Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strongvault on Windows XP


  • Please log in to reply
26 replies to this topic

#1 mtfalcon31

mtfalcon31

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 15 February 2013 - 06:11 PM

There's a program called Strongvault which automatically installed during the installation of another program, and I haven't been able to figure out how to remove it from the computer. I've deleted Srongvaullt from Program Files and removed it from the Add/Remove software in the control panel, yet every time I delete a file, it pops up to try to prevent me from deleting things, so it's obviously still there. I've tried to follow a few steps on other people's forums with similar problems from Strongvault, but it seems to be a case by case sort of thing and I thought it would be best to get direct help. Thanks!



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:46 AM

Posted 15 February 2013 - 06:13 PM


  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 mtfalcon31

mtfalcon31
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 15 February 2013 - 09:59 PM

Thanks for the quick reply and help! Here's everything, I think..


TDSSKiller:

15:30:21.0031 2176  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:30:21.0734 2176  ============================================================
15:30:21.0734 2176  Current date / time: 2013/02/15 15:30:21.0734
15:30:21.0734 2176  SystemInfo:
15:30:21.0734 2176  
15:30:21.0734 2176  OS Version: 5.1.2600 ServicePack: 3.0
15:30:21.0734 2176  Product type: Workstation
15:30:21.0843 2176  ComputerName: YONALY-BCAEF976
15:30:21.0843 2176  UserName: Administrator
15:30:21.0843 2176  Windows directory: C:\WINDOWS
15:30:21.0843 2176  System windows directory: C:\WINDOWS
15:30:21.0843 2176  Processor architecture: Intel x86
15:30:21.0843 2176  Number of processors: 2
15:30:21.0843 2176  Page size: 0x1000
15:30:21.0843 2176  Boot type: Normal boot
15:30:21.0843 2176  ============================================================
15:30:22.0875 2176  BG loaded
15:30:24.0046 2176  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:30:24.0046 2176  ============================================================
15:30:24.0046 2176  \Device\Harddisk0\DR0:
15:30:24.0078 2176  MBR partitions:
15:30:24.0078 2176  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xDDA1602, BlocksNum 0xE12F4EA
15:30:24.0093 2176  ============================================================
15:30:24.0359 2176  C: <-> \Device\Harddisk0\DR0\Partition1
15:30:24.0578 2176  ============================================================
15:30:24.0578 2176  Initialize success
15:30:24.0578 2176  ============================================================
15:31:21.0234 3456  ============================================================
15:31:21.0234 3456  Scan started
15:31:21.0234 3456  Mode: Manual; TDLFS;
15:31:21.0234 3456  ============================================================
15:31:21.0359 3456  ================ Scan system memory ========================
15:31:21.0375 3456  System memory - ok
15:31:21.0375 3456  ================ Scan services =============================
15:31:21.0515 3456  Abiosdsk - ok
15:31:21.0515 3456  abp480n5 - ok
15:31:21.0578 3456  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:31:21.0578 3456  ACPI - ok
15:31:21.0609 3456  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:31:21.0609 3456  ACPIEC - ok
15:31:21.0609 3456  [ 5508E9F55799C6551D54DFBC4A068B68 ] ACPIVPC         C:\WINDOWS\system32\DRIVERS\AcpiVpc.sys
15:31:21.0609 3456  ACPIVPC - ok
15:31:21.0750 3456  [ 34400005DE52842C4D6D4EE978B4D7CE ] AdobeActiveFileMonitor8.0 C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
15:31:21.0750 3456  AdobeActiveFileMonitor8.0 - ok
15:31:21.0765 3456  adpu160m - ok
15:31:21.0812 3456  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
15:31:21.0812 3456  aec - ok
15:31:21.0859 3456  [ 322D0E36693D6E24A2398BEE62A268CD ] AFD             C:\WINDOWS\System32\drivers\afd.sys
15:31:21.0859 3456  AFD - ok
15:31:21.0875 3456  Aha154x - ok
15:31:21.0875 3456  aic78u2 - ok
15:31:21.0890 3456  aic78xx - ok
15:31:21.0921 3456  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
15:31:21.0921 3456  Alerter - ok
15:31:21.0953 3456  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
15:31:21.0953 3456  ALG - ok
15:31:21.0953 3456  AliIde - ok
15:31:21.0953 3456  amsint - ok
15:31:22.0015 3456  [ F0A929927ECF6619079DD8F7C0FE208F ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
15:31:22.0015 3456  ApfiltrService - ok
15:31:22.0156 3456  [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:31:22.0156 3456  Apple Mobile Device - ok
15:31:22.0203 3456  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
15:31:22.0203 3456  AppMgmt - ok
15:31:22.0218 3456  asc - ok
15:31:22.0218 3456  asc3350p - ok
15:31:22.0218 3456  asc3550 - ok
15:31:22.0281 3456  [ 5B01AF89D16D562825C4DB4530F20CBB ] Aspi32          C:\WINDOWS\system32\drivers\Aspi32.sys
15:31:22.0281 3456  Aspi32 - ok
15:31:22.0453 3456  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:31:22.0484 3456  aspnet_state - ok
15:31:22.0546 3456  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:31:22.0546 3456  AsyncMac - ok
15:31:22.0562 3456  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
15:31:22.0562 3456  atapi - ok
15:31:22.0562 3456  Atdisk - ok
15:31:22.0562 3456  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:31:22.0578 3456  Atmarpc - ok
15:31:22.0609 3456  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
15:31:22.0609 3456  AudioSrv - ok
15:31:22.0656 3456  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
15:31:22.0656 3456  audstub - ok
15:31:22.0703 3456  [ 104860207AC574DEE432F28C1FBB878A ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
15:31:22.0718 3456  b57w2k - ok
15:31:22.0796 3456  [ CC03987EE5D0F956706B40D2F91F9E4F ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
15:31:22.0812 3456  BCM43XX - ok
15:31:22.0875 3456  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
15:31:22.0875 3456  Beep - ok
15:31:22.0937 3456  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
15:31:22.0937 3456  BITS - ok
15:31:22.0984 3456  [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser         C:\WINDOWS\System32\browser.dll
15:31:22.0984 3456  Browser - ok
15:31:23.0046 3456  [ CB29230EE722C43EED443BAABDED721C ] Bulk            C:\WINDOWS\system32\Drivers\HDJBulk.sys
15:31:23.0046 3456  Bulk - ok
15:31:23.0140 3456  [ 58DB523A2A714E57AD715BFDE8A22A5A ] Cam5607         C:\WINDOWS\system32\Drivers\BisonC07.sys
15:31:23.0156 3456  Cam5607 - ok
15:31:23.0218 3456  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
15:31:23.0218 3456  cbidf2k - ok
15:31:23.0265 3456  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:31:23.0265 3456  CCDECODE - ok
15:31:23.0281 3456  cd20xrnt - ok
15:31:23.0296 3456  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
15:31:23.0296 3456  Cdaudio - ok
15:31:23.0343 3456  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
15:31:23.0359 3456  Cdfs - ok
15:31:23.0359 3456  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:31:23.0359 3456  Cdrom - ok
15:31:23.0359 3456  Changer - ok
15:31:23.0406 3456  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
15:31:23.0406 3456  CiSvc - ok
15:31:23.0421 3456  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
15:31:23.0421 3456  ClipSrv - ok
15:31:23.0500 3456  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:31:23.0500 3456  clr_optimization_v2.0.50727_32 - ok
15:31:23.0562 3456  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:31:23.0593 3456  clr_optimization_v4.0.30319_32 - ok
15:31:23.0625 3456  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:31:23.0625 3456  CmBatt - ok
15:31:23.0640 3456  CmdIde - ok
15:31:23.0734 3456  [ CD6B20B6BB7CDD413A83FB39C3ABF687 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDAU32.sys
15:31:23.0750 3456  CnxtHdAudService - ok
15:31:23.0796 3456  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:31:23.0796 3456  Compbatt - ok
15:31:23.0796 3456  COMSysApp - ok
15:31:23.0812 3456  Cpqarray - ok
15:31:23.0875 3456  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
15:31:23.0875 3456  CryptSvc - ok
15:31:23.0875 3456  dac2w2k - ok
15:31:23.0875 3456  dac960nt - ok
15:31:23.0953 3456  [ 2589FE6015A316C0F5D5112B4DA7B509 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
15:31:23.0953 3456  DcomLaunch - ok
15:31:23.0968 3456  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
15:31:23.0968 3456  Dhcp - ok
15:31:23.0984 3456  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
15:31:23.0984 3456  Disk - ok
15:31:23.0984 3456  dmadmin - ok
15:31:24.0046 3456  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
15:31:24.0062 3456  dmboot - ok
15:31:24.0109 3456  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
15:31:24.0109 3456  dmio - ok
15:31:24.0125 3456  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
15:31:24.0125 3456  dmload - ok
15:31:24.0156 3456  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
15:31:24.0156 3456  dmserver - ok
15:31:24.0203 3456  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
15:31:24.0203 3456  DMusic - ok
15:31:24.0218 3456  [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
15:31:24.0218 3456  Dnscache - ok
15:31:24.0250 3456  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
15:31:24.0250 3456  Dot3svc - ok
15:31:24.0250 3456  dpti2o - ok
15:31:24.0296 3456  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
15:31:24.0296 3456  drmkaud - ok
15:31:24.0328 3456  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
15:31:24.0328 3456  EapHost - ok
15:31:24.0359 3456  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
15:31:24.0359 3456  ERSvc - ok
15:31:24.0406 3456  [ 0E776ED5F7CC9F94299E70461B7B8185 ] Eventlog        C:\WINDOWS\system32\services.exe
15:31:24.0421 3456  Eventlog - ok
15:31:24.0437 3456  [ 19A799805B24990867B00C120D300C3A ] EventSystem     C:\WINDOWS\system32\es.dll
15:31:24.0453 3456  EventSystem - ok
15:31:24.0500 3456  [ F7312B79766A411929C303A0D337EC60 ] Ext2Fsd         C:\WINDOWS\system32\drivers\Ext2Fsd.sys
15:31:24.0515 3456  Ext2Fsd - ok
15:31:24.0562 3456  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
15:31:24.0578 3456  Fastfat - ok
15:31:24.0625 3456  [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:31:24.0625 3456  FastUserSwitchingCompatibility - ok
15:31:24.0640 3456  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
15:31:24.0640 3456  Fdc - ok
15:31:24.0640 3456  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
15:31:24.0640 3456  Fips - ok
15:31:24.0718 3456  [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:31:24.0750 3456  FLEXnet Licensing Service - ok
15:31:24.0781 3456  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
15:31:24.0781 3456  Flpydisk - ok
15:31:24.0828 3456  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:31:24.0828 3456  FltMgr - ok
15:31:24.0906 3456  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:31:24.0906 3456  FontCache3.0.0.0 - ok
15:31:24.0953 3456  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:31:24.0953 3456  Fs_Rec - ok
15:31:24.0968 3456  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:31:24.0968 3456  Ftdisk - ok
15:31:25.0000 3456  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:31:25.0000 3456  GEARAspiWDM - ok
15:31:25.0046 3456  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:31:25.0046 3456  Gpc - ok
15:31:25.0109 3456  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:31:25.0109 3456  gusvc - ok
15:31:25.0156 3456  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:31:25.0156 3456  HDAudBus - ok
15:31:25.0203 3456  [ A840EDE400211536C96D38D2C099B284 ] HDJMidi         C:\WINDOWS\system32\DRIVERS\HDJMidi.sys
15:31:25.0203 3456  HDJMidi - ok
15:31:25.0296 3456  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:31:25.0296 3456  helpsvc - ok
15:31:25.0296 3456  HidServ - ok
15:31:25.0343 3456  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:31:25.0343 3456  HidUsb - ok
15:31:25.0390 3456  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
15:31:25.0390 3456  hkmsvc - ok
15:31:25.0390 3456  hpn - ok
15:31:25.0437 3456  [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
15:31:25.0437 3456  HTTP - ok
15:31:25.0484 3456  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
15:31:25.0500 3456  HTTPFilter - ok
15:31:25.0500 3456  i2omgmt - ok
15:31:25.0500 3456  i2omp - ok
15:31:25.0562 3456  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:31:25.0578 3456  i8042prt - ok
15:31:25.0796 3456  [ 1312E0141A7BD409AFADD52FA565927E ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
15:31:25.0859 3456  ialm - ok
15:31:25.0921 3456  [ 8EF427C54497C5F8A7A645990E4278C7 ] iaStor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
15:31:25.0921 3456  iaStor - ok
15:31:25.0921 3456  [ 8EF427C54497C5F8A7A645990E4278C7 ] iastor86        C:\WINDOWS\system32\drivers\iastor86.sys
15:31:25.0937 3456  iastor86 - ok
15:31:26.0000 3456  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:31:26.0000 3456  IDriverT - ok
15:31:26.0125 3456  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:31:26.0171 3456  idsvc - ok
15:31:26.0218 3456  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
15:31:26.0218 3456  Imapi - ok
15:31:26.0250 3456  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
15:31:26.0265 3456  ImapiService - ok
15:31:26.0265 3456  ini910u - ok
15:31:26.0281 3456  IntelIde - ok
15:31:26.0281 3456  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:31:26.0281 3456  intelppm - ok
15:31:26.0312 3456  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:31:26.0312 3456  Ip6Fw - ok
15:31:26.0343 3456  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:31:26.0343 3456  IpFilterDriver - ok
15:31:26.0359 3456  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:31:26.0359 3456  IpInIp - ok
15:31:26.0390 3456  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:31:26.0390 3456  IpNat - ok
15:31:26.0453 3456  [ 178FE38B7740F598391EB2F51AE4CCAC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:31:26.0484 3456  iPod Service - ok
15:31:26.0531 3456  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:31:26.0531 3456  IPSec - ok
15:31:26.0562 3456  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
15:31:26.0578 3456  IRENUM - ok
15:31:26.0609 3456  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:31:26.0609 3456  isapnp - ok
15:31:26.0765 3456  [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
15:31:26.0765 3456  JavaQuickStarterService - ok
15:31:26.0812 3456  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:31:26.0812 3456  Kbdclass - ok
15:31:26.0906 3456  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
15:31:26.0921 3456  kmixer - ok
15:31:26.0921 3456  ks2avs - ok
15:31:26.0984 3456  ks2usb_svc - ok
15:31:27.0046 3456  [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
15:31:27.0046 3456  KSecDD - ok
15:31:27.0093 3456  [ F385F4B02C535BFFE1D70CAB80838123 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
15:31:27.0109 3456  LanmanServer - ok
15:31:27.0203 3456  [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:31:27.0203 3456  lanmanworkstation - ok
15:31:27.0218 3456  lbrtfdc - ok
15:31:27.0250 3456  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
15:31:27.0250 3456  LmHosts - ok
15:31:27.0296 3456  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
15:31:27.0296 3456  Messenger - ok
15:31:27.0359 3456  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
15:31:27.0359 3456  mnmdd - ok
15:31:27.0406 3456  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
15:31:27.0406 3456  mnmsrvc - ok
15:31:27.0437 3456  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
15:31:27.0437 3456  Modem - ok
15:31:27.0468 3456  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:31:27.0468 3456  Mouclass - ok
15:31:27.0484 3456  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:31:27.0484 3456  mouhid - ok
15:31:27.0500 3456  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
15:31:27.0500 3456  MountMgr - ok
15:31:27.0562 3456  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:31:27.0562 3456  MozillaMaintenance - ok
15:31:27.0578 3456  mraid35x - ok
15:31:27.0578 3456  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:31:27.0578 3456  MRxDAV - ok
15:31:27.0609 3456  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
15:31:27.0609 3456  MSDTC - ok
15:31:27.0656 3456  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
15:31:27.0656 3456  Msfs - ok
15:31:27.0656 3456  MSIServer - ok
15:31:27.0687 3456  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:31:27.0703 3456  MSKSSRV - ok
15:31:27.0718 3456  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:31:27.0718 3456  MSPCLOCK - ok
15:31:27.0734 3456  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
15:31:27.0734 3456  MSPQM - ok
15:31:27.0781 3456  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:31:27.0781 3456  mssmbios - ok
15:31:27.0796 3456  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
15:31:27.0796 3456  MSTEE - ok
15:31:27.0812 3456  [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
15:31:27.0812 3456  Mup - ok
15:31:27.0859 3456  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:31:27.0859 3456  NABTSFEC - ok
15:31:27.0890 3456  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
15:31:27.0906 3456  napagent - ok
15:31:27.0937 3456  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
15:31:27.0937 3456  NDIS - ok
15:31:27.0968 3456  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:31:27.0968 3456  NdisIP - ok
15:31:28.0000 3456  [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:31:28.0000 3456  NdisTapi - ok
15:31:28.0015 3456  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:31:28.0015 3456  Ndisuio - ok
15:31:28.0062 3456  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:31:28.0062 3456  NdisWan - ok
15:31:28.0078 3456  [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
15:31:28.0078 3456  NDProxy - ok
15:31:28.0078 3456  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
15:31:28.0078 3456  NetBIOS - ok
15:31:28.0109 3456  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
15:31:28.0109 3456  NetBT - ok
15:31:28.0140 3456  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
15:31:28.0140 3456  NetDDE - ok
15:31:28.0140 3456  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
15:31:28.0140 3456  NetDDEdsdm - ok
15:31:28.0187 3456  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
15:31:28.0187 3456  Netlogon - ok
15:31:28.0203 3456  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
15:31:28.0218 3456  Netman - ok
15:31:28.0250 3456  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:31:28.0281 3456  NetTcpPortSharing - ok
15:31:28.0328 3456  [ B4138E99236F0F57D4CF49BAE98A0746 ] Nla             C:\WINDOWS\System32\mswsock.dll
15:31:28.0343 3456  Nla - ok
15:31:28.0359 3456  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
15:31:28.0359 3456  Npfs - ok
15:31:28.0375 3456  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
15:31:28.0375 3456  Ntfs - ok
15:31:28.0390 3456  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
15:31:28.0390 3456  NtLmSsp - ok
15:31:28.0437 3456  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
15:31:28.0453 3456  NtmsSvc - ok
15:31:28.0484 3456  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
15:31:28.0484 3456  Null - ok
15:31:28.0500 3456  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:31:28.0515 3456  NwlnkFlt - ok
15:31:28.0515 3456  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:31:28.0515 3456  NwlnkFwd - ok
15:31:28.0546 3456  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
15:31:28.0546 3456  Parport - ok
15:31:28.0546 3456  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
15:31:28.0546 3456  PartMgr - ok
15:31:28.0562 3456  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
15:31:28.0578 3456  ParVdm - ok
15:31:28.0593 3456  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
15:31:28.0593 3456  PCI - ok
15:31:28.0609 3456  PCIDump - ok
15:31:28.0625 3456  PCIIde - ok
15:31:28.0640 3456  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
15:31:28.0656 3456  Pcmcia - ok
15:31:28.0656 3456  PDCOMP - ok
15:31:28.0656 3456  PDFRAME - ok
15:31:28.0671 3456  PDRELI - ok
15:31:28.0671 3456  PDRFRAME - ok
15:31:28.0687 3456  perc2 - ok
15:31:28.0687 3456  perc2hib - ok
15:31:28.0718 3456  [ 0E776ED5F7CC9F94299E70461B7B8185 ] PlugPlay        C:\WINDOWS\system32\services.exe
15:31:28.0734 3456  PlugPlay - ok
15:31:28.0734 3456  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
15:31:28.0734 3456  PolicyAgent - ok
15:31:28.0750 3456  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:31:28.0750 3456  PptpMiniport - ok
15:31:28.0765 3456  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:31:28.0765 3456  ProtectedStorage - ok
15:31:28.0781 3456  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
15:31:28.0781 3456  PSched - ok
15:31:28.0828 3456  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:31:28.0828 3456  Ptilink - ok
15:31:28.0875 3456  [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:31:28.0875 3456  PxHelp20 - ok
15:31:28.0875 3456  ql1080 - ok
15:31:28.0875 3456  Ql10wnt - ok
15:31:28.0890 3456  ql12160 - ok
15:31:28.0890 3456  ql1240 - ok
15:31:28.0890 3456  ql1280 - ok
15:31:28.0906 3456  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:31:28.0906 3456  RasAcd - ok
15:31:28.0937 3456  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
15:31:28.0937 3456  RasAuto - ok
15:31:28.0968 3456  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:31:28.0968 3456  Rasl2tp - ok
15:31:28.0984 3456  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
15:31:29.0000 3456  RasMan - ok
15:31:29.0000 3456  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:31:29.0000 3456  RasPppoe - ok
15:31:29.0000 3456  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
15:31:29.0000 3456  Raspti - ok
15:31:29.0015 3456  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:31:29.0015 3456  Rdbss - ok
15:31:29.0062 3456  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:31:29.0062 3456  RDPCDD - ok
15:31:29.0109 3456  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:31:29.0109 3456  rdpdr - ok
15:31:29.0171 3456  [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
15:31:29.0171 3456  RDPWD - ok
15:31:29.0203 3456  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
15:31:29.0203 3456  RDSessMgr - ok
15:31:29.0218 3456  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
15:31:29.0218 3456  redbook - ok
15:31:29.0265 3456  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
15:31:29.0265 3456  RemoteAccess - ok
15:31:29.0296 3456  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
15:31:29.0312 3456  RemoteRegistry - ok
15:31:29.0328 3456  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
15:31:29.0343 3456  RpcLocator - ok
15:31:29.0375 3456  [ 2589FE6015A316C0F5D5112B4DA7B509 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
15:31:29.0390 3456  RpcSs - ok
15:31:29.0406 3456  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
15:31:29.0406 3456  RSVP - ok
15:31:29.0437 3456  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
15:31:29.0437 3456  SamSs - ok
15:31:29.0453 3456  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
15:31:29.0453 3456  SCardSvr - ok
15:31:29.0500 3456  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
15:31:29.0500 3456  Schedule - ok
15:31:29.0531 3456  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:31:29.0531 3456  Secdrv - ok
15:31:29.0562 3456  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
15:31:29.0562 3456  seclogon - ok
15:31:29.0609 3456  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
15:31:29.0609 3456  SENS - ok
15:31:29.0625 3456  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
15:31:29.0625 3456  Serial - ok
15:31:29.0656 3456  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
15:31:29.0656 3456  Sfloppy - ok
15:31:29.0687 3456  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
15:31:29.0687 3456  SharedAccess - ok
15:31:29.0703 3456  [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:31:29.0703 3456  ShellHWDetection - ok
15:31:29.0718 3456  Simbad - ok
15:31:29.0750 3456  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:31:29.0750 3456  SLIP - ok
15:31:29.0750 3456  Sparrow - ok
15:31:29.0796 3456  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
15:31:29.0796 3456  splitter - ok
15:31:29.0828 3456  [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler         C:\WINDOWS\system32\spoolsv.exe
15:31:29.0843 3456  Spooler - ok
15:31:29.0890 3456  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
15:31:29.0890 3456  sr - ok
15:31:29.0906 3456  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
15:31:29.0906 3456  srservice - ok
15:31:29.0921 3456  [ 5252605079810904E31C332E241CD59B ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
15:31:29.0921 3456  Srv - ok
15:31:29.0937 3456  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
15:31:29.0937 3456  SSDPSRV - ok
15:31:29.0968 3456  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
15:31:29.0984 3456  stisvc - ok
15:31:30.0000 3456  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:31:30.0000 3456  streamip - ok
15:31:30.0046 3456  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
15:31:30.0046 3456  swenum - ok
15:31:30.0046 3456  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
15:31:30.0046 3456  swmidi - ok
15:31:30.0062 3456  SwPrv - ok
15:31:30.0078 3456  symc810 - ok
15:31:30.0078 3456  symc8xx - ok
15:31:30.0078 3456  sym_hi - ok
15:31:30.0078 3456  sym_u3 - ok
15:31:30.0125 3456  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
15:31:30.0125 3456  sysaudio - ok
15:31:30.0171 3456  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
15:31:30.0171 3456  SysmonLog - ok
15:31:30.0375 3456  [ C9D5FA17200768EF92538F1F95735A2E ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
15:31:30.0421 3456  TabletServicePen - ok
15:31:30.0437 3456  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
15:31:30.0453 3456  TapiSrv - ok
15:31:30.0484 3456  [ EAEC6EA32BDABD7622371C10B8D68A17 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:31:30.0484 3456  Tcpip - ok
15:31:30.0515 3456  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
15:31:30.0515 3456  TDPIPE - ok
15:31:30.0531 3456  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
15:31:30.0531 3456  TDTCP - ok
15:31:30.0546 3456  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
15:31:30.0546 3456  TermDD - ok
15:31:30.0609 3456  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
15:31:30.0609 3456  TermService - ok
15:31:30.0656 3456  [ 1926899BF9FFE2602B63074971700412 ] Themes          C:\WINDOWS\System32\shsvcs.dll
15:31:30.0656 3456  Themes - ok
15:31:30.0703 3456  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
15:31:30.0703 3456  TlntSvr - ok
15:31:30.0703 3456  TosIde - ok
15:31:30.0750 3456  [ 8D83C60DE67C2DB212452D8EBE7CA196 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
15:31:30.0750 3456  TouchServicePen - ok
15:31:30.0765 3456  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
15:31:30.0765 3456  TrkWks - ok
15:31:30.0796 3456  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
15:31:30.0796 3456  Udfs - ok
15:31:30.0796 3456  ultra - ok
15:31:30.0859 3456  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
15:31:30.0859 3456  Update - ok
15:31:30.0890 3456  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
15:31:30.0890 3456  upnphost - ok
15:31:30.0921 3456  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
15:31:30.0921 3456  UPS - ok
15:31:30.0968 3456  [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
15:31:30.0968 3456  USBAAPL - ok
15:31:31.0046 3456  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
15:31:31.0046 3456  usbaudio - ok
15:31:31.0062 3456  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:31:31.0062 3456  usbccgp - ok
15:31:31.0093 3456  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:31:31.0093 3456  usbehci - ok
15:31:31.0109 3456  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:31:31.0109 3456  usbhub - ok
15:31:31.0140 3456  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:31:31.0140 3456  usbscan - ok
15:31:31.0140 3456  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:31:31.0140 3456  usbstor - ok
15:31:31.0171 3456  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:31:31.0171 3456  usbuhci - ok
15:31:31.0218 3456  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
15:31:31.0218 3456  usbvideo - ok
15:31:31.0250 3456  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
15:31:31.0250 3456  VgaSave - ok
15:31:31.0250 3456  ViaIde - ok
15:31:31.0265 3456  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
15:31:31.0281 3456  VolSnap - ok
15:31:31.0296 3456  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
15:31:31.0296 3456  VSS - ok
15:31:31.0328 3456  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
15:31:31.0328 3456  W32Time - ok
15:31:31.0375 3456  [ F24EE97511FB901189E11CBBD51605BA ] wacmoumonitor   C:\WINDOWS\system32\DRIVERS\wacmoumonitor.sys
15:31:31.0375 3456  wacmoumonitor - ok
15:31:31.0406 3456  [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
15:31:31.0406 3456  wacommousefilter - ok
15:31:31.0406 3456  [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] wacomvhid       C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
15:31:31.0406 3456  wacomvhid - ok
15:31:31.0421 3456  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:31:31.0421 3456  Wanarp - ok
15:31:31.0484 3456  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
15:31:31.0484 3456  Wdf01000 - ok
15:31:31.0484 3456  WDICA - ok
15:31:31.0515 3456  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
15:31:31.0515 3456  wdmaud - ok
15:31:31.0562 3456  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
15:31:31.0562 3456  WebClient - ok
15:31:31.0656 3456  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
15:31:31.0656 3456  winmgmt - ok
15:31:31.0703 3456  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
15:31:31.0703 3456  WmdmPmSN - ok
15:31:31.0750 3456  [ BAB489A5FE26F2D0C910CF7AF7E4CF92 ] Wmi             C:\WINDOWS\System32\advapi32.dll
15:31:31.0765 3456  Wmi - ok
15:31:31.0812 3456  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:31:31.0812 3456  WmiApSrv - ok
15:31:31.0875 3456  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
15:31:31.0890 3456  WMPNetworkSvc - ok
15:31:31.0953 3456  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:31:31.0953 3456  WpdUsb - ok
15:31:32.0062 3456  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:31:32.0078 3456  WPFFontCache_v0400 - ok
15:31:32.0125 3456  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:31:32.0125 3456  WS2IFSL - ok
15:31:32.0156 3456  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:31:32.0156 3456  WSTCODEC - ok
15:31:32.0171 3456  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:31:32.0171 3456  WudfPf - ok
15:31:32.0187 3456  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:31:32.0203 3456  WudfRd - ok
15:31:32.0234 3456  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
15:31:32.0234 3456  WudfSvc - ok
15:31:32.0265 3456  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
15:31:32.0265 3456  WZCSVC - ok
15:31:32.0328 3456  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
15:31:32.0328 3456  xmlprov - ok
15:31:32.0328 3456  ================ Scan global ===============================
15:31:32.0375 3456  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
15:31:32.0421 3456  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
15:31:32.0437 3456  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
15:31:32.0453 3456  [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe
15:31:32.0453 3456  [Global] - ok
15:31:32.0453 3456  ================ Scan MBR ==================================
15:31:32.0484 3456  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
15:31:32.0906 3456  \Device\Harddisk0\DR0 - ok
15:31:32.0906 3456  ================ Scan VBR ==================================
15:31:32.0906 3456  [ 4A5DB140BEC99C3A9F642B6FEA7FBE73 ] \Device\Harddisk0\DR0\Partition1
15:31:32.0921 3456  \Device\Harddisk0\DR0\Partition1 - ok
15:31:32.0921 3456  ================ Scan active images ========================
15:31:32.0921 3456  [ 1312E0141A7BD409AFADD52FA565927E ] C:\WINDOWS\system32\drivers\igxpmp32.sys
15:31:32.0921 3456  C:\WINDOWS\system32\drivers\igxpmp32.sys - ok
15:31:32.0921 3456  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
15:31:32.0921 3456  C:\WINDOWS\system32\drivers\videoprt.sys - ok
15:31:32.0921 3456  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
15:31:32.0921 3456  C:\WINDOWS\system32\drivers\usbport.sys - ok
15:31:32.0937 3456  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
15:31:32.0937 3456  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
15:31:32.0937 3456  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
15:31:32.0937 3456  C:\WINDOWS\system32\drivers\usbehci.sys - ok
15:31:32.0937 3456  [ CC03987EE5D0F956706B40D2F91F9E4F ] C:\WINDOWS\system32\drivers\BCMWL5.SYS
15:31:32.0937 3456  C:\WINDOWS\system32\drivers\BCMWL5.SYS - ok
15:31:32.0937 3456  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
15:31:32.0937 3456  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
15:31:32.0953 3456  [ 104860207AC574DEE432F28C1FBB878A ] C:\WINDOWS\system32\drivers\b57xp32.sys
15:31:32.0953 3456  C:\WINDOWS\system32\drivers\b57xp32.sys - ok
15:31:32.0953 3456  [ 5508E9F55799C6551D54DFBC4A068B68 ] C:\WINDOWS\system32\drivers\AcpiVpc.sys
15:31:32.0953 3456  C:\WINDOWS\system32\drivers\AcpiVpc.sys - ok
15:31:32.0953 3456  [ 0F6C187D38D98F8DF904589A5F94D411 ] C:\WINDOWS\system32\drivers\CmBatt.sys
15:31:32.0953 3456  C:\WINDOWS\system32\drivers\CmBatt.sys - ok
15:31:32.0953 3456  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
15:31:32.0953 3456  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
15:31:32.0968 3456  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
15:31:32.0968 3456  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
15:31:32.0968 3456  [ F0A929927ECF6619079DD8F7C0FE208F ] C:\WINDOWS\system32\drivers\Apfiltr.sys
15:31:32.0968 3456  C:\WINDOWS\system32\drivers\Apfiltr.sys - ok
15:31:32.0968 3456  [ D918617B46457B9AC28027722E30F647 ] C:\WINDOWS\system32\drivers\wdf01000.sys
15:31:32.0968 3456  C:\WINDOWS\system32\drivers\wdf01000.sys - ok
15:31:32.0968 3456  [ 399C974DDA25FD3E59F22BAB787F662B ] C:\WINDOWS\system32\drivers\wdfldr.sys
15:31:32.0968 3456  C:\WINDOWS\system32\drivers\wdfldr.sys - ok
15:31:32.0984 3456  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
15:31:32.0984 3456  C:\WINDOWS\system32\drivers\mouclass.sys - ok
15:31:32.0984 3456  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
15:31:32.0984 3456  C:\WINDOWS\system32\drivers\cdrom.sys - ok
15:31:32.0984 3456  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
15:31:32.0984 3456  C:\WINDOWS\system32\drivers\imapi.sys - ok
15:31:32.0984 3456  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
15:31:32.0984 3456  C:\WINDOWS\system32\drivers\ks.sys - ok
15:31:32.0984 3456  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
15:31:32.0984 3456  C:\WINDOWS\system32\drivers\redbook.sys - ok
15:31:33.0000 3456  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
15:31:33.0000 3456  C:\WINDOWS\system32\drivers\audstub.sys - ok
15:31:33.0000 3456  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
15:31:33.0000 3456  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
15:31:33.0000 3456  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
15:31:33.0000 3456  C:\WINDOWS\system32\drivers\hidclass.sys - ok
15:31:33.0000 3456  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
15:31:33.0000 3456  C:\WINDOWS\system32\drivers\hidparse.sys - ok
15:31:33.0015 3456  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
15:31:33.0015 3456  C:\WINDOWS\system32\drivers\intelppm.sys - ok
15:31:33.0015 3456  [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] C:\WINDOWS\system32\drivers\wacomvhid.sys
15:31:33.0015 3456  C:\WINDOWS\system32\drivers\wacomvhid.sys - ok
15:31:33.0015 3456  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
15:31:33.0015 3456  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
15:31:33.0015 3456  [ 1AB3D00C991AB086E69DB84B6C0ED78F ] C:\WINDOWS\system32\drivers\ndistapi.sys
15:31:33.0015 3456  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
15:31:33.0031 3456  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
15:31:33.0031 3456  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
15:31:33.0031 3456  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
15:31:33.0031 3456  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
15:31:33.0031 3456  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
15:31:33.0031 3456  C:\WINDOWS\system32\drivers\raspptp.sys - ok
15:31:33.0031 3456  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
15:31:33.0031 3456  C:\WINDOWS\system32\drivers\tdi.sys - ok
15:31:33.0046 3456  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
15:31:33.0046 3456  C:\WINDOWS\system32\drivers\psched.sys - ok
15:31:33.0046 3456  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
15:31:33.0046 3456  C:\WINDOWS\system32\drivers\msgpc.sys - ok
15:31:33.0046 3456  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
15:31:33.0046 3456  C:\WINDOWS\system32\drivers\ptilink.sys - ok
15:31:33.0046 3456  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
15:31:33.0046 3456  C:\WINDOWS\system32\drivers\raspti.sys - ok
15:31:33.0062 3456  [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
15:31:33.0062 3456  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
