\system32\audiodev.dll - ok
14:23:59.0390 1136  [ DFFEC6479C5E00A103A44AC33A1058AA ] C:\WINDOWS\system32\WMVCore.dll
14:23:59.0390 1136  C:\WINDOWS\system32\WMVCore.dll - ok
14:23:59.0390 1136  [ 7365B5CA9747C84178D42CCA72486277 ] C:\WINDOWS\system32\wmasf.dll
14:23:59.0390 1136  C:\WINDOWS\system32\wmasf.dll - ok
14:23:59.0406 1136  [ BF67AC2C1F41BE892B98E9B8E91C0CB8 ] C:\WINDOWS\system32\wiashext.dll
14:23:59.0406 1136  C:\WINDOWS\system32\wiashext.dll - ok
14:23:59.0406 1136  [ 3CAEAE7608F1BD7BA873A3B02895B106 ] C:\WINDOWS\system32\sti.dll
14:23:59.0406 1136  C:\WINDOWS\system32\sti.dll - ok
14:23:59.0406 1136  [ 332A091AC338E6025A3F1A6C3D61249F ] C:\WINDOWS\system32\cdfview.dll
14:23:59.0406 1136  C:\WINDOWS\system32\cdfview.dll - ok
14:23:59.0421 1136  [ 2BA64A3195CF794E559D2CFF107B2A02 ] C:\WINDOWS\system32\msxml.dll
14:23:59.0421 1136  C:\WINDOWS\system32\msxml.dll - ok
14:23:59.0421 1136  [ F759A6E14403BC3D7A55CCAD1B8F7B4A ] C:\WINDOWS\system32\hticons.dll
14:23:59.0421 1136  C:\WINDOWS\system32\hticons.dll - ok
14:23:59.0421 1136  [ C444B433A340C24B51A2DACE9D13FC70 ] C:\WINDOWS\system32\zipfldr.dll
14:23:59.0421 1136  C:\WINDOWS\system32\zipfldr.dll - ok
14:23:59.0437 1136  [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll
14:23:59.0437 1136  C:\WINDOWS\system32\mmcshext.dll - ok
14:23:59.0437 1136  [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll
14:23:59.0437 1136  C:\WINDOWS\system32\hhsetup.dll - ok
14:23:59.0437 1136  [ E518B7E8B372EE8DC9868946FAA8C4C4 ] C:\WINDOWS\system32\fontext.dll
14:23:59.0437 1136  C:\WINDOWS\system32\fontext.dll - ok
14:23:59.0453 1136  [ 79B0A04E2DF042045A25706B4BAD2116 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
14:23:59.0453 1136  C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll - ok
14:23:59.0453 1136  [ 30A23A61E651C7487407CF74176C6AB1 ] C:\Program Files\WinRAR\RarExt.dll
14:23:59.0453 1136  C:\Program Files\WinRAR\RarExt.dll - ok
14:23:59.0453 1136  [ 801FC32EFA043F6C9E9F5BDAC84795F2 ] C:\Program Files\AVG\AVG2012\avgse.dll
14:23:59.0453 1136  C:\Program Files\AVG\AVG2012\avgse.dll - ok
14:23:59.0468 1136  [ 5E28284F9B5F9097640D58A73D38AD4C ] C:\WINDOWS\system32\notepad.exe
14:23:59.0468 1136  C:\WINDOWS\system32\notepad.exe - ok
14:23:59.0468 1136  [ B5A5231BBB443092AFB8A33EF7AEAEB2 ] C:\WINDOWS\system32\shdoclc.dll
14:23:59.0468 1136  C:\WINDOWS\system32\shdoclc.dll - ok
14:23:59.0468 1136  [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\tdsskiller.exe
14:23:59.0468 1136  C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\tdsskiller.exe - ok
14:23:59.0484 1136  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\10204671.sys
14:23:59.0484 1136  C:\WINDOWS\system32\drivers\10204671.sys - ok
14:23:59.0484 1136  [ FCF1A9C3FB29786946302B4470952D85 ] C:\Program Files\AVG\AVG2012\avgcslx.dll
14:23:59.0484 1136  C:\Program Files\AVG\AVG2012\avgcslx.dll - ok
14:23:59.0500 1136  [ B082D1AA020008B26D08B838C5B1E6BB ] C:\Program Files\AVG\AVG2012\avgdiagex.exe
14:23:59.0500 1136  C:\Program Files\AVG\AVG2012\avgdiagex.exe - ok
14:23:59.0500 1136  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
14:23:59.0500 1136  C:\WINDOWS\system32\mydocs.dll - ok
14:23:59.0500 1136  [ B496B116F621223357DEFE4508B0987E ] C:\Program Files\AVG\AVG2012\avgsrmx.dll
14:23:59.0500 1136  C:\Program Files\AVG\AVG2012\avgsrmx.dll - ok
14:23:59.0515 1136  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\12175349.sys
14:23:59.0515 1136  C:\WINDOWS\system32\drivers\12175349.sys - ok
14:23:59.0515 1136  ============================================================
14:23:59.0515 1136  Scan finished
14:23:59.0515 1136  ============================================================
14:23:59.0531 1140  Detected object count: 0
14:23:59.0531 1140  Actual detected object count: 0
14:24:11.0015 0312  Deinitialize success
 

