Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Searchnu.com/410 malware


  • Please log in to reply
9 replies to this topic

#1 devilspride2k1

devilspride2k1

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:London UK
  • Local time:10:40 PM

Posted 23 February 2013 - 02:23 PM

Hi you have helped me before and am hoping you can again....I have the above search engine hijacker, I have read many of your posts and downloaded 2 of the requested programs and here are their results....would be extremely grateful for your help getting rid of this!  thanx in advance 

 

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by New User (administrator) on 23-02-2013 at 19:12:53
Running from "C:\Documents and Settings\New User\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek RTL8139 Family PCI Fast Ethernet NIC = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : new-da818c7c125
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Unknown
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Connection-specific DNS Suffix  . : 
 
        Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NIC
 
        Physical Address. . . . . . . . . : 00-0C-6E-87-75-8D
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.0.26
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.0.1
 
        DHCP Server . . . . . . . . . . . : 192.168.0.1
 
        DNS Servers . . . . . . . . . . . : 194.168.4.100
 
                                            194.168.8.100
 
        Lease Obtained. . . . . . . . . . : 23 February 2013 19:00:34
 
        Lease Expires . . . . . . . . . . : 24 February 2013 19:00:34
 
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100
 
Name:    google.com
Addresses:  173.194.41.68, 173.194.41.66, 173.194.41.78, 173.194.41.73
      173.194.41.65, 173.194.41.69, 173.194.41.64, 173.194.41.67, 173.194.41.71
      173.194.41.72, 173.194.41.70
 
 
 
Pinging google.com [173.194.41.69] with 32 bytes of data:
 
 
 
Reply from 173.194.41.69: bytes=32 time=20ms TTL=56
 
Reply from 173.194.41.69: bytes=32 time=19ms TTL=56
 
 
 
Ping statistics for 173.194.41.69:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 19ms, Maximum = 20ms, Average = 19ms
 
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100
 
Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45
 
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
 
 
 
Reply from 98.139.183.24: bytes=32 time=729ms TTL=49
 
Reply from 98.139.183.24: bytes=32 time=273ms TTL=49
 
 
 
Ping statistics for 98.139.183.24:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 273ms, Maximum = 729ms, Average = 501ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0c 6e 87 75 8d ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.26      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0     192.168.0.26    192.168.0.26      20
      192.168.0.0    255.255.255.0     192.168.0.26    192.168.0.26      20
     192.168.0.26  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.0.255  255.255.255.255     192.168.0.26    192.168.0.26      20
        224.0.0.0        240.0.0.0     192.168.0.26    192.168.0.26      20
  255.255.255.255  255.255.255.255     192.168.0.26    192.168.0.26      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/21/2013 09:46:27 PM) (Source: Application Error) (User: )
Description: Faulting application searchqumediabar.exe, version 1.0.0.12, faulting module kernel32.dll, version 5.1.2600.6293, fault address 0x0000a300.
Processing media-specific event for [searchqumediabar.exe!ws!]
 
Error: (02/01/2013 09:08:05 PM) (Source: Application Error) (User: )
Description: Faulting application helpctr.exe, version 5.1.2600.5512, faulting module , version 5.1.2600.6055, fault address 0x0000100b.
Processing media-specific event for [helpctr.exe!ws!]
 
Error: (02/01/2013 09:07:55 PM) (Source: Application Error) (User: )
Description: Faulting application helpctr.exe, version 5.1.2600.5512, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x0000100b.
Processing media-specific event for [helpctr.exe!ws!]
 
Error: (02/01/2013 09:07:47 PM) (Source: ESENT) (User: )
Description: HelpSvc.exe (2956) Unable to write a shadowed header for file C:\WINDOWS\NEW\PCHealth\HelpCtr\Config\CheckPoint\tmp.edb. Error -1808.
 
Error: (02/01/2013 09:07:46 PM) (Source: ESENT) (User: )
Description: HelpSvc (2956) An attempt to write to the file "C:\WINDOWS\NEW\PCHealth\HelpCtr\Config\CheckPoint\tmp.edb" at offset 0 (0x0000000000000000) for 8192 (0x00002000) bytes failed with system error 112 (0x00000070): "There is not enough space on the disk. ".  The write operation will fail with error -1808 (0xfffff8f0).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (02/01/2013 08:29:50 AM) (Source: Bonjour Service) (User: )
Description: 400: ERROR: read_msg errno 10053 (An established connection was aborted by the software in your host machine.)
 
Error: (02/01/2013 08:29:50 AM) (Source: Bonjour Service) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (01/24/2013 07:58:07 PM) (Source: Bonjour Service) (User: )
Description: 396: ERROR: read_msg errno 10053 (An established connection was aborted by the software in your host machine.)
 
Error: (01/24/2013 07:58:06 PM) (Source: Bonjour Service) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (01/19/2013 03:51:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3938
 
 
System errors:
=============
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
Error: (02/16/2013 07:30:54 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
 
Microsoft Office Sessions:
=========================
Error: (02/21/2013 09:46:27 PM) (Source: Application Error)(User: )
Description: searchqumediabar.exe1.0.0.12kernel32.dll5.1.2600.62930000a300
 
Error: (02/01/2013 09:08:05 PM) (Source: Application Error)(User: )
Description: helpctr.exe5.1.2600.55125.1.2600.60550000100b
 
Error: (02/01/2013 09:07:55 PM) (Source: Application Error)(User: )
Description: helpctr.exe5.1.2600.5512ntdll.dll5.1.2600.60550000100b
 
Error: (02/01/2013 09:07:47 PM) (Source: ESENT)(User: )
Description: HelpSvc.exe2956C:\WINDOWS\NEW\PCHealth\HelpCtr\Config\CheckPoint\tmp.edb-1808
 
Error: (02/01/2013 09:07:46 PM) (Source: ESENT)(User: )
Description: HelpSvc2956C:\WINDOWS\NEW\PCHealth\HelpCtr\Config\CheckPoint\tmp.edb0 (0x0000000000000000)8192 (0x00002000)-1808 (0xfffff8f0)112 (0x00000070)There is not enough space on the disk.
 
Error: (02/01/2013 08:29:50 AM) (Source: Bonjour Service)(User: )
Description: 400: ERROR: read_msg errno 10053 (An established connection was aborted by the software in your host machine.)
 
Error: (02/01/2013 08:29:50 AM) (Source: Bonjour Service)(User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (01/24/2013 07:58:07 PM) (Source: Bonjour Service)(User: )
Description: 396: ERROR: read_msg errno 10053 (An established connection was aborted by the software in your host machine.)
 
Error: (01/24/2013 07:58:06 PM) (Source: Bonjour Service)(User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (01/19/2013 03:51:47 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3938
 
 
=========================== Installed Programs ============================
 
Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Avira Free Antivirus (Version: 12.1.9.1236)
Bonjour (Version: 3.0.0.10)
Easy CD & DVD Creator 6 (Version: 6.1.1.7)
Google Chrome (Version: 24.0.1312.57)
hp deskjet 5600 (Version: 1.00.0000)
HP Memories Disc (Version: 1.0.4.805)
HP Photo and Imaging 2.0 - Deskjet Series (Version: 2.00.0000)
iTunes (Version: 11.0.1.12)
Java 7 Update 13 (Version: 7.0.130)
Java Auto Updater (Version: 2.1.9.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
Realtek AC'97 Audio
RealUpgrade 1.1 (Version: 1.1.0)
Sony PC Companion 2.10.094 (Version: 2.10.094)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows XP Service Pack 3 (Version: 20080414.031525)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 59%
Total physical RAM: 1023.36 MB
Available physical RAM: 418.4 MB
Total Pagefile: 2462.08 MB
Available Pagefile: 1825.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.98 MB
 
========================= Partitions: =====================================
 
2 Drive c: (PRESARIO) (Fixed) (Total:108.08 GB) (Free:1.76 GB) NTFS
3 Drive d: (PRESARIO_RP) (Fixed) (Total:3.69 GB) (Free:0.23 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\NEW-DA818C7C125
 
Administrator            Guest                    HelpAssistant            
New User                 SUPPORT_388945a0         
 
========================= Minidump Files ==================================
 
C:\WINDOWS\NEW\Minidump\Mini010113-01.dmp
C:\WINDOWS\NEW\Minidump\Mini011813-01.dmp
C:\WINDOWS\NEW\Minidump\Mini022313-01.dmp
C:\WINDOWS\NEW\Minidump\Mini050812-01.dmp
C:\WINDOWS\NEW\Minidump\Mini062312-01.dmp
C:\WINDOWS\NEW\Minidump\Mini062412-01.dmp
C:\WINDOWS\NEW\Minidump\Mini062412-02.dmp
C:\WINDOWS\NEW\Minidump\Mini062412-03.dmp
C:\WINDOWS\NEW\Minidump\Mini072312-01.dmp
C:\WINDOWS\NEW\Minidump\Mini072712-01.dmp
C:\WINDOWS\NEW\Minidump\Mini072712-02.dmp
C:\WINDOWS\NEW\Minidump\Mini080812-01.dmp
C:\WINDOWS\NEW\Minidump\Mini090212-01.dmp
C:\WINDOWS\NEW\Minidump\Mini102512-01.dmp
C:\WINDOWS\NEW\Minidump\Mini110712-01.dmp
C:\WINDOWS\NEW\Minidump\Mini111412-01.dmp
C:\WINDOWS\NEW\Minidump\Mini112112-01.dmp
C:\WINDOWS\NEW\Minidump\Mini112312-01.dmp
C:\WINDOWS\NEW\Minidump\Mini121512-01.dmp
C:\WINDOWS\NEW\Minidump\Mini121512-02.dmp
C:\WINDOWS\NEW\Minidump\Mini121912-01.dmp
 
**** End of log ****
 
Farbar Service Scanner Version: 20-02-2013
Ran by New User (administrator) on 23-02-2013 at 19:14:02
Running from "C:\Documents and Settings\New User\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
File Check:
========
C:\WINDOWS\NEW\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\NEW\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\NEW\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\NEW\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\NEW\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\NEW\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\NEW\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\NEW\system32\netman.dll => MD5 is legit
C:\WINDOWS\NEW\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\NEW\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\NEW\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\NEW\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\NEW\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\NEW\system32\wuauserv.dll
[2012-02-08 17:12] - [2008-04-14 00:12] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A
 
C:\WINDOWS\NEW\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\NEW\system32\es.dll => MD5 is legit
C:\WINDOWS\NEW\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\NEW\system32\svchost.exe => MD5 is legit
C:\WINDOWS\NEW\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\NEW\system32\services.exe
[2004-08-04 12:00] - [2009-02-06 11:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315
 
 
Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4) 
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.
 
**** End of log ****
 
 


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:40 PM

Posted 23 February 2013 - 02:24 PM


  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 devilspride2k1

devilspride2k1
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:London UK
  • Local time:10:40 PM