15:31:33.0062 3456  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
15:31:33.0062 3456  C:\WINDOWS\system32\drivers\termdd.sys - ok
15:31:33.0062 3456  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
15:31:33.0062 3456  C:\WINDOWS\system32\drivers\swenum.sys - ok
15:31:33.0062 3456  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
15:31:33.0062 3456  C:\WINDOWS\system32\drivers\update.sys - ok
15:31:33.0062 3456  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
15:31:33.0062 3456  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
15:31:33.0078 3456  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
15:31:33.0078 3456  C:\WINDOWS\system32\drivers\mouhid.sys - ok
15:31:33.0078 3456  [ 6215023940CFD3702B46ABC304E1D45A ] C:\WINDOWS\system32\drivers\ndproxy.sys
15:31:33.0078 3456  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
15:31:33.0078 3456  [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] C:\WINDOWS\system32\drivers\wacommousefilter.sys
15:31:33.0078 3456  C:\WINDOWS\system32\drivers\wacommousefilter.sys - ok
15:31:33.0078 3456  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
15:31:33.0078 3456  C:\WINDOWS\system32\drivers\usbd.sys - ok
15:31:33.0078 3456  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
15:31:33.0078 3456  C:\WINDOWS\system32\drivers\usbhub.sys - ok
15:31:33.0078 3456  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
15:31:33.0078 3456  C:\WINDOWS\system32\drivers\drmk.sys - ok
15:31:33.0093 3456  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
15:31:33.0093 3456  C:\WINDOWS\system32\drivers\portcls.sys - ok
15:31:33.0093 3456  [ CD6B20B6BB7CDD413A83FB39C3ABF687 ] C:\WINDOWS\system32\drivers\CHDAU32.sys
15:31:33.0093 3456  C:\WINDOWS\system32\drivers\CHDAU32.sys - ok
15:31:33.0093 3456  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
15:31:33.0093 3456  C:\WINDOWS\system32\drivers\fdc.sys - ok
15:31:33.0093 3456  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
15:31:33.0093 3456  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
15:31:33.0093 3456  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
15:31:33.0093 3456  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
15:31:33.0109 3456  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
15:31:33.0109 3456  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
15:31:33.0109 3456  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
15:31:33.0109 3456  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
15:31:33.0109 3456  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
15:31:33.0109 3456  C:\WINDOWS\system32\drivers\beep.sys - ok
15:31:33.0109 3456  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
15:31:33.0109 3456  C:\WINDOWS\system32\drivers\null.sys - ok
15:31:33.0109 3456  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
15:31:33.0109 3456  C:\WINDOWS\system32\drivers\vga.sys - ok
15:31:33.0109 3456  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
15:31:33.0109 3456  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
15:31:33.0125 3456  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
15:31:33.0125 3456  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
15:31:33.0125 3456  [ F7312B79766A411929C303A0D337EC60 ] C:\WINDOWS\system32\drivers\ext2fsd.sys
15:31:33.0125 3456  C:\WINDOWS\system32\drivers\ext2fsd.sys - ok
15:31:33.0125 3456  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
15:31:33.0125 3456  C:\WINDOWS\system32\drivers\msfs.sys - ok
15:31:33.0125 3456  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
15:31:33.0125 3456  C:\WINDOWS\system32\drivers\ipsec.sys - ok
15:31:33.0125 3456  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
15:31:33.0125 3456  C:\WINDOWS\system32\drivers\npfs.sys - ok
15:31:33.0140 3456  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
15:31:33.0140 3456  C:\WINDOWS\system32\drivers\rasacd.sys - ok
15:31:33.0140 3456  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
15:31:33.0140 3456  C:\WINDOWS\system32\drivers\netbt.sys - ok
15:31:33.0140 3456  [ EAEC6EA32BDABD7622371C10B8D68A17 ] C:\WINDOWS\system32\drivers\tcpip.sys
15:31:33.0140 3456  C:\WINDOWS\system32\drivers\tcpip.sys - ok
15:31:33.0140 3456  [ 322D0E36693D6E24A2398BEE62A268CD ] C:\WINDOWS\system32\drivers\afd.sys
15:31:33.0140 3456  C:\WINDOWS\system32\drivers\afd.sys - ok
15:31:33.0140 3456  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
15:31:33.0140 3456  C:\WINDOWS\system32\drivers\ipnat.sys - ok
15:31:33.0140 3456  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
15:31:33.0140 3456  C:\WINDOWS\system32\drivers\netbios.sys - ok
15:31:33.0156 3456  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
15:31:33.0156 3456  C:\WINDOWS\system32\drivers\fips.sys - ok
15:31:33.0156 3456  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
15:31:33.0156 3456  C:\WINDOWS\system32\drivers\rdbss.sys - ok
15:31:33.0156 3456  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
15:31:33.0156 3456  C:\WINDOWS\system32\smss.exe - ok
15:31:33.0156 3456  [ 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F ] C:\WINDOWS\system32\ntdll.dll
15:31:33.0156 3456  C:\WINDOWS\system32\ntdll.dll - ok
15:31:33.0156 3456  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
15:31:33.0156 3456  C:\WINDOWS\system32\autochk.exe - ok
15:31:33.0171 3456  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
15:31:33.0171 3456  C:\WINDOWS\system32\sfcfiles.dll - ok
15:31:33.0171 3456  [ 58DB523A2A714E57AD715BFDE8A22A5A ] C:\WINDOWS\system32\drivers\BisonC07.sys
15:31:33.0171 3456  C:\WINDOWS\system32\drivers\BisonC07.sys - ok
15:31:33.0171 3456  [ 8EF427C54497C5F8A7A645990E4278C7 ] C:\WINDOWS\system32\drivers\iaStor.sys
15:31:33.0171 3456  C:\WINDOWS\system32\drivers\iaStor.sys - ok
15:31:33.0171 3456  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
15:31:33.0171 3456  C:\WINDOWS\system32\drivers\dxapi.sys - ok
15:31:33.0171 3456  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
15:31:33.0171 3456  C:\WINDOWS\system32\watchdog.sys - ok
15:31:33.0171 3456  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
15:31:33.0171 3456  C:\WINDOWS\system32\basesrv.dll - ok
15:31:33.0187 3456  [ 05B100F8DD7073BFD7B3E46D0E36AD0C ] C:\WINDOWS\system32\csrsrv.dll
15:31:33.0187 3456  C:\WINDOWS\system32\csrsrv.dll - ok
15:31:33.0187 3456  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
15:31:33.0187 3456  C:\WINDOWS\system32\csrss.exe - ok
15:31:33.0187 3456  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
15:31:33.0187 3456  C:\WINDOWS\system32\drivers\wanarp.sys - ok
15:31:33.0187 3456  [ DE01D79A607C7B9AE7FF88E934D0FFB2 ] C:\WINDOWS\system32\win32k.sys
15:31:33.0187 3456  C:\WINDOWS\system32\win32k.sys - ok
15:31:33.0187 3456  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
15:31:33.0187 3456  C:\WINDOWS\system32\winsrv.dll - ok
15:31:33.0203 3456  [ B015B9134DAD7E29E7D2D6B5F5C8C2FC ] C:\WINDOWS\system32\gdi32.dll
15:31:33.0203 3456  C:\WINDOWS\system32\gdi32.dll - ok
15:31:33.0203 3456  [ C24B983D211C34DA8FCC1AC38477971D ] C:\WINDOWS\system32\kernel32.dll
15:31:33.0203 3456  C:\WINDOWS\system32\kernel32.dll - ok
15:31:33.0203 3456  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
15:31:33.0203 3456  C:\WINDOWS\system32\user32.dll - ok
15:31:33.0203 3456  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
15:31:33.0203 3456  C:\WINDOWS\system32\drivers\dxg.sys - ok
15:31:33.0203 3456  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
15:31:33.0203 3456  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
15:31:33.0203 3456  [ F9B156EB495F9F29877AF1BC708FB0F8 ] C:\WINDOWS\system32\igxpgd32.dll
15:31:33.0203 3456  C:\WINDOWS\system32\igxpgd32.dll - ok
15:31:33.0218 3456  [ 9F99B958083807CDCFECA2A3FB18B3CF ] C:\WINDOWS\system32\igxprd32.dll
15:31:33.0218 3456  C:\WINDOWS\system32\igxprd32.dll - ok
15:31:33.0218 3456  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
15:31:33.0218 3456  C:\WINDOWS\system32\vga.dll - ok
15:31:33.0218 3456  [ 3BD2CB5BD6EA50856CDD949D904B9CB2 ] C:\WINDOWS\system32\igxpdv32.dll
15:31:33.0218 3456  C:\WINDOWS\system32\igxpdv32.dll - ok
15:31:33.0218 3456  [ D85C98AE66E5B0C568A7612E4FC0986E ] C:\WINDOWS\system32\igxpdx32.dll
15:31:33.0218 3456  C:\WINDOWS\system32\igxpdx32.dll - ok
15:31:33.0218 3456  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
15:31:33.0218 3456  C:\WINDOWS\system32\winlogon.exe - ok
15:31:33.0234 3456  [ BAB489A5FE26F2D0C910CF7AF7E4CF92 ] C:\WINDOWS\system32\advapi32.dll
15:31:33.0234 3456  C:\WINDOWS\system32\advapi32.dll - ok
15:31:33.0234 3456  [ B979D9D1C8073DA21A7F80345F306A1D ] C:\WINDOWS\system32\rpcrt4.dll
15:31:33.0234 3456  C:\WINDOWS\system32\rpcrt4.dll - ok
15:31:33.0234 3456  [ 7459C16CC3EF4651CAB7C9260E43FC58 ] C:\WINDOWS\system32\secur32.dll
15:31:33.0234 3456  C:\WINDOWS\system32\secur32.dll - ok
15:31:33.0234 3456  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
15:31:33.0234 3456  C:\WINDOWS\system32\authz.dll - ok
15:31:33.0234 3456  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
15:31:33.0234 3456  C:\WINDOWS\system32\msvcrt.dll - ok
15:31:33.0234 3456  [ BDAAF79DD63F194434D31A74B9BB8B77 ] C:\WINDOWS\system32\crypt32.dll
15:31:33.0234 3456  C:\WINDOWS\system32\crypt32.dll - ok
15:31:33.0250 3456  [ A11F1EA5346165347BF54C1F959C3FBC ] C:\WINDOWS\system32\msasn1.dll
15:31:33.0250 3456  C:\WINDOWS\system32\msasn1.dll - ok
15:31:33.0250 3456  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
15:31:33.0250 3456  C:\WINDOWS\system32\nddeapi.dll - ok
15:31:33.0250 3456  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
15:31:33.0250 3456  C:\WINDOWS\system32\profmap.dll - ok
15:31:33.0265 3456  [ 6DB7788FA7E2566267516FA635C3797E ] C:\WINDOWS\system32\netapi32.dll
15:31:33.0265 3456  C:\WINDOWS\system32\netapi32.dll - ok
15:31:33.0265 3456  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
15:31:33.0265 3456  C:\WINDOWS\system32\userenv.dll - ok
15:31:33.0265 3456  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
15:31:33.0265 3456  C:\WINDOWS\system32\psapi.dll - ok
15:31:33.0265 3456  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
15:31:33.0265 3456  C:\WINDOWS\system32\regapi.dll - ok
15:31:33.0265 3456  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
15:31:33.0265 3456  C:\WINDOWS\system32\setupapi.dll - ok
15:31:33.0265 3456  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
15:31:33.0265 3456  C:\WINDOWS\system32\version.dll - ok
15:31:33.0281 3456  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
15:31:33.0281 3456  C:\WINDOWS\system32\winsta.dll - ok
15:31:33.0281 3456  [ B25D14DCBBB6623C1A63CD07A97DF32B ] C:\WINDOWS\system32\wintrust.dll
15:31:33.0281 3456  C:\WINDOWS\system32\wintrust.dll - ok
15:31:33.0281 3456  [ CA648BD638245EB83F971FF71B031BEC ] C:\WINDOWS\system32\imagehlp.dll
15:31:33.0281 3456  C:\WINDOWS\system32\imagehlp.dll - ok
15:31:33.0281 3456  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
15:31:33.0281 3456  C:\WINDOWS\system32\ws2help.dll - ok
15:31:33.0281 3456  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
15:31:33.0281 3456  C:\WINDOWS\system32\ws2_32.dll - ok
15:31:33.0296 3456  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
15:31:33.0296 3456  C:\WINDOWS\system32\imm32.dll - ok
15:31:33.0296 3456  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
15:31:33.0296 3456  C:\WINDOWS\system32\kbdus.dll - ok
15:31:33.0296 3456  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
15:31:33.0296 3456  C:\WINDOWS\system32\msgina.dll - ok
15:31:33.0296 3456  [ 06F247492BC786CE5C24A23E178C711A ] C:\WINDOWS\system32\comctl32.dll
15:31:33.0296 3456  C:\WINDOWS\system32\comctl32.dll - ok
15:31:33.0296 3456  [ 52A5A388661FF3A889593185367B7226 ] C:\WINDOWS\system32\odbc32.dll
15:31:33.0296 3456  C:\WINDOWS\system32\odbc32.dll - ok
15:31:33.0296 3456  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
15:31:33.0296 3456  C:\WINDOWS\system32\comdlg32.dll - ok
15:31:33.0312 3456  [ 0CF50B1F45DAB08430C1DBB79FE2CA5B ] C:\WINDOWS\system32\shell32.dll
15:31:33.0312 3456  C:\WINDOWS\system32\shell32.dll - ok
15:31:33.0312 3456  [ 72EDAE61E761C14714BFD0CB4BA3C0DB ] C:\WINDOWS\system32\shlwapi.dll
15:31:33.0312 3456  C:\WINDOWS\system32\shlwapi.dll - ok
15:31:33.0312 3456  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
15:31:33.0312 3456  C:\WINDOWS\system32\sxs.dll - ok
15:31:33.0312 3456  [ BD38D1EBE24A46BD3EDA059560AFBA12 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
15:31:33.0312 3456  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - ok
15:31:33.0312 3456  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
15:31:33.0312 3456  C:\WINDOWS\system32\odbcint.dll - ok
15:31:33.0328 3456  [ 1926899BF9FFE2602B63074971700412 ] C:\WINDOWS\system32\shsvcs.dll
15:31:33.0328 3456  C:\WINDOWS\system32\shsvcs.dll - ok
15:31:33.0328 3456  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
15:31:33.0328 3456  C:\WINDOWS\system32\sfc.dll - ok
15:31:33.0328 3456  [ ECCE74BC6168375016450A86A164D976 ] C:\WINDOWS\system32\ole32.dll
15:31:33.0328 3456  C:\WINDOWS\system32\ole32.dll - ok
15:31:33.0328 3456  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
15:31:33.0328 3456  C:\WINDOWS\system32\sfc_os.dll - ok
15:31:33.0328 3456  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
15:31:33.0328 3456  C:\WINDOWS\system32\apphelp.dll - ok
15:31:33.0328 3456  [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe
15:31:33.0328 3456  C:\WINDOWS\system32\services.exe - ok
15:31:33.0343 3456  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
15:31:33.0343 3456  C:\WINDOWS\system32\lsass.exe - ok
15:31:33.0343 3456  [ EA9AAA0B9BBF9B24FD3CAECC7FD69A1E ] C:\WINDOWS\system32\lsasrv.dll
15:31:33.0343 3456  C:\WINDOWS\system32\lsasrv.dll - ok
15:31:33.0343 3456  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
15:31:33.0343 3456  C:\WINDOWS\system32\ncobjapi.dll - ok
15:31:33.0343 3456  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
15:31:33.0343 3456  C:\WINDOWS\system32\msvcp60.dll - ok
15:31:33.0343 3456  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\AcAdProc.dll
15:31:33.0343 3456  C:\WINDOWS\AppPatch\AcAdProc.dll - ok
15:31:33.0359 3456  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
15:31:33.0359 3456  C:\WINDOWS\system32\scesrv.dll - ok
15:31:33.0359 3456  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
15:31:33.0359 3456  C:\WINDOWS\system32\shimeng.dll - ok
15:31:33.0359 3456  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
15:31:33.0359 3456  C:\WINDOWS\system32\umpnpmgr.dll - ok
15:31:33.0359 3456  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
15:31:33.0359 3456  C:\WINDOWS\system32\mpr.dll - ok
15:31:33.0359 3456  [ 0A3325D38DB90792BBBE01334F273974 ] C:\WINDOWS\system32\dnsapi.dll
15:31:33.0359 3456  C:\WINDOWS\system32\dnsapi.dll - ok
15:31:33.0359 3456  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
15:31:33.0359 3456  C:\WINDOWS\system32\ntdsapi.dll - ok
15:31:33.0375 3456  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
15:31:33.0375 3456  C:\WINDOWS\system32\wldap32.dll - ok
15:31:33.0375 3456  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
15:31:33.0375 3456  C:\WINDOWS\system32\samlib.dll - ok
15:31:33.0375 3456  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
15:31:33.0375 3456  C:\WINDOWS\system32\samsrv.dll - ok
15:31:33.0375 3456  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\AcGenral.dll
15:31:33.0375 3456  C:\WINDOWS\AppPatch\AcGenral.dll - ok
15:31:33.0375 3456  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
15:31:33.0375 3456  C:\WINDOWS\system32\cryptdll.dll - ok
15:31:33.0390 3456  [ F1300D0B4C40754A01DF16F350F0EF60 ] C:\WINDOWS\system32\winmm.dll
15:31:33.0390 3456  C:\WINDOWS\system32\winmm.dll - ok
15:31:33.0390 3456  [ 387006CF9983000BAB76DD250D424045 ] C:\WINDOWS\system32\oleaut32.dll
15:31:33.0390 3456  C:\WINDOWS\system32\oleaut32.dll - ok
15:31:33.0390 3456  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
15:31:33.0390 3456  C:\WINDOWS\system32\msacm32.dll - ok
15:31:33.0390 3456  [ E35FABBE7F63CB9AE2A06A449392E3F6 ] C:\WINDOWS\system32\uxtheme.dll
15:31:33.0390 3456  C:\WINDOWS\system32\uxtheme.dll - ok
15:31:33.0390 3456  [ C61E8ECFFDBF05FF71D079BBD35396B3 ] C:\WINDOWS\system32\schannel.dll
15:31:33.0390 3456  C:\WINDOWS\system32\schannel.dll - ok
15:31:33.0390 3456  [ B17DEFD576AE373E7A1A2C75665E4549 ] C:\WINDOWS\system32\kerberos.dll
15:31:33.0390 3456  C:\WINDOWS\system32\kerberos.dll - ok
15:31:33.0406 3456  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\MSCTFIME.IME
15:31:33.0406 3456  C:\WINDOWS\system32\MSCTFIME.IME - ok
15:31:33.0406 3456  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
15:31:33.0406 3456  C:\WINDOWS\system32\msprivs.dll - ok
15:31:33.0406 3456  [ 34EF4739A4D9D09A96069198F42B8D99 ] C:\WINDOWS\system32\atmfd.dll
15:31:33.0406 3456  C:\WINDOWS\system32\atmfd.dll - ok
15:31:33.0406 3456  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
15:31:33.0406 3456  C:\WINDOWS\system32\iphlpapi.dll - ok
15:31:33.0406 3456  [ 0F152F4E57FDF9E8E8BDFEA583A4926B ] C:\WINDOWS\system32\msv1_0.dll
15:31:33.0406 3456  C:\WINDOWS\system32\msv1_0.dll - ok
15:31:33.0421 3456  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
15:31:33.0421 3456  C:\WINDOWS\system32\netlogon.dll - ok
15:31:33.0421 3456  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
15:31:33.0421 3456  C:\WINDOWS\system32\w32time.dll - ok
15:31:33.0421 3456  [ CEFCC6A64983EB8119F3A07A0C1EDE30 ] C:\WINDOWS\system32\wdigest.dll
15:31:33.0421 3456  C:\WINDOWS\system32\wdigest.dll - ok
15:31:33.0421 3456  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
15:31:33.0421 3456  C:\WINDOWS\system32\rsaenh.dll - ok
15:31:33.0421 3456  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
15:31:33.0421 3456  C:\WINDOWS\system32\winscard.dll - ok
15:31:33.0421 3456  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
15:31:33.0421 3456  C:\WINDOWS\system32\wtsapi32.dll - ok
15:31:33.0437 3456  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
15:31:33.0437 3456  C:\WINDOWS\system32\scecli.dll - ok
15:31:33.0437 3456  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
15:31:33.0437 3456  C:\WINDOWS\system32\svchost.exe - ok
15:31:33.0437 3456  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
15:31:33.0437 3456  C:\WINDOWS\system32\ntmarta.dll - ok
15:31:33.0437 3456  [ 2589FE6015A316C0F5D5112B4DA7B509 ] C:\WINDOWS\system32\rpcss.dll
15:31:33.0437 3456  C:\WINDOWS\system32\rpcss.dll - ok
15:31:33.0437 3456  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
15:31:33.0437 3456  C:\WINDOWS\system32\xpsp2res.dll - ok
15:31:33.0453 3456  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
15:31:33.0453 3456  C:\WINDOWS\system32\eventlog.dll - ok
15:31:33.0453 3456  [ B4138E99236F0F57D4CF49BAE98A0746 ] C:\WINDOWS\system32\mswsock.dll
15:31:33.0453 3456  C:\WINDOWS\system32\mswsock.dll - ok
15:31:33.0453 3456  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
15:31:33.0453 3456  C:\WINDOWS\system32\hnetcfg.dll - ok
15:31:33.0453 3456  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
15:31:33.0453 3456  C:\WINDOWS\system32\winrnr.dll - ok
15:31:33.0453 3456  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
15:31:33.0453 3456  C:\WINDOWS\system32\wshtcpip.dll - ok
15:31:33.0453 3456  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
15:31:33.0453 3456  C:\WINDOWS\system32\rasadhlp.dll - ok
15:31:33.0468 3456  [ 8D83C60DE67C2DB212452D8EBE7CA196 ] C:\Program Files\Tablet\Pen\Pen_TouchService.exe
15:31:33.0468 3456  C:\Program Files\Tablet\Pen\Pen_TouchService.exe - ok
15:31:33.0468 3456  [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Tablet\Pen\msvcp100.dll
15:31:33.0468 3456  C:\Program Files\Tablet\Pen\msvcp100.dll - ok
15:31:33.0468 3456  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Tablet\Pen\msvcr100.dll
15:31:33.0468 3456  C:\Program Files\Tablet\Pen\msvcr100.dll - ok
15:31:33.0468 3456  [ F9EF088D57DDFC6AE735F4D73FC902EF ] C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
15:31:33.0468 3456  C:\Program Files\Tablet\Pen\Pen_TouchUser.exe - ok
15:31:33.0468 3456  [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\wudfplatform.dll
15:31:33.0468 3456  C:\WINDOWS\system32\wudfplatform.dll - ok
15:31:33.0484 3456  [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\wudfsvc.dll
15:31:33.0484 3456  C:\WINDOWS\system32\wudfsvc.dll - ok
15:31:33.0484 3456  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
15:31:33.0484 3456  C:\WINDOWS\system32\hid.dll - ok
15:31:33.0484 3456  [ EE843B8B30313B9AD1655846656B5C9D ] C:\Program Files\Tablet\Pen\libxml2.dll
15:31:33.0484 3456  C:\Program Files\Tablet\Pen\libxml2.dll - ok
15:31:33.0484 3456  [ B5625560CDA13A81D367B32E6F9FC4AC ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
15:31:33.0484 3456  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll - ok
15:31:33.0484 3456  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
15:31:33.0484 3456  C:\WINDOWS\system32\cscdll.dll - ok
15:31:33.0484 3456  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
15:31:33.0484 3456  C:\WINDOWS\system32\logonui.exe - ok
15:31:33.0500 3456  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
15:31:33.0500 3456  C:\WINDOWS\system32\dimsntfy.dll - ok
15:31:33.0500 3456  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
15:31:33.0500 3456  C:\WINDOWS\system32\duser.dll - ok
15:31:33.0500 3456  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
15:31:33.0500 3456  C:\WINDOWS\system32\winspool.drv - ok
15:31:33.0500 3456  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
15:31:33.0500 3456  C:\WINDOWS\system32\wlnotify.dll - ok
15:31:33.0500 3456  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
15:31:33.0500 3456  C:\WINDOWS\system32\msimg32.dll - ok
15:31:33.0515 3456  [ 5F2DBE3CB563741C8084657BF956CE64 ] C:\WINDOWS\system32\oleacc.dll
15:31:33.0515 3456  C:\WINDOWS\system32\oleacc.dll - ok
15:31:33.0515 3456  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
15:31:33.0515 3456  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
15:31:33.0515 3456  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
15:31:33.0515 3456  C:\WINDOWS\system32\shfolder.dll - ok
15:31:33.0515 3456  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
15:31:33.0515 3456  C:\WINDOWS\system32\clbcatq.dll - ok
15:31:33.0515 3456  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
15:31:33.0515 3456  C:\WINDOWS\system32\dhcpcsvc.dll - ok
15:31:33.0515 3456  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
15:31:33.0515 3456  C:\WINDOWS\system32\comres.dll - ok
15:31:33.0531 3456  [ 474B4DC3983173E4B4C9740B0DAC98A6 ] C:\WINDOWS\system32\dnsrslvr.dll
15:31:33.0531 3456  C:\WINDOWS\system32\dnsrslvr.dll - ok
15:31:33.0531 3456  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
15:31:33.0531 3456  C:\WINDOWS\system32\shgina.dll - ok
15:31:33.0531 3456  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
15:31:33.0531 3456  C:\WINDOWS\system32\lmhsvc.dll - ok
15:31:33.0531 3456  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
15:31:33.0531 3456  C:\WINDOWS\system32\wzcsvc.dll - ok
15:31:33.0531 3456  [ 14EE0E012E7298FC1448A88E9FE53322 ] C:\WINDOWS\system32\atl.dll
15:31:33.0531 3456  C:\WINDOWS\system32\atl.dll - ok
15:31:33.0546 3456  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
15:31:33.0546 3456  C:\WINDOWS\system32\dot3api.dll - ok
15:31:33.0546 3456  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
15:31:33.0546 3456  C:\WINDOWS\system32\eapolqec.dll - ok
15:31:33.0546 3456  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
15:31:33.0546 3456  C:\WINDOWS\system32\esent.dll - ok
15:31:33.0546 3456  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
15:31:33.0546 3456  C:\WINDOWS\system32\qutil.dll - ok
15:31:33.0546 3456  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
15:31:33.0546 3456  C:\WINDOWS\system32\rtutils.dll - ok
15:31:33.0546 3456  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
15:31:33.0546 3456  C:\WINDOWS\system32\wmi.dll - ok
15:31:33.0562 3456  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
15:31:33.0562 3456  C:\WINDOWS\system32\cryptui.dll - ok
15:31:33.0562 3456  [ 036D3962F2086BF2A98E2873CE153828 ] C:\WINDOWS\system32\rastls.dll
15:31:33.0562 3456  C:\WINDOWS\system32\rastls.dll - ok
15:31:33.0562 3456  [ 972B226BDAD71C55F3CC9A72BBF8F1C1 ] C:\WINDOWS\system32\wininet.dll
15:31:33.0562 3456  C:\WINDOWS\system32\wininet.dll - ok
15:31:33.0562 3456  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
15:31:33.0562 3456  C:\WINDOWS\system32\normaliz.dll - ok
15:31:33.0562 3456  [ 3EE2E7731FB57CDD4E19AFF7DD2F785E ] C:\WINDOWS\system32\urlmon.dll
15:31:33.0562 3456  C:\WINDOWS\system32\urlmon.dll - ok
15:31:33.0578 3456  [ 877609EA28E0ED70CE9BE05A5FE99280 ] C:\WINDOWS\system32\iertutil.dll
15:31:33.0578 3456  C:\WINDOWS\system32\iertutil.dll - ok
15:31:33.0578 3456  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
15:31:33.0578 3456  C:\WINDOWS\system32\mprapi.dll - ok
15:31:33.0578 3456  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
15:31:33.0578 3456  C:\WINDOWS\system32\activeds.dll - ok
15:31:33.0578 3456  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
15:31:33.0578 3456  C:\WINDOWS\system32\adsldpc.dll - ok
15:31:33.0578 3456  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
15:31:33.0578 3456  C:\WINDOWS\system32\rasapi32.dll - ok
15:31:33.0578 3456  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
15:31:33.0578 3456  C:\WINDOWS\system32\rasman.dll - ok
15:31:33.0593 3456  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
15:31:33.0593 3456  C:\WINDOWS\system32\riched20.dll - ok
15:31:33.0593 3456  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
15:31:33.0593 3456  C:\WINDOWS\system32\tapi32.dll - ok
15:31:33.0593 3456  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
15:31:33.0593 3456  C:\WINDOWS\system32\cscui.dll - ok
15:31:33.0593 3456  [ ED43F00CD77E72483A8625AC4F32D8D8 ] C:\WINDOWS\system32\raschap.dll
15:31:33.0593 3456  C:\WINDOWS\system32\raschap.dll - ok
15:31:33.0593 3456  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
15:31:33.0593 3456  C:\WINDOWS\system32\powrprof.dll - ok
15:31:33.0609 3456  [ 2BC7128348265CABA9BBC058729A8B7B ] C:\WINDOWS\system32\dpcdll.dll
15:31:33.0609 3456  C:\WINDOWS\system32\dpcdll.dll - ok
15:31:33.0609 3456  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
15:31:33.0609 3456  C:\WINDOWS\system32\netman.dll - ok
15:31:33.0609 3456  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
15:31:33.0609 3456  C:\WINDOWS\system32\netshell.dll - ok
15:31:33.0609 3456  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
15:31:33.0609 3456  C:\WINDOWS\system32\credui.dll - ok
15:31:33.0609 3456  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
15:31:33.0609 3456  C:\WINDOWS\system32\userinit.exe - ok
15:31:33.0609 3456  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
15:31:33.0609 3456  C:\WINDOWS\system32\dot3dlg.dll - ok
15:31:33.0625 3456  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
15:31:33.0625 3456  C:\WINDOWS\system32\onex.dll - ok
15:31:33.0625 3456  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
15:31:33.0625 3456  C:\WINDOWS\explorer.exe - ok
15:31:33.0625 3456  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
15:31:33.0625 3456  C:\WINDOWS\system32\eappcfg.dll - ok
15:31:33.0625 3456  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
15:31:33.0625 3456  C:\WINDOWS\system32\eappprxy.dll - ok
15:31:33.0625 3456  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
15:31:33.0625 3456  C:\WINDOWS\system32\wzcsapi.dll - ok
15:31:33.0640 3456  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
15:31:33.0640 3456  C:\WINDOWS\system32\browseui.dll - ok
15:31:33.0640 3456  [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
15:31:33.0640 3456  C:\WINDOWS\system32\shdocvw.dll - ok
15:31:33.0640 3456  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
15:31:33.0640 3456  C:\WINDOWS\system32\schedsvc.dll - ok
15:31:33.0640 3456  [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] C:\WINDOWS\system32\spoolsv.exe
15:31:33.0640 3456  C:\WINDOWS\system32\spoolsv.exe - ok
15:31:33.0640 3456  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
15:31:33.0640 3456  C:\WINDOWS\system32\msidle.dll - ok
15:31:33.0640 3456  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
15:31:33.0640 3456  C:\WINDOWS\system32\desk.cpl - ok
15:31:33.0656 3456  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
15:31:33.0656 3456  C:\WINDOWS\system32\audiosrv.dll - ok
15:31:33.0656 3456  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
15:31:33.0656 3456  C:\WINDOWS\system32\themeui.dll - ok
15:31:33.0656 3456  [ DA6EBAD9B64F366245DCD19869D735F0 ] C:\WINDOWS\system32\Pen_Tablet.dll
15:31:33.0656 3456  C:\WINDOWS\system32\Pen_Tablet.dll - ok
15:31:33.0656 3456  [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] C:\WINDOWS\system32\wkssvc.dll
15:31:33.0656 3456  C:\WINDOWS\system32\wkssvc.dll - ok
15:31:33.0656 3456  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
15:31:33.0656 3456  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
15:31:33.0671 3456  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
15:31:33.0671 3456  C:\WINDOWS\system32\webclnt.dll - ok
15:31:33.0671 3456  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
15:31:33.0671 3456  C:\WINDOWS\system32\actxprxy.dll - ok
15:31:33.0671 3456  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
15:31:33.0671 3456  C:\WINDOWS\system32\cmd.exe - ok
15:31:33.0671 3456  [ 1EB27A1E274D82A3A5A24BD7284F177B ] C:\WINDOWS\system32\ieframe.dll
15:31:33.0671 3456  C:\WINDOWS\system32\ieframe.dll - ok
15:31:33.0671 3456  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
15:31:33.0671 3456  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
15:31:33.0671 3456  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
15:31:33.0671 3456  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
15:31:33.0687 3456  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
15:31:33.0687 3456  C:\WINDOWS\system32\wdmaud.drv - ok
15:31:33.0687 3456  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
15:31:33.0687 3456  C:\WINDOWS\system32\drivers\aec.sys - ok
15:31:33.0687 3456  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
15:31:33.0687 3456  C:\WINDOWS\system32\drivers\splitter.sys - ok
15:31:33.0687 3456  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
15:31:33.0687 3456  C:\WINDOWS\system32\drivers\swmidi.sys - ok
15:31:33.0687 3456  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\DMusic.sys
15:31:33.0687 3456  C:\WINDOWS\system32\drivers\DMusic.sys - ok
15:31:33.0703 3456  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
15:31:33.0703 3456  C:\WINDOWS\system32\drivers\kmixer.sys - ok
15:31:33.0703 3456  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
15:31:33.0703 3456  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
15:31:33.0703 3456  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
15:31:33.0703 3456  C:\WINDOWS\system32\midimap.dll - ok
15:31:33.0703 3456  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
15:31:33.0703 3456  C:\WINDOWS\system32\msacm32.drv - ok
15:31:33.0703 3456  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
15:31:33.0703 3456  C:\WINDOWS\system32\cryptnet.dll - ok
15:31:33.0703 3456  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
15:31:33.0703 3456  C:\WINDOWS\system32\sensapi.dll - ok
15:31:33.0718 3456  [ D29F2889BAA10E19AD9FF70C8D5ECF50 ] C:\WINDOWS\system32\winhttp.dll
15:31:33.0718 3456  C:\WINDOWS\system32\winhttp.dll - ok
15:31:33.0718 3456  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
15:31:33.0718 3456  C:\WINDOWS\system32\cabinet.dll - ok
15:31:33.0718 3456  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
15:31:33.0718 3456  C:\WINDOWS\system32\mlang.dll - ok
15:31:33.0718 3456  [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
15:31:33.0718 3456  C:\WINDOWS\system32\xmlprovi.dll - ok
15:31:33.0718 3456  [ E6019253451DBB67740F7027AD9E1CB5 ] C:\Program Files\Real\RealUpgrade\realupgrade.exe
15:31:33.0718 3456  C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok
15:31:33.0734 3456  [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
15:31:33.0734 3456  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
15:31:33.0734 3456  [ 3F994A6CF62AA8ED7B82CBE8AD7BE810 ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
15:31:33.0734 3456  C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
15:31:33.0734 3456  [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
15:31:33.0734 3456  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
15:31:33.0734 3456  [ 27DB3CEB88A1EF2BE1E193A05964973C ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
15:31:33.0734 3456  C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
15:31:33.0734 3456  [ 8C22083ED515DC94D575438662F0BE6A ] C:\WINDOWS\system32\msi.dll
15:31:33.0734 3456  C:\WINDOWS\system32\msi.dll - ok
15:31:33.0750 3456  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
15:31:33.0750 3456  C:\WINDOWS\system32\drivers\parport.sys - ok
15:31:33.0750 3456  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
15:31:33.0750 3456  C:\WINDOWS\system32\drivers\serial.sys - ok
15:31:33.0750 3456  [ 34400005DE52842C4D6D4EE978B4D7CE ] C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
15:31:33.0750 3456  C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe - ok
15:31:33.0750 3456  [ 707DC793BC599ACA525DE0AB1EC85E17 ] C:\Program Files\Adobe\Elements Organizer 8.0\platform.DLL
15:31:33.0750 3456  C:\Program Files\Adobe\Elements Organizer 8.0\platform.DLL - ok
15:31:33.0750 3456  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
15:31:33.0750 3456  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
15:31:33.0750 3456  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
15:31:33.0750 3456  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
15:31:33.0765 3456  [ 3DEBBECF665DCDDE3A95D9B902010817 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:31:33.0765 3456  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
15:31:33.0765 3456  [ 92DA9EDE07390B4352B29DD82079E398 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
15:31:33.0765 3456  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
15:31:33.0765 3456  [ 2503287BD19AE52E36E9DE42834A2AC0 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
15:31:33.0765 3456  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
15:31:33.0765 3456  [ 6FE3E3A215E55C76A811B9B56A5AEB09 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
15:31:33.0765 3456  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
15:31:33.0765 3456  [ 638C7596B493F5F77DB9EF6BAD8FE46C ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
15:31:33.0765 3456  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
15:31:33.0781 3456  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
15:31:33.0781 3456  C:\WINDOWS\system32\wsock32.dll - ok
15:31:33.0781 3456  [ 794950DB77AA590C2964ECA0A5874A09 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
15:31:33.0781 3456  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
15:31:33.0781 3456  [ 250BF888DDBE88D61EB19A9D4957C794 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
15:31:33.0781 3456  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
15:31:33.0781 3456  [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
15:31:33.0781 3456  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
15:31:33.0781 3456  [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
15:31:33.0781 3456  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
15:31:33.0781 3456  [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
15:31:33.0781 3456  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
15:31:33.0796 3456  [ 37CF2461CB5E40C4CFAB82C8FC79A2BC ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
15:31:33.0796 3456  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
15:31:33.0796 3456  [ 1224BC6DE919F8CD8C1C945280E63852 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
15:31:33.0796 3456  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
15:31:33.0796 3456  [ 905B5BF5BE0A86E8412801BF20357195 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
15:31:33.0796 3456  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
15:31:33.0796 3456  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:31:33.0796 3456  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
15:31:33.0796 3456  [ 5B01AF89D16D562825C4DB4530F20CBB ] C:\WINDOWS\system32\drivers\aspi32.sys
15:31:33.0796 3456  C:\WINDOWS\system32\drivers\aspi32.sys - ok
15:31:33.0812 3456  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
15:31:33.0812 3456  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
15:31:33.0812 3456  [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] C:\WINDOWS\system32\mscoree.dll
15:31:33.0812 3456  C:\WINDOWS\system32\mscoree.dll - ok
15:31:33.0812 3456  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
15:31:33.0812 3456  C:\WINDOWS\system32\cryptsvc.dll - ok
15:31:33.0812 3456  [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
15:31:33.0812 3456  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
15:31:33.0812 3456  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
15:31:33.0812 3456  C:\WINDOWS\system32\certcli.dll - ok
15:31:33.0812 3456  [ 5D76C8CC87D0EFBE0B4A3BEF6B67EBF0 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
15:31:33.0812 3456  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
15:31:33.0828 3456  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
15:31:33.0828 3456  C:\WINDOWS\system32\ersvc.dll - ok
15:31:33.0828 3456  [ A12175F063302CD68F8FC6D572D7E5FD ] C:\Program Files\Java\jre7\bin\jqs.exe
15:31:33.0828 3456  C:\Program Files\Java\jre7\bin\jqs.exe - ok
15:31:33.0828 3456  [ 19A799805B24990867B00C120D300C3A ] C:\WINDOWS\system32\es.dll
15:31:33.0828 3456  C:\WINDOWS\system32\es.dll - ok