 

 

 

 

 

 

 

 

 

 

aswMBR log:

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-09 14:24:18
-----------------------------
14:24:18.968    OS Version: Windows 5.1.2600 Service Pack 3
14:24:18.968    Number of processors: 1 586 0x4F02
14:24:18.968    ComputerName: YOUR-D0F670B45A  UserName: Compaq_Owner
14:24:19.578    Initialize success
14:27:31.203    AVAST engine defs: 13020900
14:28:34.171    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5
14:28:34.171    Disk 0 Vendor: ST3120213AS 3.AHH Size: 114473MB BusType: 3
14:28:34.187    Disk 0 MBR read successfully
14:28:34.187    Disk 0 MBR scan
14:28:34.234    Disk 0 unknown MBR code
14:28:34.250    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       106969 MB offset 63
14:28:34.281    Disk 0 Partition 2 00     0C    FAT32 LBA RECOVERY     7493 MB offset 219088800
14:28:34.296    Disk 0 scanning sectors +234435600
14:28:34.328    Disk 0 malicious Win32:MBRoot code @ sector 234435603 !
14:28:34.390    Disk 0 scanning C:\WINDOWS\system32\drivers
14:28:49.281    Service scanning
14:29:51.093    Modules scanning
14:30:26.531    Disk 0 trace - called modules:
14:30:26.562    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
14:30:26.562    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a4deab8]
14:30:26.562    3 CLASSPNP.SYS[b80e8fd7] -> nt!IofCallDriver -> \Device\00000072[0x8a4abf18]
14:30:26.562    5 ACPI.sys[b7f23620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-5[0x8a4a9d98]
14:30:27.390    AVAST engine scan C:\WINDOWS
14:30:39.984    AVAST engine scan C:\WINDOWS\system32
14:38:37.906    AVAST engine scan C:\WINDOWS\system32\drivers
14:40:25.421    AVAST engine scan C:\Documents and Settings\Compaq_Owner
15:27:52.593    AVAST engine scan C:\Documents and Settings\All Users
15:44:59.609    Scan finished successfully
15:45:53.812    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\Virus Removal\MBR.dat"
15:45:53.828    The log file has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\Virus Removal\aswMBR.txt"

 


Edited by Kadoobie, 09 February 2013 - 04:33 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:04 PM

Posted 09 February 2013 - 03:56 PM

(ps: Do you want me to use the Fix button on aswMBR?)

 

No :)



#5 Kadoobie

Kadoobie
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 09 February 2013 - 07:21 PM

Finally after 4 hours and 42 minuites, here is the ESET results:
 

(Should I delete quarantined files?)

 