Posted 24 February 2013 - 03:38 PM

11:22:51.0687 2348  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:22:52.0156 2348  ============================================================
11:22:52.0156 2348  Current date / time: 2013/02/24 11:22:52.0156
11:22:52.0156 2348  SystemInfo:
11:22:52.0156 2348  
11:22:52.0156 2348  OS Version: 5.1.2600 ServicePack: 3.0
11:22:52.0156 2348  Product type: Workstation
11:22:52.0171 2348  ComputerName: NEW-DA818C7C125
11:22:52.0171 2348  UserName: New User
11:22:52.0171 2348  Windows directory: C:\WINDOWS\NEW
11:22:52.0171 2348  System windows directory: C:\WINDOWS\NEW
11:22:52.0171 2348  Processor architecture: Intel x86
11:22:52.0171 2348  Number of processors: 2
11:22:52.0171 2348  Page size: 0x1000
11:22:52.0171 2348  Boot type: Normal boot
11:22:52.0171 2348  ============================================================
11:22:54.0421 2348  BG loaded
11:22:58.0812 2348  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
11:22:58.0828 2348  ============================================================
11:22:58.0828 2348  \Device\Harddisk0\DR0:
11:22:58.0828 2348  MBR partitions:
11:22:58.0828 2348  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x765AD1
11:22:58.0828 2348  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x765B10, BlocksNum 0xD829DF0
11:22:58.0828 2348  ============================================================
11:22:58.0828 2348  Initialize success
11:22:58.0828 2348  ============================================================
11:23:09.0062 3188  ============================================================
11:23:09.0062 3188  Scan started
11:23:09.0062 3188  Mode: Manual; TDLFS; 
11:23:09.0062 3188  ============================================================
11:23:09.0750 3188  ================ Scan system memory ========================
11:23:09.0750 3188  System memory - ok
11:23:09.0750 3188  ================ Scan services =============================
11:23:09.0765 3188  Abiosdsk - ok
11:23:09.0781 3188  abp480n5 - ok
11:23:09.0781 3188  ACPI - ok
11:23:09.0781 3188  ACPIEC - ok
11:23:09.0796 3188  AdobeFlashPlayerUpdateSvc - ok
11:23:09.0796 3188  adpu160m - ok
11:23:09.0812 3188  aec - ok
11:23:09.0812 3188  AFD - ok
11:23:09.0812 3188  AFS2K - ok
11:23:09.0828 3188  agp440 - ok
11:23:09.0828 3188  Aha154x - ok
11:23:09.0843 3188  aic78u2 - ok
11:23:09.0843 3188  aic78xx - ok
11:23:09.0859 3188  ALCXWDM - ok
11:23:09.0859 3188  Alerter - ok
11:23:09.0875 3188  ALG - ok
11:23:09.0875 3188  AliIde - ok
11:23:09.0875 3188  amsint - ok
11:23:09.0890 3188  AntiVirSchedulerService - ok
11:23:09.0890 3188  AntiVirService - ok
11:23:09.0906 3188  Apple Mobile Device - ok
11:23:09.0906 3188  AppMgmt - ok
11:23:09.0906 3188  Arp1394 - ok
11:23:09.0921 3188  asc - ok
11:23:09.0921 3188  asc3350p - ok
11:23:09.0921 3188  asc3550 - ok
11:23:09.0937 3188  aspnet_state - ok
11:23:09.0953 3188  AsyncMac - ok
11:23:09.0953 3188  atapi - ok
11:23:09.0968 3188  Atdisk - ok
11:23:09.0968 3188  ati2mtag - ok
11:23:09.0968 3188  Atmarpc - ok
11:23:09.0984 3188  AudioSrv - ok
11:23:09.0984 3188  audstub - ok
11:23:10.0000 3188  avgntflt - ok
11:23:10.0015 3188  avipbb - ok
11:23:10.0015 3188  avkmgr - ok
11:23:10.0031 3188  Beep - ok
11:23:10.0031 3188  BITS - ok
11:23:10.0031 3188  Bonjour Service - ok
11:23:10.0046 3188  Browser - ok
11:23:10.0046 3188  CamDrL - ok
11:23:10.0062 3188  cbidf2k - ok
11:23:10.0062 3188  CCDECODE - ok
11:23:10.0062 3188  cd20xrnt - ok
11:23:10.0078 3188  Cdaudio - ok
11:23:10.0078 3188  Cdfs - ok
11:23:10.0078 3188  Cdr4_xp - ok
11:23:10.0093 3188  Cdralw2k - ok
11:23:10.0093 3188  Cdrom - ok
11:23:10.0109 3188  cdudf_xp - ok
11:23:10.0109 3188  Changer - ok
11:23:10.0109 3188  CiSvc - ok
11:23:10.0125 3188  ClipSrv - ok
11:23:10.0125 3188  clr_optimization_v4.0.30319_32 - ok
11:23:10.0140 3188  CmdIde - ok
11:23:10.0140 3188  COMSysApp - ok
11:23:10.0156 3188  Cpqarray - ok
11:23:10.0171 3188  CryptSvc - ok
11:23:10.0171 3188  dac2w2k - ok
11:23:10.0171 3188  dac960nt - ok
11:23:10.0187 3188  DcomLaunch - ok
11:23:10.0187 3188  dg_ssudbus - ok
11:23:10.0203 3188  Dhcp - ok
11:23:10.0203 3188  Disk - ok
11:23:10.0203 3188  dmadmin - ok
11:23:10.0218 3188  dmboot - ok
11:23:10.0218 3188  dmio - ok
11:23:10.0234 3188  dmload - ok
11:23:10.0234 3188  dmserver - ok
11:23:10.0234 3188  DMusic - ok
11:23:10.0250 3188  Dnscache - ok
11:23:10.0250 3188  Dot3svc - ok
11:23:10.0281 3188  dpti2o - ok
11:23:10.0281 3188  drmkaud - ok
11:23:10.0281 3188  DVDVRRdr_xp - ok
11:23:10.0296 3188  dvd_2K - ok
11:23:10.0296 3188  EapHost - ok
11:23:10.0312 3188  ERSvc - ok
11:23:10.0312 3188  Eventlog - ok
11:23:10.0328 3188  EventSystem - ok
11:23:10.0328 3188  Fastfat - ok
11:23:10.0343 3188  FastUserSwitchingCompatibility - ok
11:23:10.0343 3188  Fdc - ok
11:23:10.0343 3188  Fips - ok
11:23:10.0359 3188  Flpydisk - ok
11:23:10.0359 3188  FltMgr - ok
11:23:10.0375 3188  Fs_Rec - ok
11:23:10.0375 3188  Ftdisk - ok
11:23:10.0375 3188  GEARAspiWDM - ok
11:23:10.0390 3188  GMSIPCI - ok
11:23:10.0390 3188  Gpc - ok
11:23:10.0406 3188  helpsvc - ok
11:23:10.0406 3188  HidServ - ok
11:23:10.0406 3188  hidusb - ok
11:23:10.0421 3188  hkmsvc - ok
11:23:10.0421 3188  hpn - ok
11:23:10.0437 3188  HSFHWBS2 - ok
11:23:10.0437 3188  HSF_DP - ok
11:23:10.0453 3188  HTTP - ok
11:23:10.0453 3188  HTTPFilter - ok
11:23:10.0453 3188  i2omgmt - ok
11:23:10.0468 3188  i2omp - ok
11:23:10.0468 3188  i8042prt - ok
11:23:10.0484 3188  Imapi - ok
11:23:10.0484 3188  ImapiService - ok
11:23:10.0500 3188  ini910u - ok
11:23:10.0500 3188  IntelIde - ok
11:23:10.0515 3188  intelppm - ok
11:23:10.0515 3188  Ip6Fw - ok
11:23:10.0531 3188  IpFilterDriver - ok
11:23:10.0531 3188  IpInIp - ok
11:23:10.0531 3188  IpNat - ok
11:23:10.0546 3188  iPod Service - ok
11:23:10.0546 3188  IPSec - ok
11:23:10.0562 3188  IRENUM - ok
11:23:10.0562 3188  isapnp - ok
11:23:10.0578 3188  JavaQuickStarterService - ok
11:23:10.0578 3188  Kbdclass - ok
11:23:10.0578 3188  kbdhid - ok
11:23:10.0593 3188  kmixer - ok
11:23:10.0593 3188  KSecDD - ok
11:23:10.0609 3188  lanmanserver - ok
11:23:10.0609 3188  lanmanworkstation - ok
11:23:10.0609 3188  lbrtfdc - ok
11:23:10.0625 3188  LmHosts - ok
11:23:10.0640 3188  LVUSBSta - ok
11:23:10.0640 3188  mdmxsdk - ok
11:23:10.0656 3188  Messenger - ok
11:23:10.0656 3188  mmc_2K - ok
11:23:10.0656 3188  mnmdd - ok
11:23:10.0671 3188  mnmsrvc - ok
11:23:10.0671 3188  Modem - ok
11:23:10.0687 3188  Mouclass - ok
11:23:10.0687 3188  mouhid - ok
11:23:10.0687 3188  MountMgr - ok
11:23:10.0703 3188  mraid35x - ok
11:23:10.0703 3188  MRxDAV - ok
11:23:10.0718 3188  MRxSmb - ok
11:23:10.0718 3188  MSDTC - ok
11:23:10.0734 3188  Msfs - ok
11:23:10.0734 3188  MSIServer - ok
11:23:10.0765 3188  MSKSSRV - ok
11:23:10.0765 3188  MSPCLOCK - ok
11:23:10.0765 3188  MSPQM - ok
11:23:10.0781 3188  mssmbios - ok
11:23:10.0781 3188  MSTEE - ok
11:23:10.0796 3188  Mup - ok
11:23:10.0796 3188  NABTSFEC - ok
11:23:10.0859 3188  napagent - ok
11:23:10.0859 3188  NDIS - ok
11:23:10.0859 3188  NdisIP - ok
11:23:10.0875 3188  NdisTapi - ok
11:23:10.0875 3188  Ndisuio - ok
11:23:10.0890 3188  NdisWan - ok
11:23:10.0890 3188  NDProxy - ok
11:23:10.0906 3188  NetBIOS - ok
11:23:10.0906 3188  NetBT - ok
11:23:10.0984 3188  NetDDE - ok
11:23:11.0000 3188  NetDDEdsdm - ok
11:23:11.0000 3188  Netlogon - ok
11:23:11.0000 3188  Netman - ok
11:23:11.0015 3188  NIC1394 - ok
11:23:11.0015 3188  Nla - ok
11:23:11.0031 3188  Npfs - ok
11:23:11.0031 3188  Ntfs - ok
11:23:11.0031 3188  NtLmSsp - ok
11:23:11.0046 3188  NtmsSvc - ok
11:23:11.0046 3188  Null - ok
11:23:11.0062 3188  NwlnkFlt - ok
11:23:11.0062 3188  NwlnkFwd - ok
11:23:11.0062 3188  ohci1394 - ok
11:23:11.0078 3188  Parport - ok
11:23:11.0078 3188  PartMgr - ok
11:23:11.0093 3188  ParVdm - ok
11:23:11.0093 3188  PCI - ok
11:23:11.0093 3188  PCIDump - ok
11:23:11.0109 3188  PCIIde - ok
11:23:11.0109 3188  Pcmcia - ok
11:23:11.0125 3188  PDCOMP - ok
11:23:11.0125 3188  PDFRAME - ok
11:23:11.0140 3188  PDRELI - ok
11:23:11.0140 3188  PDRFRAME - ok
11:23:11.0140 3188  perc2 - ok
11:23:11.0156 3188  perc2hib - ok
11:23:11.0171 3188  PlugPlay - ok
11:23:11.0171 3188  PolicyAgent - ok
11:23:11.0187 3188  PptpMiniport - ok
11:23:11.0187 3188  ProtectedStorage - ok
11:23:11.0203 3188  PSched - ok
11:23:11.0203 3188  Ptilink - ok
11:23:11.0203 3188  pwd_2k - ok
11:23:11.0218 3188  ql1080 - ok
11:23:11.0218 3188  Ql10wnt - ok
11:23:11.0234 3188  ql12160 - ok
11:23:11.0234 3188  ql1240 - ok
11:23:11.0234 3188  ql1280 - ok
11:23:11.0250 3188  RasAcd - ok
11:23:11.0250 3188  RasAuto - ok
11:23:11.0265 3188  Rasl2tp - ok
11:23:11.0265 3188  RasMan - ok
11:23:11.0265 3188  RasPppoe - ok
11:23:11.0281 3188  Raspti - ok
11:23:11.0281 3188  Rdbss - ok
11:23:11.0296 3188  RDPCDD - ok
11:23:11.0312 3188  RDPWD - ok
11:23:11.0312 3188  RDSessMgr - ok
11:23:11.0312 3188  redbook - ok
11:23:11.0328 3188  RemoteAccess - ok
11:23:11.0328 3188  RpcLocator - ok
11:23:11.0328 3188  RpcSs - ok
11:23:11.0343 3188  RSVP - ok
11:23:11.0343 3188  rtl8139 - ok
11:23:11.0359 3188  SamSs - ok
11:23:11.0359 3188  SCardSvr - ok
11:23:11.0359 3188  Schedule - ok
11:23:11.0375 3188  Secdrv - ok
11:23:11.0390 3188  seclogon - ok
11:23:11.0390 3188  SENS - ok
11:23:11.0390 3188  serenum - ok
11:23:11.0406 3188  Serial - ok
11:23:11.0437 3188  Sfloppy - ok
11:23:11.0437 3188  SharedAccess - ok
11:23:11.0453 3188  ShellHWDetection - ok
11:23:11.0453 3188  Simbad - ok
11:23:11.0453 3188  SLIP - ok
11:23:11.0468 3188  Sony PC Companion - ok
11:23:11.0468 3188  Sparrow - ok
11:23:11.0484 3188  splitter - ok
11:23:11.0484 3188  Spooler - ok
11:23:11.0500 3188  sr - ok
11:23:11.0500 3188  srservice - ok
11:23:11.0500 3188  Srv - ok
11:23:11.0515 3188  SSDPSRV - ok
11:23:11.0515 3188  ssmdrv - ok
11:23:11.0531 3188  stisvc - ok
11:23:11.0531 3188  streamip - ok
11:23:11.0546 3188  swenum - ok
11:23:11.0546 3188  swmidi - ok
11:23:11.0546 3188  SwPrv - ok
11:23:11.0562 3188  symc810 - ok
11:23:11.0562 3188  symc8xx - ok
11:23:11.0578 3188  sym_hi - ok
11:23:11.0578 3188  sym_u3 - ok
11:23:11.0593 3188  sysaudio - ok
11:23:11.0593 3188  SysmonLog - ok
11:23:11.0593 3188  TapiSrv - ok
11:23:11.0609 3188  Tcpip - ok
11:23:11.0609 3188  TDPIPE - ok
11:23:11.0625 3188  TDTCP - ok
11:23:11.0625 3188  TermDD - ok
11:23:11.0640 3188  TermService - ok
11:23:11.0640 3188  Themes - ok
11:23:11.0640 3188  TosIde - ok
11:23:11.0656 3188  TrkWks - ok
11:23:11.0656 3188  UdfReadr_xp - ok
11:23:11.0671 3188  Udfs - ok
11:23:11.0671 3188  ultra - ok
11:23:11.0687 3188  Update - ok
11:23:11.0687 3188  upnphost - ok
11:23:11.0703 3188  UPS - ok
11:23:11.0703 3188  USBAAPL - ok
11:23:11.0718 3188  usbaudio - ok
11:23:11.0718 3188  usbccgp - ok
11:23:11.0718 3188  usbehci - ok
11:23:11.0734 3188  usbhub - ok
11:23:11.0734 3188  usbprint - ok
11:23:11.0750 3188  usbscan - ok
11:23:11.0750 3188  USBSTOR - ok
11:23:11.0765 3188  usbuhci - ok
11:23:11.0765 3188  VgaSave - ok
11:23:11.0765 3188  ViaIde - ok
11:23:11.0781 3188  VolSnap - ok
11:23:11.0781 3188  VSS - ok
11:23:11.0796 3188  W32Time - ok
11:23:11.0796 3188  Wanarp - ok
11:23:11.0812 3188  WDICA - ok
11:23:11.0812 3188  wdmaud - ok
11:23:11.0828 3188  WebClient - ok
11:23:11.0828 3188  winachsf - ok
11:23:11.0828 3188  winmgmt - ok
11:23:11.0843 3188  WMDM PMSP Service - ok
11:23:11.0859 3188  WmdmPmSN - ok
11:23:11.0875 3188  WmiApSrv - ok
11:23:11.0875 3188  WPFFontCache_v0400 - ok
11:23:11.0890 3188  wscsvc - ok
11:23:11.0890 3188  WSTCODEC - ok
11:23:11.0906 3188  wuauserv - ok
11:23:11.0906 3188  WZCSVC - ok
11:23:11.0921 3188  xmlprov - ok
11:23:11.0921 3188  ================ Scan global ===============================
11:23:11.0937 3188  [Global] - ok
11:23:11.0937 3188  ================ Scan MBR ==================================
11:23:11.0953 3188  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
11:23:12.0187 3188  \Device\Harddisk0\DR0 - ok
11:23:12.0187 3188  ================ Scan VBR ==================================
11:23:12.0218 3188  [ CF5AE616805B544612529F5D8D8702F6 ] \Device\Harddisk0\DR0\Partition1
11:23:12.0218 3188  \Device\Harddisk0\DR0\Partition1 - ok
11:23:12.0234 3188  [ D318F717A18E4FC7A2E9DBE6434E989A ] \Device\Harddisk0\DR0\Partition2
11:23:12.0234 3188  \Device\Harddisk0\DR0\Partition2 - ok
11:23:12.0234 3188  ================ Scan active images ========================
11:23:12.0234 3188  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\NEW\system32\drivers\intelppm.sys
11:23:12.0234 3188  C:\WINDOWS\NEW\system32\drivers\intelppm.sys - ok
11:23:12.0234 3188  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\NEW\system32\drivers\videoprt.sys
11:23:12.0234 3188  C:\WINDOWS\NEW\system32\drivers\videoprt.sys - ok
11:23:12.0250 3188  [ 8759322FFC1A50569C1E5528EE8026B7 ] C:\WINDOWS\NEW\system32\drivers\ati2mtag.sys
11:23:12.0250 3188  C:\WINDOWS\NEW\system32\drivers\ati2mtag.sys - ok
11:23:12.0250 3188  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\NEW\system32\drivers\usbport.sys
11:23:12.0250 3188  C:\WINDOWS\NEW\system32\drivers\usbport.sys - ok
11:23:12.0265 3188  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\NEW\system32\drivers\usbuhci.sys
11:23:12.0265 3188  C:\WINDOWS\NEW\system32\drivers\usbuhci.sys - ok
11:23:12.0265 3188  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\NEW\system32\drivers\usbehci.sys
11:23:12.0265 3188  C:\WINDOWS\NEW\system32\drivers\usbehci.sys - ok
11:23:12.0265 3188  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\NEW\system32\drivers\ks.sys
11:23:12.0265 3188  C:\WINDOWS\NEW\system32\drivers\ks.sys - ok
11:23:12.0281 3188  [ 970178E8E003EB1481293830069624B9 ] C:\WINDOWS\NEW\system32\drivers\HSFBS2S2.sys
11:23:12.0281 3188  C:\WINDOWS\NEW\system32\drivers\HSFBS2S2.sys - ok
11:23:12.0281 3188  [ EBB354438A4C5A3327FB97306260714A ] C:\WINDOWS\NEW\system32\drivers\HSFDPSP2.sys
11:23:12.0281 3188  C:\WINDOWS\NEW\system32\drivers\HSFDPSP2.sys - ok
11:23:12.0281 3188  [ 1225EBEA76AAC3C84DF6C54FE5E5D8BE ] C:\WINDOWS\NEW\system32\drivers\HSFCXTS2.sys
11:23:12.0281 3188  C:\WINDOWS\NEW\system32\drivers\HSFCXTS2.sys - ok
11:23:12.0296 3188  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\NEW\system32\drivers\modem.sys
11:23:12.0296 3188  C:\WINDOWS\NEW\system32\drivers\modem.sys - ok
11:23:12.0296 3188  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\NEW\system32\drivers\nic1394.sys
11:23:12.0296 3188  C:\WINDOWS\NEW\system32\drivers\nic1394.sys - ok
11:23:12.0312 3188  [ D507C1400284176573224903819FFDA3 ] C:\WINDOWS\NEW\system32\drivers\RTL8139.sys
11:23:12.0312 3188  C:\WINDOWS\NEW\system32\drivers\RTL8139.sys - ok
11:23:12.0312 3188  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\NEW\system32\drivers\i8042prt.sys
11:23:12.0312 3188  C:\WINDOWS\NEW\system32\drivers\i8042prt.sys - ok
11:23:12.0312 3188  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\NEW\system32\drivers\kbdclass.sys
11:23:12.0312 3188  C:\WINDOWS\NEW\system32\drivers\kbdclass.sys - ok
11:23:12.0328 3188  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\NEW\system32\drivers\serial.sys
11:23:12.0328 3188  C:\WINDOWS\NEW\system32\drivers\serial.sys - ok
11:23:12.0328 3188  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\NEW\system32\drivers\serenum.sys
11:23:12.0328 3188  C:\WINDOWS\NEW\system32\drivers\serenum.sys - ok
11:23:12.0328 3188  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\NEW\system32\drivers\fdc.sys
11:23:12.0328 3188  C:\WINDOWS\NEW\system32\drivers\fdc.sys - ok
11:23:12.0343 3188  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\NEW\system32\drivers\parport.sys
11:23:12.0343 3188  C:\WINDOWS\NEW\system32\drivers\parport.sys - ok
11:23:12.0343 3188  [ CEDCBEEE331DEFFE6999B6B4162E2246 ] C:\WINDOWS\NEW\system32\drivers\cdr4_xp.sys
11:23:12.0343 3188  C:\WINDOWS\NEW\system32\drivers\cdr4_xp.sys - ok
11:23:12.0359 3188  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\NEW\system32\drivers\cdrom.sys
11:23:12.0359 3188  C:\WINDOWS\NEW\system32\drivers\cdrom.sys - ok
11:23:12.0359 3188  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\NEW\system32\drivers\redbook.sys
11:23:12.0359 3188  C:\WINDOWS\NEW\system32\drivers\redbook.sys - ok
11:23:12.0359 3188  [ A69812BCDF900F99E3ACE4C38A3AEFB2 ] C:\WINDOWS\NEW\system32\drivers\pwd_2K.sys
11:23:12.0359 3188  C:\WINDOWS\NEW\system32\drivers\pwd_2K.sys - ok
11:23:12.0375 3188  [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\NEW\system32\drivers\GEARAspiWDM.sys
11:23:12.0375 3188  C:\WINDOWS\NEW\system32\drivers\GEARAspiWDM.sys - ok
11:23:12.0375 3188  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\NEW\system32\drivers\imapi.sys
11:23:12.0375 3188  C:\WINDOWS\NEW\system32\drivers\imapi.sys - ok
11:23:12.0375 3188  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\NEW\system32\drivers\usbd.sys
11:23:12.0375 3188  C:\WINDOWS\NEW\system32\drivers\usbd.sys - ok
11:23:12.0390 3188  [ 5F987FC1AAD215EC2C60CF07719B1CCE ] C:\WINDOWS\NEW\system32\drivers\LVUSBSta.sys
11:23:12.0390 3188  C:\WINDOWS\NEW\system32\drivers\LVUSBSta.sys - ok
11:23:12.0390 3188  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\NEW\system32\drivers\drmk.sys
11:23:12.0390 3188  C:\WINDOWS\NEW\system32\drivers\drmk.sys - ok
11:23:12.0406 3188  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\NEW\system32\drivers\portcls.sys
11:23:12.0406 3188  C:\WINDOWS\NEW\system32\drivers\portcls.sys - ok
11:23:12.0406 3188  [ 4E0ACA5290B2966F24C45250A56C2DA1 ] C:\WINDOWS\NEW\system32\drivers\ALCXWDM.SYS
11:23:12.0406 3188  C:\WINDOWS\NEW\system32\drivers\ALCXWDM.SYS - ok
11:23:12.0406 3188  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\NEW\system32\drivers\audstub.sys
11:23:12.0406 3188  C:\WINDOWS\NEW\system32\drivers\audstub.sys - ok
11:23:12.0421 3188  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\NEW\system32\drivers\rasl2tp.sys
11:23:12.0421 3188  C:\WINDOWS\NEW\system32\drivers\rasl2tp.sys - ok
11:23:12.0421 3188  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\NEW\system32\drivers\ndistapi.sys
11:23:12.0421 3188  C:\WINDOWS\NEW\system32\drivers\ndistapi.sys - ok
11:23:12.0421 3188  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\NEW\system32\drivers\ndiswan.sys
11:23:12.0421 3188  C:\WINDOWS\NEW\system32\drivers\ndiswan.sys - ok
11:23:12.0437 3188  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\NEW\system32\drivers\raspppoe.sys
11:23:12.0437 3188  C:\WINDOWS\NEW\system32\drivers\raspppoe.sys - ok
11:23:12.0437 3188  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\NEW\system32\drivers\tdi.sys
11:23:12.0437 3188  C:\WINDOWS\NEW\system32\drivers\tdi.sys - ok
11:23:12.0453 3188  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\NEW\system32\drivers\psched.sys
11:23:12.0453 3188  C:\WINDOWS\NEW\system32\drivers\psched.sys - ok
11:23:12.0453 3188  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\NEW\system32\drivers\raspptp.sys
11:23:12.0453 3188  C:\WINDOWS\NEW\system32\drivers\raspptp.sys - ok
11:23:12.0453 3188  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\NEW\system32\drivers\msgpc.sys
11:23:12.0453 3188  C:\WINDOWS\NEW\system32\drivers\msgpc.sys - ok
11:23:12.0468 3188  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\NEW\system32\drivers\ptilink.sys
11:23:12.0468 3188  C:\WINDOWS\NEW\system32\drivers\ptilink.sys - ok
11:23:12.0468 3188  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\NEW\system32\drivers\raspti.sys
11:23:12.0468 3188  C:\WINDOWS\NEW\system32\drivers\raspti.sys - ok
11:23:12.0484 3188  [ 88155247177638048422893737429D9E ] C:\WINDOWS\NEW\system32\drivers\termdd.sys
11:23:12.0484 3188  C:\WINDOWS\NEW\system32\drivers\termdd.sys - ok
11:23:12.0484 3188  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\NEW\system32\drivers\mouclass.sys
11:23:12.0484 3188  C:\WINDOWS\NEW\system32\drivers\mouclass.sys - ok
11:23:12.0484 3188  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\NEW\system32\drivers\swenum.sys
11:23:12.0484 3188  C:\WINDOWS\NEW\system32\drivers\swenum.sys - ok
11:23:12.0500 3188  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\NEW\system32\drivers\update.sys
11:23:12.0500 3188  C:\WINDOWS\NEW\system32\drivers\update.sys - ok
11:23:12.0500 3188  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\NEW\system32\drivers\mssmbios.sys
11:23:12.0500 3188  C:\WINDOWS\NEW\system32\drivers\mssmbios.sys - ok
11:23:12.0500 3188  [ 9D6FABF24B9AC7BD2EF52D7907FD2F8E ] C:\WINDOWS\NEW\system32\drivers\Dvd_2k.sys
11:23:12.0500 3188  C:\WINDOWS\NEW\system32\drivers\Dvd_2k.sys - ok
11:23:12.0515 3188  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\NEW\system32\drivers\ndproxy.sys
11:23:12.0515 3188  C:\WINDOWS\NEW\system32\drivers\ndproxy.sys - ok
11:23:12.0515 3188  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\NEW\system32\drivers\usbhub.sys
11:23:12.0515 3188  C:\WINDOWS\NEW\system32\drivers\usbhub.sys - ok
11:23:12.0531 3188  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\NEW\system32\drivers\flpydisk.sys
11:23:12.0531 3188  C:\WINDOWS\NEW\system32\drivers\flpydisk.sys - ok
11:23:12.0531 3188  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\NEW\system32\drivers\sfloppy.sys
11:23:12.0531 3188  C:\WINDOWS\NEW\system32\drivers\sfloppy.sys - ok
11:23:12.0531 3188  [ 0EBB674888CBDEFD5773341C16DD6A07 ] C:\WINDOWS\NEW\system32\drivers\AFS2K.SYS
11:23:12.0531 3188  C:\WINDOWS\NEW\system32\drivers\AFS2K.SYS - ok
11:23:12.0546 3188  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\NEW\system32\drivers\cdaudio.sys
11:23:12.0546 3188  C:\WINDOWS\NEW\system32\drivers\cdaudio.sys - ok
11:23:12.0546 3188  [ 38B2F2439213FD5095F654AFDED23457 ] C:\WINDOWS\NEW\system32\drivers\cdralw2k.sys
11:23:12.0546 3188  C:\WINDOWS\NEW\system32\drivers\cdralw2k.sys - ok
11:23:12.0546 3188  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\NEW\system32\drivers\fs_rec.sys
11:23:12.0546 3188  C:\WINDOWS\NEW\system32\drivers\fs_rec.sys - ok
11:23:12.0562 3188  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\NEW\system32\drivers\beep.sys
11:23:12.0562 3188  C:\WINDOWS\NEW\system32\drivers\beep.sys - ok
11:23:12.0562 3188  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\NEW\system32\drivers\hidparse.sys
11:23:12.0562 3188  C:\WINDOWS\NEW\system32\drivers\hidparse.sys - ok