15:31:33.0828 3456  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
15:31:33.0828 3456  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
15:31:33.0828 3456  [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
15:31:33.0828 3456  C:\WINDOWS\system32\dmserver.dll - ok
15:31:33.0843 3456  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
15:31:33.0843 3456  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
15:31:33.0843 3456  [ 5454607F90878D7CD0BCDB6E0D3F235F ] C:\WINDOWS\system32\pdh.dll
15:31:33.0843 3456  C:\WINDOWS\system32\pdh.dll - ok
15:31:33.0843 3456  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
15:31:33.0843 3456  C:\WINDOWS\system32\odbcbcp.dll - ok
15:31:33.0843 3456  [ F385F4B02C535BFFE1D70CAB80838123 ] C:\WINDOWS\system32\srvsvc.dll
15:31:33.0843 3456  C:\WINDOWS\system32\srvsvc.dll - ok
15:31:33.0843 3456  [ 5252605079810904E31C332E241CD59B ] C:\WINDOWS\system32\drivers\srv.sys
15:31:33.0843 3456  C:\WINDOWS\system32\drivers\srv.sys - ok
15:31:33.0843 3456  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
15:31:33.0843 3456  C:\WINDOWS\system32\netmsg.dll - ok
15:31:33.0859 3456  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
15:31:33.0859 3456  C:\WINDOWS\system32\ipsecsvc.dll - ok
15:31:33.0859 3456  [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
15:31:33.0859 3456  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
15:31:33.0859 3456  [ 5E33C164DC7FA74728D8A83036C438BB ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
15:31:33.0859 3456  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
15:31:33.0859 3456  [ 33CEB89B62589E8B12AEE9E2D523DADE ] C:\WINDOWS\system32\oakley.dll
15:31:33.0859 3456  C:\WINDOWS\system32\oakley.dll - ok
15:31:33.0859 3456  [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
15:31:33.0859 3456  C:\WINDOWS\system32\regsvc.dll - ok
15:31:33.0875 3456  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
15:31:33.0875 3456  C:\WINDOWS\system32\seclogon.dll - ok
15:31:33.0875 3456  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
15:31:33.0875 3456  C:\WINDOWS\system32\winipsec.dll - ok
15:31:33.0875 3456  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
15:31:33.0875 3456  C:\WINDOWS\system32\pstorsvc.dll - ok
15:31:33.0875 3456  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
15:31:33.0875 3456  C:\WINDOWS\system32\sens.dll - ok
15:31:33.0875 3456  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
15:31:33.0875 3456  C:\WINDOWS\system32\perfos.dll - ok
15:31:33.0875 3456  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
15:31:33.0875 3456  C:\WINDOWS\system32\perfdisk.dll - ok
15:31:33.0890 3456  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
15:31:33.0890 3456  C:\WINDOWS\system32\psbase.dll - ok
15:31:33.0890 3456  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
15:31:33.0890 3456  C:\WINDOWS\system32\srsvc.dll - ok
15:31:33.0890 3456  [ C9D5FA17200768EF92538F1F95735A2E ] C:\Program Files\Tablet\Pen\Pen_Tablet.exe
15:31:33.0890 3456  C:\Program Files\Tablet\Pen\Pen_Tablet.exe - ok
15:31:33.0890 3456  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
15:31:33.0890 3456  C:\WINDOWS\system32\cfgmgr32.dll - ok
15:31:33.0890 3456  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
15:31:33.0890 3456  C:\WINDOWS\system32\wiaservc.dll - ok
15:31:33.0906 3456  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
15:31:33.0906 3456  C:\WINDOWS\system32\dssenh.dll - ok
15:31:33.0906 3456  [ 9333DBAEDD617899C3562E937949D068 ] C:\WINDOWS\system32\mscms.dll
15:31:33.0906 3456  C:\WINDOWS\system32\mscms.dll - ok
15:31:33.0906 3456  [ AFDCC326174D131C374766FEB946F496 ] C:\Program Files\Java\jre7\bin\awt.dll
15:31:33.0906 3456  C:\Program Files\Java\jre7\bin\awt.dll - ok
15:31:33.0906 3456  [ 47B5CF49EF651E9954231BA079A95058 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
15:31:33.0906 3456  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
15:31:33.0906 3456  [ 39DD0C97932CDFDCF006569E1A942728 ] C:\WINDOWS\system32\wiavusd.dll
15:31:33.0906 3456  C:\WINDOWS\system32\wiavusd.dll - ok
15:31:33.0906 3456  [ 615F729DF8E1E7160445858C6D32C910 ] C:\Program Files\Java\jre7\bin\dcpr.dll
15:31:33.0906 3456  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
15:31:33.0921 3456  [ 40D1D0A2569395D34A7CE070F99A5365 ] C:\Program Files\Java\jre7\bin\deploy.dll
15:31:33.0921 3456  C:\Program Files\Java\jre7\bin\deploy.dll - ok
15:31:33.0921 3456  [ DA443EC760094294B23EBDE1CB1FF213 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
15:31:33.0921 3456  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
15:31:33.0921 3456  [ 26F2B2669BBEEFA02DCC8052701D9563 ] C:\Program Files\Java\jre7\bin\java.dll
15:31:33.0921 3456  C:\Program Files\Java\jre7\bin\java.dll - ok
15:31:33.0921 3456  [ 5BD255C0051A41738FCB67F3A0C68DCA ] C:\Program Files\Java\jre7\bin\javaw.exe
15:31:33.0921 3456  C:\Program Files\Java\jre7\bin\javaw.exe - ok
15:31:33.0921 3456  [ 8CB1564D5084BAA5B79A77CBC92621C5 ] C:\Program Files\Java\jre7\bin\jp2native.dll
15:31:33.0921 3456  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
15:31:33.0937 3456  [ 9A85F6C0D35643AA02199C95ECCE2CF1 ] C:\Program Files\Java\jre7\bin\jpeg.dll
15:31:33.0937 3456  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
15:31:33.0937 3456  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
15:31:33.0937 3456  C:\WINDOWS\system32\trkwks.dll - ok
15:31:33.0937 3456  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
15:31:33.0937 3456  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
15:31:33.0937 3456  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
15:31:33.0937 3456  C:\WINDOWS\system32\vssapi.dll - ok
15:31:33.0937 3456  [ 687A1BEA3FEF91B75F8CF46B0620C9D7 ] C:\Program Files\Java\jre7\bin\net.dll
15:31:33.0937 3456  C:\Program Files\Java\jre7\bin\net.dll - ok
15:31:33.0937 3456  [ 2AE7DC03B58F39AA6D1E0E76E86E92D9 ] C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
15:31:33.0937 3456  C:\Program Files\Tablet\Pen\Pen_TabletUser.exe - ok
15:31:33.0953 3456  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
15:31:33.0953 3456  C:\WINDOWS\system32\ipnathlp.dll - ok
15:31:33.0953 3456  [ 8C1D980BD50D81261B770B47C1553976 ] C:\Program Files\Java\jre7\bin\nio.dll
15:31:33.0953 3456  C:\Program Files\Java\jre7\bin\nio.dll - ok
15:31:33.0953 3456  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
15:31:33.0953 3456  C:\WINDOWS\system32\comsvcs.dll - ok
15:31:33.0953 3456  [ 8CC69BCE988C0921CCFE7AFFEA394B17 ] C:\Program Files\Java\jre7\bin\verify.dll
15:31:33.0953 3456  C:\Program Files\Java\jre7\bin\verify.dll - ok
15:31:33.0953 3456  [ 2A65F096DFEFD5AF498A43CD53D53B0C ] C:\Program Files\Java\jre7\bin\zip.dll
15:31:33.0953 3456  C:\Program Files\Java\jre7\bin\zip.dll - ok
15:31:33.0968 3456  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
15:31:33.0968 3456  C:\WINDOWS\system32\colbact.dll - ok
15:31:33.0968 3456  [ 72CD04A8789BEFAB99F06658A41D10C9 ] C:\WINDOWS\system32\mtxclu.dll
15:31:33.0968 3456  C:\WINDOWS\system32\mtxclu.dll - ok
15:31:33.0968 3456  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
15:31:33.0968 3456  C:\WINDOWS\system32\clusapi.dll - ok
15:31:33.0968 3456  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
15:31:33.0968 3456  C:\WINDOWS\system32\resutils.dll - ok
15:31:33.0968 3456  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
15:31:33.0968 3456  C:\WINDOWS\system32\spoolss.dll - ok
15:31:33.0968 3456  [ D8AD3D7F927C686B8C233221513DA628 ] C:\WINDOWS\system32\localspl.dll
15:31:33.0968 3456  C:\WINDOWS\system32\localspl.dll - ok
15:31:33.0984 3456  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
15:31:33.0984 3456  C:\WINDOWS\system32\cnbjmon.dll - ok
15:31:33.0984 3456  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
15:31:33.0984 3456  C:\WINDOWS\system32\pjlmon.dll - ok
15:31:33.0984 3456  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
15:31:33.0984 3456  C:\WINDOWS\system32\tcpmon.dll - ok
15:31:33.0984 3456  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
15:31:33.0984 3456  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
15:31:33.0984 3456  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
15:31:33.0984 3456  C:\WINDOWS\system32\usbmon.dll - ok
15:31:34.0000 3456  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
15:31:34.0000 3456  C:\WINDOWS\system32\netrap.dll - ok
15:31:34.0000 3456  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
15:31:34.0000 3456  C:\WINDOWS\system32\win32spl.dll - ok
15:31:34.0000 3456  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
15:31:34.0000 3456  C:\WINDOWS\system32\inetpp.dll - ok
15:31:34.0000 3456  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
15:31:34.0000 3456  C:\WINDOWS\system32\termsrv.dll - ok
15:31:34.0000 3456  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
15:31:34.0000 3456  C:\WINDOWS\system32\icaapi.dll - ok
15:31:34.0000 3456  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
15:31:34.0000 3456  C:\WINDOWS\system32\mstlsapi.dll - ok
15:31:34.0015 3456  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
15:31:34.0015 3456  C:\WINDOWS\system32\netcfgx.dll - ok
15:31:34.0015 3456  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
15:31:34.0015 3456  C:\WINDOWS\system32\rasmans.dll - ok
15:31:34.0015 3456  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
15:31:34.0015 3456  C:\WINDOWS\system32\tapisrv.dll - ok
15:31:34.0015 3456  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
15:31:34.0015 3456  C:\WINDOWS\system32\rastapi.dll - ok
15:31:34.0015 3456  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
15:31:34.0015 3456  C:\WINDOWS\system32\unimdm.tsp - ok
15:31:34.0015 3456  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
15:31:34.0015 3456  C:\WINDOWS\system32\uniplat.dll - ok
15:31:34.0031 3456  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
15:31:34.0031 3456  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
15:31:34.0031 3456  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
15:31:34.0031 3456  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
15:31:34.0031 3456  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
15:31:34.0031 3456  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
15:31:34.0031 3456  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
15:31:34.0031 3456  C:\WINDOWS\system32\wbem\esscli.dll - ok
15:31:34.0031 3456  [ 60027BEA3E76D7DD8D96C02432BFDE82 ] C:\WINDOWS\system32\wbem\fastprox.dll
15:31:34.0031 3456  C:\WINDOWS\system32\wbem\fastprox.dll - ok
15:31:34.0046 3456  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
15:31:34.0046 3456  C:\WINDOWS\system32\kmddsp.tsp - ok
15:31:34.0046 3456  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
15:31:34.0046 3456  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
15:31:34.0046 3456  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
15:31:34.0046 3456  C:\WINDOWS\system32\ndptsp.tsp - ok
15:31:34.0046 3456  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
15:31:34.0046 3456  C:\WINDOWS\system32\h323.tsp - ok
15:31:34.0046 3456  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
15:31:34.0046 3456  C:\WINDOWS\system32\ipconf.tsp - ok
15:31:34.0046 3456  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
15:31:34.0046 3456  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
15:31:34.0062 3456  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
15:31:34.0062 3456  C:\WINDOWS\system32\hidphone.tsp - ok
15:31:34.0062 3456  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
15:31:34.0062 3456  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
15:31:34.0062 3456  [ C2A4FDBD76953411000A01EB047DDC12 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
15:31:34.0062 3456  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
15:31:34.0062 3456  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
15:31:34.0062 3456  C:\WINDOWS\system32\ntlsapi.dll - ok
15:31:34.0062 3456  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
15:31:34.0062 3456  C:\WINDOWS\system32\rasppp.dll - ok
15:31:34.0078 3456  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
15:31:34.0078 3456  C:\WINDOWS\system32\rasqec.dll - ok
15:31:34.0078 3456  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
15:31:34.0078 3456  C:\WINDOWS\system32\wbem\wbemess.dll - ok
15:31:34.0078 3456  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
15:31:34.0078 3456  C:\WINDOWS\system32\alg.exe - ok
15:31:34.0078 3456  [ 4BF35FD5F3C97D50482C0395E1F2EDDD ] C:\WINDOWS\system32\Pen_Touch_Tablet.dll
15:31:34.0078 3456  C:\WINDOWS\system32\Pen_Touch_Tablet.dll - ok
15:31:34.0078 3456  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
15:31:34.0078 3456  C:\WINDOWS\system32\mstask.dll - ok
15:31:34.0078 3456  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\AFA3644E-CF90-4AFC-A555-BBA07A4140B2.exe
15:31:34.0078 3456  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\AFA3644E-CF90-4AFC-A555-BBA07A4140B2.exe - ok
15:31:34.0093 3456  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
15:31:34.0093 3456  C:\WINDOWS\system32\linkinfo.dll - ok
15:31:34.0093 3456  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
15:31:34.0093 3456  C:\WINDOWS\system32\ntshrui.dll - ok
15:31:34.0093 3456  [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
15:31:34.0093 3456  C:\WINDOWS\system32\verclsid.exe - ok
15:31:34.0093 3456  [ 9FE62954FD1162671CB295577F9969BE ] C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe
15:31:34.0093 3456  C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe - ok
15:31:34.0093 3456  [ 4BD74A8D83D8EE8D622ECC601EA7D92E ] C:\WINDOWS\system32\igfxtray.exe
15:31:34.0093 3456  C:\WINDOWS\system32\igfxtray.exe - ok
15:31:34.0109 3456  [ F770104B0640417B2499E93BDD38D7E6 ] C:\WINDOWS\system32\hkcmd.exe
15:31:34.0109 3456  C:\WINDOWS\system32\hkcmd.exe - ok
15:31:34.0109 3456  [ 66847E8BFDF5370F9B3300EF46A6AE88 ] C:\WINDOWS\system32\igfxpers.exe
15:31:34.0109 3456  C:\WINDOWS\system32\igfxpers.exe - ok
15:31:34.0109 3456  [ 60524F39B4CDF4510407B2AA22E7CBC2 ] C:\Program Files\Lenovo\Energy Management\utility.exe
15:31:34.0109 3456  C:\Program Files\Lenovo\Energy Management\utility.exe - ok
15:31:34.0109 3456  [ BABADDA1172B9AE72C38483283B2C933 ] C:\WINDOWS\BisonC07\BisonM07.exe
15:31:34.0109 3456  C:\WINDOWS\BisonC07\BisonM07.exe - ok
15:31:34.0109 3456  [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:31:34.0109 3456  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
15:31:34.0109 3456  [ 02A1459E1958232C19C2F6EB82B5AAA7 ] C:\Program Files\Bamboo Dock\BambooCore.exe
15:31:34.0109 3456  C:\Program Files\Bamboo Dock\BambooCore.exe - ok
15:31:34.0125 3456  [ 73F93AB311E3FC5489DE37A0C9B044D5 ] C:\WINDOWS\system32\hccutils.dll
15:31:34.0125 3456  C:\WINDOWS\system32\hccutils.dll - ok
15:31:34.0125 3456  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
15:31:34.0125 3456  C:\WINDOWS\system32\upnp.dll - ok
15:31:34.0125 3456  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
15:31:34.0125 3456  C:\WINDOWS\system32\ssdpapi.dll - ok
15:31:34.0125 3456  [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
15:31:34.0125 3456  C:\WINDOWS\system32\dsound.dll - ok
15:31:34.0125 3456  [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] C:\WINDOWS\system32\drivers\http.sys
15:31:34.0125 3456  C:\WINDOWS\system32\drivers\http.sys - ok
15:31:34.0140 3456  [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
15:31:34.0140 3456  C:\WINDOWS\system32\oledlg.dll - ok
15:31:34.0140 3456  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\28154456.sys
15:31:34.0140 3456  C:\WINDOWS\system32\drivers\28154456.sys - ok
15:31:34.0140 3456  [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
15:31:34.0140 3456  C:\WINDOWS\system32\ssdpsrv.dll - ok
15:31:34.0140 3456  [ 19C5AED27100432982ADD5441171BE7D ] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
15:31:34.0140 3456  C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe - ok
15:31:34.0140 3456  [ 7544BFA706E85C6D8CB2E642C1CC8DEB ] C:\WINDOWS\system32\HDJAPI.dll
15:31:34.0140 3456  C:\WINDOWS\system32\HDJAPI.dll - ok
15:31:34.0140 3456  [ 8E16BF5600797E678EA97051CF93E6BF ] C:\WINDOWS\system32\dumprep.exe
15:31:34.0140 3456  C:\WINDOWS\system32\dumprep.exe - ok
15:31:34.0156 3456  [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
15:31:34.0156 3456  C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
15:31:34.0156 3456  [ A73731A0B0A165907799E9AFB461F856 ] C:\Program Files\Real\RealPlayer\Update\realsched.exe
15:31:34.0156 3456  C:\Program Files\Real\RealPlayer\Update\realsched.exe - ok
15:31:34.0156 3456  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
15:31:34.0156 3456  C:\WINDOWS\system32\ctfmon.exe - ok
15:31:34.0156 3456  [ 0D5720BAA4FD121A0183D408FCE307FB ] C:\WINDOWS\system32\igfxsrvc.exe
15:31:34.0156 3456  C:\WINDOWS\system32\igfxsrvc.exe - ok
15:31:34.0156 3456  [ 15576C889EE67D951A58278780A8210F ] C:\WINDOWS\system32\HRFDongle.dll
15:31:34.0156 3456  C:\WINDOWS\system32\HRFDongle.dll - ok
15:31:34.0171 3456  [ F02A533F517EB38333CB12A9E8963773 ] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
15:31:34.0171 3456  C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe - ok
15:31:34.0171 3456  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\MSCTF.dll
15:31:34.0171 3456  C:\WINDOWS\system32\MSCTF.dll - ok
15:31:34.0171 3456  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
15:31:34.0171 3456  C:\WINDOWS\system32\msutb.dll - ok
15:31:34.0171 3456  [ 1B7524806D0270B81360C63A2FA047CB ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
15:31:34.0171 3456  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll - ok
15:31:34.0171 3456  [ D81672404DD71D6A4B7B989655FA4411 ] C:\Program Files\CONEXANT\SmartAudio\dll\res0409.dll
15:31:34.0171 3456  C:\Program Files\CONEXANT\SmartAudio\dll\res0409.dll - ok
15:31:34.0171 3456  [ E748D0B8F4060F4F7A7ABB705E289890 ] C:\WINDOWS\system32\mfc42u.dll
15:31:34.0171 3456  C:\WINDOWS\system32\mfc42u.dll - ok
15:31:34.0187 3456  [ 9090454E6772F7CFBCE240BF4DC5F7E8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
15:31:34.0187 3456  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll - ok
15:31:34.0187 3456  [ 1BAEC8FA7514E9C23AE3DE38E8335AFD ] C:\Program Files\BitTorrent\BitTorrent.exe
15:31:34.0187 3456  C:\Program Files\BitTorrent\BitTorrent.exe - ok
15:31:34.0187 3456  [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
15:31:34.0187 3456  C:\WINDOWS\system32\faultrep.dll - ok
15:31:34.0187 3456  [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\SPTIP.dll
15:31:34.0187 3456  C:\WINDOWS\ime\SPTIP.dll - ok
15:31:34.0187 3456  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.135\goopdate.dll
15:31:34.0187 3456  C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.135\goopdate.dll - ok
15:31:34.0203 3456  [ 317C54DCAB9EE29CD4B9F55D197A90D1 ] C:\WINDOWS\system32\msisip.dll
15:31:34.0203 3456  C:\WINDOWS\system32\msisip.dll - ok
15:31:34.0203 3456  [ 40425118B4ADCE4134322DBA99071DB9 ] C:\WINDOWS\system32\wshext.dll
15:31:34.0203 3456  C:\WINDOWS\system32\wshext.dll - ok
15:31:34.0203 3456  [ 8F6ADD0EB80120160BE117459A1BBED7 ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
15:31:34.0203 3456  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
15:31:34.0203 3456  [ F7DCE54077EE9D8A351C4B1FFA866EE7 ] C:\Program Files\OpenOffice.org 3\program\quickstart.exe
15:31:34.0203 3456  C:\Program Files\OpenOffice.org 3\program\quickstart.exe - ok
15:31:34.0203 3456  [ 908CD81682BB9709DA5CE6E3296A3975 ] C:\WINDOWS\system32\igfxsrvc.dll
15:31:34.0203 3456  C:\WINDOWS\system32\igfxsrvc.dll - ok
15:31:34.0203 3456  [ 61B8E22576EB15D818EA13C38541682E ] C:\WINDOWS\system32\igfxdev.dll
15:31:34.0203 3456  C:\WINDOWS\system32\igfxdev.dll - ok
15:31:34.0218 3456  [ FBDB9D0935B9907B809B381FDDF1627F ] C:\WINDOWS\system32\regsvr32.exe
15:31:34.0218 3456  C:\WINDOWS\system32\regsvr32.exe - ok
15:31:34.0218 3456  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
15:31:34.0218 3456  C:\WINDOWS\system32\dbghelp.dll - ok
15:31:34.0218 3456  [ EBF11B2EB5FA37C2D6263E548D1B7591 ] C:\WINDOWS\system32\igfxrenu.lrc
15:31:34.0218 3456  C:\WINDOWS\system32\igfxrenu.lrc - ok
15:31:34.0218 3456  [ 11E8D8272FDBE213ADE3DAD91427CE35 ] C:\Program Files\OpenOffice.org 3\program\soffice.exe
15:31:34.0218 3456  C:\Program Files\OpenOffice.org 3\program\soffice.exe - ok
15:31:34.0218 3456  [ C63DBF690EF8DDB5104FC7A0C6A10F14 ] C:\WINDOWS\system32\igfxress.dll
15:31:34.0218 3456  C:\WINDOWS\system32\igfxress.dll - ok
15:31:34.0234 3456  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleCrashHandler.exe
15:31:34.0234 3456  C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
15:31:34.0234 3456  [ 65A9495A436F5402BC1C467E1B926C27 ] C:\WINDOWS\winhlp32.exe
15:31:34.0234 3456  C:\WINDOWS\winhlp32.exe - ok
15:31:34.0234 3456  [ 70341604053816468D9B4CA0368544E3 ] C:\Program Files\Lenovo\Energy Management\KbdHook.dll
15:31:34.0234 3456  C:\Program Files\Lenovo\Energy Management\KbdHook.dll - ok
15:31:34.0234 3456  [ 2337EC951C4AF6E1AF65D10BD9615BEB ] C:\Program Files\OpenOffice.org 3\program\soffice.bin
15:31:34.0234 3456  C:\Program Files\OpenOffice.org 3\program\soffice.bin - ok
15:31:34.0234 3456  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
15:31:34.0234 3456  C:\WINDOWS\system32\webcheck.dll - ok
15:31:34.0234 3456  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
15:31:34.0234 3456  C:\WINDOWS\system32\stobject.dll - ok
15:31:34.0250 3456  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
15:31:34.0250 3456  C:\WINDOWS\system32\drivers\cdfs.sys - ok
15:31:34.0250 3456  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
15:31:34.0250 3456  C:\WINDOWS\system32\batmeter.dll - ok
15:31:34.0250 3456  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
15:31:34.0250 3456  C:\WINDOWS\system32\imapi.exe - ok
15:31:34.0250 3456  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\wpdshserviceobj.dll
15:31:34.0250 3456  C:\WINDOWS\system32\wpdshserviceobj.dll - ok
15:31:34.0250 3456  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
15:31:34.0250 3456  C:\WINDOWS\system32\mydocs.dll - ok
15:31:34.0265 3456  [ 3C6FA2F4D58611579B21798E0568F548 ] C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
15:31:34.0265 3456  C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
15:31:34.0265 3456  [ 44AFE3A1C8C2C543F0BE9CA6AADDFDB7 ] C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll
15:31:34.0265 3456  C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll - ok
15:31:34.0265 3456  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\portabledevicetypes.dll
15:31:34.0265 3456  C:\WINDOWS\system32\portabledevicetypes.dll - ok
15:31:34.0265 3456  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\portabledeviceapi.dll
15:31:34.0265 3456  C:\WINDOWS\system32\portabledeviceapi.dll - ok
15:31:34.0265 3456  [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
15:31:34.0265 3456  C:\WINDOWS\system32\qmgr.dll - ok
15:31:34.0265 3456  [ 819A0F5341B54BDF8FEC5E6AFBE8534A ] C:\Program Files\OpenOffice.org 3\URE\bin\uwinapi.dll
15:31:34.0265 3456  C:\Program Files\OpenOffice.org 3\URE\bin\uwinapi.dll - ok
15:31:34.0281 3456  [ F1DAC7969C1337AF790BD1D981AA780C ] C:\WINDOWS\system32\qmgrprxy.dll
15:31:34.0281 3456  C:\WINDOWS\system32\qmgrprxy.dll - ok
15:31:34.0281 3456  [ E3DFBACA32C9B28F97A151E525B1310A ] C:\Program Files\OpenOffice.org 3\program\sofficeapp.dll
15:31:34.0281 3456  C:\Program Files\OpenOffice.org 3\program\sofficeapp.dll - ok
15:31:34.0281 3456  [ 5F7A0E32519875B80C17122BC595213B ] C:\Program Files\OpenOffice.org 3\program\comphelp4MSC.dll
15:31:34.0281 3456  C:\Program Files\OpenOffice.org 3\program\comphelp4MSC.dll - ok
15:31:34.0281 3456  [ D2159444DC50EBA83981B2B418FEEEEF ] C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
15:31:34.0281 3456  C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll - ok
15:31:34.0281 3456  [ 9754310A9B52D162970D11300765036A ] C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
15:31:34.0281 3456  C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll - ok
15:31:34.0296 3456  [ 8FA62CE244307D497F941152C22DD933 ] C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll
15:31:34.0296 3456  C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll - ok
15:31:34.0296 3456  [ F67C5FD6C90DAB281F50C3D2A0A25FED ] C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
15:31:34.0296 3456  C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll - ok
15:31:34.0296 3456  [ 12CDF168C0C1AA94D1B18831316F500F ] C:\Program Files\OpenOffice.org 3\program\ucbhelper4MSC.dll
15:31:34.0296 3456  C:\Program Files\OpenOffice.org 3\program\ucbhelper4MSC.dll - ok
15:31:34.0296 3456  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
15:31:34.0296 3456  C:\WINDOWS\system32\rasdlg.dll - ok
15:31:34.0296 3456  [ 4950FE4940D45DEBD6C6ABCB0D1804D0 ] C:\Program Files\OpenOffice.org 3\program\vos3MSC.dll
15:31:34.0296 3456  C:\Program Files\OpenOffice.org 3\program\vos3MSC.dll - ok
15:31:34.0296 3456  [ 1E6420271F16909BDA9ADE8664559258 ] C:\Program Files\OpenOffice.org 3\program\deploymentmiscmi.dll
15:31:34.0296 3456  C:\Program Files\OpenOffice.org 3\program\deploymentmiscmi.dll - ok
15:31:34.0312 3456  [ 0E1E1E1490C3E8648A55557C4FFCBB70 ] C:\Program Files\OpenOffice.org 3\program\libdb47.dll
15:31:34.0312 3456  C:\Program Files\OpenOffice.org 3\program\libdb47.dll - ok
15:31:34.0312 3456  [ 6819689810BD37C4874FF5FFED51B6FB ] C:\Program Files\OpenOffice.org 3\program\tlmi.dll
15:31:34.0312 3456  C:\Program Files\OpenOffice.org 3\program\tlmi.dll - ok
15:31:34.0312 3456  [ E4248C19414D5B371E3007B823DA4899 ] C:\Program Files\OpenOffice.org 3\program\basegfxmi.dll
15:31:34.0312 3456  C:\Program Files\OpenOffice.org 3\program\basegfxmi.dll - ok
15:31:34.0312 3456  [ 2F8F359731C38ED65991D608FCCF9429 ] C:\Program Files\OpenOffice.org 3\program\i18nisolang1MSC.dll
15:31:34.0312 3456  C:\Program Files\OpenOffice.org 3\program\i18nisolang1MSC.dll - ok
15:31:34.0312 3456  [ E58B6CECC6A479D996EA9F4033DFB773 ] C:\Program Files\OpenOffice.org 3\program\utlmi.dll
15:31:34.0312 3456  C:\Program Files\OpenOffice.org 3\program\utlmi.dll - ok
15:31:34.0328 3456  [ D56D65BAC7A6655E1DB9DA9BBF356079 ] C:\Program Files\OpenOffice.org 3\program\xcrmi.dll
15:31:34.0328 3456  C:\Program Files\OpenOffice.org 3\program\xcrmi.dll - ok
15:31:34.0328 3456  [ 3FF18EC0860253CE7D7FBD7F7DB9CA77 ] C:\Program Files\OpenOffice.org 3\program\sfxmi.dll
15:31:34.0328 3456  C:\Program Files\OpenOffice.org 3\program\sfxmi.dll - ok
15:31:34.0328 3456  [ 0BD3A5964932ACE28910AA4BBE56CF76 ] C:\Program Files\OpenOffice.org 3\program\fwemi.dll
15:31:34.0328 3456  C:\Program Files\OpenOffice.org 3\program\fwemi.dll - ok
15:31:34.0328 3456  [ 361EB6361D03D8A1646033C8A0F05341 ] C:\Program Files\OpenOffice.org 3\program\fwimi.dll
15:31:34.0328 3456  C:\Program Files\OpenOffice.org 3\program\fwimi.dll - ok
15:31:34.0328 3456  [ 0D17F1297656581D23DCF7FA8D1715D8 ] C:\Program Files\OpenOffice.org 3\program\svtmi.dll
15:31:34.0328 3456  C:\Program Files\OpenOffice.org 3\program\svtmi.dll - ok
15:31:34.0328 3456  [ BBB229E8B31E20883A4266C8ED317F34 ] C:\Program Files\OpenOffice.org 3\program\tkmi.dll
15:31:34.0328 3456  C:\Program Files\OpenOffice.org 3\program\tkmi.dll - ok
15:31:34.0343 3456  [ D9918616D5D195FC5E5AB8B29233A211 ] C:\Program Files\OpenOffice.org 3\program\vclmi.dll
15:31:34.0343 3456  C:\Program Files\OpenOffice.org 3\program\vclmi.dll - ok
15:31:34.0343 3456  [ DB5A265DE91304D25D0CB5824EB0BB88 ] C:\Program Files\OpenOffice.org 3\program\sotmi.dll
15:31:34.0343 3456  C:\Program Files\OpenOffice.org 3\program\sotmi.dll - ok
15:31:34.0343 3456  [ 2DBA6CE7CF4CC0BEE27C7A241D3F5C18 ] C:\Program Files\OpenOffice.org 3\program\i18npapermi.dll
15:31:34.0343 3456  C:\Program Files\OpenOffice.org 3\program\i18npapermi.dll - ok
15:31:34.0343 3456  [ F90F6810EF1FB261612B422DB368743E ] C:\Program Files\OpenOffice.org 3\program\i18nutilMSC.dll
15:31:34.0343 3456  C:\Program Files\OpenOffice.org 3\program\i18nutilMSC.dll - ok
15:31:34.0343 3456  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
15:31:34.0343 3456  C:\WINDOWS\system32\wbem\ncprov.dll - ok
15:31:34.0359 3456  [ 6260DFD92F3D7CCE07814A790F8FD2C8 ] C:\Program Files\OpenOffice.org 3\program\icuuc40.dll
15:31:34.0359 3456  C:\Program Files\OpenOffice.org 3\program\icuuc40.dll - ok
15:31:34.0359 3456  [ 35C8B53137C1FBA840B22B1F79E5A04E ] C:\Program Files\OpenOffice.org 3\program\icudt40.dll
15:31:34.0359 3456  C:\Program Files\OpenOffice.org 3\program\icudt40.dll - ok
15:31:34.0359 3456  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
15:31:34.0359 3456  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
15:31:34.0359 3456  [ E3E115211DC45F2268EB5A4C7E929EB8 ] C:\Program Files\OpenOffice.org 3\program\svlmi.dll
15:31:34.0359 3456  C:\Program Files\OpenOffice.org 3\program\svlmi.dll - ok
15:31:34.0359 3456  [ EFC5CF01BD397F6C874DD3CD90881997 ] C:\Program Files\OpenOffice.org 3\program\libxml2.dll
15:31:34.0359 3456  C:\Program Files\OpenOffice.org 3\program\libxml2.dll - ok
15:31:34.0359 3456  [ 99AAA883435646D48F7899EF0760EC20 ] C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll
15:31:34.0359 3456  C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll - ok
15:31:34.0375 3456  [ FBEE9CF61EE30B24D298BF275D9CCD6B ] C:\Program Files\OpenOffice.org 3\program\sbmi.dll
15:31:34.0375 3456  C:\Program Files\OpenOffice.org 3\program\sbmi.dll - ok
15:31:34.0375 3456  [ 7C27F5AD651035A99AA84CCF0F6E9B43 ] C:\Program Files\OpenOffice.org 3\program\saxmi.dll
15:31:34.0375 3456  C:\Program Files\OpenOffice.org 3\program\saxmi.dll - ok
15:31:34.0375 3456  [ FCDB1D6CEAC3BFE8A6E695A6C9497326 ] C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll
15:31:34.0375 3456  C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll - ok
15:31:34.0375 3456  [ 10CF916BC32FB8DB2F0B4D378A54E60B ] C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
15:31:34.0375 3456  C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll - ok
15:31:34.0375 3456  [ EA4418B55D9F1D75B1026521BAAFB557 ] C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll
15:31:34.0375 3456  C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll - ok
15:31:34.0390 3456  [ AAC85B08545AAF443525B7039E8C9D05 ] C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll
15:31:34.0390 3456  C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll - ok
15:31:34.0390 3456  [ 972796BE8C60800BEBBA554723A521A4 ] C:\Program Files\OpenOffice.org 3\program\configmgr.uno.dll
15:31:34.0390 3456  C:\Program Files\OpenOffice.org 3\program\configmgr.uno.dll - ok
15:31:34.0390 3456  [ 898A28BC4CF5E35E53414DEE5E562C04 ] C:\Program Files\OpenOffice.org 3\program\localebe1.uno.dll
15:31:34.0390 3456  C:\Program Files\OpenOffice.org 3\program\localebe1.uno.dll - ok
15:31:34.0390 3456  [ E0E24AF34A5BF4CA3B44A076093A25B6 ] C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll
15:31:34.0390 3456  C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll - ok
15:31:34.0390 3456  [ 38EB401BD169780EFFBA34F8198025CD ] C:\Program Files\OpenOffice.org 3\program\ucb1.dll
15:31:34.0390 3456  C:\Program Files\OpenOffice.org 3\program\ucb1.dll - ok
15:31:34.0406 3456  [ A9974F5292C53751A38CF8D09222AFD7 ] C:\Program Files\OpenOffice.org 3\program\fwkmi.dll
15:31:34.0406 3456  C:\Program Files\OpenOffice.org 3\program\fwkmi.dll - ok
15:31:34.0406 3456  [ AEF7483D55F78AD845E4EE8A0A515664 ] C:\Program Files\OpenOffice.org 3\program\ucpfile1.dll
15:31:34.0406 3456  C:\Program Files\OpenOffice.org 3\program\ucpfile1.dll - ok
15:31:34.0406 3456  [ 93F2209C131583D0E2170DB3EE943939 ] C:\Program Files\OpenOffice.org 3\program\i18npool.uno.dll
15:31:34.0406 3456  C:\Program Files\OpenOffice.org 3\program\i18npool.uno.dll - ok
15:31:34.0406 3456  [ 75FF2DED94558D6BE995459F62EB8EB9 ] C:\Program Files\OpenOffice.org 3\program\icuin40.dll
15:31:34.0406 3456  C:\Program Files\OpenOffice.org 3\program\icuin40.dll - ok
15:31:34.0406 3456  [ 08FDA48A1FC78B56BF9D161B9E4FC725 ] C:\Program Files\OpenOffice.org 3\program\oooimprovementmi.dll
15:31:34.0406 3456  C:\Program Files\OpenOffice.org 3\program\oooimprovementmi.dll - ok
15:31:34.0406 3456  [ 7D7D8501F3CB45D0408CDEFA08CDAEFF ] C:\WINDOWS\system32\usp10.dll
15:31:34.0406 3456  C:\WINDOWS\system32\usp10.dll - ok
15:31:34.0421 3456  [ 42B9A5FC7E92EC9F4ED8E0CABE245FFA ] C:\Program Files\OpenOffice.org 3\program\oleautobridge.uno.dll
15:31:34.0421 3456  C:\Program Files\OpenOffice.org 3\program\oleautobridge.uno.dll - ok
15:31:34.0421 3456  [ 6518BE3CFCB3CF63CBCD9702182B0C66 ] C:\Program Files\OpenOffice.org 3\program\emsermi.dll
15:31:34.0421 3456  C:\Program Files\OpenOffice.org 3\program\emsermi.dll - ok
15:31:34.0421 3456  [ 58ED0528F2B1BFB3301BC10E0E707C35 ] C:\Program Files\Mozilla Firefox\firefox.exe
15:31:34.0421 3456  C:\Program Files\Mozilla Firefox\firefox.exe - ok
15:31:34.0421 3456  [ 262D86B6E19F7A4766402981B07D9F61 ] C:\Program Files\Mozilla Firefox\mozglue.dll
15:31:34.0421 3456  C:\Program Files\Mozilla Firefox\mozglue.dll - ok
15:31:34.0421 3456  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
15:31:34.0421 3456  C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
15:31:34.0437 3456  [ 577A365E730736D3DC2FB870156D1BB8 ] C:\Program Files\Mozilla Firefox\mozjs.dll
15:31:34.0437 3456  C:\Program Files\Mozilla Firefox\mozjs.dll - ok
15:31:34.0437 3456  [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Mozilla Firefox\msvcp100.dll
15:31:34.0437 3456  C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
15:31:34.0437 3456  [ 5294E28996A54959E53FDF1956CF8888 ] C:\Program Files\Mozilla Firefox\nspr4.dll
15:31:34.0437 3456  C:\Program Files\Mozilla Firefox\nspr4.dll - ok
15:31:34.0437 3456  [ 810D3D884387DAE0E1C1A5010C12508A ] C:\Program Files\Mozilla Firefox\nssutil3.dll
15:31:34.0437 3456  C:\Program Files\Mozilla Firefox\nssutil3.dll - ok
15:31:34.0437 3456  [ FCDB95CAD0F44BA045CB6E7620F2E3D4 ] C:\Program Files\Mozilla Firefox\plc4.dll
15:31:34.0437 3456  C:\Program Files\Mozilla Firefox\plc4.dll - ok
15:31:34.0437 3456  [ CC6B544120760F0AE1146927447AF319 ] C:\Program Files\Mozilla Firefox\plds4.dll
15:31:34.0437 3456  C:\Program Files\Mozilla Firefox\plds4.dll - ok
15:31:34.0453 3456  [ 574299294DB5E98F963BBA61E0112C58 ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll
15:31:34.0453 3456  C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok
15:31:34.0453 3456  [ 06798CDC2698C0798089B44124C77253 ] C:\Program Files\Mozilla Firefox\nss3.dll
15:31:34.0453 3456  C:\Program Files\Mozilla Firefox\nss3.dll - ok
15:31:34.0453 3456  [ 165BEB6D3C856AD618E6E95B4D69217A ] C:\Program Files\Mozilla Firefox\smime3.dll
15:31:34.0453 3456  C:\Program Files\Mozilla Firefox\smime3.dll - ok
15:31:34.0453 3456  [ F7868F18670E0D7D7D161C5F093F19CB ] C:\Program Files\Mozilla Firefox\ssl3.dll
15:31:34.0453 3456  C:\Program Files\Mozilla Firefox\ssl3.dll - ok
15:31:34.0453 3456  [ 12439FD1B08CE5EAD888A7467086CFF6 ] C:\Program Files\Mozilla Firefox\gkmedias.dll
15:31:34.0453 3456  C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
15:31:34.0468 3456  [ F6886DA015E93A5B42304BA3A5FD8E23 ] C:\Program Files\Mozilla Firefox\mozalloc.dll
15:31:34.0468 3456  C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
15:31:34.0468 3456  [ 2D74DA2F9DCFA013158BAA5D5B17C5B3 ] C:\Program Files\Mozilla Firefox\xul.dll
15:31:34.0468 3456  C:\Program Files\Mozilla Firefox\xul.dll - ok
15:31:34.0468 3456  [ D25C03D04159D462D69F294BA7142BDB ] C:\WINDOWS\system32\msdmo.dll
15:31:34.0468 3456  C:\WINDOWS\system32\msdmo.dll - ok
15:31:34.0468 3456  [ 0098E4B99614900C33F795A81635EAE1 ] C:\Program Files\Mozilla Firefox\xpcom.dll
15:31:34.0468 3456  C:\Program Files\Mozilla Firefox\xpcom.dll - ok
15:31:34.0468 3456  [ E34CA3DE924143F693A5E22B87C5CC4F ] C:\Program Files\Mozilla Firefox\components\browsercomps.dll
15:31:34.0468 3456  C:\Program Files\Mozilla Firefox\components\browsercomps.dll - ok
15:31:34.0468 3456  [ 51F323636C1FE5ECDD6B64A14FE96DCC ] C:\WINDOWS\system32\t2embed.dll
15:31:34.0468 3456  C:\WINDOWS\system32\t2embed.dll - ok
15:31:34.0484 3456  [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll
15:31:34.0484 3456  C:\WINDOWS\system32\lz32.dll - ok
15:31:34.0484 3456  [ 303A63F4B913AA5D8998161CB77A8CE7 ] C:\WINDOWS\system32\feclient.dll
15:31:34.0484 3456  C:\WINDOWS\system32\feclient.dll - ok
15:31:34.0484 3456  [ 4C99AED2AABDEDD7B0C99B62A7E24B3D ] C:\Program Files\Mozilla Firefox\softokn3.dll
15:31:34.0484 3456  C:\Program Files\Mozilla Firefox\softokn3.dll - ok
15:31:34.0484 3456  [ D31E86BA9D9D3C5608CC916D0C38410D ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
15:31:34.0484 3456  C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
15:31:34.0484 3456  [ B06643DB1CFFF911F80F03A80FDD6203 ] C:\Program Files\Mozilla Firefox\freebl3.dll
15:31:34.0484 3456  C:\Program Files\Mozilla Firefox\freebl3.dll - ok
15:31:34.0484 3456  [ 585F0850AEACE07B6D095CA9CBF02226 ] C:\Program Files\Mozilla Firefox\nssckbi.dll
15:31:34.0484 3456  C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
15:31:34.0500 3456  [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
15:31:34.0500 3456  C:\WINDOWS\system32\drprov.dll - ok
15:31:34.0500 3456  [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
15:31:34.0500 3456  C:\WINDOWS\system32\ntlanman.dll - ok
15:31:34.0500 3456  [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
15:31:34.0500 3456  C:\WINDOWS\system32\netui0.dll - ok
15:31:34.0500 3456  [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
15:31:34.0500 3456  C:\WINDOWS\system32\netui1.dll - ok
15:31:34.0500 3456  [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
15:31:34.0500 3456  C:\WINDOWS\system32\davclnt.dll - ok
15:31:34.0500 3456  ============================================================
15:31:34.0500 3456  Scan finished
15:31:34.0500 3456  ============================================================
15:31:34.0515 3448  Detected object count: 0
15:31:34.0515 3448  Actual detected object count: 0