C:\Documents and Settings\Compaq_Owner\Application Data\Sun\Java\Deployment\cache\6.0\51\4f444273-53b9fc15    Java/TrojanDownloader.Agent.NDR trojan    deleted - quarantined
C:\Documents and Settings\Compaq_Owner\Application Data\Sun\Java\Deployment\cache\6.0\63\40b3013f-71a6e58e    Java/Exploit.Blacole.AN trojan    deleted - quarantined
C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\Microsoft Word 2010 + Crack {LCD}.rar    a variant of Win32/HackKMS.A application    deleted - quarantined (COMMENT: i see torrenting is bad.)
C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\pivot_setup.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
C:\Documents and Settings\Kyle\Local Settings\Temporary Internet Files\Content.IE5\NJQ8C4AG\index[1].htm    HTML/TrojanDownloader.IFrame trojan    cleaned by deleting - quarantined
C:\Program Files\Cheat Engine\cheatengine-i386.exe    a variant of Win32/HackTool.CheatEngine.AB application    cleaned by deleting - quarantined (as is flash game hacking)
C:\RECYCLER\S-1-5-21-2143843010-4188248516-471106545-1008\Dc23.exe    multiple threats    cleaned by deleting - quarantined
D:\I386\APPS\APP25742\src\CompaqPresario_Spring06.exe    a variant of Win32/AdInstaller application    cleaned by deleting - quarantined
D:\I386\APPS\APP25742\src\HPPavillion_Spring06.exe    a variant of Win32/AdInstaller application    cleaned by deleting - quarantined
 


Edited by Kadoobie, 09 February 2013 - 07:39 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:04 PM

Posted 09 February 2013 - 07:49 PM

(Should I delete quarantined files?)

 

Yes

 

 

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Search
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#7 Kadoobie

Kadoobie
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 09 February 2013 - 09:32 PM

TONS OF LOGS!!!

 

MalwareBytes:

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.09.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Compaq_Owner :: YOUR-D0F670B45A [administrator]

2/9/2013 9:02:29 PM
2 malware.txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 271736
Time elapsed: 22 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (http://searchab.com/?aff=7&uid=20f8c7c1-71b5-11e2-ae86-001a7010d03a) Good: (http://www.google.com) -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 

 

 

 

 

 

minitoolbar:

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by Compaq_Owner (administrator) on 09-02-2013 at 21:05:34
Running from "C:\Documents and Settings\Compaq_Owner\Desktop\Virus Removal"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "46.19.136.221"
"network.proxy.http_port", 8080
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4) = The Scoop (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "The Scoop"

set address name="The Scoop" source=dhcp
set dns name="The Scoop" source=dhcp register=PRIMARY
set wins name="The Scoop" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : your-d0f670b45a

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter The Scoop:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4)

        Physical Address. . . . . . . . . : 00-1A-70-10-D0-3A

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.108

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 167.206.254.1

                                            167.206.254.2

        Lease Obtained. . . . . . . . . . : Saturday, February 09, 2013 8:56:48 PM

        Lease Expires . . . . . . . . . . : Sunday, February 10, 2013 8:56:48 PM

Server:  vdns1.srv.hcvlny.cv.net
Address:  167.206.254.1

Name:    google.com
Addresses:  173.194.43.39, 173.194.43.46, 173.194.43.32, 173.194.43.34
      173.194.43.35, 173.194.43.33, 173.194.43.41, 173.194.43.37, 173.194.43.36
      173.194.43.38, 173.194.43.40



Pinging google.com [74.125.226.197] with 32 bytes of data:



Reply from 74.125.226.197: bytes=32 time=106ms TTL=55

Reply from 74.125.226.197: bytes=32 time=148ms TTL=55



Ping statistics for 74.125.226.197:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 106ms, Maximum = 148ms, Average = 127ms

Server:  vdns1.srv.hcvlny.cv.net
Address:  167.206.254.1

Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 206.190.36.45



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=333ms TTL=52

Reply from 98.139.183.24: bytes=32 time=144ms TTL=52



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 144ms, Maximum = 333ms, Average = 238ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x20002 ...00 1a 70 10 d0 3a ...... Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4) - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.108      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.1.0    255.255.255.0    192.168.1.108   192.168.1.108      20
    192.168.1.108  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.1.255  255.255.255.255    192.168.1.108   192.168.1.108      20
        224.0.0.0        240.0.0.0    192.168.1.108   192.168.1.108      20
  255.255.255.255  255.255.255.255    192.168.1.108   192.168.1.108      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/09/2013 09:56:19 AM) (Source: nview) (User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:18 AM) (Source: nview) (User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:16 AM) (Source: nview) (User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:15 AM) (Source: nview) (User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:13 AM) (Source: nview) (User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:12 AM) (Source: nview) (User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:08 AM) (Source: nview) (User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:08 AM) (Source: nview) (User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:07 AM) (Source: nview) (User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:07 AM) (Source: nview) (User: )
Description: failed to retrieve module name


System errors:
=============
Error: (02/09/2013 02:15:07 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
IntelIde
ViaIde

Error: (02/09/2013 02:15:07 PM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service hung on starting.