11:23:12.0578 3188  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\NEW\system32\drivers\null.sys
11:23:12.0578 3188  C:\WINDOWS\NEW\system32\drivers\null.sys - ok
11:23:12.0578 3188  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\NEW\system32\drivers\kbdhid.sys
11:23:12.0578 3188  C:\WINDOWS\NEW\system32\drivers\kbdhid.sys - ok
11:23:12.0578 3188  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\NEW\system32\drivers\mnmdd.sys
11:23:12.0578 3188  C:\WINDOWS\NEW\system32\drivers\mnmdd.sys - ok
11:23:12.0593 3188  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\NEW\system32\drivers\vga.sys
11:23:12.0593 3188  C:\WINDOWS\NEW\system32\drivers\vga.sys - ok
11:23:12.0593 3188  [ 294F75A9F2C3317C61F5E51325E9976C ] C:\WINDOWS\NEW\system32\drivers\Cdudf_xp.sys
11:23:12.0593 3188  C:\WINDOWS\NEW\system32\drivers\Cdudf_xp.sys - ok
11:23:12.0609 3188  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\NEW\system32\drivers\rdpcdd.sys
11:23:12.0609 3188  C:\WINDOWS\NEW\system32\drivers\rdpcdd.sys - ok
11:23:12.0609 3188  [ A2ABB2A771A522B9DD57CE57D9960661 ] C:\WINDOWS\NEW\system32\drivers\DVDVRRdr_xp.sys
11:23:12.0609 3188  C:\WINDOWS\NEW\system32\drivers\DVDVRRdr_xp.sys - ok
11:23:12.0609 3188  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\NEW\system32\drivers\msfs.sys
11:23:12.0609 3188  C:\WINDOWS\NEW\system32\drivers\msfs.sys - ok
11:23:12.0625 3188  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\NEW\system32\drivers\npfs.sys
11:23:12.0625 3188  C:\WINDOWS\NEW\system32\drivers\npfs.sys - ok
11:23:12.0625 3188  [ 8D719AE3CC449768963A6A1F7FF4B769 ] C:\WINDOWS\NEW\system32\drivers\UdfReadr_xp.sys
11:23:12.0625 3188  C:\WINDOWS\NEW\system32\drivers\UdfReadr_xp.sys - ok
11:23:12.0625 3188  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\NEW\system32\drivers\ipsec.sys
11:23:12.0625 3188  C:\WINDOWS\NEW\system32\drivers\ipsec.sys - ok
11:23:12.0640 3188  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\NEW\system32\drivers\rasacd.sys
11:23:12.0640 3188  C:\WINDOWS\NEW\system32\drivers\rasacd.sys - ok
11:23:12.0640 3188  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\NEW\system32\drivers\tcpip.sys
11:23:12.0640 3188  C:\WINDOWS\NEW\system32\drivers\tcpip.sys - ok
11:23:12.0656 3188  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\NEW\system32\drivers\netbt.sys
11:23:12.0656 3188  C:\WINDOWS\NEW\system32\drivers\netbt.sys - ok
11:23:12.0656 3188  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\NEW\system32\drivers\ipnat.sys
11:23:12.0656 3188  C:\WINDOWS\NEW\system32\drivers\ipnat.sys - ok
11:23:12.0656 3188  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\NEW\system32\drivers\wanarp.sys
11:23:12.0656 3188  C:\WINDOWS\NEW\system32\drivers\wanarp.sys - ok
11:23:12.0671 3188  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\NEW\system32\drivers\afd.sys
11:23:12.0671 3188  C:\WINDOWS\NEW\system32\drivers\afd.sys - ok
11:23:12.0671 3188  [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\NEW\system32\drivers\arp1394.sys
11:23:12.0671 3188  C:\WINDOWS\NEW\system32\drivers\arp1394.sys - ok
11:23:12.0687 3188  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\NEW\system32\drivers\netbios.sys
11:23:12.0687 3188  C:\WINDOWS\NEW\system32\drivers\netbios.sys - ok
11:23:12.0687 3188  [ A36EE93698802CD899F98BFD553D8185 ] C:\WINDOWS\NEW\system32\drivers\ssmdrv.sys
11:23:12.0687 3188  C:\WINDOWS\NEW\system32\drivers\ssmdrv.sys - ok
11:23:12.0687 3188  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\NEW\system32\drivers\mrxsmb.sys
11:23:12.0687 3188  C:\WINDOWS\NEW\system32\drivers\mrxsmb.sys - ok
11:23:12.0703 3188  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\NEW\system32\drivers\rdbss.sys
11:23:12.0703 3188  C:\WINDOWS\NEW\system32\drivers\rdbss.sys - ok
11:23:12.0703 3188  [ 53E56450DA16A1A7F0D002F511113F67 ] C:\WINDOWS\NEW\system32\drivers\avkmgr.sys
11:23:12.0703 3188  C:\WINDOWS\NEW\system32\drivers\avkmgr.sys - ok
11:23:12.0703 3188  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\NEW\system32\drivers\fips.sys
11:23:12.0703 3188  C:\WINDOWS\NEW\system32\drivers\fips.sys - ok
11:23:12.0718 3188  [ 7D967A682D4694DF7FA57D63A2DB01FE ] C:\WINDOWS\NEW\system32\drivers\avipbb.sys
11:23:12.0718 3188  C:\WINDOWS\NEW\system32\drivers\avipbb.sys - ok
11:23:12.0718 3188  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\NEW\system32\ntdll.dll
11:23:12.0718 3188  C:\WINDOWS\NEW\system32\ntdll.dll - ok
11:23:12.0734 3188  [ 5F816C1F539266D2D4C78694239DA0B5 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\smss.exe
11:23:12.0734 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\smss.exe - ok
11:23:12.0734 3188  [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\NEW\system32\drivers\fastfat.sys
11:23:12.0734 3188  C:\WINDOWS\NEW\system32\drivers\fastfat.sys - ok
11:23:12.0734 3188  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\autochk.exe
11:23:12.0734 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\autochk.exe - ok
11:23:12.0750 3188  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\NEW\system32\sfcfiles.dll
11:23:12.0750 3188  C:\WINDOWS\NEW\system32\sfcfiles.dll - ok
11:23:12.0750 3188  [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\NEW\system32\drivers\usbccgp.sys
11:23:12.0750 3188  C:\WINDOWS\NEW\system32\drivers\usbccgp.sys - ok
11:23:12.0765 3188  [ A717C8721046828520C9EDF31288FC00 ] C:\WINDOWS\NEW\system32\drivers\usbprint.sys
11:23:12.0765 3188  C:\WINDOWS\NEW\system32\drivers\usbprint.sys - ok
11:23:12.0765 3188  [ 0F5CA31BB3FDB5C1E63C170CFBECC93B ] C:\WINDOWS\NEW\system32\drivers\Camdrl.sys
11:23:12.0765 3188  C:\WINDOWS\NEW\system32\drivers\Camdrl.sys - ok
11:23:12.0765 3188  [ E919708DB44ED8543A7C017953148330 ] C:\WINDOWS\NEW\system32\drivers\usbaudio.sys
11:23:12.0765 3188  C:\WINDOWS\NEW\system32\drivers\usbaudio.sys - ok
11:23:12.0781 3188  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\NEW\system32\drivers\hidclass.sys
11:23:12.0781 3188  C:\WINDOWS\NEW\system32\drivers\hidclass.sys - ok
11:23:12.0781 3188  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\NEW\system32\drivers\hidusb.sys
11:23:12.0781 3188  C:\WINDOWS\NEW\system32\drivers\hidusb.sys - ok
11:23:12.0781 3188  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\NEW\system32\drivers\mouhid.sys
11:23:12.0781 3188  C:\WINDOWS\NEW\system32\drivers\mouhid.sys - ok
11:23:12.0796 3188  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\NEW\system32\drivers\wmilib.sys
11:23:12.0796 3188  C:\WINDOWS\NEW\system32\drivers\wmilib.sys - ok
11:23:12.0796 3188  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\NEW\system32\drivers\atapi.sys
11:23:12.0796 3188  C:\WINDOWS\NEW\system32\drivers\atapi.sys - ok
11:23:12.0812 3188  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\NEW\system32\drivers\dxapi.sys
11:23:12.0812 3188  C:\WINDOWS\NEW\system32\drivers\dxapi.sys - ok
11:23:12.0812 3188  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\NEW\system32\watchdog.sys
11:23:12.0812 3188  C:\WINDOWS\NEW\system32\watchdog.sys - ok
11:23:12.0812 3188  [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\NEW\system32\win32k.sys
11:23:12.0812 3188  C:\WINDOWS\NEW\system32\win32k.sys - ok
11:23:12.0828 3188  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\NEW\system32\basesrv.dll
11:23:12.0828 3188  C:\WINDOWS\NEW\system32\basesrv.dll - ok
11:23:12.0828 3188  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\NEW\system32\csrsrv.dll
11:23:12.0828 3188  C:\WINDOWS\NEW\system32\csrsrv.dll - ok
11:23:12.0828 3188  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\NEW\system32\winsrv.dll
11:23:12.0828 3188  C:\WINDOWS\NEW\system32\winsrv.dll - ok
11:23:12.0843 3188  [ 44F275C64738EA2056E3D9580C23B60F ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\csrss.exe
11:23:12.0843 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\csrss.exe - ok
11:23:12.0843 3188  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\NEW\system32\gdi32.dll
11:23:12.0843 3188  C:\WINDOWS\NEW\system32\gdi32.dll - ok
11:23:12.0843 3188  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\NEW\system32\kernel32.dll
11:23:12.0843 3188  C:\WINDOWS\NEW\system32\kernel32.dll - ok
11:23:12.0859 3188  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\NEW\system32\drivers\dxg.sys
11:23:12.0859 3188  C:\WINDOWS\NEW\system32\drivers\dxg.sys - ok
11:23:12.0859 3188  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\NEW\system32\drivers\dxgthk.sys
11:23:12.0859 3188  C:\WINDOWS\NEW\system32\drivers\dxgthk.sys - ok
11:23:12.0875 3188  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\NEW\system32\user32.dll
11:23:12.0875 3188  C:\WINDOWS\NEW\system32\user32.dll - ok
11:23:12.0875 3188  [ B90394A426FEA378CAC90FBDD74701E2 ] C:\WINDOWS\NEW\system32\ati2cqag.dll
11:23:12.0875 3188  C:\WINDOWS\NEW\system32\ati2cqag.dll - ok
11:23:12.0875 3188  [ 20A00BD20152E0342BC9E46C30CC687A ] C:\WINDOWS\NEW\system32\ati2dvag.dll
11:23:12.0875 3188  C:\WINDOWS\NEW\system32\ati2dvag.dll - ok
11:23:12.0890 3188  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\NEW\system32\vga.dll
11:23:12.0890 3188  C:\WINDOWS\NEW\system32\vga.dll - ok
11:23:12.0890 3188  [ B896F27ECCBF2616800B9AA33D59898D ] C:\WINDOWS\NEW\system32\ati3duag.dll
11:23:12.0890 3188  C:\WINDOWS\NEW\system32\ati3duag.dll - ok
11:23:12.0890 3188  [ CFA86E49AFB5C9AD8839CE4A1F2E532F ] C:\WINDOWS\NEW\system32\ativvaxx.dll
11:23:12.0906 3188  C:\WINDOWS\NEW\system32\ativvaxx.dll - ok
11:23:12.0906 3188  [ ED0EF0A136DEC83DF69F04118870003E ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\winlogon.exe
11:23:12.0906 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\winlogon.exe - ok
11:23:12.0906 3188  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\NEW\system32\advapi32.dll
11:23:12.0906 3188  C:\WINDOWS\NEW\system32\advapi32.dll - ok
11:23:12.0921 3188  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\NEW\system32\rpcrt4.dll
11:23:12.0921 3188  C:\WINDOWS\NEW\system32\rpcrt4.dll - ok
11:23:12.0921 3188  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\NEW\system32\authz.dll
11:23:12.0921 3188  C:\WINDOWS\NEW\system32\authz.dll - ok
11:23:12.0921 3188  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\NEW\system32\crypt32.dll
11:23:12.0921 3188  C:\WINDOWS\NEW\system32\crypt32.dll - ok
11:23:12.0921 3188  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\NEW\system32\msasn1.dll
11:23:12.0921 3188  C:\WINDOWS\NEW\system32\msasn1.dll - ok
11:23:12.0937 3188  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\NEW\system32\msvcrt.dll
11:23:12.0937 3188  C:\WINDOWS\NEW\system32\msvcrt.dll - ok
11:23:12.0937 3188  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\NEW\system32\nddeapi.dll
11:23:12.0937 3188  C:\WINDOWS\NEW\system32\nddeapi.dll - ok
11:23:12.0937 3188  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\NEW\system32\netapi32.dll
11:23:12.0937 3188  C:\WINDOWS\NEW\system32\netapi32.dll - ok
11:23:12.0953 3188  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\NEW\system32\profmap.dll
11:23:12.0953 3188  C:\WINDOWS\NEW\system32\profmap.dll - ok
11:23:12.0953 3188  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\NEW\system32\secur32.dll
11:23:12.0953 3188  C:\WINDOWS\NEW\system32\secur32.dll - ok
11:23:12.0953 3188  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\NEW\system32\userenv.dll
11:23:12.0953 3188  C:\WINDOWS\NEW\system32\userenv.dll - ok
11:23:12.0968 3188  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\NEW\system32\imagehlp.dll
11:23:12.0968 3188  C:\WINDOWS\NEW\system32\imagehlp.dll - ok
11:23:12.0968 3188  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\NEW\system32\psapi.dll
11:23:12.0968 3188  C:\WINDOWS\NEW\system32\psapi.dll - ok
11:23:12.0968 3188  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\NEW\system32\regapi.dll
11:23:12.0968 3188  C:\WINDOWS\NEW\system32\regapi.dll - ok
11:23:12.0984 3188  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\NEW\system32\setupapi.dll
11:23:12.0984 3188  C:\WINDOWS\NEW\system32\setupapi.dll - ok
11:23:12.0984 3188  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\NEW\system32\version.dll
11:23:12.0984 3188  C:\WINDOWS\NEW\system32\version.dll - ok
11:23:12.0984 3188  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\NEW\system32\winsta.dll
11:23:12.0984 3188  C:\WINDOWS\NEW\system32\winsta.dll - ok
11:23:13.0000 3188  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\NEW\system32\wintrust.dll
11:23:13.0000 3188  C:\WINDOWS\NEW\system32\wintrust.dll - ok
11:23:13.0000 3188  [ 1AC563EF1FF9E5DAF6570D5E413F0A0C ] C:\DOCUME~1\ALLUSE~1.NEW\APPLIC~1\Wincert\WIN32C~1.DLL
11:23:13.0000 3188  C:\DOCUME~1\ALLUSE~1.NEW\APPLIC~1\Wincert\WIN32C~1.DLL - ok
11:23:13.0000 3188  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\NEW\system32\imm32.dll
11:23:13.0000 3188  C:\WINDOWS\NEW\system32\imm32.dll - ok
11:23:13.0015 3188  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\NEW\system32\sxs.dll
11:23:13.0015 3188  C:\WINDOWS\NEW\system32\sxs.dll - ok
11:23:13.0015 3188  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\NEW\system32\ws2help.dll
11:23:13.0015 3188  C:\WINDOWS\NEW\system32\ws2help.dll - ok
11:23:13.0015 3188  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\NEW\system32\ws2_32.dll
11:23:13.0015 3188  C:\WINDOWS\NEW\system32\ws2_32.dll - ok
11:23:13.0031 3188  [ DAB9952E3626D84E74CBF4958B1B1F52 ] C:\WINDOWS\NEW\system32\kbduk.dll
11:23:13.0031 3188  C:\WINDOWS\NEW\system32\kbduk.dll - ok
11:23:13.0031 3188  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\NEW\system32\kbdus.dll
11:23:13.0031 3188  C:\WINDOWS\NEW\system32\kbdus.dll - ok
11:23:13.0031 3188  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\NEW\system32\comctl32.dll
11:23:13.0031 3188  C:\WINDOWS\NEW\system32\comctl32.dll - ok
11:23:13.0046 3188  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\NEW\system32\msgina.dll
11:23:13.0046 3188  C:\WINDOWS\NEW\system32\msgina.dll - ok
11:23:13.0046 3188  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\NEW\system32\comdlg32.dll
11:23:13.0046 3188  C:\WINDOWS\NEW\system32\comdlg32.dll - ok
11:23:13.0046 3188  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\NEW\system32\odbc32.dll
11:23:13.0046 3188  C:\WINDOWS\NEW\system32\odbc32.dll - ok
11:23:13.0062 3188  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\NEW\system32\shell32.dll
11:23:13.0062 3188  C:\WINDOWS\NEW\system32\shell32.dll - ok
11:23:13.0062 3188  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\NEW\system32\shlwapi.dll
11:23:13.0062 3188  C:\WINDOWS\NEW\system32\shlwapi.dll - ok
11:23:13.0062 3188  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\NEW\system32\odbcint.dll
11:23:13.0062 3188  C:\WINDOWS\NEW\system32\odbcint.dll - ok
11:23:13.0062 3188  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\NEW\system32\shsvcs.dll
11:23:13.0062 3188  C:\WINDOWS\NEW\system32\shsvcs.dll - ok
11:23:13.0078 3188  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\NEW\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
11:23:13.0078 3188  C:\WINDOWS\NEW\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
11:23:13.0078 3188  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\NEW\system32\ole32.dll
11:23:13.0078 3188  C:\WINDOWS\NEW\system32\ole32.dll - ok
11:23:13.0078 3188  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\NEW\system32\sfc.dll
11:23:13.0078 3188  C:\WINDOWS\NEW\system32\sfc.dll - ok
11:23:13.0093 3188  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\NEW\system32\sfc_os.dll
11:23:13.0093 3188  C:\WINDOWS\NEW\system32\sfc_os.dll - ok
11:23:13.0093 3188  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\NEW\system32\apphelp.dll
11:23:13.0093 3188  C:\WINDOWS\NEW\system32\apphelp.dll - ok
11:23:13.0093 3188  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\NEW\system32\lsasrv.dll
11:23:13.0093 3188  C:\WINDOWS\NEW\system32\lsasrv.dll - ok
11:23:13.0109 3188  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\NEW\system32\msvcp60.dll
11:23:13.0109 3188  C:\WINDOWS\NEW\system32\msvcp60.dll - ok
11:23:13.0109 3188  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\NEW\system32\ncobjapi.dll
11:23:13.0109 3188  C:\WINDOWS\NEW\system32\ncobjapi.dll - ok
11:23:13.0109 3188  [ BF2466B3E18E970D8A976FB95FC1CA85 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\lsass.exe
11:23:13.0109 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\lsass.exe - ok
11:23:13.0125 3188  [ 65DF52F5B8B6E9BBD183505225C37315 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\services.exe
11:23:13.0125 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\services.exe - ok
11:23:13.0125 3188  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\NEW\system32\scesrv.dll
11:23:13.0125 3188  C:\WINDOWS\NEW\system32\scesrv.dll - ok
11:23:13.0125 3188  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\NEW\AppPatch\acadproc.dll
11:23:13.0125 3188  C:\WINDOWS\NEW\AppPatch\acadproc.dll - ok
11:23:13.0140 3188  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\NEW\system32\shimeng.dll
11:23:13.0140 3188  C:\WINDOWS\NEW\system32\shimeng.dll - ok
11:23:13.0140 3188  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\NEW\system32\umpnpmgr.dll
11:23:13.0140 3188  C:\WINDOWS\NEW\system32\umpnpmgr.dll - ok
11:23:13.0140 3188  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\NEW\system32\dnsapi.dll
11:23:13.0140 3188  C:\WINDOWS\NEW\system32\dnsapi.dll - ok
11:23:13.0156 3188  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\NEW\system32\mpr.dll
11:23:13.0156 3188  C:\WINDOWS\NEW\system32\mpr.dll - ok
11:23:13.0156 3188  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\NEW\system32\ntdsapi.dll
11:23:13.0156 3188  C:\WINDOWS\NEW\system32\ntdsapi.dll - ok
11:23:13.0156 3188  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\NEW\system32\samlib.dll
11:23:13.0156 3188  C:\WINDOWS\NEW\system32\samlib.dll - ok
11:23:13.0171 3188  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\NEW\system32\samsrv.dll
11:23:13.0171 3188  C:\WINDOWS\NEW\system32\samsrv.dll - ok
11:23:13.0171 3188  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\NEW\system32\wldap32.dll
11:23:13.0171 3188  C:\WINDOWS\NEW\system32\wldap32.dll - ok
11:23:13.0171 3188  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\NEW\AppPatch\acgenral.dll
11:23:13.0171 3188  C:\WINDOWS\NEW\AppPatch\acgenral.dll - ok
11:23:13.0187 3188  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\NEW\system32\cryptdll.dll
11:23:13.0187 3188  C:\WINDOWS\NEW\system32\cryptdll.dll - ok
11:23:13.0187 3188  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\NEW\system32\oleaut32.dll
11:23:13.0187 3188  C:\WINDOWS\NEW\system32\oleaut32.dll - ok
11:23:13.0187 3188  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\NEW\system32\winmm.dll
11:23:13.0187 3188  C:\WINDOWS\NEW\system32\winmm.dll - ok
11:23:13.0187 3188  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\NEW\system32\msacm32.dll
11:23:13.0187 3188  C:\WINDOWS\NEW\system32\msacm32.dll - ok
11:23:13.0203 3188  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\NEW\system32\uxtheme.dll
11:23:13.0203 3188  C:\WINDOWS\NEW\system32\uxtheme.dll - ok
11:23:13.0203 3188  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\NEW\system32\digest.dll
11:23:13.0203 3188  C:\WINDOWS\NEW\system32\digest.dll - ok
11:23:13.0203 3188  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\NEW\system32\msapsspc.dll
11:23:13.0203 3188  C:\WINDOWS\NEW\system32\msapsspc.dll - ok
11:23:13.0218 3188  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\NEW\system32\msnsspc.dll
11:23:13.0218 3188  C:\WINDOWS\NEW\system32\msnsspc.dll - ok
11:23:13.0218 3188  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\NEW\system32\msvcrt40.dll
11:23:13.0218 3188  C:\WINDOWS\NEW\system32\msvcrt40.dll - ok
11:23:13.0218 3188  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\NEW\system32\schannel.dll
11:23:13.0218 3188  C:\WINDOWS\NEW\system32\schannel.dll - ok
11:23:13.0234 3188  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\NEW\system32\kerberos.dll
11:23:13.0234 3188  C:\WINDOWS\NEW\system32\kerberos.dll - ok
11:23:13.0234 3188  [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\NEW\system32\msctfime.ime
11:23:13.0234 3188  C:\WINDOWS\NEW\system32\msctfime.ime - ok
11:23:13.0234 3188  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\NEW\system32\msprivs.dll
11:23:13.0234 3188  C:\WINDOWS\NEW\system32\msprivs.dll - ok
11:23:13.0250 3188  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\NEW\system32\iphlpapi.dll
11:23:13.0250 3188  C:\WINDOWS\NEW\system32\iphlpapi.dll - ok
11:23:13.0250 3188  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\NEW\system32\msv1_0.dll
11:23:13.0250 3188  C:\WINDOWS\NEW\system32\msv1_0.dll - ok
11:23:13.0250 3188  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\NEW\system32\netlogon.dll
11:23:13.0250 3188  C:\WINDOWS\NEW\system32\netlogon.dll - ok
11:23:13.0265 3188  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\NEW\system32\rsaenh.dll
11:23:13.0265 3188  C:\WINDOWS\NEW\system32\rsaenh.dll - ok
11:23:13.0265 3188  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\NEW\system32\w32time.dll
11:23:13.0265 3188  C:\WINDOWS\NEW\system32\w32time.dll - ok
11:23:13.0265 3188  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\NEW\system32\wdigest.dll
11:23:13.0265 3188  C:\WINDOWS\NEW\system32\wdigest.dll - ok
11:23:13.0281 3188  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\NEW\system32\winscard.dll
11:23:13.0281 3188  C:\WINDOWS\NEW\system32\winscard.dll - ok
11:23:13.0281 3188  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\NEW\system32\wtsapi32.dll
11:23:13.0281 3188  C:\WINDOWS\NEW\system32\wtsapi32.dll - ok
11:23:13.0281 3188  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\NEW\system32\scecli.dll
11:23:13.0281 3188  C:\WINDOWS\NEW\system32\scecli.dll - ok
11:23:13.0296 3188  [ D5541F0AFB767E85FC412FC609D96A74 ] C:\WINDOWS\NEW\system32\drivers\avgntflt.sys
11:23:13.0296 3188  C:\WINDOWS\NEW\system32\drivers\avgntflt.sys - ok
11:23:13.0296 3188  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\svchost.exe
11:23:13.0296 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\svchost.exe - ok