aswMBR:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-15 15:43:31
-----------------------------
15:43:31.250    OS Version: Windows 5.1.2600 Service Pack 3
15:43:31.250    Number of processors: 2 586 0x170A
15:43:31.250    ComputerName: YONALY-BCAEF976  UserName: Administrator
15:43:32.140    Initialize success
15:43:48.703    AVAST engine defs: 13021501
15:44:43.781    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:44:43.781    Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
15:44:43.796    Disk 0 MBR read successfully
15:44:43.796    Disk 0 MBR scan
15:44:43.875    Disk 0 Windows XP default MBR code
15:44:43.906    Disk 0 Partition 1 00     83        Linux            113469 MB offset 2048
15:44:43.921    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       115294 MB offset 232396290
15:44:43.937    Disk 0 Partition - 00     0F Extended LBA              9704 MB offset 468523006
15:44:43.953    Disk 0 Partition 3 00     82   Linux swap              9704 MB offset 468523008
15:44:43.953    Disk 0 scanning sectors +488396800
15:44:44.031    Disk 0 scanning C:\WINDOWS\system32\drivers
15:44:52.781    Service scanning
15:45:10.625    Modules scanning
15:45:16.156    Disk 0 trace - called modules:
15:45:16.187    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:45:16.187    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a441030]
15:45:16.187    3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8a469028]
15:45:16.953    AVAST engine scan C:\WINDOWS
15:45:19.906    AVAST engine scan C:\WINDOWS\system32
15:48:01.500    AVAST engine scan C:\WINDOWS\system32\drivers
15:48:14.062    AVAST engine scan C:\Documents and Settings\Administrator
15:57:38.906    AVAST engine scan C:\Documents and Settings\All Users
16:01:22.390    Scan finished successfully
16:20:51.218    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\COMP CLEAN UP STUFF\step 1\MBR.dat"
16:20:51.218    The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\COMP CLEAN UP STUFF\step 1\aswMBR.txt"