Error: (02/09/2013 02:14:42 PM) (Source: Service Control Manager) (User: )
Description: The VNC Server service failed to start due to the following error:
%%3

Error: (02/09/2013 02:14:42 PM) (Source: Service Control Manager) (User: )
Description: The Nsynas32 service failed to start due to the following error:
%%20

Error: (02/09/2013 11:19:10 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft .NET Framework NGEN v4.0.30319_X86 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/09/2013 11:17:51 AM) (Source: Service Control Manager) (User: )
Description: The SpyHunter 4 Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/09/2013 11:17:45 AM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/09/2013 09:34:54 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service hung on starting.

Error: (02/09/2013 09:34:11 AM) (Source: Service Control Manager) (User: )
Description: The VNC Server service failed to start due to the following error:
%%3

Error: (02/09/2013 09:34:11 AM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (02/09/2013 09:56:19 AM) (Source: nview)(User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:18 AM) (Source: nview)(User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:16 AM) (Source: nview)(User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:15 AM) (Source: nview)(User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:13 AM) (Source: nview)(User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:12 AM) (Source: nview)(User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:08 AM) (Source: nview)(User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:08 AM) (Source: nview)(User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:07 AM) (Source: nview)(User: )
Description: failed to retrieve module name

Error: (02/09/2013 09:56:07 AM) (Source: nview)(User: )
Description: failed to retrieve module name


=========================== Installed Programs ============================

Adobe AIR (Version: 3.5.0.600)
Adobe Flash Player 11 Plugin (Version: 11.5.502.149)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Apple Software Update (Version: 2.1.1.116)
AVG 2012 (Version: 12.0.2639)
AVG 2012 (Version: 12.1.2238)
AVG 2012 (Version: 2012.1.2238)
BitTorrent (Version: 7.2.1)
CCleaner (Version: 3.27)
CodeBlocks (Version: 10.05)
Data Fax SoftModem with SmartCP
Destinations (Version: 70.0.170.000)
DeviceManagementQFolder (Version: 1.00.0000)
ESET Online Scanner v3
GameMaker-Studio 1.1
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HP Boot Optimizer (Version: 3.0.0)
HP DVD Play 2.1
HP Imaging Device Functions 7.0 (Version: 7.0)
HP Update (Version: 5.002.006.003)
HP Web Helper
HPPhotoSmartExpress (Version: 70.0.170.000)
HpSdpAppCoreApp (Version: 3.00.0000)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Java SE Development Kit 7 Update 5 (Version: 1.7.0.50)
Java™ 6 Update 30 (Version: 6.0.300)
JavaFX 2.1.1 (Version: 2.1.1)
JavaFX 2.1.1 SDK (Version: 2.1.1)
League of Legends (Version: 1.3)
LOLReplay (Version: 0.7.9.18)
Macromedia Flash Player 8 (Version: 8)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
NVIDIA Control Panel 306.81 (Version: 306.81)
NVIDIA Drivers
NVIDIA Graphics Driver 306.81 (Version: 306.81)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA nView 136.28 (Version: 136.28)
NVIDIA nView Desktop Manager (Version: 6.14.10.13594)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Octoshape add-in for Adobe Flash Player
OpenOffice.org 3.4.1 (Version: 3.41.9593)
QuickTime (Version: 7.69.80.9)
Razer Arctosa (Version: 1.00.0000)
Realtek High Definition Audio Driver
ROCCAT Kova[+] Mouse Driver (Version: 1.10)
Skype™ 5.10 (Version: 5.10.116)
Sonic Express Labeler (Version: 2.1.0)
Sonic RecordNow Audio (Version: 2.0.6)
Sonic RecordNow Copy (Version: 2.0.6)
Sonic RecordNow Data (Version: 2.0.6)
Sonic Update Manager (Version: 3.0.0)
Unload (Version: 7.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Windows (KB971513)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB953356) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB976749) (Version: 1)
Update for Windows XP (KB978207) (Version: 1)
Update for Windows XP (KB980182) (Version: 1)
VLC media player 2.0.1 (Version: 2.0.1)
WebFldrs XP (Version: 9.50.7523)
WildTangent Web Driver
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 1982.48 MB
Available physical RAM: 1378.34 MB
Total Pagefile: 3811.91 MB
Available Pagefile: 3319.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1978.63 MB