11:23:13.0296 3188  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\NEW\system32\ntmarta.dll
11:23:13.0296 3188  C:\WINDOWS\NEW\system32\ntmarta.dll - ok
11:23:13.0312 3188  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\NEW\system32\rpcss.dll
11:23:13.0312 3188  C:\WINDOWS\NEW\system32\rpcss.dll - ok
11:23:13.0312 3188  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\NEW\system32\xpsp2res.dll
11:23:13.0312 3188  C:\WINDOWS\NEW\system32\xpsp2res.dll - ok
11:23:13.0312 3188  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\NEW\system32\eventlog.dll
11:23:13.0312 3188  C:\WINDOWS\NEW\system32\eventlog.dll - ok
11:23:13.0328 3188  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\NEW\system32\mswsock.dll
11:23:13.0328 3188  C:\WINDOWS\NEW\system32\mswsock.dll - ok
11:23:13.0328 3188  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\NEW\system32\hnetcfg.dll
11:23:13.0328 3188  C:\WINDOWS\NEW\system32\hnetcfg.dll - ok
11:23:13.0328 3188  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\NEW\system32\wshtcpip.dll
11:23:13.0328 3188  C:\WINDOWS\NEW\system32\wshtcpip.dll - ok
11:23:13.0343 3188  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
11:23:13.0343 3188  C:\Program Files\Bonjour\mdnsNSP.dll - ok
11:23:13.0343 3188  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\NEW\system32\rasadhlp.dll
11:23:13.0343 3188  C:\WINDOWS\NEW\system32\rasadhlp.dll - ok
11:23:13.0343 3188  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\NEW\system32\winrnr.dll
11:23:13.0343 3188  C:\WINDOWS\NEW\system32\winrnr.dll - ok
11:23:13.0359 3188  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\NEW\system32\drivers\ndisuio.sys
11:23:13.0359 3188  C:\WINDOWS\NEW\system32\drivers\ndisuio.sys - ok
11:23:13.0359 3188  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\NEW\system32\dhcpcsvc.dll
11:23:13.0359 3188  C:\WINDOWS\NEW\system32\dhcpcsvc.dll - ok
11:23:13.0359 3188  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\NEW\system32\dnsrslvr.dll
11:23:13.0359 3188  C:\WINDOWS\NEW\system32\dnsrslvr.dll - ok
11:23:13.0375 3188  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\NEW\system32\lmhsvc.dll
11:23:13.0375 3188  C:\WINDOWS\NEW\system32\lmhsvc.dll - ok
11:23:13.0375 3188  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\NEW\system32\wzcsvc.dll
11:23:13.0375 3188  C:\WINDOWS\NEW\system32\wzcsvc.dll - ok
11:23:13.0390 3188  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\NEW\system32\atl.dll
11:23:13.0390 3188  C:\WINDOWS\NEW\system32\atl.dll - ok
11:23:13.0390 3188  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\NEW\system32\dot3api.dll
11:23:13.0390 3188  C:\WINDOWS\NEW\system32\dot3api.dll - ok
11:23:13.0390 3188  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\NEW\system32\eapolqec.dll
11:23:13.0390 3188  C:\WINDOWS\NEW\system32\eapolqec.dll - ok
11:23:13.0390 3188  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\NEW\system32\esent.dll
11:23:13.0406 3188  C:\WINDOWS\NEW\system32\esent.dll - ok
11:23:13.0406 3188  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\NEW\system32\qutil.dll
11:23:13.0406 3188  C:\WINDOWS\NEW\system32\qutil.dll - ok
11:23:13.0406 3188  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\NEW\system32\rtutils.dll
11:23:13.0406 3188  C:\WINDOWS\NEW\system32\rtutils.dll - ok
11:23:13.0406 3188  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\NEW\system32\wmi.dll
11:23:13.0406 3188  C:\WINDOWS\NEW\system32\wmi.dll - ok
11:23:13.0421 3188  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\NEW\system32\clbcatq.dll
11:23:13.0421 3188  C:\WINDOWS\NEW\system32\clbcatq.dll - ok
11:23:13.0421 3188  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\NEW\system32\comres.dll
11:23:13.0421 3188  C:\WINDOWS\NEW\system32\comres.dll - ok
11:23:13.0421 3188  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\NEW\system32\cryptui.dll
11:23:13.0421 3188  C:\WINDOWS\NEW\system32\cryptui.dll - ok
11:23:13.0437 3188  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\NEW\system32\rastls.dll
11:23:13.0437 3188  C:\WINDOWS\NEW\system32\rastls.dll - ok
11:23:13.0437 3188  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\NEW\system32\cscdll.dll
11:23:13.0437 3188  C:\WINDOWS\NEW\system32\cscdll.dll - ok
11:23:13.0437 3188  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\NEW\system32\dimsntfy.dll
11:23:13.0437 3188  C:\WINDOWS\NEW\system32\dimsntfy.dll - ok
11:23:13.0453 3188  [ D175F91A4C98B8848818C9B5089F88A2 ] C:\WINDOWS\NEW\system32\wininet.dll
11:23:13.0453 3188  C:\WINDOWS\NEW\system32\wininet.dll - ok
11:23:13.0453 3188  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\NEW\system32\wlnotify.dll
11:23:13.0453 3188  C:\WINDOWS\NEW\system32\wlnotify.dll - ok
11:23:13.0453 3188  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\logonui.exe
11:23:13.0453 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\logonui.exe - ok
11:23:13.0468 3188  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\NEW\system32\winspool.drv
11:23:13.0468 3188  C:\WINDOWS\NEW\system32\winspool.drv - ok
11:23:13.0468 3188  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\NEW\system32\duser.dll
11:23:13.0468 3188  C:\WINDOWS\NEW\system32\duser.dll - ok
11:23:13.0468 3188  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\NEW\system32\normaliz.dll
11:23:13.0468 3188  C:\WINDOWS\NEW\system32\normaliz.dll - ok
11:23:13.0484 3188  [ 84A5C7B9B1B82F94A8245781FD44D8BA ] C:\WINDOWS\NEW\system32\urlmon.dll
11:23:13.0484 3188  C:\WINDOWS\NEW\system32\urlmon.dll - ok
11:23:13.0484 3188  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\NEW\system32\msimg32.dll
11:23:13.0484 3188  C:\WINDOWS\NEW\system32\msimg32.dll - ok
11:23:13.0484 3188  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\NEW\system32\oleacc.dll
11:23:13.0484 3188  C:\WINDOWS\NEW\system32\oleacc.dll - ok
11:23:13.0500 3188  [ D1B3D1E05BEDC8F9B0BBBC03D6033F82 ] C:\WINDOWS\NEW\system32\iertutil.dll
11:23:13.0500 3188  C:\WINDOWS\NEW\system32\iertutil.dll - ok
11:23:13.0500 3188  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\NEW\system32\activeds.dll
11:23:13.0500 3188  C:\WINDOWS\NEW\system32\activeds.dll - ok
11:23:13.0500 3188  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\NEW\system32\adsldpc.dll
11:23:13.0500 3188  C:\WINDOWS\NEW\system32\adsldpc.dll - ok
11:23:13.0515 3188  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\NEW\system32\mprapi.dll
11:23:13.0515 3188  C:\WINDOWS\NEW\system32\mprapi.dll - ok
11:23:13.0515 3188  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\NEW\system32\rasapi32.dll
11:23:13.0515 3188  C:\WINDOWS\NEW\system32\rasapi32.dll - ok
11:23:13.0515 3188  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\NEW\system32\shgina.dll
11:23:13.0515 3188  C:\WINDOWS\NEW\system32\shgina.dll - ok
11:23:13.0531 3188  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\NEW\system32\rasman.dll
11:23:13.0531 3188  C:\WINDOWS\NEW\system32\rasman.dll - ok
11:23:13.0531 3188  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\NEW\system32\tapi32.dll
11:23:13.0531 3188  C:\WINDOWS\NEW\system32\tapi32.dll - ok
11:23:13.0531 3188  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\NEW\system32\riched20.dll
11:23:13.0531 3188  C:\WINDOWS\NEW\system32\riched20.dll - ok
11:23:13.0546 3188  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\NEW\system32\raschap.dll
11:23:13.0546 3188  C:\WINDOWS\NEW\system32\raschap.dll - ok
11:23:13.0546 3188  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\NEW\system32\schedsvc.dll
11:23:13.0546 3188  C:\WINDOWS\NEW\system32\schedsvc.dll - ok
11:23:13.0546 3188  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\NEW\system32\msidle.dll
11:23:13.0546 3188  C:\WINDOWS\NEW\system32\msidle.dll - ok
11:23:13.0562 3188  [ 60784F891563FB1B767F70117FC2428F ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\spoolsv.exe
11:23:13.0562 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\spoolsv.exe - ok
11:23:13.0562 3188  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\NEW\system32\cscui.dll
11:23:13.0562 3188  C:\WINDOWS\NEW\system32\cscui.dll - ok
11:23:13.0562 3188  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\NEW\system32\powrprof.dll
11:23:13.0562 3188  C:\WINDOWS\NEW\system32\powrprof.dll - ok
11:23:13.0578 3188  [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\NEW\system32\dpcdll.dll
11:23:13.0578 3188  C:\WINDOWS\NEW\system32\dpcdll.dll - ok
11:23:13.0578 3188  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\NEW\system32\audiosrv.dll
11:23:13.0578 3188  C:\WINDOWS\NEW\system32\audiosrv.dll - ok
11:23:13.0578 3188  [ 0A1CC583E8147004E4AD4625D7FBF88C ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Avira\AntiVir Desktop\sched.exe
11:23:13.0578 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Avira\AntiVir Desktop\sched.exe - ok
11:23:13.0593 3188  [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\NEW\system32\msvcp100.dll
11:23:13.0593 3188  C:\WINDOWS\NEW\system32\msvcp100.dll - ok
11:23:13.0593 3188  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\NEW\system32\msvcr100.dll
11:23:13.0593 3188  C:\WINDOWS\NEW\system32\msvcr100.dll - ok
11:23:13.0609 3188  [ 3EF34FFAB47A2ECF4CE395EDB6D15334 ] C:\Program Files\Avira\AntiVir Desktop\grdcore.dll
11:23:13.0609 3188  C:\Program Files\Avira\AntiVir Desktop\grdcore.dll - ok
11:23:13.0609 3188  [ 6EBF590F58CB13F34E4BD702CC1286B3 ] C:\Program Files\Avira\AntiVir Desktop\scewxmlw.dll
11:23:13.0609 3188  C:\Program Files\Avira\AntiVir Desktop\scewxmlw.dll - ok
11:23:13.0609 3188  [ 13B7445DAAD8EA6774D65FD9DEF5D199 ] C:\Program Files\Avira\AntiVir Desktop\cfglib.dll
11:23:13.0609 3188  C:\Program Files\Avira\AntiVir Desktop\cfglib.dll - ok
11:23:13.0625 3188  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\NEW\system32\wkssvc.dll
11:23:13.0625 3188  C:\WINDOWS\NEW\system32\wkssvc.dll - ok
11:23:13.0625 3188  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\userinit.exe
11:23:13.0625 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\userinit.exe - ok
11:23:13.0625 3188  [ 80126BC6148CAD0FDB4EFF948232DC34 ] C:\Program Files\Avira\AntiVir Desktop\gpipc.dll
11:23:13.0625 3188  C:\Program Files\Avira\AntiVir Desktop\gpipc.dll - ok
11:23:13.0640 3188  [ E6019253451DBB67740F7027AD9E1CB5 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Real\RealUpgrade\realupgrade.exe
11:23:13.0640 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Real\RealUpgrade\realupgrade.exe - ok
11:23:13.0640 3188  [ 0D99E1210ECBC560E53FD759CFA4EAB5 ] C:\Program Files\Avira\AntiVir Desktop\gpgen.dll
11:23:13.0640 3188  C:\Program Files\Avira\AntiVir Desktop\gpgen.dll - ok
11:23:13.0656 3188  [ 4D03CA609E68F4C90CF66515218017F8 ] C:\WINDOWS\NEW\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
11:23:13.0656 3188  C:\WINDOWS\NEW\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll - ok
11:23:13.0656 3188  [ C48E0D43530060CAD4A0B231B10EB5BA ] C:\Program Files\Avira\AntiVir Desktop\gpschd.dll
11:23:13.0656 3188  C:\Program Files\Avira\AntiVir Desktop\gpschd.dll - ok
11:23:13.0656 3188  [ 434D3AFF60EE877A2D1CADE7016AF4C3 ] C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll
11:23:13.0656 3188  C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll - ok
11:23:13.0656 3188  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\explorer.exe
11:23:13.0656 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\explorer.exe - ok
11:23:13.0671 3188  [ 453A81F0537D7619BDC677E9A733C3FA ] C:\Program Files\Avira\AntiVir Desktop\schedr.dll
11:23:13.0671 3188  C:\Program Files\Avira\AntiVir Desktop\schedr.dll - ok
11:23:13.0671 3188  [ 3F994A6CF62AA8ED7B82CBE8AD7BE810 ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
11:23:13.0671 3188  C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
11:23:13.0671 3188  [ 503FE48BC3B68F40018520AEAE3BEAC1 ] C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
11:23:13.0671 3188  C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll - ok
11:23:13.0687 3188  [ 871F979D70414C900B35E56222932DAF ] C:\WINDOWS\NEW\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
11:23:13.0687 3188  C:\WINDOWS\NEW\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll - ok
11:23:13.0687 3188  [ B1C23558820A1B889949C1B5B050AA62 ] C:\WINDOWS\NEW\system32\browseui.dll
11:23:13.0687 3188  C:\WINDOWS\NEW\system32\browseui.dll - ok
11:23:13.0687 3188  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\NEW\system32\drivers\mrxdav.sys
11:23:13.0687 3188  C:\WINDOWS\NEW\system32\drivers\mrxdav.sys - ok
11:23:13.0703 3188  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\NEW\system32\webclnt.dll
11:23:13.0703 3188  C:\WINDOWS\NEW\system32\webclnt.dll - ok
11:23:13.0703 3188  [ 27DB3CEB88A1EF2BE1E193A05964973C ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
11:23:13.0703 3188  C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
11:23:13.0718 3188  [ 8C22083ED515DC94D575438662F0BE6A ] C:\WINDOWS\NEW\system32\msi.dll
11:23:13.0718 3188  C:\WINDOWS\NEW\system32\msi.dll - ok
11:23:13.0718 3188  [ EA28E642E65DC6767578EA3B37D3DA0C ] C:\WINDOWS\NEW\system32\shdocvw.dll
11:23:13.0718 3188  C:\WINDOWS\NEW\system32\shdocvw.dll - ok
11:23:13.0718 3188  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\NEW\system32\drivers\wdmaud.sys
11:23:13.0718 3188  C:\WINDOWS\NEW\system32\drivers\wdmaud.sys - ok
11:23:13.0734 3188  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\NEW\system32\wdmaud.drv
11:23:13.0734 3188  C:\WINDOWS\NEW\system32\wdmaud.drv - ok
11:23:13.0734 3188  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\NEW\system32\drivers\sysaudio.sys
11:23:13.0734 3188  C:\WINDOWS\NEW\system32\drivers\sysaudio.sys - ok
11:23:13.0750 3188  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\NEW\system32\drivers\splitter.sys
11:23:13.0750 3188  C:\WINDOWS\NEW\system32\drivers\splitter.sys - ok
11:23:13.0750 3188  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\NEW\system32\drivers\aec.sys
11:23:13.0750 3188  C:\WINDOWS\NEW\system32\drivers\aec.sys - ok
11:23:13.0750 3188  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\NEW\system32\desk.cpl
11:23:13.0750 3188  C:\WINDOWS\NEW\system32\desk.cpl - ok
11:23:13.0765 3188  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\NEW\system32\drivers\swmidi.sys
11:23:13.0765 3188  C:\WINDOWS\NEW\system32\drivers\swmidi.sys - ok
11:23:13.0765 3188  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\NEW\system32\drivers\dmusic.sys
11:23:13.0765 3188  C:\WINDOWS\NEW\system32\drivers\dmusic.sys - ok
11:23:13.0765 3188  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\NEW\system32\drivers\kmixer.sys
11:23:13.0781 3188  C:\WINDOWS\NEW\system32\drivers\kmixer.sys - ok
11:23:13.0781 3188  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\NEW\system32\themeui.dll
11:23:13.0781 3188  C:\WINDOWS\NEW\system32\themeui.dll - ok
11:23:13.0781 3188  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\NEW\system32\drivers\drmkaud.sys
11:23:13.0781 3188  C:\WINDOWS\NEW\system32\drivers\drmkaud.sys - ok
11:23:13.0796 3188  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\NEW\system32\actxprxy.dll
11:23:13.0796 3188  C:\WINDOWS\NEW\system32\actxprxy.dll - ok
11:23:13.0796 3188  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\NEW\system32\msacm32.drv
11:23:13.0796 3188  C:\WINDOWS\NEW\system32\msacm32.drv - ok
11:23:13.0796 3188  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\NEW\system32\midimap.dll
11:23:13.0796 3188  C:\WINDOWS\NEW\system32\midimap.dll - ok
11:23:13.0812 3188  [ 6D778E0F95447E6546553EEEA709D03C ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\cmd.exe
11:23:13.0812 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\cmd.exe - ok
11:23:13.0812 3188  [ 53249B2147DDC8212B290ACF80570290 ] C:\WINDOWS\NEW\system32\ieframe.dll
11:23:13.0812 3188  C:\WINDOWS\NEW\system32\ieframe.dll - ok
11:23:13.0812 3188  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\NEW\system32\cryptnet.dll
11:23:13.0812 3188  C:\WINDOWS\NEW\system32\cryptnet.dll - ok
11:23:13.0828 3188  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\NEW\system32\sensapi.dll
11:23:13.0828 3188  C:\WINDOWS\NEW\system32\sensapi.dll - ok
11:23:13.0828 3188  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\NEW\system32\winhttp.dll
11:23:13.0828 3188  C:\WINDOWS\NEW\system32\winhttp.dll - ok
11:23:13.0843 3188  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\NEW\system32\cabinet.dll
11:23:13.0843 3188  C:\WINDOWS\NEW\system32\cabinet.dll - ok
11:23:13.0843 3188  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\NEW\system32\drivers\parvdm.sys
11:23:13.0843 3188  C:\WINDOWS\NEW\system32\drivers\parvdm.sys - ok
11:23:13.0843 3188  [ C9A36EF935ACED86AEDF93E97E606911 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Avira\AntiVir Desktop\avguard.exe
11:23:13.0843 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Avira\AntiVir Desktop\avguard.exe - ok
11:23:13.0859 3188  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\NEW\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
11:23:13.0859 3188  C:\WINDOWS\NEW\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
11:23:13.0859 3188  [ A5299D04ED225D64CF07A568A3E1BF8C ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:23:13.0859 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
11:23:13.0859 3188  [ 991F2C676B636E475CB9C8C30ED8E570 ] C:\Program Files\Avira\AntiVir Desktop\gpgrd.dll
11:23:13.0859 3188  C:\Program Files\Avira\AntiVir Desktop\gpgrd.dll - ok
11:23:13.0875 3188  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\NEW\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
11:23:13.0875 3188  C:\WINDOWS\NEW\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
11:23:13.0875 3188  [ 03C305BD1C64043706DCE82268414AB2 ] C:\Program Files\Avira\AntiVir Desktop\gpavgio.dll
11:23:13.0875 3188  C:\Program Files\Avira\AntiVir Desktop\gpavgio.dll - ok
11:23:13.0890 3188  [ 5937E46ECDCD514C7A74D64E4EF5E21D ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
11:23:13.0890 3188  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
11:23:13.0890 3188  [ C2C2335E62DA083E06BD99A70DFA8785 ] C:\Program Files\Avira\AntiVir Desktop\gpgui.dll
11:23:13.0890 3188  C:\Program Files\Avira\AntiVir Desktop\gpgui.dll - ok
11:23:13.0890 3188  [ 2EC0D1737C05ADB6156C65BD4A2613F6 ] C:\Program Files\Avira\AntiVir Desktop\gplegacy.dll
11:23:13.0890 3188  C:\Program Files\Avira\AntiVir Desktop\gplegacy.dll - ok
11:23:13.0906 3188  [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
11:23:13.0906 3188  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
11:23:13.0906 3188  [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
11:23:13.0906 3188  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
11:23:13.0921 3188  [ CB0248A426835FE0A77F1B468E1825E1 ] C:\Program Files\Avira\AntiVir Desktop\gpgavid.dll
11:23:13.0921 3188  C:\Program Files\Avira\AntiVir Desktop\gpgavid.dll - ok
11:23:13.0921 3188  [ 8F9F50F3810672AC36503B72A0B1808A ] C:\Program Files\Avira\AntiVir Desktop\libdb44.dll
11:23:13.0921 3188  C:\Program Files\Avira\AntiVir Desktop\libdb44.dll - ok
11:23:13.0921 3188  [ 1F942930893ED98204AE67260E03EE26 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
11:23:13.0921 3188  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
11:23:13.0937 3188  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
11:23:13.0937 3188  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
11:23:13.0937 3188  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\NEW\system32\wsock32.dll
11:23:13.0937 3188  C:\WINDOWS\NEW\system32\wsock32.dll - ok
11:23:13.0937 3188  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
11:23:13.0937 3188  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
11:23:13.0953 3188  [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
11:23:13.0953 3188  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
11:23:13.0953 3188  [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
11:23:13.0953 3188  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
11:23:13.0968 3188  [ 729F4D9EC5E17A5588DD187D0F5F2738 ] C:\Program Files\Avira\AntiVir Desktop\gpgenrep.dll
11:23:13.0968 3188  C:\Program Files\Avira\AntiVir Desktop\gpgenrep.dll - ok
11:23:13.0968 3188  [ 31222A7F19EF7013FD43E47168E4400A ] C:\Program Files\Avira\AntiVir Desktop\onlcfg.dll
11:23:13.0968 3188  C:\Program Files\Avira\AntiVir Desktop\onlcfg.dll - ok
11:23:13.0968 3188  [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
11:23:13.0968 3188  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
11:23:13.0984 3188  [ EA196C9873949A3D2050C86B7AE95FDD ] C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll
11:23:13.0984 3188  C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll - ok
11:23:13.0984 3188  [ 4200272EE793C5E139365E0AFE9AAB5B ] C:\Program Files\Avira\AntiVir Desktop\avipc.dll
11:23:13.0984 3188  C:\Program Files\Avira\AntiVir Desktop\avipc.dll - ok
11:23:14.0000 3188  [ 1AE773142781013F32AE19D0404879FA ] C:\Program Files\Avira\AntiVir Desktop\avgio.dll
11:23:14.0000 3188  C:\Program Files\Avira\AntiVir Desktop\avgio.dll - ok
11:23:14.0000 3188  [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\NEW\system32\fltlib.dll
11:23:14.0000 3188  C:\WINDOWS\NEW\system32\fltlib.dll - ok
11:23:14.0000 3188  [ 88799EBEFF8BBDC9FDE37565C5066A7B ] C:\Program Files\Avira\AntiVir Desktop\aecore.dll
11:23:14.0000 3188  C:\Program Files\Avira\AntiVir Desktop\aecore.dll - ok
11:23:14.0015 3188  [ 5E68839D12A7A1DA642F7250D3AF88FB ] C:\Program Files\Avira\AntiVir Desktop\avpref.dll
11:23:14.0015 3188  C:\Program Files\Avira\AntiVir Desktop\avpref.dll - ok
11:23:14.0015 3188  [ E75A782A8C218D03A0AF54325132BC70 ] C:\Program Files\Avira\AntiVir Desktop\aevdf.dll
11:23:14.0015 3188  C:\Program Files\Avira\AntiVir Desktop\aevdf.dll - ok
11:23:14.0015 3188  [ 9CAEE2820D405F643C2768AD4E9CBFFE ] C:\Program Files\Avira\AntiVir Desktop\aescn.dll
11:23:14.0015 3188  C:\Program Files\Avira\AntiVir Desktop\aescn.dll - ok
11:23:14.0031 3188  [ D09AF4AD2BA8C476559F10529014CD46 ] C:\Program Files\Avira\AntiVir Desktop\aescript.dll
11:23:14.0031 3188  C:\Program Files\Avira\AntiVir Desktop\aescript.dll - ok