ESET:

C:\Documents and Settings\Administrator\My Documents\Downloads\flstudio_10.0.9c.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\My Documents\Downloads\lmms-0.4.13-win32.exe    Win32/Toolbar.Babylon application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\My Documents\Downloads\Adobe Flash Professional CS5 v11.0.0.485 + KEYGEN {Archon}\Adobe Flash Professional CS5 v11.0.0.485.zip    a variant of Win32/HackTool.Patcher.P application    deleted - quarantined
F:\home\yonaly\Desktop\music\autorun.inf    Win32/AutoRun.VB.QC worm    unable to clean
F:\home\yonaly\Desktop\music\pixxx.exe    Win32/AutoRun.Agent.VR worm    unable to clean
F:\home\yonaly\Desktop\music\SetupInstall.exe    Win32/AutoRun.Agent.VR worm    unable to clean



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:46 AM

Posted 15 February 2013 - 10:13 PM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log



#5 mtfalcon31

mtfalcon31
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 16 February 2013 - 12:08 AM

  • Malwarebytes log

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org


 

Database version: v2013.02.16.01


 

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: YONALY-BCAEF976 [administrator]


 

2/15/2013 8:25:31 PM
mbam-log-2013-02-15 (20-25-31).txt


 

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 202090
Time elapsed: 4 minute(s), 33 second(s)


 

Memory Processes Detected: 0
(No malicious items detected)


 

Memory Modules Detected: 0
(No malicious items detected)


 

Registry Keys Detected: 0
(No malicious items detected)


 

Registry Values Detected: 0
(No malicious items detected)


 

Registry Data Items Detected: 0
(No malicious items detected)


 

Folders Detected: 0
(No malicious items detected)


 

Files Detected: 0
(No malicious items detected)


 

(end)

 

 

 

 

 

 

  • MiniToolBox log

MiniToolBox by Farbar  Version:10-01-2013
Ran by Administrator (administrator) on 15-02-2013 at 20:35:37
Running from "C:\Documents and Settings\Administrator\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************


 

========================= Flush DNS: ===================================


 


Windows IP Configuration


 

 


 

Successfully flushed the DNS Resolver Cache.