========================= Partitions: =====================================

1 Drive c: (Awesomesauce) (Fixed) (Total:104.46 GB) (Free:32.64 GB) NTFS
2 Drive d: (PRESARIO_RP) (Fixed) (Total:7.3 GB) (Free:0.5 GB) FAT32

========================= Users: ========================================

User accounts for \\

Administrator            ASPNET                   Compaq_Owner             
Guest                    HelpAssistant            SUPPORT_388945a0         
SUPPORT_fddfa904         UpdatusUser              


**** End of log ****
 

 

 

 

 

 

 

 

 

Service Scanner:

 

 

 

 

 

Farbar Service Scanner Version: 30-01-2013
Ran by Compaq_Owner (administrator) on 09-02-2013 at 21:08:24
Running from "C:\Documents and Settings\Compaq_Owner\Desktop\Virus Removal"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2004-08-04 06:00] - [2008-04-13 19:12] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2004-08-04 06:00] - [2009-02-06 06:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


Extra List:
=======
Avgtdix(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x09000000040000000100000002000000030000000600000007000000080000000900000005000000
IpSec Tag value is correct.

**** End of log ****

 

 

 

 

 

 

ADWcleaner:

 

# AdwCleaner v2.111 - Logfile created 02/09/2013 at 21:10:06
# Updated 05/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Compaq_Owner - YOUR-D0F670B45A
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Compaq_Owner\Desktop\Virus Removal\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\Searchqu.ini
File Found : C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\searchqutoolbar-manifest.xml
File Found : C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\Uninstall.exe
Folder Found : C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\APN
Folder Found : C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\BitTorrentBar

***** [Registry] *****

Key Found : HKCU\Software\BitTorrentBar
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKCU\Software\StartSearch
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\BitTorrentBar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://dts.search-results.com/sidebar.html?src=ssb&appid=101&systemid=406
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&q={searchTerms}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&q={searchTerms}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchab.com/?aff=7&uid=20f8c7c1-71b5-11e2-ae86-001a7010d03a

-\\ Mozilla Firefox v18.0.2 (en-US)

File : C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\29xttks2.default\prefs.js

Found : user_pref("keyword.URL", "hxxp://searchab.com/?aff=7&uid=20f8c7c1-71b5-11e2-ae86-001a7010d03a&q=");

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\dfauj6u9.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3624 octets] - [09/02/2013 21:10:06]

########## EOF - C:\AdwCleaner[R1].txt - [3684 octets] ##########
 

 

 

 

 

 

 

 

JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Microsoft Windows XP x86
Ran by Compaq_Owner on Sat 02/09/2013 at 21:11:14.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Search Bar
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-222769039-2462377923-960417571-1008\software\microsoft\internet explorer\main\\Search Bar
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Search Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-222769039-2462377923-960417571-1008\software\microsoft\internet explorer\main\\Search Page