11:23:14.0031 3188  [ 64605B72B605DEDE66D38E3D7094E73B ] C:\Program Files\Avira\AntiVir Desktop\aesbx.dll
11:23:14.0031 3188  C:\Program Files\Avira\AntiVir Desktop\aesbx.dll - ok
11:23:14.0046 3188  [ 0D99DC04793237418386656339F4D79C ] C:\Program Files\Avira\AntiVir Desktop\aerdl.dll
11:23:14.0046 3188  C:\Program Files\Avira\AntiVir Desktop\aerdl.dll - ok
11:23:14.0046 3188  [ 8CAFD46DBF592C195FCC1D5EC1BC769B ] C:\Program Files\Avira\AntiVir Desktop\aepack.dll
11:23:14.0046 3188  C:\Program Files\Avira\AntiVir Desktop\aepack.dll - ok
11:23:14.0046 3188  [ 8D4CC7ED1EF309487345757C7A9B2C9F ] C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll
11:23:14.0046 3188  C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll - ok
11:23:14.0062 3188  [ 300374C8F28F5DA22A18FFB92DCD54F1 ] C:\Program Files\Avira\AntiVir Desktop\aeheur.dll
11:23:14.0062 3188  C:\Program Files\Avira\AntiVir Desktop\aeheur.dll - ok
11:23:14.0062 3188  [ 900ACDAD5D357BB26A571DCA1FD6AD36 ] C:\Program Files\Avira\AntiVir Desktop\aehelp.dll
11:23:14.0062 3188  C:\Program Files\Avira\AntiVir Desktop\aehelp.dll - ok
11:23:14.0062 3188  [ 3E22E96D7C97B74971B579357E4D4182 ] C:\Program Files\Avira\AntiVir Desktop\aegen.dll
11:23:14.0062 3188  C:\Program Files\Avira\AntiVir Desktop\aegen.dll - ok
11:23:14.0078 3188  [ CD7B65E600B8EBC91B292C1AC9EC1215 ] C:\Program Files\Avira\AntiVir Desktop\aeemu.dll
11:23:14.0078 3188  C:\Program Files\Avira\AntiVir Desktop\aeemu.dll - ok
11:23:14.0078 3188  [ 07CEB3F888659E15727A4DC715EDBE28 ] C:\Program Files\Avira\AntiVir Desktop\aeexp.dll
11:23:14.0078 3188  C:\Program Files\Avira\AntiVir Desktop\aeexp.dll - ok
11:23:14.0078 3188  [ 434049E557861645FA160F3035025F51 ] C:\Program Files\Avira\AntiVir Desktop\aebb.dll
11:23:14.0078 3188  C:\Program Files\Avira\AntiVir Desktop\aebb.dll - ok
11:23:14.0093 3188  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
11:23:14.0093 3188  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
11:23:14.0093 3188  [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
11:23:14.0093 3188  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
11:23:14.0109 3188  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\NEW\system32\dnssd.dll
11:23:14.0109 3188  C:\WINDOWS\NEW\system32\dnssd.dll - ok
11:23:14.0109 3188  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Bonjour\mDNSResponder.exe
11:23:14.0109 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Bonjour\mDNSResponder.exe - ok
11:23:14.0109 3188  [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
11:23:14.0109 3188  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
11:23:14.0125 3188  [ C5A75EB48E2344ABDC162BDA79E16841 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:23:14.0125 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
11:23:14.0125 3188  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\NEW\system32\msvcr100_clr0400.dll
11:23:14.0125 3188  C:\WINDOWS\NEW\system32\msvcr100_clr0400.dll - ok
11:23:14.0140 3188  [ 8195B745A9C3235E4715F0A1B59206CF ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
11:23:14.0140 3188  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
11:23:14.0140 3188  [ E53B389AABC47A86A41884E94C9A3012 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
11:23:14.0140 3188  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
11:23:14.0140 3188  [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] C:\WINDOWS\NEW\system32\mscoree.dll
11:23:14.0140 3188  C:\WINDOWS\NEW\system32\mscoree.dll - ok
11:23:14.0156 3188  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\NEW\system32\certcli.dll
11:23:14.0156 3188  C:\WINDOWS\NEW\system32\certcli.dll - ok
11:23:14.0156 3188  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\NEW\system32\cryptsvc.dll
11:23:14.0156 3188  C:\WINDOWS\NEW\system32\cryptsvc.dll - ok
11:23:14.0156 3188  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\NEW\system32\spoolss.dll
11:23:14.0171 3188  C:\WINDOWS\NEW\system32\spoolss.dll - ok
11:23:14.0171 3188  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\NEW\system32\es.dll
11:23:14.0171 3188  C:\WINDOWS\NEW\system32\es.dll - ok
11:23:14.0171 3188  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\NEW\system32\localspl.dll
11:23:14.0171 3188  C:\WINDOWS\NEW\system32\localspl.dll - ok
11:23:14.0187 3188  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\NEW\system32\ersvc.dll
11:23:14.0187 3188  C:\WINDOWS\NEW\system32\ersvc.dll - ok
11:23:14.0187 3188  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\NEW\pchealth\helpctr\binaries\pchsvc.dll
11:23:14.0187 3188  C:\WINDOWS\NEW\pchealth\helpctr\binaries\pchsvc.dll - ok
11:23:14.0187 3188  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\NEW\system32\hid.dll
11:23:14.0187 3188  C:\WINDOWS\NEW\system32\hid.dll - ok
11:23:14.0203 3188  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\NEW\system32\hidserv.dll
11:23:14.0203 3188  C:\WINDOWS\NEW\system32\hidserv.dll - ok
11:23:14.0203 3188  [ CC54FD59486BEF7CE70275FAC2FD9D34 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Java\jre7\bin\jqs.exe
11:23:14.0203 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Java\jre7\bin\jqs.exe - ok
11:23:14.0218 3188  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\NEW\system32\cnbjmon.dll
11:23:14.0218 3188  C:\WINDOWS\NEW\system32\cnbjmon.dll - ok
11:23:14.0218 3188  [ 3646E97A2A9C6ED6AC315C46E9B5C0BF ] C:\WINDOWS\NEW\system32\hpzlnt08.dll
11:23:14.0218 3188  C:\WINDOWS\NEW\system32\hpzlnt08.dll - ok
11:23:14.0218 3188  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\NEW\system32\pjlmon.dll
11:23:14.0218 3188  C:\WINDOWS\NEW\system32\pjlmon.dll - ok
11:23:14.0234 3188  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\NEW\system32\tcpmon.dll
11:23:14.0234 3188  C:\WINDOWS\NEW\system32\tcpmon.dll - ok
11:23:14.0234 3188  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\NEW\system32\usbmon.dll
11:23:14.0234 3188  C:\WINDOWS\NEW\system32\usbmon.dll - ok
11:23:14.0234 3188  [ 240D42CBD1691C6B7D54AF4E3365BAAC ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
11:23:14.0234 3188  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
11:23:14.0250 3188  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
11:23:14.0250 3188  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
11:23:14.0250 3188  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\NEW\system32\netrap.dll
11:23:14.0250 3188  C:\WINDOWS\NEW\system32\netrap.dll - ok
11:23:14.0265 3188  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\NEW\system32\win32spl.dll
11:23:14.0265 3188  C:\WINDOWS\NEW\system32\win32spl.dll - ok
11:23:14.0265 3188  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\NEW\system32\inetpp.dll
11:23:14.0265 3188  C:\WINDOWS\NEW\system32\inetpp.dll - ok
11:23:14.0265 3188  [ 282F84E0096499C42102D7234A4D14EF ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
11:23:14.0265 3188  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
11:23:14.0281 3188  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\NEW\system32\pdh.dll
11:23:14.0281 3188  C:\WINDOWS\NEW\system32\pdh.dll - ok
11:23:14.0281 3188  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\NEW\system32\odbcbcp.dll
11:23:14.0281 3188  C:\WINDOWS\NEW\system32\odbcbcp.dll - ok
11:23:14.0296 3188  [ 195741AEE20369980796B557358CD774 ] C:\WINDOWS\NEW\system32\drivers\mdmxsdk.sys
11:23:14.0296 3188  C:\WINDOWS\NEW\system32\drivers\mdmxsdk.sys - ok
11:23:14.0296 3188  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\NEW\system32\netmsg.dll
11:23:14.0296 3188  C:\WINDOWS\NEW\system32\netmsg.dll - ok
11:23:14.0296 3188  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\NEW\system32\srvsvc.dll
11:23:14.0296 3188  C:\WINDOWS\NEW\system32\srvsvc.dll - ok
11:23:14.0312 3188  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\NEW\system32\ipsecsvc.dll
11:23:14.0312 3188  C:\WINDOWS\NEW\system32\ipsecsvc.dll - ok
11:23:14.0312 3188  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\NEW\system32\netman.dll
11:23:14.0312 3188  C:\WINDOWS\NEW\system32\netman.dll - ok
11:23:14.0312 3188  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\NEW\system32\oakley.dll
11:23:14.0312 3188  C:\WINDOWS\NEW\system32\oakley.dll - ok
11:23:14.0312 3188  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\NEW\system32\psbase.dll
11:23:14.0312 3188  C:\WINDOWS\NEW\system32\psbase.dll - ok
11:23:14.0328 3188  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\NEW\system32\pstorsvc.dll
11:23:14.0328 3188  C:\WINDOWS\NEW\system32\pstorsvc.dll - ok
11:23:14.0328 3188  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\NEW\system32\winipsec.dll
11:23:14.0328 3188  C:\WINDOWS\NEW\system32\winipsec.dll - ok
11:23:14.0343 3188  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\NEW\system32\netshell.dll
11:23:14.0343 3188  C:\WINDOWS\NEW\system32\netshell.dll - ok
11:23:14.0343 3188  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\NEW\system32\dssenh.dll
11:23:14.0343 3188  C:\WINDOWS\NEW\system32\dssenh.dll - ok
11:23:14.0343 3188  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\NEW\system32\credui.dll
11:23:14.0343 3188  C:\WINDOWS\NEW\system32\credui.dll - ok
11:23:14.0359 3188  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\NEW\system32\dot3dlg.dll
11:23:14.0359 3188  C:\WINDOWS\NEW\system32\dot3dlg.dll - ok
11:23:14.0359 3188  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\NEW\system32\eappcfg.dll
11:23:14.0359 3188  C:\WINDOWS\NEW\system32\eappcfg.dll - ok
11:23:14.0375 3188  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\NEW\system32\onex.dll
11:23:14.0375 3188  C:\WINDOWS\NEW\system32\onex.dll - ok
11:23:14.0375 3188  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\NEW\system32\eappprxy.dll
11:23:14.0375 3188  C:\WINDOWS\NEW\system32\eappprxy.dll - ok
11:23:14.0375 3188  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\NEW\system32\wzcsapi.dll
11:23:14.0375 3188  C:\WINDOWS\NEW\system32\wzcsapi.dll - ok
11:23:14.0390 3188  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\NEW\system32\seclogon.dll
11:23:14.0390 3188  C:\WINDOWS\NEW\system32\seclogon.dll - ok
11:23:14.0390 3188  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\NEW\system32\srsvc.dll
11:23:14.0390 3188  C:\WINDOWS\NEW\system32\srsvc.dll - ok
11:23:14.0390 3188  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\NEW\system32\drivers\srv.sys
11:23:14.0390 3188  C:\WINDOWS\NEW\system32\drivers\srv.sys - ok
11:23:14.0406 3188  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\NEW\system32\sens.dll
11:23:14.0406 3188  C:\WINDOWS\NEW\system32\sens.dll - ok
11:23:14.0406 3188  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\NEW\system32\trkwks.dll
11:23:14.0406 3188  C:\WINDOWS\NEW\system32\trkwks.dll - ok
11:23:14.0421 3188  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\NEW\system32\wiaservc.dll
11:23:14.0421 3188  C:\WINDOWS\NEW\system32\wiaservc.dll - ok
11:23:14.0421 3188  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\NEW\system32\wbem\wmisvc.dll
11:23:14.0421 3188  C:\WINDOWS\NEW\system32\wbem\wmisvc.dll - ok
11:23:14.0421 3188  [ 668056D5C3C11AB7D266819A96B964E8 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\MsPMSPSv.exe
11:23:14.0421 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\MsPMSPSv.exe - ok
11:23:14.0437 3188  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\NEW\system32\vssapi.dll
11:23:14.0437 3188  C:\WINDOWS\NEW\system32\vssapi.dll - ok
11:23:14.0437 3188  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\NEW\system32\cfgmgr32.dll
11:23:14.0437 3188  C:\WINDOWS\NEW\system32\cfgmgr32.dll - ok
11:23:14.0437 3188  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\NEW\system32\mscms.dll
11:23:14.0437 3188  C:\WINDOWS\NEW\system32\mscms.dll - ok
11:23:14.0453 3188  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\NEW\system32\wscsvc.dll
11:23:14.0453 3188  C:\WINDOWS\NEW\system32\wscsvc.dll - ok
11:23:14.0453 3188  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\NEW\system32\wuauserv.dll
11:23:14.0453 3188  C:\WINDOWS\NEW\system32\wuauserv.dll - ok
11:23:14.0468 3188  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\NEW\system32\wuaueng.dll
11:23:14.0468 3188  C:\WINDOWS\NEW\system32\wuaueng.dll - ok
11:23:14.0468 3188  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\NEW\system32\browser.dll
11:23:14.0468 3188  C:\WINDOWS\NEW\system32\browser.dll - ok
11:23:14.0468 3188  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\NEW\system32\mspatcha.dll
11:23:14.0468 3188  C:\WINDOWS\NEW\system32\mspatcha.dll - ok
11:23:14.0484 3188  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\NEW\system32\wbem\wbemprox.dll
11:23:14.0484 3188  C:\WINDOWS\NEW\system32\wbem\wbemprox.dll - ok
11:23:14.0484 3188  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\NEW\system32\ipnathlp.dll
11:23:14.0484 3188  C:\WINDOWS\NEW\system32\ipnathlp.dll - ok
11:23:14.0500 3188  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\NEW\system32\wbem\wbemcomn.dll
11:23:14.0500 3188  C:\WINDOWS\NEW\system32\wbem\wbemcomn.dll - ok
11:23:14.0500 3188  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\NEW\system32\wbem\wbemcore.dll
11:23:14.0500 3188  C:\WINDOWS\NEW\system32\wbem\wbemcore.dll - ok
11:23:14.0500 3188  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\NEW\system32\wbem\esscli.dll
11:23:14.0500 3188  C:\WINDOWS\NEW\system32\wbem\esscli.dll - ok
11:23:14.0515 3188  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\NEW\system32\wbem\fastprox.dll
11:23:14.0515 3188  C:\WINDOWS\NEW\system32\wbem\fastprox.dll - ok
11:23:14.0515 3188  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\NEW\system32\wbem\wbemsvc.dll
11:23:14.0515 3188  C:\WINDOWS\NEW\system32\wbem\wbemsvc.dll - ok
11:23:14.0515 3188  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\NEW\system32\comsvcs.dll
11:23:14.0515 3188  C:\WINDOWS\NEW\system32\comsvcs.dll - ok
11:23:14.0531 3188  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\NEW\system32\colbact.dll
11:23:14.0531 3188  C:\WINDOWS\NEW\system32\colbact.dll - ok
11:23:14.0531 3188  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\NEW\system32\clusapi.dll
11:23:14.0531 3188  C:\WINDOWS\NEW\system32\clusapi.dll - ok
11:23:14.0546 3188  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\NEW\system32\mtxclu.dll
11:23:14.0546 3188  C:\WINDOWS\NEW\system32\mtxclu.dll - ok
11:23:14.0546 3188  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\NEW\system32\resutils.dll
11:23:14.0546 3188  C:\WINDOWS\NEW\system32\resutils.dll - ok
11:23:14.0546 3188  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\NEW\system32\wbem\wmiutils.dll
11:23:14.0546 3188  C:\WINDOWS\NEW\system32\wbem\wmiutils.dll - ok
11:23:14.0562 3188  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\NEW\system32\wbem\repdrvfs.dll
11:23:14.0562 3188  C:\WINDOWS\NEW\system32\wbem\repdrvfs.dll - ok
11:23:14.0562 3188  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\NEW\system32\wups.dll
11:23:14.0562 3188  C:\WINDOWS\NEW\system32\wups.dll - ok
11:23:14.0562 3188  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\NEW\system32\wbem\wmiprvsd.dll
11:23:14.0562 3188  C:\WINDOWS\NEW\system32\wbem\wmiprvsd.dll - ok
11:23:14.0578 3188  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\NEW\system32\wups2.dll
11:23:14.0578 3188  C:\WINDOWS\NEW\system32\wups2.dll - ok
11:23:14.0578 3188  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\NEW\system32\wbem\wbemess.dll
11:23:14.0578 3188  C:\WINDOWS\NEW\system32\wbem\wbemess.dll - ok
11:23:14.0593 3188  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\NEW\system32\wuapi.dll
11:23:14.0593 3188  C:\WINDOWS\NEW\system32\wuapi.dll - ok
11:23:14.0593 3188  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\NEW\system32\wbem\ncprov.dll
11:23:14.0593 3188  C:\WINDOWS\NEW\system32\wbem\ncprov.dll - ok
11:23:14.0593 3188  [ 2E0B0A051FFAA86E358465BB0880D453 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\wuauclt.exe
11:23:14.0593 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\wuauclt.exe - ok
11:23:14.0609 3188  [ 39DD0C97932CDFDCF006569E1A942728 ] C:\WINDOWS\NEW\system32\wiavusd.dll
11:23:14.0609 3188  C:\WINDOWS\NEW\system32\wiavusd.dll - ok
11:23:14.0609 3188  [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\NEW\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
11:23:14.0609 3188  C:\WINDOWS\NEW\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
11:23:14.0609 3188  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\NEW\system32\shfolder.dll
11:23:14.0609 3188  C:\WINDOWS\NEW\system32\shfolder.dll - ok
11:23:14.0625 3188  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\NEW\system32\perfos.dll
11:23:14.0625 3188  C:\WINDOWS\NEW\system32\perfos.dll - ok
11:23:14.0625 3188  [ 349C17B1EB3E88AE18C10309ABA446B5 ] C:\WINDOWS\NEW\system32\netfxperf.dll
11:23:14.0625 3188  C:\WINDOWS\NEW\system32\netfxperf.dll - ok
11:23:14.0640 3188  [ 83BA5E873164A3711B44052F58C8FE9F ] C:\WINDOWS\NEW\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
11:23:14.0640 3188  C:\WINDOWS\NEW\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
11:23:14.0640 3188  [ 257147843B66B67CB72AE8197DD479CD ] C:\WINDOWS\NEW\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
11:23:14.0640 3188  C:\WINDOWS\NEW\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll - ok
11:23:14.0640 3188  [ DC3078BA1B58562416C843582A42284C ] C:\WINDOWS\NEW\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
11:23:14.0640 3188  C:\WINDOWS\NEW\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
11:23:14.0656 3188  [ 43E4758953F454090CAD65C303796ED5 ] C:\WINDOWS\NEW\system32\query.dll
11:23:14.0656 3188  C:\WINDOWS\NEW\system32\query.dll - ok
11:23:14.0656 3188  [ 39C6377F5CFFF489F3F04F442D076442 ] C:\WINDOWS\NEW\system32\msdtcuiu.dll
11:23:14.0656 3188  C:\WINDOWS\NEW\system32\msdtcuiu.dll - ok
11:23:14.0671 3188  [ F6F2BFC17069EB335ACCEEF7595F9302 ] C:\WINDOWS\NEW\system32\mfc42u.dll
11:23:14.0671 3188  C:\WINDOWS\NEW\system32\mfc42u.dll - ok
11:23:14.0671 3188  [ 92E1A82CA4B048D1D970CBEA1A097F6E ] C:\WINDOWS\NEW\system32\msdtcprx.dll
11:23:14.0671 3188  C:\WINDOWS\NEW\system32\msdtcprx.dll - ok
11:23:14.0671 3188  [ 913AF88B0291D7D3A0FDC92F5E1CC7D7 ] C:\WINDOWS\NEW\system32\perfnet.dll
11:23:14.0671 3188  C:\WINDOWS\NEW\system32\perfnet.dll - ok
11:23:14.0687 3188  [ 1793CC660605F63B14FB96C7707F75BA ] C:\WINDOWS\NEW\system32\perfproc.dll
11:23:14.0687 3188  C:\WINDOWS\NEW\system32\perfproc.dll - ok
11:23:14.0687 3188  [ B4459D13473D07FCB43365C02732DE16 ] C:\WINDOWS\NEW\system32\pschdprf.dll
11:23:14.0687 3188  C:\WINDOWS\NEW\system32\pschdprf.dll - ok
11:23:14.0687 3188  [ 1F3A82333046F4B97B2BB148ABF38D54 ] C:\WINDOWS\NEW\system32\traffic.dll
11:23:14.0687 3188  C:\WINDOWS\NEW\system32\traffic.dll - ok
11:23:14.0703 3188  [ B0B0D7905AC71BC278F17F455E182611 ] C:\WINDOWS\NEW\system32\rasctrs.dll
11:23:14.0703 3188  C:\WINDOWS\NEW\system32\rasctrs.dll - ok
11:23:14.0703 3188  [ F9DD799E07ED5028DB2F1FFEA72C9357 ] C:\WINDOWS\NEW\system32\rsvpperf.dll
11:23:14.0703 3188  C:\WINDOWS\NEW\system32\rsvpperf.dll - ok
11:23:14.0718 3188  [ 6951B89B4F591AA694048A6CD0E5224A ] C:\WINDOWS\NEW\system32\tapiperf.dll
11:23:14.0718 3188  C:\WINDOWS\NEW\system32\tapiperf.dll - ok
11:23:14.0718 3188  [ DBE2B62353660ECCA0D75EA307A717E9 ] C:\WINDOWS\NEW\system32\perfctrs.dll
11:23:14.0718 3188  C:\WINDOWS\NEW\system32\perfctrs.dll - ok
11:23:14.0718 3188  [ 7EFD2114EAD1AC72342610D7192BFB32 ] C:\WINDOWS\NEW\system32\perfts.dll
11:23:14.0718 3188  C:\WINDOWS\NEW\system32\perfts.dll - ok
11:23:14.0734 3188  [ 9D39D9E07C180127252E176EC2B41487 ] C:\WINDOWS\NEW\system32\utildll.dll
11:23:14.0734 3188  C:\WINDOWS\NEW\system32\utildll.dll - ok
11:23:14.0734 3188  [ 75EE1625AD8B52C5FAA1CCB1B82FB750 ] C:\WINDOWS\NEW\system32\wbem\wmiaprpl.dll
11:23:14.0734 3188  C:\WINDOWS\NEW\system32\wbem\wmiaprpl.dll - ok
11:23:14.0734 3188  [ 6358C181BF021970A897C1FAB0ECF5D2 ] C:\WINDOWS\NEW\system32\loadperf.dll
11:23:14.0750 3188  C:\WINDOWS\NEW\system32\loadperf.dll - ok
11:23:14.0750 3188  [ 022A2974F0F6EF0D9F8781E6C6EE2FB6 ] C:\Program Files\Avira\AntiVir Desktop\avwinll.dll
11:23:14.0750 3188  C:\Program Files\Avira\AntiVir Desktop\avwinll.dll - ok
11:23:14.0750 3188  [ 01BDDCB32F78945604B3A67FED497DB3 ] C:\Program Files\Avira\AntiVir Desktop\avesvc.dll
11:23:14.0750 3188  C:\Program Files\Avira\AntiVir Desktop\avesvc.dll - ok
11:23:14.0765 3188  [ C05E10AC65CE218EA116A9AF5B250E00 ] C:\Program Files\Avira\AntiVir Desktop\avesvcr.dll
11:23:14.0765 3188  C:\Program Files\Avira\AntiVir Desktop\avesvcr.dll - ok
11:23:14.0765 3188  [ 52233C5D1890811C552068015AFE27DF ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Avira\AntiVir Desktop\avshadow.exe
11:23:14.0765 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Avira\AntiVir Desktop\avshadow.exe - ok
11:23:14.0765 3188  [ 3754883925EA66A2ECF47747BA91B7F6 ] C:\Program Files\Avira\AntiVir Desktop\avreg.dll
11:23:14.0765 3188  C:\Program Files\Avira\AntiVir Desktop\avreg.dll - ok
11:23:14.0781 3188  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\NEW\system32\icaapi.dll
11:23:14.0781 3188  C:\WINDOWS\NEW\system32\icaapi.dll - ok
11:23:14.0781 3188  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\NEW\system32\termsrv.dll
11:23:14.0781 3188  C:\WINDOWS\NEW\system32\termsrv.dll - ok
11:23:14.0796 3188  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\NEW\system32\mstlsapi.dll
11:23:14.0796 3188  C:\WINDOWS\NEW\system32\mstlsapi.dll - ok
11:23:14.0796 3188  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\NEW\system32\tapisrv.dll
11:23:14.0796 3188  C:\WINDOWS\NEW\system32\tapisrv.dll - ok
11:23:14.0796 3188  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\NEW\system32\wbem\wbemcons.dll
11:23:14.0796 3188  C:\WINDOWS\NEW\system32\wbem\wbemcons.dll - ok
11:23:14.0812 3188  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\NEW\system32\rasmans.dll
11:23:14.0812 3188  C:\WINDOWS\NEW\system32\rasmans.dll - ok
11:23:14.0812 3188  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\NEW\system32\netcfgx.dll
11:23:14.0812 3188  C:\WINDOWS\NEW\system32\netcfgx.dll - ok
11:23:14.0812 3188  [ E0673F1106E62A68D2257E376079F821 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\wbem\wmiapsrv.exe