 


========================= IE Proxy Settings: ==============================


 

Proxy is not enabled.
No Proxy Server is set.


 

"Reset IE Proxy Settings": IE Proxy Settings were reset.


 

========================= FF Proxy Settings: ==============================


 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.


 

========================= Hosts content: =================================


 

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com


 

There are 15128 more lines starting with "127.0.0.1"


 

========================= IP Configuration: ================================


 

Broadcom 802.11g Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Fast Ethernet = Local Area Connection 2 (Media disconnected)


 


# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip


 


# Interface IP Configuration for "Local Area Connection 2"


 

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


 

# Interface IP Configuration for "Wireless Network Connection"


 

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


 


popd
# End of interface IP configuration


 

 


 


Windows IP Configuration


 

 


 

        Host Name . . . . . . . . . . . . : yonaly-bcaef976


 

        Primary Dns Suffix  . . . . . . . :


 

        Node Type . . . . . . . . . . . . : Hybrid


 

        IP Routing Enabled. . . . . . . . : No


 

        WINS Proxy Enabled. . . . . . . . : No


 

 


 

Ethernet adapter Local Area Connection 2:


 

 


 

        Media State . . . . . . . . . . . : Media disconnected


 

        Description . . . . . . . . . . . : Broadcom NetLink ™ Fast Ethernet


 

        Physical Address. . . . . . . . . : 70-5A-B6-63-56-F6


 

 


 

Ethernet adapter Wireless Network Connection:


 

 


 

        Connection-specific DNS Suffix  . :


 

        Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter


 

        Physical Address. . . . . . . . . : 00-26-82-66-C9-DC


 

        Dhcp Enabled. . . . . . . . . . . : Yes


 

        Autoconfiguration Enabled . . . . : Yes


 

        IP Address. . . . . . . . . . . . : 192.168.1.100


 

        Subnet Mask . . . . . . . . . . . : 255.255.255.0


 

        Default Gateway . . . . . . . . . : 192.168.1.1


 

        DHCP Server . . . . . . . . . . . : 192.168.1.1


 

        DNS Servers . . . . . . . . . . . : 192.168.1.1


 

        Lease Obtained. . . . . . . . . . : Friday, February 15, 2013 3:29:14 PM


 

        Lease Expires . . . . . . . . . . : Friday, February 22, 2013 3:29:14 PM


 

Server:  ar670w
Address:  192.168.1.1


 

Name:    google.com
Addresses:  74.125.227.39, 74.125.227.40, 74.125.227.41, 74.125.227.46
   74.125.227.32, 74.125.227.33, 74.125.227.34, 74.125.227.35, 74.125.227.36
   74.125.227.37, 74.125.227.38


 

 


 

Pinging google.com [173.194.46.8] with 32 bytes of data:


 

 


 

Reply from 173.194.46.8: bytes=32 time=67ms TTL=50


 

Reply from 173.194.46.8: bytes=32 time=77ms TTL=50


 

 


 

Ping statistics for 173.194.46.8:


 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),


 

Approximate round trip times in milli-seconds:


 

    Minimum = 67ms, Maximum = 77ms, Average = 72ms


 

Server:  ar670w
Address:  192.168.1.1


 

Name:    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24


 

 


 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:


 

 


 

Reply from 98.139.183.24: bytes=32 time=338ms TTL=46


 

Reply from 98.139.183.24: bytes=32 time=232ms TTL=46


 

 


 

Ping statistics for 98.139.183.24:


 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),


 

Approximate round trip times in milli-seconds:


 

    Minimum = 232ms, Maximum = 338ms, Average = 285ms


 

 


 

Pinging 127.0.0.1 with 32 bytes of data:


 

 


 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128


 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128


 

 


 

Ping statistics for 127.0.0.1:


 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),


 

Approximate round trip times in milli-seconds:


 

    Minimum = 0ms, Maximum = 0ms, Average = 0ms


 

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...70 5a b6 63 56 f6 ...... Broadcom NetLink ™ Fast Ethernet - Packet Scheduler Miniport
0x3 ...00 26 82 66 c9 dc ...... Broadcom 802.11g Network Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.100   25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      192.168.1.0    255.255.255.0    192.168.1.100   192.168.1.100   25
    192.168.1.100  255.255.255.255        127.0.0.1       127.0.0.1   25
    192.168.1.255  255.255.255.255    192.168.1.100   192.168.1.100   25
        224.0.0.0        240.0.0.0    192.168.1.100   192.168.1.100   25
  255.255.255.255  255.255.255.255    192.168.1.100   192.168.1.100   1
  255.255.255.255  255.255.255.255    192.168.1.100               2   1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================


 

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"


 

Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"


 

Catalog9 01 mswsock.dll [File not found] ()
Catalog9 02 mswsock.dll [File not found] ()
Catalog9 03 mswsock.dll [File not found] ()
Catalog9 04 mswsock.dll [File not found] ()
Catalog9 05 mswsock.dll [File not found] ()
Catalog9 06 mswsock.dll [File not found] ()
Catalog9 07 mswsock.dll [File not found] ()
Catalog9 08 mswsock.dll [File not found] ()
Catalog9 09 mswsock.dll [File not found] ()
Catalog9 10 mswsock.dll [File not found] ()
Catalog9 11 mswsock.dll [File not found] ()
Catalog9 12 mswsock.dll [File not found] ()
Catalog9 13 mswsock.dll [File not found] ()
Catalog9 14 mswsock.dll [File not found] ()
Catalog9 15 mswsock.dll [File not found] ()


 

========================= Event log errors: ===============================


 

Application errors:
==================
Error: (02/15/2013 03:35:30 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 03:34:58 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 02:46:49 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 02:02:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.


 

Error: (02/15/2013 01:27:31 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 01:27:06 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 01:21:05 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 01:19:42 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 01:17:04 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 01:14:07 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 


System errors:
=============
Error: (02/15/2013 08:33:00 PM) (Source: Schedule) (User: )
Description: The At42.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 08:33:00 PM) (Source: Schedule) (User: )
Description: The At41.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 07:33:00 PM) (Source: Schedule) (User: )
Description: The At40.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 07:33:00 PM) (Source: Schedule) (User: )
Description: The At39.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 06:58:33 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0


 

Error: (02/15/2013 06:33:00 PM) (Source: Schedule) (User: )
Description: The At38.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 06:33:00 PM) (Source: Schedule) (User: )
Description: The At37.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 05:33:00 PM) (Source: Schedule) (User: )
Description: The At36.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 05:33:00 PM) (Source: Schedule) (User: )
Description: The At35.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 04:33:00 PM) (Source: Schedule) (User: )
Description: The At34.job command failed to start due to the following error:
%%2147942402


 


Microsoft Office Sessions:
=========================
Error: (02/15/2013 03:35:30 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 03:34:58 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 02:46:49 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 02:02:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.


 

Error: (02/15/2013 01:27:31 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 01:27:06 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 01:21:05 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 01:19:42 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 01:17:04 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 01:14:07 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 


=========================== Installed Programs ============================


 

3DMiracle & 3DMonster toolkit (remove only)
Adobe AIR (Version: 3.0.0.4080)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
AdventureTime_SS_win Screen Saver
ALPS Touch Pad Driver
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
ASIO4ALL (Version: 2.10)
Audacity 1.3.13 (Unicode)
Bamboo (Version: 5.2.4-6)
Bamboo Dock (Version: 4.0.0)
Bamboo Dock 3.3 (Version: 3.3)
BitTorrent (Version: 7.7.0.27987)
Broadcom Gigabit Integrated Controller (Version: 11.44.04)
Broadcom WLAN (Version: 5.10.38.14 Round2)
CCleaner (Version: 3.14)
Color Efex Pro 3.0 Wacom Edition 3 (Version: 3.0.0.1)
Conexant HD Audio (Version: 3.83.0.0)
Energy Management (Version: 3.0.3.0)
ESET Online Scanner v3
Ext2Fsd 0.50 (Version: 0.50)
FL Studio 10
FL Studio v7.0
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 24.0.1312.57)
HashTab (Version: 3.0.0)
Hercules DJ Products Series drivers (Version: 4.HDJS.2009)
hkSFV (Version: 2.0.1.84)
IL Download Manager
IL Shared Libraries
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.5.2.11)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 26 (Version: 6.0.260)
LAME v3.99.3 (for Windows)
Lenovo Driver Download Manager (Version: 2.0.0.193)
Lenovo EasyCamera (Version: 6.32.2018.03)
Livebrush Mini (Version: 1.5)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
MixMeister BPM Analyzer 1.0
Mixxx 1.10.0 (Version: 1.10.0)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
NVIDIA Drivers (Version: 1.3)
OpenOffice.org 3.3 (Version: 3.3.9567)
Picasa 3 (Version: 3.8)
Python 2.7.2 (Version: 2.7.2150)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
RealUpgrade 1.1 (Version: 1.1.0)
REAPER
SoulSeek 157 NS 13e
Strongvault Online Backup (Version: 5.0.2.34)
Tux Paint 0.9.21c
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Virtual DJ - Atomix Productions
Virtual Volumes (Version: 0.5)
VLC media player 1.1.9 (Version: 1.1.9)
WebFldrs XP (Version: 9.50.7523)
WebTablet IE Plugin (Version: 1.1.0.7)
WebTablet Netscape Plugin (Version: 1.1.0.5)
Whorld (Version: 1.7.06.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)


 

========================= Devices: ================================


 

Name: ACPI Multiprocessor PC
Description: ACPI Multiprocessor PC
Class Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL


 

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPI


 

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: PCI bus
Description: PCI bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci


 

Name: Mobile Intel® 4 Series Chipset Processor to DRAM Controller - 2A40
Description: Mobile Intel® 4 Series Chipset Processor to DRAM Controller - 2A40
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:


 

Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: ialm


 

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:


 

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:


 

Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: ialm


 

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2937
Description: Intel® ICH9 Family USB Universal Host Controller - 2937
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2938
Description: Intel® ICH9 Family USB Universal Host Controller - 2938
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2939
Description: Intel® ICH9 Family USB Universal Host Controller - 2939
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbehci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Microsoft UAA Bus Driver for High Definition Audio
Description: Microsoft UAA Bus Driver for High Definition Audio
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: HDAudBus


 

Name: Conexant CX20561 SmartAudio HD
Description: Conexant CX20561 SmartAudio HD
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Conexant
Service: CnxtHdAudService


 

Name: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Description: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Description: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Intel® ICH9 Family PCI Express Root Port 3 - 2944
Description: Intel® ICH9 Family PCI Express Root Port 3 - 2944
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Broadcom 802.11g Network Adapter
Description: Broadcom 802.11g Network Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: BCM43XX


 

Name: Intel® ICH9 Family PCI Express Root Port 4 - 2946
Description: Intel® ICH9 Family PCI Express Root Port 4 - 2946
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Intel® ICH9 Family PCI Express Root Port 6 - 294A
Description: Intel® ICH9 Family PCI Express Root Port 6 - 294A
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Broadcom NetLink ™ Fast Ethernet
Description: Broadcom NetLink ™ Fast Ethernet
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: b57w2k


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2934
Description: Intel® ICH9 Family USB Universal Host Controller - 2934
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2935
Description: Intel® ICH9 Family USB Universal Host Controller - 2935
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2936
Description: Intel® ICH9 Family USB Universal Host Controller - 2936
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbehci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Lenovo EasyCamera
Description: Lenovo EasyCamera
Class Guid: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Manufacturer: Bison
Service: Cam5607


 

Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Intel® ICH9M LPC Interface Controller - 2919
Description: Intel® ICH9M LPC Interface Controller - 2919
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: isapnp


 

Name: ISAPNP Read Data Port
Description: ISAPNP Read Data Port
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPIEC


 

Name: Lenovo ACPI-Compliant Virtual Power Controller
Description: Lenovo ACPI-Compliant Virtual Power Controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Lenovo
Service: ACPIVPC


 

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:


 

Name: High precision event timer
Description: High precision event timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: System timer
Description: System timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt


 

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt


 

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt


 

Name: Alps Pointing-device
Description: Alps Pointing-device
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Alps Electric
Service: i8042prt


 

Name: Intel® ICH9M-E/M SATA AHCI Controller
Description: Intel® ICH9M-E/M SATA AHCI Controller
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: iaStor


 

Name: WDC WD2500BEVT-24A23T0
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk


 

Name: TSSTcorp CDDVDW TS-L633B
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom


 

Name: Intel® ICH9 Family SMBus Controller - 2930
Description: Intel® ICH9 Family SMBus Controller - 2930
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:


 

Name: Intel® ICH9 Family Thermal Subsystem - 2932
Description: Intel® ICH9 Family Thermal Subsystem - 2932
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:


 

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Pentium® Dual-Core CPU       T4400  @ 2.20GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm


 

Name: Pentium® Dual-Core CPU       T4400  @ 2.20GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm


 

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Compbatt


 

Name: Logical Disk Manager
Description: Logical Disk Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: dmio


 

Name: Volume Manager
Description: Volume Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: ftdisk


 

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:


 

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:


 

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:


 

Name: Wacom Virtual Hid Driver
Description: Wacom Virtual Hid Driver
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: Wacom
Service: wacomvhid


 

Name: Wacom HID Pen
Description: HID-compliant device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service:


 

Name: Wacom HID Digitizer
Description: HID-compliant device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service:


 

Name: Wacom Mouse
Description: Wacom Mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Wacom Technology
Service: mouhid


 

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service:


 

Name: AFD
Description: AFD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD


 

Name: Aspi32
Description: Aspi32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Aspi32


 

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep


 

Name: dmboot
Description: dmboot
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmboot


 

Name: dmload
Description: dmload
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmload


 

Name: Linux ext2 file system driver
Description: Linux ext2 file system driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ext2Fsd


 

Name: Fips
Description: Fips
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Fips


 

Name: Generic Packet Classifier
Description: Generic Packet Classifier
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Gpc


 

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP


 

Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpNat


 

Name: IPSEC driver
Description: IPSEC driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IPSec


 

Name: ksecdd
Description: ksecdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ksecdd


 

Name: mnmdd
Description: mnmdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mnmdd


 

Name: mountmgr
Description: mountmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr


 

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS


 

Name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NdisTapi


 

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio


 

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy


 

Name: NetBios over Tcpip
Description: NetBios over Tcpip
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT


 

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null


 

Name: ParVdm
Description: ParVdm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ParVdm


 

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd


 

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD


 

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip


 

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave


 

Name: VolSnap
Description: VolSnap
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VolSnap


 

Name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarp


 

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000


 

Name: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Description: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WS2IFSL


 

Name: Windows Driver Foundation - User-mode Driver Framework Platform Driver
Description: Windows Driver Foundation - User-mode Driver Framework Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf


 

Name: Audio Codecs
Description: Audio Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub


 

Name: Legacy Audio Drivers
Description: Legacy Audio Drivers
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub


 

Name: Media Control Devices
Description: Media Control Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub


 

Name: Legacy Video Capture Devices
Description: Legacy Video Capture Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub


 

Name: Video Codecs
Description: Video Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub


 

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Rasl2tp


 

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NdisWan


 

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: RasPppoe


 

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PptpMiniport


 

Name: WAN Miniport (IP) - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched


 

Name: Broadcom 802.11g Network Adapter - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched


 

Name: Broadcom NetLink ™ Fast Ethernet - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched


 

Name: Direct Parallel
Description: Direct Parallel
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Raspti


 

Name: Terminal Server Device Redirector
Description: Terminal Server Device Redirector
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: rdpdr


 

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD


 

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD


 

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: swenum


 

Name: Microsoft WINMM WDM Audio Compatibility Driver
Description: Microsoft WINMM WDM Audio Compatibility Driver
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: wdmaud


 

Name: Microsoft Kernel System Audio Device
Description: Microsoft Kernel System Audio Device
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: sysaudio


 

Name: Microsoft Kernel Wave Audio Mixer
Description: Microsoft Kernel Wave Audio Mixer
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: kmixer


 

Name: Microcode Update Device
Description: Microcode Update Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: update


 

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: mssmbios


 

Name: aswMBR
Description: aswMBR
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswMBR


 


========================= Memory info: ===================================


 

Percentage of memory in use: 26%
Total physical RAM: 3004.53 MB
Available physical RAM: 2196.94 MB
Total Pagefile: 4889.14 MB
Available Pagefile: 4377.88 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.01 MB


 

========================= Partitions: =====================================


 

1 Drive c: () (Fixed) (Total:112.59 GB) (Free:65.08 GB) NTFS
3 Drive f: () (Fixed) (Total:110.81 GB) (Free:65.61 GB) EXT3


 

========================= Users: ========================================


 

User accounts for \\


 

Administrator            ASPNET                   Guest                   
HelpAssistant            SUPPORT_388945a0        


 


**** End of log ****

 

 

 

 

 

  • Farbar's Service Scanner log

Farbar Service Scanner Version: 15-02-2013
Ran by Administrator (administrator) on 15-02-2013 at 20:40:27
Running from "C:\Documents and Settings\Administrator\Desktop\COMP CLEAN UP STUFF\step 2"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************


 

Internet Services:
============


 

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


 


Windows Firewall:
=============


 

Firewall Disabled Policy:
==================


 


System Restore:
============


 

System Restore Disabled Policy:
========================


 


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


 


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking LEGACY_wuauserv: ATTENTION!=====> Unable to open LEGACY_wuauserv\0000 registry key. The key does not exist.


 


Windows Autoupdate Disabled Policy:
============================


 


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys
[2002-12-31 04:00] - [2002-12-31 04:00] - 0361344 ____A (Microsoft Corporation) EAEC6EA32BDABD7622371C10B8D68A17


 

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2011-05-07 22:58] - [2002-12-31 04:00] - 0022744 ____A (Microsoft Corporation) 02E4055488047729B333F99D93877038


 

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2002-12-31 04:00] - [2002-12-31 04:00] - 0108544 ____A (Microsoft Corporation) 0E776ED5F7CC9F94299E70461B7B8185


 


Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.


 

**** End of log ****

 

 

 

 

  • AdwCleaner log

# AdwCleaner v2.112 - Logfile created 02/15/2013 at 20:43:41
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - YONALY-BCAEF976
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\585GLIM8\AdwCleaner[1].exe
# Option [Delete]


 


***** [Services] *****


 


***** [Files / Folders] *****


 

Deleted on reboot : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lfhhcpdkkfaconddfjbielfdiloadbpg
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal


 

***** [Registry] *****


 

Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Google\Chrome\Extensions\lfhhcpdkkfaconddfjbielfdiloadbpg
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lfhhcpdkkfaconddfjbielfdiloadbpg
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966


 

***** [Internet Browsers] *****


 

-\\ Internet Explorer v8.0.6001.18702


 

[OK] Registry is clean.


 

-\\ Mozilla Firefox v18.0.2 (en-US)


 

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\rbrec2br.default\prefs.js


 

Deleted : user_pref("CT3225824_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "BitTorrentControl_v10 Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225824[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3225824");
Deleted : user_pref("browser.search.selectedEngine", "BitTorrentControl_v10 Customized Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=13");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225824&SearchSource=2&CU[...]