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\bittorrentbar
Successfully deleted: [Registry Key] hkey_local_machine\software\bittorrentbar
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\datamngr
Successfully deleted: [Registry Key] hkey_current_user\software\startsearch
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\menuext\&search
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\conduit.engine
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\imside1egate.application.1
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2790392
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\bittorrentbar"



~~~ FireFox

Successfully deleted: [File] "C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\firefox\profiles\29xttks2.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi"
Successfully deleted the following from C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\firefox\profiles\29xttks2.default\prefs.js

user_pref("browser.search.defaultengine", "Privitize VPN");
user_pref("browser.search.defaultenginename", "Privitize VPN");
user_pref("browser.search.order.1", "Privitize VPN");
Emptied folder: C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\firefox\profiles\29xttks2.default\minidumps [3 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 02/09/2013 at 21:20:20.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

 

 

 

 

 

rKill:

 

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/09/2013 09:15:37 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Documents and Settings\Compaq_Owner\Desktop\Virus Removal\JRT.exe (PID: 3436) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Disabled

 * MSDTC [Missing Service]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 02/09/2013 09:16:37 PM
Execution time: 0 hours(s), 1 minute(s), and 0 seconds(s)
 

 

 

 

 

AutoRuns:

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Arctosa"    "razerhid MFC Application"    "Razer USA Ltd."    "c:\program files\razer\arctosa\razerhid.exe"
+ "AVG_TRAY"    "AVG Tray Monitor"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2012\avgtray.exe"
+ "NvCplDaemon"    "NVIDIA Display Properties Extension"    "NVIDIA Corporation"    "c:\windows\system32\nvcpl.dll"
+ "NvMediaCenter"    "NVIDIA Media Center Library"    "NVIDIA Corporation"    "c:\windows\system32\nvmctray.dll"
+ "nwiz"    "NVIDIA nView Wizard, Version 136.28 "    "NVIDIA Corporation"    "c:\program files\nvidia corporation\nview\nwiz.exe"
+ "RoccatKova+"    "Kova[+] Monitor Application"    "Roccat GmbH"    "c:\program files\roccat\kova[+] mouse\kova[+]monitor.exe"
+ "SunJavaUpdateSched"    "Java™ Update Scheduler"    "Sun Microsystems, Inc."    "c:\program files\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Address Book 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
+ "linkscanner"    "Safe Search pluggable protocol"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2012\avgpp.dll"
+ "skype4com"    "Skype for COM API"    "Skype Technologies"    "c:\program files\common files\skype\skype4com.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"    ""    ""    ""
+ "0"    ""    ""    "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2012\avgse.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "00nView"    "NVIDIA Desktop Explorer, Version 136.28 "    "NVIDIA Corporation"    "c:\program files\nvidia corporation\nview\nvshell.dll"
+ "NvCplDesktopContext"    "NVIDIA Display Properties Extension"    "NVIDIA Corporation"    "c:\windows\system32\nvcpl.dll"
"HKCU\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"    ""    "Apache Software Foundation"    "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2012\avgse.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Do Not Track"    "AVG Do Not Track for IE"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2012\avgdtiex.dll"
+ "AVG Safe Search"    "Safe Search for Internet Explorer"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2012\avgssie.dll"
+ "hpWebHelper Class"    "IE browser helper object"    "Hewlett-Packard"    "c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\webhelper.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\ssv.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "AVG Do Not Track"    "AVG Do Not Track for IE"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2012\avgdtiex.dll"
+ "Internet Connection Help"    ""    ""    "c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm"
+ "Run IMVU"    ""    ""    "File not found: C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\IMVU\Run IMVU.lnk"
+ "Windows Messenger"    ""    ""    "File not found: C:\Program Files\Messenger\msmsgs.exe"
"Task Scheduler"    ""    ""    ""
+ "Adobe Flash Player Updater.job"    "Adobe® Flash® Player Update Service 11.5 r502"    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "SmartDefrag_Startup.job"    ""    ""    "File not found: C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe /STARTUP"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AppMgmt"    "Provides software installation services such as Assign, Publish, and Remove."    ""    "File not found: C:\WINDOWS\System32\appmgmts.dll"