11:23:14.0812 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\wbem\wmiapsrv.exe - ok
11:23:14.0828 3188  [ EB7494ECFE01B70B83E781EEB8F88C8A ] C:\WINDOWS\NEW\system32\wbem\wmiapres.dll
11:23:14.0828 3188  C:\WINDOWS\NEW\system32\wbem\wmiapres.dll - ok
11:23:14.0828 3188  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\NEW\system32\rastapi.dll
11:23:14.0828 3188  C:\WINDOWS\NEW\system32\rastapi.dll - ok
11:23:14.0828 3188  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\NEW\system32\unimdm.tsp
11:23:14.0828 3188  C:\WINDOWS\NEW\system32\unimdm.tsp - ok
11:23:14.0843 3188  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\NEW\system32\uniplat.dll
11:23:14.0843 3188  C:\WINDOWS\NEW\system32\uniplat.dll - ok
11:23:14.0843 3188  [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\NEW\system32\unimdmat.dll
11:23:14.0843 3188  C:\WINDOWS\NEW\system32\unimdmat.dll - ok
11:23:14.0859 3188  [ 8C515081584A38AA007909CD02020B3D ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\alg.exe
11:23:14.0859 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\alg.exe - ok
11:23:14.0859 3188  [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\NEW\system32\modemui.dll
11:23:14.0859 3188  C:\WINDOWS\NEW\system32\modemui.dll - ok
11:23:14.0859 3188  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\NEW\system32\kmddsp.tsp
11:23:14.0859 3188  C:\WINDOWS\NEW\system32\kmddsp.tsp - ok
11:23:14.0875 3188  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\NEW\system32\ndptsp.tsp
11:23:14.0875 3188  C:\WINDOWS\NEW\system32\ndptsp.tsp - ok
11:23:14.0875 3188  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\NEW\system32\ipconf.tsp
11:23:14.0875 3188  C:\WINDOWS\NEW\system32\ipconf.tsp - ok
11:23:14.0875 3188  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\NEW\system32\h323.tsp
11:23:14.0875 3188  C:\WINDOWS\NEW\system32\h323.tsp - ok
11:23:14.0890 3188  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\NEW\system32\hidphone.tsp
11:23:14.0890 3188  C:\WINDOWS\NEW\system32\hidphone.tsp - ok
11:23:14.0890 3188  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\NEW\system32\rasppp.dll
11:23:14.0890 3188  C:\WINDOWS\NEW\system32\rasppp.dll - ok
11:23:14.0906 3188  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\NEW\system32\ntlsapi.dll
11:23:14.0906 3188  C:\WINDOWS\NEW\system32\ntlsapi.dll - ok
11:23:14.0906 3188  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\NEW\system32\rasqec.dll
11:23:14.0906 3188  C:\WINDOWS\NEW\system32\rasqec.dll - ok
11:23:14.0906 3188  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\NEW\system32\mstask.dll
11:23:14.0906 3188  C:\WINDOWS\NEW\system32\mstask.dll - ok
11:23:14.0921 3188  [ 3E2F07867A8D51553DFF8CF008CD0C26 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Avira\AntiVir Desktop\avwsc.exe
11:23:14.0921 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Avira\AntiVir Desktop\avwsc.exe - ok
11:23:14.0921 3188  [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\WINDOWS\NEW\system32\mfc100u.dll
11:23:14.0921 3188  C:\WINDOWS\NEW\system32\mfc100u.dll - ok
11:23:14.0937 3188  [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\WINDOWS\NEW\system32\mfc100enu.dll
11:23:14.0937 3188  C:\WINDOWS\NEW\system32\mfc100enu.dll - ok
11:23:14.0937 3188  [ DB7F445E3A62F96B8E5B4B61BCFFD22E ] C:\Program Files\Avira\AntiVir Desktop\ccguard.dll
11:23:14.0937 3188  C:\Program Files\Avira\AntiVir Desktop\ccguard.dll - ok
11:23:14.0937 3188  [ FFC41CA4E8D6136B61D696ED7F81358E ] C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll
11:23:14.0937 3188  C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll - ok
11:23:14.0953 3188  [ 126B2F509341C36D99BD15188592123A ] C:\Program Files\Avira\AntiVir Desktop\ccgrdrc.dll
11:23:14.0953 3188  C:\Program Files\Avira\AntiVir Desktop\ccgrdrc.dll - ok
11:23:14.0953 3188  [ 7E6BA46E48A45DBAD5AADE3510598BDD ] C:\Program Files\Avira\AntiVir Desktop\ccgrdw.dll
11:23:14.0953 3188  C:\Program Files\Avira\AntiVir Desktop\ccgrdw.dll - ok
11:23:14.0953 3188  [ 6971807D9AF9976AB0B85CB650BA40BB ] C:\Program Files\Java\jre7\bin\awt.dll
11:23:14.0953 3188  C:\Program Files\Java\jre7\bin\awt.dll - ok
11:23:14.0968 3188  [ 6C0E14BA5F9D9E3BC5380DBB5FD55B00 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
11:23:14.0968 3188  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
11:23:14.0968 3188  [ 08FCA80E6EC14F5541AC2B4784393136 ] C:\Program Files\Java\jre7\bin\dcpr.dll
11:23:14.0968 3188  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
11:23:14.0984 3188  [ 6BF0F15DAD78470E8601EE1D22A8F1A6 ] C:\Program Files\Java\jre7\bin\deploy.dll
11:23:14.0984 3188  C:\Program Files\Java\jre7\bin\deploy.dll - ok
11:23:14.0984 3188  [ 6BC44653E01114A8A06EB449B807F198 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
11:23:14.0984 3188  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
11:23:14.0984 3188  [ 83C2FB83FB69C91A495EB867E5C06A06 ] C:\Program Files\Java\jre7\bin\java.dll
11:23:14.0984 3188  C:\Program Files\Java\jre7\bin\java.dll - ok
11:23:15.0000 3188  [ ABC4230E67C8E68E070A22C1E4A8F673 ] C:\Program Files\Java\jre7\bin\javaw.exe
11:23:15.0000 3188  C:\Program Files\Java\jre7\bin\javaw.exe - ok
11:23:15.0000 3188  [ 6BAF42F15D0A20B02FAA2820A2772109 ] C:\Program Files\Java\jre7\bin\jp2native.dll
11:23:15.0000 3188  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
11:23:15.0015 3188  [ E772CDB9E02002CB20E649F2F0830B7B ] C:\Program Files\Java\jre7\bin\jpeg.dll
11:23:15.0015 3188  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
11:23:15.0015 3188  [ BF403AAB2B1C843508F71656C883DDFD ] C:\Program Files\Java\jre7\bin\net.dll
11:23:15.0015 3188  C:\Program Files\Java\jre7\bin\net.dll - ok
11:23:15.0015 3188  [ 111AE4EE3F0AC53CE6EA9F729F2338DC ] C:\Program Files\Java\jre7\bin\nio.dll
11:23:15.0015 3188  C:\Program Files\Java\jre7\bin\nio.dll - ok
11:23:15.0031 3188  [ FBAB08EAD3129E9D2A35C48191D63DFB ] C:\Program Files\Java\jre7\bin\verify.dll
11:23:15.0031 3188  C:\Program Files\Java\jre7\bin\verify.dll - ok
11:23:15.0031 3188  [ 6F67F25408FB60B1205CDC566CFE06C7 ] C:\Program Files\Java\jre7\bin\zip.dll
11:23:15.0031 3188  C:\Program Files\Java\jre7\bin\zip.dll - ok
11:23:15.0031 3188  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\NEW\system32\msxml3.dll
11:23:15.0031 3188  C:\WINDOWS\NEW\system32\msxml3.dll - ok
11:23:15.0046 3188  [ 798A9E6828997EEF4517ADA8A2259831 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\wbem\wmiprvse.exe
11:23:15.0046 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\wbem\wmiprvse.exe - ok
11:23:15.0046 3188  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\NEW\system32\wbem\cimwin32.dll
11:23:15.0046 3188  C:\WINDOWS\NEW\system32\wbem\cimwin32.dll - ok
11:23:15.0062 3188  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\NEW\system32\wbem\framedyn.dll
11:23:15.0062 3188  C:\WINDOWS\NEW\system32\wbem\framedyn.dll - ok
11:23:15.0062 3188  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\NEW\system32\security.dll
11:23:15.0062 3188  C:\WINDOWS\NEW\system32\security.dll - ok
11:23:15.0062 3188  [ 178A34E5554DCE485E1262DDF027960C ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\DOCUME~1\NEWUSE~1\LOCALS~1\Temp\93D1F02D-498F-4F70-AF7A-AAEDB1CAA56F.exe
11:23:15.0062 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\DOCUME~1\NEWUSE~1\LOCALS~1\Temp\93D1F02D-498F-4F70-AF7A-AAEDB1CAA56F.exe - ok
11:23:15.0078 3188  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\NEW\system32\linkinfo.dll
11:23:15.0078 3188  C:\WINDOWS\NEW\system32\linkinfo.dll - ok
11:23:15.0078 3188  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\NEW\system32\ntshrui.dll
11:23:15.0078 3188  C:\WINDOWS\NEW\system32\ntshrui.dll - ok
11:23:15.0078 3188  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\NEW\system32\upnp.dll
11:23:15.0078 3188  C:\WINDOWS\NEW\system32\upnp.dll - ok
11:23:15.0093 3188  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\NEW\system32\ssdpapi.dll
11:23:15.0093 3188  C:\WINDOWS\NEW\system32\ssdpapi.dll - ok
11:23:15.0093 3188  [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\NEW\system32\drivers\http.sys
11:23:15.0093 3188  C:\WINDOWS\NEW\system32\drivers\http.sys - ok
11:23:15.0093 3188  [ 0A66D1CA518E5F32A18310A74E20AD4A ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\SOUNDMAN.EXE
11:23:15.0093 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\SOUNDMAN.EXE - ok
11:23:15.0109 3188  [ F4202F68BB3B9A08822238D9017EC638 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Avira\AntiVir Desktop\avgnt.exe
11:23:15.0109 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Avira\AntiVir Desktop\avgnt.exe - ok
11:23:15.0109 3188  [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\NEW\system32\ssdpsrv.dll
11:23:15.0109 3188  C:\WINDOWS\NEW\system32\ssdpsrv.dll - ok
11:23:15.0125 3188  [ EFA425C96F30751FCD79D7787FE4B075 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\spool\drivers\w32x86\3\hpztsb08.exe
11:23:15.0125 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\spool\drivers\w32x86\3\hpztsb08.exe - ok
11:23:15.0125 3188  [ 919CE09D182D8AAAFCFBC4C40493961D ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe
11:23:15.0125 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe - ok
11:23:15.0125 3188  [ 7D750887E39563620BC5F057295A501D ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
11:23:15.0125 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe - ok
11:23:15.0140 3188  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\NEW\system32\drivers\01480932.sys
11:23:15.0140 3188  C:\WINDOWS\NEW\system32\drivers\01480932.sys - ok
11:23:15.0140 3188  [ 3B31850FFF112BE58294896EB9F684F1 ] C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
11:23:15.0140 3188  C:\Program Files\Avira\AntiVir Desktop\rcimage.dll - ok
11:23:15.0156 3188  [ 364784A6F653DF81B76424A39DBA237B ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Common Files\Roxio Shared\System\EngUtil.exe
11:23:15.0156 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Common Files\Roxio Shared\System\EngUtil.exe - ok
11:23:15.0156 3188  [ FB9CF9077ED9A530CACBE79595A50FCE ] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpodvd08.dll
11:23:15.0156 3188  C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpodvd08.dll - ok
11:23:15.0156 3188  [ EC8BB2B21E834BC256EB303D4D799C97 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
11:23:15.0156 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe - ok
11:23:15.0171 3188  [ 8E95EEECC7EC8624A360D4EE73E8E140 ] C:\Program Files\Avira\AntiVir Desktop\ccwgrd.dll
11:23:15.0171 3188  C:\Program Files\Avira\AntiVir Desktop\ccwgrd.dll - ok
11:23:15.0171 3188  [ C0537786F8D494A0686D64D8E278DC65 ] C:\Program Files\Avira\AntiVir Desktop\ccwgrdrc.dll
11:23:15.0171 3188  C:\Program Files\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
11:23:15.0171 3188  [ 692DDF02F2C3F53AE670CFAF55D2DBB3 ] C:\Program Files\Avira\AntiVir Desktop\ccwgrdw.dll
11:23:15.0171 3188  C:\Program Files\Avira\AntiVir Desktop\ccwgrdw.dll - ok
11:23:15.0187 3188  [ 33F805158887F95F4BF0032CB2E9D755 ] C:\Program Files\Avira\AntiVir Desktop\ccgen.dll
11:23:15.0187 3188  C:\Program Files\Avira\AntiVir Desktop\ccgen.dll - ok
11:23:15.0187 3188  [ CC9B2B1C42766A18A42226F41637B789 ] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxm08.dll
11:23:15.0187 3188  C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxm08.dll - ok
11:23:15.0203 3188  [ 5C8C44BE8DE9FCEA3EE671885168AACA ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
11:23:15.0203 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe - ok
11:23:15.0203 3188  [ 0A0F3612A73619A755C596A4441F25D9 ] C:\Program Files\Avira\AntiVir Desktop\ccgenrc.dll
11:23:15.0203 3188  C:\Program Files\Avira\AntiVir Desktop\ccgenrc.dll - ok
11:23:15.0203 3188  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\NEW\system32\drivers\cdfs.sys
11:23:15.0203 3188  C:\WINDOWS\NEW\system32\drivers\cdfs.sys - ok
11:23:15.0218 3188  [ 06F93DA727D348689707611448470C9E ] C:\Program Files\Avira\AntiVir Desktop\ccupdate.dll
11:23:15.0218 3188  C:\Program Files\Avira\AntiVir Desktop\ccupdate.dll - ok
11:23:15.0218 3188  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\NEW\system32\webcheck.dll
11:23:15.0218 3188  C:\WINDOWS\NEW\system32\webcheck.dll - ok
11:23:15.0234 3188  [ 0800FF435A29DCD07D275798CFEB6EF2 ] C:\Program Files\Avira\AntiVir Desktop\ccupdrc.dll
11:23:15.0234 3188  C:\Program Files\Avira\AntiVir Desktop\ccupdrc.dll - ok
11:23:15.0234 3188  [ 795D4835CE714F4A0C601766134F344B ] C:\Program Files\Avira\AntiVir Desktop\cclic.dll
11:23:15.0234 3188  C:\Program Files\Avira\AntiVir Desktop\cclic.dll - ok
11:23:15.0234 3188  [ 6162B53B3B6ECD90AC0C42BD483DAEC1 ] C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\rcsl.dll
11:23:15.0234 3188  C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\rcsl.dll - ok
11:23:15.0250 3188  [ 5AC47E3AC56E5E8827C9C593CB86881E ] C:\Program Files\Avira\AntiVir Desktop\cclicrc.dll
11:23:15.0250 3188  C:\Program Files\Avira\AntiVir Desktop\cclicrc.dll - ok
11:23:15.0250 3188  [ 2AAB99A2DE462D18E600F2C716C0F631 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
11:23:15.0250 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe - ok
11:23:15.0250 3188  [ 388129C269DB1DB1E36D89C8D27C330F ] C:\Program Files\Avira\AntiVir Desktop\ccmsg.dll
11:23:15.0250 3188  C:\Program Files\Avira\AntiVir Desktop\ccmsg.dll - ok
11:23:15.0265 3188  [ 468C3E67A5B798BC2E5C3C26AC2B6426 ] C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RXAudioCodec.dll
11:23:15.0265 3188  C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RXAudioCodec.dll - ok
11:23:15.0265 3188  [ 9D1C5D971235A5E84B1C25E7CEFC52E4 ] C:\Program Files\Avira\AntiVir Desktop\ccmsgrc.dll
11:23:15.0265 3188  C:\Program Files\Avira\AntiVir Desktop\ccmsgrc.dll - ok
11:23:15.0281 3188  [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\NEW\system32\olepro32.dll
11:23:15.0281 3188  C:\WINDOWS\NEW\system32\olepro32.dll - ok
11:23:15.0281 3188  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\NEW\system32\mlang.dll
11:23:15.0281 3188  C:\WINDOWS\NEW\system32\mlang.dll - ok
11:23:15.0281 3188  [ C26B09276755E0698B31CF0BAE0BF182 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:23:15.0281 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
11:23:15.0312 3188  [ F32D9B820BCB1E06DF78B4C6D1C19135 ] C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RXACCD.dll
11:23:15.0312 3188  C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RXACCD.dll - ok
11:23:15.0312 3188  [ 576BF05D30E3DEB90C3972459EE76C7B ] C:\Program Files\Common Files\Roxio Shared\CDEngine\CDEngine.dll
11:23:15.0312 3188  C:\Program Files\Common Files\Roxio Shared\CDEngine\CDEngine.dll - ok
11:23:15.0312 3188  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\NEW\system32\stobject.dll
11:23:15.0312 3188  C:\WINDOWS\NEW\system32\stobject.dll - ok
11:23:15.0312 3188  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\NEW\system32\batmeter.dll
11:23:15.0312 3188  C:\WINDOWS\NEW\system32\batmeter.dll - ok
11:23:15.0312 3188  [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\NEW\system32\oledlg.dll
11:23:15.0312 3188  C:\WINDOWS\NEW\system32\oledlg.dll - ok
11:23:15.0312 3188  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\NEW\system32\WPDShServiceObj.dll
11:23:15.0312 3188  C:\WINDOWS\NEW\system32\WPDShServiceObj.dll - ok
11:23:15.0328 3188  [ 2E635B637CDF65D75D2B25219831F6A2 ] C:\WINDOWS\NEW\system32\cdrtc.dll
11:23:15.0328 3188  C:\WINDOWS\NEW\system32\cdrtc.dll - ok
11:23:15.0328 3188  [ 3FD8065C38A29BB289C6650DBADB4DF0 ] C:\WINDOWS\NEW\system32\cdral.dll
11:23:15.0328 3188  C:\WINDOWS\NEW\system32\cdral.dll - ok
11:23:15.0343 3188  [ 80AA8C5BB92425CB32125911DB2C60D3 ] C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlistps.dll
11:23:15.0343 3188  C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlistps.dll - ok
11:23:15.0343 3188  [ 9F4DF2A3E61CA0168E0E97188E07C65D ] C:\Program Files\Common Files\Roxio Shared\CDEngine\TrkWrite.dll
11:23:15.0343 3188  C:\Program Files\Common Files\Roxio Shared\CDEngine\TrkWrite.dll - ok
11:23:15.0343 3188  [ A73731A0B0A165907799E9AFB461F856 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Real\RealPlayer\Update\realsched.exe
11:23:15.0343 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Real\RealPlayer\Update\realsched.exe - ok
11:23:15.0359 3188  [ 82464461ACDFBA6B876BF9F74A66BCBB ] C:\Program Files\Avira\AntiVir Desktop\ccmainrc.dll
11:23:15.0359 3188  C:\Program Files\Avira\AntiVir Desktop\ccmainrc.dll - ok
11:23:15.0359 3188  [ 12916E0642E92561C98B18A2A2D01B14 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Common Files\Java\Java Update\jusched.exe
11:23:15.0359 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\Common Files\Java\Java Update\jusched.exe - ok
11:23:15.0375 3188  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\imapi.exe
11:23:15.0375 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\imapi.exe - ok
11:23:15.0375 3188  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\NEW\system32\mydocs.dll
11:23:15.0375 3188  C:\WINDOWS\NEW\system32\mydocs.dll - ok
11:23:15.0375 3188  [ E4401CF27225C1D6E664E86195978562 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\iTunes\iTunesHelper.exe
11:23:15.0375 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\iTunes\iTunesHelper.exe - ok
11:23:15.0390 3188  [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\NEW\system32\mfc42.dll
11:23:15.0390 3188  C:\WINDOWS\NEW\system32\mfc42.dll - ok
11:23:15.0390 3188  [ 37B5FBF02A22DF64B272E9A501EEA2F5 ] C:\WINDOWS\NEW\system32\spool\drivers\w32x86\3\hpzr3208.dll
11:23:15.0390 3188  C:\WINDOWS\NEW\system32\spool\drivers\w32x86\3\hpzr3208.dll - ok
11:23:15.0390 3188  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\NEW\system32\PortableDeviceTypes.dll
11:23:15.0390 3188  C:\WINDOWS\NEW\system32\PortableDeviceTypes.dll - ok
11:23:15.0406 3188  [ F02A533F517EB38333CB12A9E8963773 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Documents and Settings\New User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
11:23:15.0406 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Documents and Settings\New User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe - ok
11:23:15.0406 3188  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\NEW\system32\PortableDeviceApi.dll
11:23:15.0406 3188  C:\WINDOWS\NEW\system32\PortableDeviceApi.dll - ok
11:23:15.0421 3188  [ 4658186189A3D666DEEF7BB189DE037B ] C:\Program Files\Common Files\Roxio Shared\CDEngine\ACMWrapperV2.dll
11:23:15.0421 3188  C:\Program Files\Common Files\Roxio Shared\CDEngine\ACMWrapperV2.dll - ok
11:23:15.0421 3188  [ C85ECCBAA179719E658FFDBF99221E1E ] C:\Program Files\iTunes\iTunesHelper.dll
11:23:15.0421 3188  C:\Program Files\iTunes\iTunesHelper.dll - ok
11:23:15.0421 3188  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\ctfmon.exe
11:23:15.0421 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\WINDOWS\NEW\system32\ctfmon.exe - ok
11:23:15.0437 3188  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Documents and Settings\New User\Local Settings\Application Data\Google\Update\1.3.21.135\goopdate.dll
11:23:15.0437 3188  C:\Documents and Settings\New User\Local Settings\Application Data\Google\Update\1.3.21.135\goopdate.dll - ok
11:23:15.0437 3188  [ 9DF319F1C2D4B80D8CE8214EA4899ADF ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
11:23:15.0437 3188  C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
11:23:15.0453 3188  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\NEW\system32\msctf.dll
11:23:15.0453 3188  C:\WINDOWS\NEW\system32\msctf.dll - ok
11:23:15.0453 3188  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\NEW\system32\msutb.dll
11:23:15.0453 3188  C:\WINDOWS\NEW\system32\msutb.dll - ok
11:23:15.0453 3188  [ 814A169C40B55178BD8E1F79D1ADA649 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
11:23:15.0453 3188  C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
11:23:15.0468 3188  [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
11:23:15.0468 3188  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
11:23:15.0468 3188  [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\NEW\ime\sptip.dll
11:23:15.0468 3188  C:\WINDOWS\NEW\ime\sptip.dll - ok
11:23:15.0468 3188  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\NEW\system32\dbghelp.dll
11:23:15.0468 3188  C:\WINDOWS\NEW\system32\dbghelp.dll - ok
11:23:15.0484 3188  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\NEW\system32\rasdlg.dll
11:23:15.0484 3188  C:\WINDOWS\NEW\system32\rasdlg.dll - ok
11:23:15.0484 3188  [ BECDDA0990DEBD72A30096533521AD73 ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Documents and Settings\New User\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleCrashHandler.exe
11:23:15.0484 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Documents and Settings\New User\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
11:23:15.0500 3188  [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
11:23:15.0500 3188  C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
11:23:15.0500 3188  [ E8A39D41474BE42FD8830CED32932D6C ] \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\iPod\bin\iPodService.exe
11:23:15.0500 3188  \Device\Harddisk0\DP(2)0xecb62000-0x1b053be000+2\Program Files\iPod\bin\iPodService.exe - ok
11:23:15.0500 3188  [ 7DF0DECD3006B8BA450AEC714086FF3C ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
11:23:15.0500 3188  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
11:23:15.0515 3188  [ 280013E1CA1A648A6B896D884CC46601 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
11:23:15.0515 3188  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
11:23:15.0515 3188  [ 5336C3171A5B80BB58220FE4ED795E47 ] C:\Program Files\Avira\AntiVir Desktop\ccupdw.dll
11:23:15.0515 3188  C:\Program Files\Avira\AntiVir Desktop\ccupdw.dll - ok
11:23:15.0515 3188  ============================================================
11:23:15.0515 3188  Scan finished
11:23:15.0515 3188  ============================================================
11:23:15.0531 3180  Detected object count: 0
11:23:15.0531 3180  Actual detected object count: 0
 