 

-\\ Google Chrome v24.0.1312.57


 

File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences


 

Deleted [l.9] : homepage = "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48",
Deleted [l.13] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48"[...]
Deleted [l.58] : icon_url = "hxxp://search.conduit.com/fav.ico",
Deleted [l.61] : keyword = "search.conduit.com",
Deleted [l.64] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3[...]
Deleted [l.4708] : homepage = "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48",
Deleted [l.5419] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48" ]


 

*************************


 

AdwCleaner[S1].txt - [3417 octets] - [15/02/2013 20:43:41]


 

########## EOF - C:\AdwCleaner[S1].txt - [3477 octets] ##########

 

 

 

 

 

 

  • Junkware Removal Tool log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.3 (02.12.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on Fri 02/15/2013 at 20:48:39.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


 

 


 


~~~ Services


 

 


 

~~~ Registry Values


 

 


 

~~~ Registry Keys


 

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}


 

 


 

~~~ Files


 

 


 

~~~ Folders


 

 


 

 


 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 02/15/2013 at 20:52:31.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

  •  Rkill log

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html


 

Program started at: 02/15/2013 08:55:39 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3


 

Checking for Windows services to stop:


 

 * No malware services found to stop.


 

Checking for processes to terminate:


 

 * No malware processes found to kill.


 

Checking Registry for malware related settings:


 

 * No issues found in the Registry.


 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
  * HKCU\SOFTWARE\Classes\.exe has been deleted!


 

Performing miscellaneous checks:


 

 * No issues found.


 

Checking Windows Service Integrity:


 

 * wscsvc [Missing Service]
 * wuauserv [Missing Service]


 

 * atapi [Missing ImagePath]


 

Searching for Missing Digital Signatures:


 

 * C:\WINDOWS\System32\Drivers\tcpip.sys [NoSig]


 

 * C:\WINDOWS\System32\UxTheme.dll [NoSig]


 

Checking HOSTS File:


 

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.


 

 * HOSTS file entries found:


 

  127.0.0.1 www.007guard.com
  127.0.0.1 007guard.com
  127.0.0.1 008i.com
  127.0.0.1 www.008k.com
  127.0.0.1 008k.com
  127.0.0.1 www.00hq.com
  127.0.0.1 00hq.com
  127.0.0.1 010402.com
  127.0.0.1 www.032439.com
  127.0.0.1 032439.com
  127.0.0.1 www.0scan.com
  127.0.0.1 0scan.com
  127.0.0.1 1000gratisproben.com
  127.0.0.1 www.1000gratisproben.com
  127.0.0.1 1001namen.com
  127.0.0.1 www.1001namen.com
  127.0.0.1 100888290cs.com
  127.0.0.1 www.100888290cs.com
  127.0.0.1 www.100sexlinks.com
  127.0.0.1 100sexlinks.com


 

  20 out of 15148 HOSTS entries shown.
  Please review HOSTS file for further entries.


 

Program finished at: 02/15/2013 08:56:16 PM
Execution time: 0 hours(s), 0 minute(s), and 37 seconds(s)

 

 

 

 

 

  • Autoruns log

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "BambooCore" "BambooDock back-end application" "" "c:\program files\bamboo dock\bamboocore.exe"
+ "BisonMnt" "" "" "c:\windows\bisonc07\bisonm07.exe"
+ "EnergyUtility" "Lenovo Power Management" "Lenovo(Beijing)Limited" "c:\program files\lenovo\energy management\utility.exe"
+ "Hercules DJ Series" "DJ Series Control Panel" "Hercules®" "c:\program files\hercules\audio\dj console series\hdjseriescpl.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "ISTray" "" "" "File not found: C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SmartAudio" "SmartAudio" "Conexant Systems, Inc." "c:\program files\conexant\smartaudio\smaudio.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files\real\realplayer\update\realsched.exe"
+ "UnlockerAssistant" "" "" "File not found: C:\Program Files\Unlocker\UnlockerAssistant.exe"
"C:\Documents and Settings\Administrator\Start Menu\Programs\Startup" "" "" ""
+ "OpenOffice.org 3.3.lnk" "" "" "c:\program files\openoffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "BitTorrent" "BitTorrent" "BitTorrent, Inc." "c:\program files\bittorrent\bittorrent.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\documents and settings\administrator\local settings\application data\google\update\googleupdate.exe"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "hkshlex" "hkshlex Module" "Big-O Software" "c:\program files\hksfv\hkshlex.dll"
+ "OnlineProtectMenu" "" "" "File not found: C:\Documents and Settings\Administrator\Local Settings\Application Data\Strongvault Online Backup\CtxMenu.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "HashTab" "HashTab File Hash Shell Extension" "Beeblebrox.org" "c:\windows\system32\shellext\hashtab.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\1234567890\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "hkshlex" "hkshlex Module" "Big-O Software" "c:\program files\hksfv\hkshlex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "FileExtToggleExtension" "FileExtToggle Module" "" "c:\windows\system32\shellext\fileexttoggle.dll"
+ "HiddenFilesToggleExtension" "HiddenFilesToggle Module" "" "c:\windows\system32\shellext\hiddenfilestoggle.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\1234567890\mbamext.dll"
+ "OnlineProtectMenu" "" "" "File not found: C:\Documents and Settings\Administrator\Local Settings\Application Data\Strongvault Online Backup\CtxMenu.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "At1.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At10.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At11.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At12.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At13.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At14.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At15.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At16.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At17.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At18.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At19.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At2.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At20.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At21.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At22.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At23.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At24.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At25.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At26.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At27.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At28.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At29.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At3.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At30.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At31.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At32.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At33.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At34.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At35.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At36.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At37.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At38.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At39.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At4.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At40.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At41.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At42.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At43.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At44.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At45.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At46.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At47.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At48.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At5.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At6.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At7.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At8.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At9.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "GoogleUpdateTaskUserS-1-5-21-329068152-1292428093-1801674531-500Core.job" "Google Installer" "Google Inc." "c:\documents and settings\administrator\local settings\application data\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-329068152-1292428093-1801674531-500UA.job" "Google Installer" "Google Inc." "c:\documents and settings\administrator\local settings\application data\google\update\googleupdate.exe"
+ "RealUpgradeLogonTaskS-1-5-21-329068152-1292428093-1801674531-500.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "RealUpgradeScheduledTaskS-1-5-21-329068152-1292428093-1801674531-500.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeActiveFileMonitor8.0" "Tracks files that are managed by Elements Organizer" "Adobe Systems Incorporated" "c:\program files\adobe\elements organizer 8.0\photoshopelementsfileagent.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "gusvc" "gusvc" "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Oracle Corporation" "c:\program files\java\jre7\bin\jqs.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "TabletServicePen" "Tablet Service for consumer driver" "Wacom Technology, Corp." "c:\program files\tablet\pen\pen_tablet.exe"
+ "TouchServicePen" "Touch Service" "Wacom Technology, Corp." "c:\program files\tablet\pen\pen_touchservice.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ACPIVPC" "ACPI Virtual Power Controller Driver" "Lenovo Corporation" "c:\windows\system32\drivers\acpivpc.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "Aspi32" "ASPI for WIN32 Kernel Driver" "Adaptec" "c:\windows\system32\drivers\aspi32.sys"
+ "b57w2k" "Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57xp32.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl5.sys"
+ "Bulk" "DJ Series Bulk driver" "© Guillemot R&D, 2009. All rights reserved." "c:\windows\system32\drivers\hdjbulk.sys"
+ "Cam5607" "Universal Serial Bus Camera Driver" "Bison Electronics. Inc. " "c:\windows\system32\drivers\bisonc07.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "CnxtHdAudService" "High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdau32.sys"
+ "Ext2Fsd" "Ext2 File System Driver for Windows" "www.ext2fsd.com" "c:\windows\system32\drivers\ext2fsd.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HDJMidi" "DJ Series MIDI kernel driver" "© Guillemot R&D, 2009. All rights reserved." "c:\windows\system32\drivers\hdjmidi.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "ialm" "Intel Graphics Miniport Driver" "Intel Corporation" "c:\windows\system32\drivers\igxpmp32.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iastor86" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor86.sys"
+ "ks2avs" "" "" "File not found: System32\Drivers\ks2avs.sys"
+ "ks2usb_svc" "" "" "File not found: System32\Drivers\ks2usb.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "wacmoumonitor" "Wacom HID Mouse Monitor Filter Driver" "Wacom Technology" "c:\windows\system32\drivers\wacmoumonitor.sys"
+ "wacommousefilter" "Wacom Mouse Filter Driver" "Wacom Technology" "c:\windows\system32\drivers\wacommousefilter.sys"
+ "wacomvhid" "Virtual Hid Device" "Wacom Technology" "c:\windows\system32\drivers\wacomvhid.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "msacm.vorbis" "Ogg Vorbis CODEC for MSACM" "HMS http://hp.vector.co.jp/authors/VA012897/" "c:\windows\system32\vorbis.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "IL FL Studio DXi" "" "Image-Line" "c:\program files\image-line\fl studio 10\system\plugin\dxi\fl studio dxi.dll"
+ "IL FL Studio DXi" "" "Image-Line" "c:\program files\image-line\fl studio 10\system\plugin\dxi\fl studio dxi.dll"
+ "IL Multi FL Studio DXi" "" "Image-Line" "c:\program files\image-line\fl studio 10\system\plugin\dxi\fl studio dxi (multi).dll"
+ "IL Multi FL Studio DXi" "" "Image-Line" "c:\program files\image-line\fl studio 10\system\plugin\dxi\fl studio dxi (multi).dll"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "MainConcept (Adobe2) AAC Decoder" "AAC audio decoder filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2daac.ax"
+ "MainConcept (Adobe2) AAC Encoder" "AAC audio encoder filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2eaac.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Decoder" "AVC/H.264 Video Decoder" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2avcvd.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
+ "MainConcept (Adobe2) Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Track1Filter" "Adobe Photoshop Elements 8.0 (component)" "Adobe Systems Incorporated" "c:\program files\adobe\elements organizer 8.0\track1filter.dll"
+ "Track2Filter" "Adobe Photoshop Elements 8.0 (component)" "Adobe Systems Incorporated" "c:\program files\adobe\elements organizer 8.0\track2filter.dll"
+ "Video Memory Render Filter" "" "" "c:\program files\image-line\fl studio 10\plugins\fruity\effects\zgameeditor visualizer\videomemoryrenderfilter.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "NecUsb3Sevice" "" "" "File not found: USB3Nw32.dll"
+ "USB3Nw32" "" "" "File not found: USB3Nw32.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\WINDOWS\system32\ADVENT~1.SCR" "ScreenTime Screensaver Engine" "ScreenTime Media" "c:\windows\system32\adventuretime_ss_win.scr"
 



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:46 AM

Posted 16 February 2013 - 07:55 AM

Other logs?



#7 mtfalcon31

mtfalcon31
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 16 February 2013 - 01:13 PM

Malwarebytes Log


 


Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org


 

Database version: v2013.02.16.01


 

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: YONALY-BCAEF976 [administrator]


 

2/15/2013 8:25:31 PM
mbam-log-2013-02-15 (20-25-31).txt


 

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 202090
Time elapsed: 4 minute(s), 33 second(s)


 

Memory Processes Detected: 0
(No malicious items detected)


 

Memory Modules Detected: 0
(No malicious items detected)


 

Registry Keys Detected: 0
(No malicious items detected)


 

Registry Values Detected: 0
(No malicious items detected)


 

Registry Data Items Detected: 0
(No malicious items detected)


 

Folders Detected: 0
(No malicious items detected)


 

Files Detected: 0
(No malicious items detected)


 

(end)


 

 


 


MiniToolBox Log


 


MiniToolBox by Farbar  Version:10-01-2013
Ran by Administrator (administrator) on 15-02-2013 at 20:35:37
Running from "C:\Documents and Settings\Administrator\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************


 

========================= Flush DNS: ===================================


 


Windows IP Configuration


 

 


 

Successfully flushed the DNS Resolver Cache.


 


========================= IE Proxy Settings: ==============================


 

Proxy is not enabled.
No Proxy Server is set.


 

"Reset IE Proxy Settings": IE Proxy Settings were reset.


 

========================= FF Proxy Settings: ==============================


 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.


 

========================= Hosts content: =================================


 

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com


 

There are 15128 more lines starting with "127.0.0.1"


 

========================= IP Configuration: ================================


 

Broadcom 802.11g Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Fast Ethernet = Local Area Connection 2 (Media disconnected)


 


# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip


 


# Interface IP Configuration for "Local Area Connection 2"


 

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


 

# Interface IP Configuration for "Wireless Network Connection"


 

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


 


popd
# End of interface IP configuration


 

 


 


Windows IP Configuration


 

 


 

        Host Name . . . . . . . . . . . . : yonaly-bcaef976


 

        Primary Dns Suffix  . . . . . . . :


 

        Node Type . . . . . . . . . . . . : Hybrid


 

        IP Routing Enabled. . . . . . . . : No


 

        WINS Proxy Enabled. . . . . . . . : No


 

 


 

Ethernet adapter Local Area Connection 2:


 

 


 

        Media State . . . . . . . . . . . : Media disconnected


 

        Description . . . . . . . . . . . : Broadcom NetLink ™ Fast Ethernet


 

        Physical Address. . . . . . . . . : 70-5A-B6-63-56-F6


 

 


 

Ethernet adapter Wireless Network Connection:


 

 


 

        Connection-specific DNS Suffix  . :


 

        Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter


 

        Physical Address. . . . . . . . . : 00-26-82-66-C9-DC


 

        Dhcp Enabled. . . . . . . . . . . : Yes


 

        Autoconfiguration Enabled . . . . : Yes


 

        IP Address. . . . . . . . . . . . : 192.168.1.100


 

        Subnet Mask . . . . . . . . . . . : 255.255.255.0


 

        Default Gateway . . . . . . . . . : 192.168.1.1


 

        DHCP Server . . . . . . . . . . . : 192.168.1.1


 

        DNS Servers . . . . . . . . . . . : 192.168.1.1


 

        Lease Obtained. . . . . . . . . . : Friday, February 15, 2013 3:29:14 PM


 

        Lease Expires . . . . . . . . . . : Friday, February 22, 2013 3:29:14 PM


 

Server:  ar670w
Address:  192.168.1.1


 

Name:    google.com
Addresses:  74.125.227.39, 74.125.227.40, 74.125.227.41, 74.125.227.46
   74.125.227.32, 74.125.227.33, 74.125.227.34, 74.125.227.35, 74.125.227.36
   74.125.227.37, 74.125.227.38


 

 


 

Pinging google.com [173.194.46.8] with 32 bytes of data:


 

 


 

Reply from 173.194.46.8: bytes=32 time=67ms TTL=50


 

Reply from 173.194.46.8: bytes=32 time=77ms TTL=50


 

 


 

Ping statistics for 173.194.46.8:


 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),


 

Approximate round trip times in milli-seconds:


 

    Minimum = 67ms, Maximum = 77ms, Average = 72ms


 

Server:  ar670w
Address:  192.168.1.1


 

Name:    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24


 

 


 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:


 

 


 

Reply from 98.139.183.24: bytes=32 time=338ms TTL=46


 

Reply from 98.139.183.24: bytes=32 time=232ms TTL=46


 

 


 

Ping statistics for 98.139.183.24:


 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),


 

Approximate round trip times in milli-seconds:


 

    Minimum = 232ms, Maximum = 338ms, Average = 285ms


 

 


 

Pinging 127.0.0.1 with 32 bytes of data:


 

 


 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128


 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128


 

 


 

Ping statistics for 127.0.0.1:


 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),


 

Approximate round trip times in milli-seconds:


 

    Minimum = 0ms, Maximum = 0ms, Average = 0ms


 

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...70 5a b6 63 56 f6 ...... Broadcom NetLink ™ Fast Ethernet - Packet Scheduler Miniport
0x3 ...00 26 82 66 c9 dc ...... Broadcom 802.11g Network Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.100   25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      192.168.1.0    255.255.255.0    192.168.1.100   192.168.1.100   25
    192.168.1.100  255.255.255.255        127.0.0.1       127.0.0.1   25
    192.168.1.255  255.255.255.255    192.168.1.100   192.168.1.100   25
        224.0.0.0        240.0.0.0    192.168.1.100   192.168.1.100   25
  255.255.255.255  255.255.255.255    192.168.1.100   192.168.1.100   1
  255.255.255.255  255.255.255.255    192.168.1.100               2   1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================


 

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"


 

Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"


 

Catalog9 01 mswsock.dll [File not found] ()
Catalog9 02 mswsock.dll [File not found] ()
Catalog9 03 mswsock.dll [File not found] ()
Catalog9 04 mswsock.dll [File not found] ()
Catalog9 05 mswsock.dll [File not found] ()
Catalog9 06 mswsock.dll [File not found] ()
Catalog9 07 mswsock.dll [File not found] ()
Catalog9 08 mswsock.dll [File not found] ()
Catalog9 09 mswsock.dll [File not found] ()
Catalog9 10 mswsock.dll [File not found] ()
Catalog9 11 mswsock.dll [File not found] ()
Catalog9 12 mswsock.dll [File not found] ()
Catalog9 13 mswsock.dll [File not found] ()
Catalog9 14 mswsock.dll [File not found] ()
Catalog9 15 mswsock.dll [File not found] ()


 

========================= Event log errors: ===============================


 

Application errors:
==================
Error: (02/15/2013 03:35:30 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 03:34:58 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 02:46:49 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 02:02:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.


 

Error: (02/15/2013 01:27:31 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 01:27:06 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 01:21:05 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 01:19:42 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 01:17:04 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 

Error: (02/15/2013 01:14:07 PM) (Source: MsiInstaller) (User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.


 


System errors:
=============
Error: (02/15/2013 08:33:00 PM) (Source: Schedule) (User: )
Description: The At42.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 08:33:00 PM) (Source: Schedule) (User: )
Description: The At41.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 07:33:00 PM) (Source: Schedule) (User: )
Description: The At40.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 07:33:00 PM) (Source: Schedule) (User: )
Description: The At39.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 06:58:33 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0


 

Error: (02/15/2013 06:33:00 PM) (Source: Schedule) (User: )
Description: The At38.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 06:33:00 PM) (Source: Schedule) (User: )
Description: The At37.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 05:33:00 PM) (Source: Schedule) (User: )
Description: The At36.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 05:33:00 PM) (Source: Schedule) (User: )
Description: The At35.job command failed to start due to the following error:
%%2147942402


 

Error: (02/15/2013 04:33:00 PM) (Source: Schedule) (User: )
Description: The At34.job command failed to start due to the following error:
%%2147942402


 


Microsoft Office Sessions:
=========================
Error: (02/15/2013 03:35:30 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 03:34:58 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 02:46:49 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 02:02:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.


 

Error: (02/15/2013 01:27:31 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 01:27:06 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 01:21:05 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 01:19:42 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 01:17:04 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 

Error: (02/15/2013 01:14:07 PM) (Source: MsiInstaller)(User: YONALY-BCAEF976)
Description: Product: Strongvault Online Backup -- Error 1706.No valid source could be found for product Strongvault Online Backup.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)


 


=========================== Installed Programs ============================


 

3DMiracle & 3DMonster toolkit (remove only)
Adobe AIR (Version: 3.0.0.4080)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
AdventureTime_SS_win Screen Saver
ALPS Touch Pad Driver
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
ASIO4ALL (Version: 2.10)
Audacity 1.3.13 (Unicode)
Bamboo (Version: 5.2.4-6)
Bamboo Dock (Version: 4.0.0)
Bamboo Dock 3.3 (Version: 3.3)
BitTorrent (Version: 7.7.0.27987)
Broadcom Gigabit Integrated Controller (Version: 11.44.04)
Broadcom WLAN (Version: 5.10.38.14 Round2)
CCleaner (Version: 3.14)
Color Efex Pro 3.0 Wacom Edition 3 (Version: 3.0.0.1)
Conexant HD Audio (Version: 3.83.0.0)
Energy Management (Version: 3.0.3.0)
ESET Online Scanner v3
Ext2Fsd 0.50 (Version: 0.50)
FL Studio 10
FL Studio v7.0
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 24.0.1312.57)
HashTab (Version: 3.0.0)
Hercules DJ Products Series drivers (Version: 4.HDJS.2009)
hkSFV (Version: 2.0.1.84)
IL Download Manager
IL Shared Libraries
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.5.2.11)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 26 (Version: 6.0.260)
LAME v3.99.3 (for Windows)
Lenovo Driver Download Manager (Version: 2.0.0.193)
Lenovo EasyCamera (Version: 6.32.2018.03)
Livebrush Mini (Version: 1.5)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
MixMeister BPM Analyzer 1.0
Mixxx 1.10.0 (Version: 1.10.0)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
NVIDIA Drivers (Version: 1.3)
OpenOffice.org 3.3 (Version: 3.3.9567)
Picasa 3 (Version: 3.8)
Python 2.7.2 (Version: 2.7.2150)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
RealUpgrade 1.1 (Version: 1.1.0)
REAPER
SoulSeek 157 NS 13e
Strongvault Online Backup (Version: 5.0.2.34)
Tux Paint 0.9.21c
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Virtual DJ - Atomix Productions
Virtual Volumes (Version: 0.5)
VLC media player 1.1.9 (Version: 1.1.9)
WebFldrs XP (Version: 9.50.7523)
WebTablet IE Plugin (Version: 1.1.0.7)
WebTablet Netscape Plugin (Version: 1.1.0.5)
Whorld (Version: 1.7.06.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)


 

========================= Devices: ================================


 

Name: ACPI Multiprocessor PC
Description: ACPI Multiprocessor PC
Class Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL


 

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPI


 

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: PCI bus
Description: PCI bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci


 

Name: Mobile Intel® 4 Series Chipset Processor to DRAM Controller - 2A40
Description: Mobile Intel® 4 Series Chipset Processor to DRAM Controller - 2A40
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:


 

Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: ialm


 

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:


 

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:


 

Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: ialm


 

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2937
Description: Intel® ICH9 Family USB Universal Host Controller - 2937
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2938
Description: Intel® ICH9 Family USB Universal Host Controller - 2938
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2939
Description: Intel® ICH9 Family USB Universal Host Controller - 2939
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbehci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Microsoft UAA Bus Driver for High Definition Audio
Description: Microsoft UAA Bus Driver for High Definition Audio
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: HDAudBus


 

Name: Conexant CX20561 SmartAudio HD
Description: Conexant CX20561 SmartAudio HD
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Conexant
Service: CnxtHdAudService


 

Name: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Description: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Description: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Intel® ICH9 Family PCI Express Root Port 3 - 2944
Description: Intel® ICH9 Family PCI Express Root Port 3 - 2944
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Broadcom 802.11g Network Adapter
Description: Broadcom 802.11g Network Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: BCM43XX


 

Name: Intel® ICH9 Family PCI Express Root Port 4 - 2946
Description: Intel® ICH9 Family PCI Express Root Port 4 - 2946
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Intel® ICH9 Family PCI Express Root Port 6 - 294A
Description: Intel® ICH9 Family PCI Express Root Port 6 - 294A
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Broadcom NetLink ™ Fast Ethernet
Description: Broadcom NetLink ™ Fast Ethernet
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: b57w2k


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2934
Description: Intel® ICH9 Family USB Universal Host Controller - 2934
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2935
Description: Intel® ICH9 Family USB Universal Host Controller - 2935
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2936
Description: Intel® ICH9 Family USB Universal Host Controller - 2936
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbehci


 

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub


 

Name: Lenovo EasyCamera
Description: Lenovo EasyCamera
Class Guid: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Manufacturer: Bison
Service: Cam5607


 

Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Intel® ICH9M LPC Interface Controller - 2919
Description: Intel® ICH9M LPC Interface Controller - 2919
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: isapnp


 

Name: ISAPNP Read Data Port
Description: ISAPNP Read Data Port
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPIEC


 

Name: Lenovo ACPI-Compliant Virtual Power Controller
Description: Lenovo ACPI-Compliant Virtual Power Controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Lenovo
Service: ACPIVPC


 

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:


 

Name: High precision event timer
Description: High precision event timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: System timer
Description: System timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt


 

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt


 

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt


 

Name: Alps Pointing-device
Description: Alps Pointing-device
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Alps Electric
Service: i8042prt


 

Name: Intel® ICH9M-E/M SATA AHCI Controller
Description: Intel® ICH9M-E/M SATA AHCI Controller
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: iaStor


 

Name: WDC WD2500BEVT-24A23T0
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk


 

Name: TSSTcorp CDDVDW TS-L633B
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom


 

Name: Intel® ICH9 Family SMBus Controller - 2930
Description: Intel® ICH9 Family SMBus Controller - 2930
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:


 

Name: Intel® ICH9 Family Thermal Subsystem - 2932
Description: Intel® ICH9 Family Thermal Subsystem - 2932
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:


 

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Pentium® Dual-Core CPU       T4400  @ 2.20GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm


 

Name: Pentium® Dual-Core CPU       T4400  @ 2.20GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm


 

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:


 

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Compbatt


 

Name: Logical Disk Manager
Description: Logical Disk Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: dmio


 

Name: Volume Manager
Description: Volume Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: ftdisk


 

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:


 

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:


 

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:


 

Name: Wacom Virtual Hid Driver
Description: Wacom Virtual Hid Driver
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: Wacom
Service: wacomvhid


 

Name: Wacom HID Pen
Description: HID-compliant device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service:


 

Name: Wacom HID Digitizer
Description: HID-compliant device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service:


 

Name: Wacom Mouse
Description: Wacom Mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Wacom Technology
Service: mouhid


 

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service:


 

Name: AFD
Description: AFD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD


 

Name: Aspi32
Description: Aspi32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Aspi32


 

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep


 

Name: dmboot
Description: dmboot
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmboot


 

Name: dmload
Description: dmload
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmload


 

Name: Linux ext2 file system driver
Description: Linux ext2 file system driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ext2Fsd


 

Name: Fips
Description: Fips
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Fips


 

Name: Generic Packet Classifier
Description: Generic Packet Classifier
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Gpc


 

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP


 

Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpNat


 

Name: IPSEC driver
Description: IPSEC driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IPSec


 

Name: ksecdd
Description: ksecdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ksecdd


 

Name: mnmdd
Description: mnmdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mnmdd


 

Name: mountmgr
Description: mountmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr


 

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS


 

Name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NdisTapi


 

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio


 

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy


 

Name: NetBios over Tcpip
Description: NetBios over Tcpip
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT


 

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null


 

Name: ParVdm
Description: ParVdm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ParVdm


 

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd


 

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD


 

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip


 

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave


 

Name: VolSnap
Description: VolSnap
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VolSnap


 

Name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarp


 

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000


 

Name: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Description: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WS2IFSL


 

Name: Windows Driver Foundation - User-mode Driver Framework Platform Driver
Description: Windows Driver Foundation - User-mode Driver Framework Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf


 

Name: Audio Codecs
Description: Audio Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub


 

Name: Legacy Audio Drivers
Description: Legacy Audio Drivers
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub


 

Name: Media Control Devices
Description: Media Control Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub


 

Name: Legacy Video Capture Devices
Description: Legacy Video Capture Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub


 

Name: Video Codecs
Description: Video Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub


 

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Rasl2tp


 

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NdisWan


 

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: RasPppoe


 

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PptpMiniport


 

Name: WAN Miniport (IP) - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched


 

Name: Broadcom 802.11g Network Adapter - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched


 

Name: Broadcom NetLink ™ Fast Ethernet - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched


 

Name: Direct Parallel
Description: Direct Parallel
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Raspti


 

Name: Terminal Server Device Redirector
Description: Terminal Server Device Redirector
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: rdpdr


 

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD


 

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD


 

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: swenum


 

Name: Microsoft WINMM WDM Audio Compatibility Driver
Description: Microsoft WINMM WDM Audio Compatibility Driver
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: wdmaud


 

Name: Microsoft Kernel System Audio Device
Description: Microsoft Kernel System Audio Device
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: sysaudio


 

Name: Microsoft Kernel Wave Audio Mixer
Description: Microsoft Kernel Wave Audio Mixer
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: kmixer


 

Name: Microcode Update Device
Description: Microcode Update Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: update


 

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: mssmbios


 

Name: aswMBR
Description: aswMBR
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswMBR


 


========================= Memory info: ===================================


 

Percentage of memory in use: 26%
Total physical RAM: 3004.53 MB
Available physical RAM: 2196.94 MB
Total Pagefile: 4889.14 MB
Available Pagefile: 4377.88 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.01 MB


 

========================= Partitions: =====================================


 

1 Drive c: () (Fixed) (Total:112.59 GB) (Free:65.08 GB) NTFS
3 Drive f: () (Fixed) (Total:110.81 GB) (Free:65.61 GB) EXT3


 

========================= Users: ========================================


 

User accounts for \\


 

Administrator            ASPNET                   Guest                   
HelpAssistant            SUPPORT_388945a0        


 


**** End of log ****


 

 


 

 


 

 


 

Farbar's Service Scanner Log


 

 


 

Farbar Service Scanner Version: 15-02-2013
Ran by Administrator (administrator) on 15-02-2013 at 20:40:27
Running from "C:\Documents and Settings\Administrator\Desktop\COMP CLEAN UP STUFF\step 2"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************


 

Internet Services:
============


 

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


 


Windows Firewall:
=============


 

Firewall Disabled Policy:
==================


 


System Restore:
============


 

System Restore Disabled Policy:
========================


 


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


 


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking LEGACY_wuauserv: ATTENTION!=====> Unable to open LEGACY_wuauserv\0000 registry key. The key does not exist.


 


Windows Autoupdate Disabled Policy:
============================


 


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys
[2002-12-31 04:00] - [2002-12-31 04:00] - 0361344 ____A (Microsoft Corporation) EAEC6EA32BDABD7622371C10B8D68A17


 

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2011-05-07 22:58] - [2002-12-31 04:00] - 0022744 ____A (Microsoft Corporation) 02E4055488047729B333F99D93877038


 

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2002-12-31 04:00] - [2002-12-31 04:00] - 0108544 ____A (Microsoft Corporation) 0E776ED5F7CC9F94299E70461B7B8185


 


Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.


 

**** End of log ****


 

 


 

 


 


AdWareCleaner Log


 


# AdwCleaner v2.112 - Logfile created 02/15/2013 at 20:43:41
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - YONALY-BCAEF976
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\585GLIM8\AdwCleaner[1].exe
# Option [Delete]


 


***** [Services] *****


 


***** [Files / Folders] *****


 

Deleted on reboot : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lfhhcpdkkfaconddfjbielfdiloadbpg
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal


 

***** [Registry] *****


 

Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Google\Chrome\Extensions\lfhhcpdkkfaconddfjbielfdiloadbpg
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lfhhcpdkkfaconddfjbielfdiloadbpg
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966


 

***** [Internet Browsers] *****


 

-\\ Internet Explorer v8.0.6001.18702


 

[OK] Registry is clean.


 

-\\ Mozilla Firefox v18.0.2 (en-US)


 

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\rbrec2br.default\prefs.js


 

Deleted : user_pref("CT3225824_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "BitTorrentControl_v10 Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225824[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3225824");
Deleted : user_pref("browser.search.selectedEngine", "BitTorrentControl_v10 Customized Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=13");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225824&SearchSource=2&CU[...]


 

-\\ Google Chrome v24.0.1312.57


 

File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences


 

Deleted [l.9] : homepage = "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48",
Deleted [l.13] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48"[...]
Deleted [l.58] : icon_url = "hxxp://search.conduit.com/fav.ico",
Deleted [l.61] : keyword = "search.conduit.com",
Deleted [l.64] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3[...]
Deleted [l.4708] : homepage = "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48",
Deleted [l.5419] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48" ]


 

*************************


 

AdwCleaner[S1].txt - [3417 octets] - [15/02/2013 20:43:41]


 

########## EOF - C:\AdwCleaner[S1].txt - [3477 octets] ##########


 

 


 

 


 


Junkware Removal Tool Log


 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.3 (02.12.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on Fri 02/15/2013 at 20:48:39.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


 

 


 