+ "AVGIDSAgent"    "Provides Identity Protection Against Cyber Crime."    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2012\avgidsagent.exe"
+ "avgwd"    "AVG Watchdog Service"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2012\avgwdsvc.exe"
+ "IDriverT"    "Provides support for the Running Object Table for InstallShield Drivers"    "Macrovision Corporation"    "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "JavaQuickStarterService"    "Prefetches JRE files for faster startup of Java applets and applications"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jqs.exe"
+ "LiveUpdate Notice Service"    "Manages Norton product notices"    "Symantec Corporation"    "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe"
+ "NVSvc"    "NVIDIA Driver Helper Service, Version 306.81"    "NVIDIA Corporation"    "c:\windows\system32\nvsvc32.exe"
+ "nvUpdatusService"    "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server."    "NVIDIA Corporation"    "c:\program files\nvidia corporation\nvidia update core\daemonu.exe"
+ "SkypeUpdate"    "Enables the detection, download and installation of updates for Skype."    "Skype Technologies"    "c:\program files\skype\updater\updater.exe"
+ "winvnc"    ""    ""    "File not found: C:\Program Files\TightVNC-Jaadu\WinVNC.exe"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "240A"    ""    ""    "File not found: C:\WINDOWS\system32\240A.sys"
+ "254C"    ""    ""    "File not found: C:\WINDOWS\system32\254C.sys"
+ "3d33"    ""    ""    "File not found: C:\WINDOWS\system32\3d33.sys"
+ "7408"    ""    ""    "File not found: C:\WINDOWS\system32\7408.sys"
+ "88e2"    ""    ""    "File not found: C:\WINDOWS\system32\88e2.sys"
+ "8f4B"    ""    ""    "File not found: C:\WINDOWS\system32\8f4B.sys"
+ "9fc4"    ""    ""    "File not found: C:\WINDOWS\system32\9fc4.sys"
+ "a976"    ""    ""    "File not found: C:\WINDOWS\system32\a976.sys"
+ "AmdK8"    "AMD Processor Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdk8.sys"
+ "AN983"    "ADMtek AN983/AN985/ADM951X NDIS5 Driver"    "ADMtek Incorporated."    "c:\windows\system32\drivers\an983.sys"
+ "ArcFltr"    "Razer Arctosa Keyboard Driver"    "Razer USA Ltd."    "c:\windows\system32\drivers\arctosa.sys"
+ "aswMBR"    ""    ""    "File not found: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\aswMBR.sys"
+ "AVGIDSDriver"    "AVG Technologies IDS Application Activity Monitor Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidsdriverx.sys"
+ "AVGIDSFilter"    "AVG Technologies IDS Application Activity Monitor Filter Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidsfilterx.sys"
+ "AVGIDSHX"    "AVG Technologies IDS Application Activity Monitor Helper Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidshx.sys"
+ "AVGIDSShim"    "AVG Technologies IDS Application Activity Monitor Shim Loader Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidsshimx.sys"
+ "Avgldx86"    "AVG AVI Loader Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgldx86.sys"
+ "Avgmfx86"    "AVG Resident Shield Minifilter Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgmfx86.sys"
+ "Avgrkx86"    "AVG Anti-Rootkit Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgrkx86.sys"
+ "Avgtdix"    "AVG Network connection watcher"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgtdix.sys"
+ "bb-run"    "Promise Disk Accelerator"    "Promise Technology, Inc."    "c:\windows\system32\drivers\bb-run.sys"
+ "Changer"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "CLEDX"    "Team H2O CLEDX DevWhore"    "Team H2O"    "c:\windows\system32\drivers\cledx.sys"
+ "e277"    ""    ""    "File not found: C:\WINDOWS\system32\e277.sys"
+ "ftsata2"    "Promise Driver for Windows Server 2003"    "Promise Technology, Inc."    "c:\windows\system32\drivers\ftsata2.sys"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hamachi"    "Hamachi Virtual Network Interface Driver"    "LogMeIn, Inc."    "c:\windows\system32\drivers\hamachi.sys"
+ "HDAudBus"    "High Definition Audio Bus Driver v1.0a"    "Windows ® Server 2003 DDK provider"    "c:\windows\system32\drivers\hdaudbus.sys"
+ "HSX_DP"    "HSF_DP driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsx_dp.sys"
+ "HSXHWBS2"    "HSF_HWB2 WDM driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsxhwbs2.sys"
+ "i2omgmt"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkhdaud.sys"
+ "lbrtfdc"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "MBAMSwissArmy"    "Malwarebytes' Anti-Malware"    "Malwarebytes Corporation"    "c:\windows\system32\drivers\mbamswissarmy.sys"
+ "mdmxsdk"    "Diagnostic Interface DRIVER"    "Conexant"    "c:\windows\system32\drivers\mdmxsdk.sys"
+ "Nsynas32"    "Internet Protection Hardware Driver"    "Syncrosoft Hard- und Software GmbH"    "c:\windows\system32\drivers\nsynas32.sys"
+ "nv"    "NVIDIA Windows XP Miniport Driver, Version 306.81 "    "NVIDIA Corporation"    "c:\windows\system32\drivers\nv4_mini.sys"
+ "NVENETFD"    "NVIDIA Networking Function Driver."    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvenetfd.sys"
+ "nvnetbus"    "NVIDIA Networking Bus Driver."    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvnetbus.sys"