 
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-23 20:54:31
-----------------------------
20:54:31.390    OS Version: Windows 5.1.2600 Service Pack 3
20:54:31.390    Number of processors: 2 586 0x209
20:54:31.390    ComputerName: NEW-DA818C7C125  UserName: New User
20:54:32.375    Initialize success
20:59:49.859    AVAST engine defs: 13022300
21:03:53.687    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:03:53.687    Disk 0 Vendor: ST3120022A 3.06 Size: 114473MB BusType: 3
21:03:53.703    Disk 0 MBR read successfully
21:03:53.703    Disk 0 MBR scan
21:03:53.781    Disk 0 Windows XP default MBR code
21:03:53.796    Disk 0 Partition 1 00     0B        FAT32 RECOVERY     3787 MB offset 63
21:03:53.812    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       110675 MB offset 7756560
21:03:53.812    Disk 0 scanning sectors +234420480
21:03:53.921    Disk 0 scanning C:\WINDOWS\NEW\system32\drivers
21:04:07.375    Service scanning
21:04:20.203    Service GMSIPCI F:\INSTALL\GMSIPCI.SYS **LOCKED** 21
21:04:49.906    Modules scanning
21:05:12.718    Disk 0 trace - called modules:
21:05:12.734    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 
21:05:12.734    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86750ab8]
21:05:12.734    3 CLASSPNP.SYS[f788ffd7] -> nt!IofCallDriver -> \Device\0000005b[0x867c9eb0]
21:05:12.734    5 ACPI.sys[f77e6620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x867c6d98]
21:05:13.359    AVAST engine scan C:\WINDOWS\NEW
21:05:28.125    AVAST engine scan C:\WINDOWS\NEW\system32
21:08:19.750    AVAST engine scan C:\WINDOWS\NEW\system32\drivers
21:08:38.562    AVAST engine scan C:\Documents and Settings\New User
21:09:49.015    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\New User\Desktop\MBR.dat"
21:09:49.015    The log file has been saved successfully to "C:\Documents and Settings\New User\Desktop\aswMBR.txt"
 