~~~ Services


 

 


 

~~~ Registry Values


 

 


 

~~~ Registry Keys


 

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}


 

 


 

~~~ Files


 

 


 

~~~ Folders


 

 


 

 


 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 02/15/2013 at 20:52:31.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


 

 


 

 


 

 


 

RKill Log


 


Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html


 

Program started at: 02/15/2013 08:55:39 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3


 

Checking for Windows services to stop:


 

 * No malware services found to stop.


 

Checking for processes to terminate:


 

 * No malware processes found to kill.


 

Checking Registry for malware related settings:


 

 * No issues found in the Registry.


 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
  * HKCU\SOFTWARE\Classes\.exe has been deleted!


 

Performing miscellaneous checks:


 

 * No issues found.


 

Checking Windows Service Integrity:


 

 * wscsvc [Missing Service]
 * wuauserv [Missing Service]


 

 * atapi [Missing ImagePath]


 

Searching for Missing Digital Signatures:


 

 * C:\WINDOWS\System32\Drivers\tcpip.sys [NoSig]


 

 * C:\WINDOWS\System32\UxTheme.dll [NoSig]


 

Checking HOSTS File:


 

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.


 

 * HOSTS file entries found:


 

  127.0.0.1 www.007guard.com
  127.0.0.1 007guard.com
  127.0.0.1 008i.com
  127.0.0.1 www.008k.com
  127.0.0.1 008k.com
  127.0.0.1 www.00hq.com
  127.0.0.1 00hq.com
  127.0.0.1 010402.com
  127.0.0.1 www.032439.com
  127.0.0.1 032439.com
  127.0.0.1 www.0scan.com
  127.0.0.1 0scan.com
  127.0.0.1 1000gratisproben.com
  127.0.0.1 www.1000gratisproben.com
  127.0.0.1 1001namen.com
  127.0.0.1 www.1001namen.com
  127.0.0.1 100888290cs.com
  127.0.0.1 www.100888290cs.com
  127.0.0.1 www.100sexlinks.com
  127.0.0.1 100sexlinks.com


 

  20 out of 15148 HOSTS entries shown.
  Please review HOSTS file for further entries.


 

Program finished at: 02/15/2013 08:56:16 PM
Execution time: 0 hours(s), 0 minute(s), and 37 seconds(s)


 

 


 

 


 

 


 

Autoruns Log


 

 


 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "BambooCore" "BambooDock back-end application" "" "c:\program files\bamboo dock\bamboocore.exe"
+ "BisonMnt" "" "" "c:\windows\bisonc07\bisonm07.exe"
+ "EnergyUtility" "Lenovo Power Management" "Lenovo(Beijing)Limited" "c:\program files\lenovo\energy management\utility.exe"
+ "Hercules DJ Series" "DJ Series Control Panel" "Hercules®" "c:\program files\hercules\audio\dj console series\hdjseriescpl.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "ISTray" "" "" "File not found: C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SmartAudio" "SmartAudio" "Conexant Systems, Inc." "c:\program files\conexant\smartaudio\smaudio.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files\real\realplayer\update\realsched.exe"
+ "UnlockerAssistant" "" "" "File not found: C:\Program Files\Unlocker\UnlockerAssistant.exe"
"C:\Documents and Settings\Administrator\Start Menu\Programs\Startup" "" "" ""
+ "OpenOffice.org 3.3.lnk" "" "" "c:\program files\openoffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "BitTorrent" "BitTorrent" "BitTorrent, Inc." "c:\program files\bittorrent\bittorrent.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\documents and settings\administrator\local settings\application data\google\update\googleupdate.exe"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "hkshlex" "hkshlex Module" "Big-O Software" "c:\program files\hksfv\hkshlex.dll"
+ "OnlineProtectMenu" "" "" "File not found: C:\Documents and Settings\Administrator\Local Settings\Application Data\Strongvault Online Backup\CtxMenu.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "HashTab" "HashTab File Hash Shell Extension" "Beeblebrox.org" "c:\windows\system32\shellext\hashtab.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\1234567890\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "hkshlex" "hkshlex Module" "Big-O Software" "c:\program files\hksfv\hkshlex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "FileExtToggleExtension" "FileExtToggle Module" "" "c:\windows\system32\shellext\fileexttoggle.dll"
+ "HiddenFilesToggleExtension" "HiddenFilesToggle Module" "" "c:\windows\system32\shellext\hiddenfilestoggle.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\1234567890\mbamext.dll"
+ "OnlineProtectMenu" "" "" "File not found: C:\Documents and Settings\Administrator\Local Settings\Application Data\Strongvault Online Backup\CtxMenu.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "At1.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At10.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At11.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At12.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At13.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At14.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At15.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At16.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At17.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At18.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At19.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At2.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At20.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At21.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At22.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At23.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At24.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At25.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At26.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At27.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At28.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At29.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At3.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At30.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At31.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At32.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At33.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At34.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At35.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At36.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At37.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At38.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At39.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At4.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At40.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At41.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At42.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At43.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At44.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At45.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At46.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At47.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At48.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At5.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At6.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At7.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "At8.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com_"
+ "At9.job" "" "" "File not found: C:\WINDOWS\system32\6KWs7xKv.com"
+ "GoogleUpdateTaskUserS-1-5-21-329068152-1292428093-1801674531-500Core.job" "Google Installer" "Google Inc." "c:\documents and settings\administrator\local settings\application data\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-329068152-1292428093-1801674531-500UA.job" "Google Installer" "Google Inc." "c:\documents and settings\administrator\local settings\application data\google\update\googleupdate.exe"
+ "RealUpgradeLogonTaskS-1-5-21-329068152-1292428093-1801674531-500.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "RealUpgradeScheduledTaskS-1-5-21-329068152-1292428093-1801674531-500.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeActiveFileMonitor8.0" "Tracks files that are managed by Elements Organizer" "Adobe Systems Incorporated" "c:\program files\adobe\elements organizer 8.0\photoshopelementsfileagent.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "gusvc" "gusvc" "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Oracle Corporation" "c:\program files\java\jre7\bin\jqs.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "TabletServicePen" "Tablet Service for consumer driver" "Wacom Technology, Corp." "c:\program files\tablet\pen\pen_tablet.exe"
+ "TouchServicePen" "Touch Service" "Wacom Technology, Corp." "c:\program files\tablet\pen\pen_touchservice.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ACPIVPC" "ACPI Virtual Power Controller Driver" "Lenovo Corporation" "c:\windows\system32\drivers\acpivpc.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "Aspi32" "ASPI for WIN32 Kernel Driver" "Adaptec" "c:\windows\system32\drivers\aspi32.sys"
+ "b57w2k" "Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57xp32.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl5.sys"
+ "Bulk" "DJ Series Bulk driver" "© Guillemot R&D, 2009. All rights reserved." "c:\windows\system32\drivers\hdjbulk.sys"
+ "Cam5607" "Universal Serial Bus Camera Driver" "Bison Electronics. Inc. " "c:\windows\system32\drivers\bisonc07.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "CnxtHdAudService" "High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdau32.sys"
+ "Ext2Fsd" "Ext2 File System Driver for Windows" "www.ext2fsd.com" "c:\windows\system32\drivers\ext2fsd.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HDJMidi" "DJ Series MIDI kernel driver" "© Guillemot R&D, 2009. All rights reserved." "c:\windows\system32\drivers\hdjmidi.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "ialm" "Intel Graphics Miniport Driver" "Intel Corporation" "c:\windows\system32\drivers\igxpmp32.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iastor86" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor86.sys"
+ "ks2avs" "" "" "File not found: System32\Drivers\ks2avs.sys"
+ "ks2usb_svc" "" "" "File not found: System32\Drivers\ks2usb.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "wacmoumonitor" "Wacom HID Mouse Monitor Filter Driver" "Wacom Technology" "c:\windows\system32\drivers\wacmoumonitor.sys"
+ "wacommousefilter" "Wacom Mouse Filter Driver" "Wacom Technology" "c:\windows\system32\drivers\wacommousefilter.sys"
+ "wacomvhid" "Virtual Hid Device" "Wacom Technology" "c:\windows\system32\drivers\wacomvhid.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "msacm.vorbis" "Ogg Vorbis CODEC for MSACM" "HMS http://hp.vector.co.jp/authors/VA012897/" "c:\windows\system32\vorbis.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "IL FL Studio DXi" "" "Image-Line" "c:\program files\image-line\fl studio 10\system\plugin\dxi\fl studio dxi.dll"
+ "IL FL Studio DXi" "" "Image-Line" "c:\program files\image-line\fl studio 10\system\plugin\dxi\fl studio dxi.dll"
+ "IL Multi FL Studio DXi" "" "Image-Line" "c:\program files\image-line\fl studio 10\system\plugin\dxi\fl studio dxi (multi).dll"
+ "IL Multi FL Studio DXi" "" "Image-Line" "c:\program files\image-line\fl studio 10\system\plugin\dxi\fl studio dxi (multi).dll"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "MainConcept (Adobe2) AAC Decoder" "AAC audio decoder filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2daac.ax"
+ "MainConcept (Adobe2) AAC Encoder" "AAC audio encoder filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2eaac.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Decoder" "AVC/H.264 Video Decoder" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2avcvd.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
+ "MainConcept (Adobe2) Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Track1Filter" "Adobe Photoshop Elements 8.0 (component)" "Adobe Systems Incorporated" "c:\program files\adobe\elements organizer 8.0\track1filter.dll"
+ "Track2Filter" "Adobe Photoshop Elements 8.0 (component)" "Adobe Systems Incorporated" "c:\program files\adobe\elements organizer 8.0\track2filter.dll"
+ "Video Memory Render Filter" "" "" "c:\program files\image-line\fl studio 10\plugins\fruity\effects\zgameeditor visualizer\videomemoryrenderfilter.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "NecUsb3Sevice" "" "" "File not found: USB3Nw32.dll"
+ "USB3Nw32" "" "" "File not found: USB3Nw32.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\WINDOWS\system32\ADVENT~1.SCR" "ScreenTime Screensaver Engine" "ScreenTime Media" "c:\windows\system32\adventuretime_ss_win.scr"


 

 


 


 



#8 mtfalcon31

mtfalcon31
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 16 February 2013 - 01:19 PM

Farbar's Service Scanner

 

Farbar Service Scanner Version: 15-02-2013
Ran by Administrator (administrator) on 15-02-2013 at 20:40:27
Running from "C:\Documents and Settings\Administrator\Desktop\COMP CLEAN UP STUFF\step 2"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************


 

Internet Services:
============


 

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


 


Windows Firewall:
=============


 

Firewall Disabled Policy:
==================


 


System Restore:
============


 

System Restore Disabled Policy:
========================


 


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


 


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking LEGACY_wuauserv: ATTENTION!=====> Unable to open LEGACY_wuauserv\0000 registry key. The key does not exist.


 


Windows Autoupdate Disabled Policy:
============================


 


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys
[2002-12-31 04:00] - [2002-12-31 04:00] - 0361344 ____A (Microsoft Corporation) EAEC6EA32BDABD7622371C10B8D68A17


 

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2011-05-07 22:58] - [2002-12-31 04:00] - 0022744 ____A (Microsoft Corporation) 02E4055488047729B333F99D93877038


 

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2002-12-31 04:00] - [2002-12-31 04:00] - 0108544 ____A (Microsoft Corporation) 0E776ED5F7CC9F94299E70461B7B8185


 


Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.


 

**** End of log ****



#9 mtfalcon31

mtfalcon31
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 16 February 2013 - 01:21 PM

Adware Cleaner Log

 

# AdwCleaner v2.112 - Logfile created 02/15/2013 at 20:43:41
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - YONALY-BCAEF976
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\585GLIM8\AdwCleaner[1].exe
# Option [Delete]


 


***** [Services] *****


 


***** [Files / Folders] *****


 

Deleted on reboot : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lfhhcpdkkfaconddfjbielfdiloadbpg
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal


 

***** [Registry] *****


 

Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Google\Chrome\Extensions\lfhhcpdkkfaconddfjbielfdiloadbpg
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lfhhcpdkkfaconddfjbielfdiloadbpg
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966


 

***** [Internet Browsers] *****


 

-\\ Internet Explorer v8.0.6001.18702


 

[OK] Registry is clean.


 

-\\ Mozilla Firefox v18.0.2 (en-US)


 

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\rbrec2br.default\prefs.js


 

Deleted : user_pref("CT3225824_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "BitTorrentControl_v10 Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225824[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3225824");
Deleted : user_pref("browser.search.selectedEngine", "BitTorrentControl_v10 Customized Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=13");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225824&SearchSource=2&CU[...]


 

-\\ Google Chrome v24.0.1312.57


 

File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences


 

Deleted [l.9] : homepage = "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48",
Deleted [l.13] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48"[...]
Deleted [l.58] : icon_url = "hxxp://search.conduit.com/fav.ico",
Deleted [l.61] : keyword = "search.conduit.com",
Deleted [l.64] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3[...]
Deleted [l.4708] : homepage = "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48",
Deleted [l.5419] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48" ]


 

*************************


 

AdwCleaner[S1].txt - [3417 octets] - [15/02/2013 20:43:41]


 

########## EOF - C:\AdwCleaner[S1].txt - [3477 octets] ##########



#10 mtfalcon31

mtfalcon31
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 16 February 2013 - 01:24 PM

Junkware Removal Tool

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.3 (02.12.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on Fri 02/15/2013 at 20:48:39.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


 

 


 


~~~ Services


 

 


 

~~~ Registry Values


 

 


 

~~~ Registry Keys


 

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}


 

 


 

~~~ Files


 

 


 

~~~ Folders


 

 


 

 


 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 02/15/2013 at 20:52:31.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Rkill Log

 

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html


 

Program started at: 02/15/2013 08:55:39 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3


 

Checking for Windows services to stop:


 

 * No malware services found to stop.


 

Checking for processes to terminate:


 

 * No malware processes found to kill.


 

Checking Registry for malware related settings:


 

 * No issues found in the Registry.


 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
  * HKCU\SOFTWARE\Classes\.exe has been deleted!


 

Performing miscellaneous checks:


 

 * No issues found.


 

Checking Windows Service Integrity:


 

 * wscsvc [Missing Service]
 * wuauserv [Missing Service]


 

 * atapi [Missing ImagePath]


 

Searching for Missing Digital Signatures:


 

 * C:\WINDOWS\System32\Drivers\tcpip.sys [NoSig]


 

 * C:\WINDOWS\System32\UxTheme.dll [NoSig]


 

Checking HOSTS File:


 

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.


 

 * HOSTS file entries found:


 

  127.0.0.1 www.007guard.com
  127.0.0.1 007guard.com
  127.0.0.1 008i.com
  127.0.0.1 www.008k.com
  127.0.0.1 008k.com
  127.0.0.1 www.00hq.com
  127.0.0.1 00hq.com
  127.0.0.1 010402.com
  127.0.0.1 www.032439.com
  127.0.0.1 032439.com
  127.0.0.1 www.0scan.com
  127.0.0.1 0scan.com
  127.0.0.1 1000gratisproben.com
  127.0.0.1 www.1000gratisproben.com
  127.0.0.1 1001namen.com
  127.0.0.1 www.1001namen.com
  127.0.0.1 100888290cs.com
  127.0.0.1 www.100888290cs.com
  127.0.0.1 www.100sexlinks.com
  127.0.0.1 100sexlinks.com


 

  20 out of 15148 HOSTS entries shown.
  Please review HOSTS file for further entries.


 

Program finished at: 02/15/2013 08:56:16 PM
Execution time: 0 hours(s), 0 minute(s), and 37 seconds(s)



I believe that's all of them.  Sorry, I'm having problems with copying and pasting for some reason.



#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:46 AM

Posted 16 February 2013 - 02:07 PM

Press Windows+R key and type

 

tasks and click ok

 

Delete all these files from

 

At1.job,At2.job,At3.job,At4.job.............................................At47.job,At48.job

 

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log
 



#12 mtfalcon31

mtfalcon31
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 16 February 2013 - 03:41 PM

Farbar Service Scanner Version: 15-02-2013
Ran by Administrator (administrator) on 16-02-2013 at 12:41:03
Running from "C:\Documents and Settings\Administrator\Desktop\COMP CLEAN UP STUFF\step 2"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************


 

Internet Services:
============


 

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


 


Windows Firewall:
=============


 

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


 


System Restore:
============


 

System Restore Disabled Policy:
========================


 


Security Center:
============


 

Windows Update:
============


 

Windows Autoupdate Disabled Policy:
============================


 


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys
[2002-12-31 04:00] - [2002-12-31 04:00] - 0361344 ____A (Microsoft Corporation) EAEC6EA32BDABD7622371C10B8D68A17


 

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2011-05-07 22:58] - [2002-12-31 04:00] - 0022744 ____A (Microsoft Corporation) 02E4055488047729B333F99D93877038


 

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2002-12-31 04:00] - [2002-12-31 04:00] - 0108544 ____A (Microsoft Corporation) 0E776ED5F7CC9F94299E70461B7B8185


 


Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.


 

**** End of log ****



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:46 AM

Posted 16 February 2013 - 03:44 PM

Download

 

http://www.revouninstaller.com/revo_uninstaller_free_download.html

 

Uninstall Strongvault Online Backup using revo uninstaller.Let me know if that helps.



#14 mtfalcon31

mtfalcon31
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 16 February 2013 - 03:59 PM

Strong Vault doesn't show up on the uninstall list.



#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:46 AM

Posted 16 February 2013 - 04:07 PM

.


Edited by narenxp, 16 February 2013 - 05:22 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users