+ "PCIDump"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink"    "Direct Parallel Link Driver"    "Parallel Technologies, Inc."    "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20"    "Px Engine Device Driver for Windows 2000/XP"    "Sonic Solutions"    "c:\windows\system32\drivers\pxhelp20.sys"
+ "rtl8139"    "Realtek RTL8139 NDIS 5.0 Driver"    "Realtek Semiconductor Corporation"    "c:\windows\system32\drivers\rtl8139.sys"
+ "Secdrv"    "SafeDisc driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "USBAAPL"    ""    ""    "File not found: System32\Drivers\usbaapl.sys"
+ "VCSVADHWSer"    "Avnex Ltd. Virtual Audio Device (WDM)"    "Avnex"    "c:\windows\system32\drivers\vcsvad.sys"
+ "WDICA"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "winachsx"    "HSF_CNXT driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsx_cnxt.sys"
+ "WinRing0_1_2_0"    ""    ""    "File not found: C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys"
+ "XDva386"    ""    ""    "File not found: C:\WINDOWS\system32\XDva386.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.iac2"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch"    "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\system32\tssoft32.acm"
+ "msacm.vorbis"    "Ogg Vorbis CODEC for MSACM"    "HMS http://hp.vector.co.jp/authors/VA012897/"    "c:\windows\system32\vorbis.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"
+ "VIDC.FPS1"    "Fraps"    "Beepa P/L"    "c:\windows\system32\frapsvid.dll"
+ "vidc.iv31"    ""    ""    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32"    ""    ""    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter"    ""    ""    ""
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "9x8Resize"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "CyberLink Audio Decoder (HP_DT)"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files\hp\shared files\claud.ax"
+ "CyberLink Audio Spectrum Analyzer (DVDP)"    "CLAudSpa.ax"    "CyberLink Corp."    "c:\program files\hp\dvdplay\kernel\movie\claudspa.ax"
+ "CyberLink AudioCD Filter"    "CyberLink AudioCD Filter"    "CyberLink Corp."    "c:\program files\hp\dvdplay\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer (HP_DD2005)"    "MPEG-2 Dempltiplexer"    "CyberLink Corp."    "c:\program files\hp\dvdplay\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator"    "CyberLink DVD Navigation Filter"    "CyberLink Corp."    "c:\program files\hp\dvdplay\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter"    "CyberLink Line21 Decoder Filter"    "CyberLink Corp."    "c:\program files\hp\dvdplay\kernel\movie\clline21.ax"
+ "CyberLink Video Effect"    "CLVidFx"    "CyberLink"    "c:\program files\hp\dvdplay\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files\hp\dvdplay\kernel\movie\clvsd.ax"
+ "Frame Eater"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo® audio software"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecx.ax"
+ "Record Queue"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMplug"    ""    ""    "c:\windows\wt\webdriver\4.1.1\wtwmplug.ax"
+ "WMT Audio Analyzer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute"    ""    ""    ""
+ "C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart"    "AVG Resident Shield Service"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2012\avgrsx.exe"
 


Edited by Kadoobie, 09 February 2013 - 09:34 PM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:04 PM

Posted 09 February 2013 - 10:29 PM

Launch Adware cleaner and select DELETE,post the new log

 

Press Windows+R key and type

 

services.msc and click ok

 

RIght click on Security center-properties

 

Change the startup type to automatic and start it.



#9 Kadoobie

Kadoobie
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 09 February 2013 - 10:45 PM

done.

 

 

# AdwCleaner v2.111 - Logfile created 02/09/2013 at 22:39:22
# Updated 05/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Compaq_Owner - YOUR-D0F670B45A
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Compaq_Owner\Desktop\Virus Removal\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\Searchqu.ini
File Deleted : C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\searchqutoolbar-manifest.xml
File Deleted : C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\Uninstall.exe
Folder Deleted : C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\APN

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&q={searchTerms} --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.2 (en-US)

File : C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\29xttks2.default\prefs.js

Deleted : user_pref("keyword.URL", "hxxp://searchab.com/?aff=7&uid=20f8c7c1-71b5-11e2-ae86-001a7010d03a&q=");

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\dfauj6u9.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R2].txt - [3224 octets] - [09/02/2013 21:13:36]
AdwCleaner[S1].txt - [368 octets] - [09/02/2013 22:38:55]
AdwCleaner[S2].txt - [2421 octets] - [09/02/2013 22:39:22]

########## EOF - C:\AdwCleaner[S2].txt - [2481 octets] ##########
 


Edited by Kadoobie, 09 February 2013 - 10:46 PM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:04 PM

Posted 09 February 2013 - 10:56 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users