 
ESET RESULTS
 

 

C:\System Volume Information\_restore{851D0164-AE33-44A5-9262-EE22A9E88A79}\RP210\A0078634.dll    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{851D0164-AE33-44A5-9262-EE22A9E88A79}\RP210\A0078635.dll    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{851D0164-AE33-44A5-9262-EE22A9E88A79}\RP210\A0078636.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{851D0164-AE33-44A5-9262-EE22A9E88A79}\RP210\A0078637.dll    a variant of Win32/Toolbar.SearchSuite application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{851D0164-AE33-44A5-9262-EE22A9E88A79}\RP210\A0078638.dll    a variant of Win32/Toolbar.SearchSuite application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{851D0164-AE33-44A5-9262-EE22A9E88A79}\RP210\A0078639.dll    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
 
 
there a a number of files in quarantine, but cannot seem to copy and paste the list, I have not done anything with them until advised by you
 
THANKS
Carla


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:40 PM

Posted 24 February 2013 - 03:54 PM


Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Search
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#5 devilspride2k1

devilspride2k1
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:London UK
  • Local time:10:40 PM

Posted 25 February 2013 - 02:34 PM

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.02.25.06
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
New User :: NEW-DA818C7C125 [administrator]
 
Protection: Disabled
 
25/02/2013 17:25:11
mbam-log-2013-02-25 (17-25-11).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 343974
Time elapsed: 12 minute(s), 8 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
MiniToolBox by Farbar  Version:10-01-2013
Ran by New User (administrator) on 25-02-2013 at 17:48:04
Running from "C:\Documents and Settings\New User\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek RTL8139 Family PCI Fast Ethernet NIC = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : new-da818c7c125
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Unknown
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Connection-specific DNS Suffix  . : 
 
        Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NIC
 
        Physical Address. . . . . . . . . : 00-0C-6E-87-75-8D
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.0.26
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.0.1
 
        DHCP Server . . . . . . . . . . . : 192.168.0.1
 
        DNS Servers . . . . . . . . . . . : 194.168.4.100
 
                                            194.168.8.100
 
        Lease Obtained. . . . . . . . . . : 25 February 2013 17:05:13
 
        Lease Expires . . . . . . . . . . : 26 February 2013 17:05:13
 
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100
 
Name:    google.com
Addresses:  173.194.41.72, 173.194.41.70, 173.194.41.65, 173.194.41.71
      173.194.41.69, 173.194.41.73, 173.194.41.68, 173.194.41.67, 173.194.41.64
      173.194.41.66, 173.194.41.78
 
 
 
Pinging google.com [173.194.41.65] with 32 bytes of data:
 
 
 
Reply from 173.194.41.65: bytes=32 time=19ms TTL=54
 
Reply from 173.194.41.65: bytes=32 time=12ms TTL=54
 
 
 
Ping statistics for 173.194.41.65:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 12ms, Maximum = 19ms, Average = 15ms
 
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100
 
Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 206.190.36.45
 
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
 
 
 
Reply from 98.138.253.109: bytes=32 time=433ms TTL=48
 
Reply from 98.138.253.109: bytes=32 time=688ms TTL=48
 
 
 
Ping statistics for 98.138.253.109:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 433ms, Maximum = 688ms, Average = 560ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0c 6e 87 75 8d ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.26      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0     192.168.0.26    192.168.0.26      20
      192.168.0.0    255.255.255.0     192.168.0.26    192.168.0.26      20
     192.168.0.26  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.0.255  255.255.255.255     192.168.0.26    192.168.0.26      20
        224.0.0.0        240.0.0.0     192.168.0.26    192.168.0.26      20
  255.255.255.255  255.255.255.255     192.168.0.26    192.168.0.26      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/21/2013 09:46:27 PM) (Source: Application Error) (User: )
Description: Faulting application searchqumediabar.exe, version 1.0.0.12, faulting module kernel32.dll, version 5.1.2600.6293, fault address 0x0000a300.
Processing media-specific event for [searchqumediabar.exe!ws!]
 
Error: (02/01/2013 09:08:05 PM) (Source: Application Error) (User: )
Description: Faulting application helpctr.exe, version 5.1.2600.5512, faulting module , version 5.1.2600.6055, fault address 0x0000100b.
Processing media-specific event for [helpctr.exe!ws!]
 
Error: (02/01/2013 09:07:55 PM) (Source: Application Error) (User: )
Description: Faulting application helpctr.exe, version 5.1.2600.5512, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x0000100b.
Processing media-specific event for [helpctr.exe!ws!]
 
Error: (02/01/2013 09:07:47 PM) (Source: ESENT) (User: )
Description: HelpSvc.exe (2956) Unable to write a shadowed header for file C:\WINDOWS\NEW\PCHealth\HelpCtr\Config\CheckPoint\tmp.edb. Error -1808.
 
Error: (02/01/2013 09:07:46 PM) (Source: ESENT) (User: )
Description: HelpSvc (2956) An attempt to write to the file "C:\WINDOWS\NEW\PCHealth\HelpCtr\Config\CheckPoint\tmp.edb" at offset 0 (0x0000000000000000) for 8192 (0x00002000) bytes failed with system error 112 (0x00000070): "There is not enough space on the disk. ".  The write operation will fail with error -1808 (0xfffff8f0).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (02/01/2013 08:29:50 AM) (Source: Bonjour Service) (User: )
Description: 400: ERROR: read_msg errno 10053 (An established connection was aborted by the software in your host machine.)
 
Error: (02/01/2013 08:29:50 AM) (Source: Bonjour Service) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (01/24/2013 07:58:07 PM) (Source: Bonjour Service) (User: )
Description: 396: ERROR: read_msg errno 10053 (An established connection was aborted by the software in your host machine.)
 
Error: (01/24/2013 07:58:06 PM) (Source: Bonjour Service) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (01/19/2013 03:51:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3938
 
 
System errors:
=============
Error: (02/25/2013 05:07:18 PM) (Source: System Error) (User: )
Description: Error code 1000008e, parameter1 c0000005, parameter2 00000000, parameter3 b58e2c78, parameter4 00000000.
 
Error: (02/24/2013 11:20:38 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
IntelIde
 
Error: (02/23/2013 08:51:01 PM) (Source: System Error) (User: )
Description: Error code 1000008e, parameter1 c0000005, parameter2 00000000, parameter3 b6767c78, parameter4 00000000.
 
Error: (02/23/2013 08:35:45 PM) (Source: System Error) (User: )
Description: Error code 1000008e, parameter1 c0000005, parameter2 00000000, parameter3 b4ffac78, parameter4 00000000.
 
Error: (02/23/2013 08:34:58 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
IntelIde
 
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
Error: (02/16/2013 07:30:55 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error: 
%%126
 
 
Microsoft Office Sessions:
=========================
Error: (02/21/2013 09:46:27 PM) (Source: Application Error)(User: )
Description: searchqumediabar.exe1.0.0.12kernel32.dll5.1.2600.62930000a300
 
Error: (02/01/2013 09:08:05 PM) (Source: Application Error)(User: )
Description: helpctr.exe5.1.2600.55125.1.2600.60550000100b
 
Error: (02/01/2013 09:07:55 PM) (Source: Application Error)(User: )
Description: helpctr.exe5.1.2600.5512ntdll.dll5.1.2600.60550000100b
 
Error: (02/01/2013 09:07:47 PM) (Source: ESENT)(User: )
Description: HelpSvc.exe2956C:\WINDOWS\NEW\PCHealth\HelpCtr\Config\CheckPoint\tmp.edb-1808
 
Error: (02/01/2013 09:07:46 PM) (Source: ESENT)(User: )
Description: HelpSvc2956C:\WINDOWS\NEW\PCHealth\HelpCtr\Config\CheckPoint\tmp.edb0 (0x0000000000000000)8192 (0x00002000)-1808 (0xfffff8f0)112 (0x00000070)There is not enough space on the disk.
 
Error: (02/01/2013 08:29:50 AM) (Source: Bonjour Service)(User: )
Description: 400: ERROR: read_msg errno 10053 (An established connection was aborted by the software in your host machine.)
 
Error: (02/01/2013 08:29:50 AM) (Source: Bonjour Service)(User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (01/24/2013 07:58:07 PM) (Source: Bonjour Service)(User: )
Description: 396: ERROR: read_msg errno 10053 (An established connection was aborted by the software in your host machine.)
 
Error: (01/24/2013 07:58:06 PM) (Source: Bonjour Service)(User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (01/19/2013 03:51:47 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3938
 
 
=========================== Installed Programs ============================
 
Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Avira Free Antivirus (Version: 12.1.9.1236)
Bonjour (Version: 3.0.0.10)
Easy CD & DVD Creator 6 (Version: 6.1.1.7)
ESET Online Scanner v3
Google Chrome (Version: 24.0.1312.57)
hp deskjet 5600 (Version: 1.00.0000)
HP Memories Disc (Version: 1.0.4.805)
HP Photo and Imaging 2.0 - Deskjet Series (Version: 2.00.0000)
iTunes (Version: 11.0.1.12)
Java 7 Update 13 (Version: 7.0.130)
Java Auto Updater (Version: 2.1.9.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
Realtek AC'97 Audio
RealUpgrade 1.1 (Version: 1.1.0)
Sony PC Companion 2.10.094 (Version: 2.10.094)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows XP Service Pack 3 (Version: 20080414.031525)
 
========================= Devices: ================================
 
Name: USB Scanner
Description: USB Scanner
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 45%
Total physical RAM: 1023.36 MB
Available physical RAM: 555.07 MB
Total Pagefile: 2462.08 MB
Available Pagefile: 1946.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.98 MB
 
========================= Partitions: =====================================
 
2 Drive c: (PRESARIO) (Fixed) (Total:108.08 GB) (Free:1.53 GB) NTFS
3 Drive d: (PRESARIO_RP) (Fixed) (Total:3.69 GB) (Free:0.23 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\NEW-DA818C7C125
 
Administrator            Guest                    HelpAssistant            
New User                 SUPPORT_388945a0         
 
 
**** End of log ****
 
Farbar Service Scanner Version: 20-02-2013
Ran by New User (administrator) on 25-02-2013 at 17:50:25
Running from "C:\Documents and Settings\New User\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
File Check:
========
C:\WINDOWS\NEW\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\NEW\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\NEW\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\NEW\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\NEW\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\NEW\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\NEW\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\NEW\system32\netman.dll => MD5 is legit
C:\WINDOWS\NEW\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\NEW\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\NEW\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\NEW\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\NEW\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\NEW\system32\wuauserv.dll
[2012-02-08 17:12] - [2008-04-14 00:12] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A
 
C:\WINDOWS\NEW\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\NEW\system32\es.dll => MD5 is legit
C:\WINDOWS\NEW\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\NEW\system32\svchost.exe => MD5 is legit
C:\WINDOWS\NEW\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\NEW\system32\services.exe
[2004-08-04 12:00] - [2009-02-06 11:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315
 
 
Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4) 
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.
 
**** End of log ****
 
 
# AdwCleaner v2.113 - Logfile created 02/25/2013 at 17:52:09
# Updated 23/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : New User - NEW-DA818C7C125
# Boot Mode : Normal
# Running from : C:\Documents and Settings\New User\Desktop\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
File Found : C:\DOCUME~1\NEWUSE~1\LOCALS~1\Temp\Searchqu.ini
Folder Found : C:\Documents and Settings\All Users.NEW\Application Data\Ask
Folder Found : C:\Documents and Settings\All Users.NEW\Application Data\boost_interprocess
Folder Found : C:\Program Files\search results toolbar
Folder Found : C:\Program Files\Trymedia
Folder Found : C:\Program Files\Viewpoint
 
***** [Registry] *****
 
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : HKLM\Software\SearchquSRTB
Key Found : HKU\S-1-5-21-1060284298-651377827-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
[OK] Registry is clean.
 
-\\ Google Chrome v24.0.1312.57
 
File : C:\Documents and Settings\New User\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
 
Found [l.13] : homepage = "hxxp://www.searchnu.com/410",
Found [l.17] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/410", "hxxp://www.google.com/" ]
Found [l.66] : keyword = "search-results.com",
Found [l.69] : search_url = "hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=100&systemid=410&apn_dtid=BND410&apn_ptnrs=AGA&o=APN10649&apn_uid=4542821934224150&q={searchTerms}",
Found [l.1658] : homepage = "hxxp://www.searchnu.com/410",
Found [l.2155] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/410", "hxxp://www.google.com/" ]
 
*************************
 
AdwCleaner[R1].txt - [3917 octets] - [25/02/2013 17:52:09]
 
########## EOF - C:\AdwCleaner[R1].txt - [3977 octets] ##########
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.5 (02.18.2013:1)
OS: Microsoft Windows XP x86
Ran by New User on 25/02/2013 at 17:57:45.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] hkey_local_machine\software\datamngr
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Documents and Settings\All Users.NEW\application data\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files\search results toolbar"
Successfully deleted: [Folder] "C:\Program Files\trymedia"
Successfully deleted: [Folder] "C:\Program Files\viewpoint"
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/02/2013 at 18:04:33.03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "avgnt"    "Avira System Tray Tool"    "Avira Operations GmbH & Co. KG"    "c:\program files\avira\antivir desktop\avgnt.exe"
+ "DeviceDiscovery"    "hpotdd01"    "Hewlett-Packard"    "c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe"
+ "HP Software Update"    ""    ""    "c:\program files\hewlett-packard\hp software update\hpwuschd.exe"
+ "HPDJ Taskbar Utility"    ""    "HP"    "c:\windows\new\system32\spool\drivers\w32x86\3\hpztsb08.exe"
+ "iTunesHelper"    "iTunesHelper"    "Apple Inc."    "c:\program files\itunes\ituneshelper.exe"
+ "RoxioAudioCentral"    "Roxio AudioCentral Media Manager Tray App"    "Roxio, Inc."    "c:\program files\roxio\easy cd creator 6\audiocentral\rxmon.exe"
+ "RoxioDragToDisc"    "Drag To Disc Application"    "Roxio"    "c:\program files\roxio\easy cd creator 6\dragtodisc\drgtodsc.exe"
+ "RoxioEngineUtility"    "Roxio Engine Compatibility"    "Roxio"    "c:\program files\common files\roxio shared\system\engutil.exe"
+ "SoundMan"    "Realtek Sound Manager"    "Realtek Semiconductor Corp."    "C:\WINDOWS\NEW\soundman.exe"
+ "SunJavaUpdateSched"    "Java™ Update Scheduler"    "Sun Microsystems, Inc."    "c:\program files\common files\java\java update\jusched.exe"
+ "TkBellExe"    "RealNetworks Scheduler"    "RealNetworks, Inc."    "c:\program files\real\realplayer\update\realsched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Address Book 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Google Update"    "Google Installer"    "Google Inc."    "c:\documents and settings\new user\local settings\application data\google\update\googleupdate.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
+ "skype4com"    "Skype for COM API"    "Skype Technologies"    "c:\program files\common files\skype\skype4com.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"    ""    ""    ""
+ "0"    ""    ""    "File not found: About:Home"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    ""    ""    "File not found: C:\Program Files\abc123\mbamext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "Roxio DragToDisc Shell Extension"    "DirectCD Shell Extention DLL"    "Roxio"    "c:\program files\roxio\easy cd creator 6\dragtodisc\shellex.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    ""    ""    "File not found: C:\Program Files\abc123\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "AcroIEHlprObj Class"    "AcroIEHelper Module"    ""    "c:\program files\adobe\acrobat 5.0\reader\activex\acroiehelper.ocx"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\ssv.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer"    "RealPlayer Download and Record Plugin"    "RealPlayer"    "c:\documents and settings\all users.new\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "Windows Messenger"    "Windows Messenger"    "Microsoft Corporation"    "c:\program files\messenger\msmsgs.exe"
"Task Scheduler"    ""    ""    ""
+ "Adobe Flash Player Updater.job"    "Adobe® Flash® Player Update Service 11.5 r502"    "Adobe Systems Incorporated"    "c:\windows\new\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AppleSoftwareUpdate.job"    "Apple Software Update"    "Apple Inc."    "c:\program files\apple software update\softwareupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-1060284298-651377827-1417001333-1004Core.job"    "Google Installer"    "Google Inc."    "c:\documents and settings\new user\local settings\application data\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-1060284298-651377827-1417001333-1004UA.job"    "Google Installer"    "Google Inc."    "c:\documents and settings\new user\local settings\application data\google\update\googleupdate.exe"
+ "RealUpgradeLogonTaskS-1-5-21-1060284298-651377827-1417001333-1004.job"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\real\realupgrade\realupgrade.exe"
+ "RealUpgradeScheduledTaskS-1-5-21-1060284298-651377827-1417001333-1004.job"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\real\realupgrade\realupgrade.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\new\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AntiVirSchedulerService"    "Service to schedule Avira Free Antivirus jobs and updates."    "Avira Operations GmbH & Co. KG"    "c:\program files\avira\antivir desktop\sched.exe"
+ "AntiVirService"    "Offers permanent protection against viruses and malware with the Avira search engine."    "Avira Operations GmbH & Co. KG"    "c:\program files\avira\antivir desktop\avguard.exe"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AppMgmt"    "Provides software installation services such as Assign, Publish, and Remove."    ""    "File not found: C:\WINDOWS\NEW\System32\appmgmts.dll"
+ "aspnet_state"    "Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start."    ""    "File not found: C:\WINDOWS\NEW\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService"    "Prefetches JRE files for faster startup of Java applets and applications"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jqs.exe"
+ "MBAMScheduler"    "Malwarebytes Anti-Malware scheduler"    ""    "File not found: C:\Program Files\abc123\mbamscheduler.exe"
+ "MBAMService"    "Malwarebytes Anti-Malware service"    ""    "File not found: C:\Program Files\abc123\mbamservice.exe"
+ "Sony PC Companion"    "Provides support for Sony PC Companion Core and Services."    ""    "File not found: C:\Program Files\Sony\Sony PC Companion\PCCService.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AFS2K"    "Audio File System"    "Oak Technology Inc."    "c:\windows\new\system32\drivers\afs2k.sys"
+ "ALCXWDM"    "Realtek AC'97 Audio Driver (WDM)"    "Realtek Semiconductor Corp."    "c:\windows\new\system32\drivers\alcxwdm.sys"
+ "ati2mtag"    "ATI Radeon WindowsNT Miniport Driver"    "ATI Technologies Inc."    "c:\windows\new\system32\drivers\ati2mtag.sys"
+ "avgntflt"    "Avira mini-filter driver"    "Avira GmbH"    "c:\windows\new\system32\drivers\avgntflt.sys"
+ "avipbb"    "Avira Security Enhancement Driver"    "Avira GmbH"    "c:\windows\new\system32\drivers\avipbb.sys"
+ "avkmgr"    "Avira Manager Driver"    "Avira GmbH"    "c:\windows\new\system32\drivers\avkmgr.sys"
+ "CamDrL"    "Universal Serial Bus Camera Driver"    "Logitech Inc."    "c:\windows\new\system32\drivers\camdrl.sys"
+ "Cdr4_xp"    "CDR4_XP CDR Helper"    "Roxio"    "c:\windows\new\system32\drivers\cdr4_xp.sys"
+ "Cdralw2k"    "CDRAL for Windows 2000 Kernel Driver"    "Roxio"    "c:\windows\new\system32\drivers\cdralw2k.sys"
+ "cdudf_xp"    "CD-UDF NT Filesystem Driver"    "Roxio"    "c:\windows\new\system32\drivers\cdudf_xp.sys"
+ "Changer"    ""    ""    "File not found: C:\WINDOWS\NEW\System32\Drivers\Changer.sys"
+ "dg_ssudbus"    "SAMSUNG USB Composite Device Driver (MSS Ver.3)"    "DEVGURU Co., LTD.(www.devguru.co.kr)"    "c:\windows\new\system32\drivers\ssudbus.sys"
+ "dvd_2K"    "DVD-RAM AddOn Driver"    "Roxio"    "c:\windows\new\system32\drivers\dvd_2k.sys"
+ "DVDVRRdr_xp"    "DVDVR XP Filesystem Reader Driver"    "Roxio"    "c:\windows\new\system32\drivers\dvdvrrdr_xp.sys"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\new\system32\drivers\gearaspiwdm.sys"
+ "GMSIPCI"    ""    ""    "File not found: F:\INSTALL\GMSIPCI.SYS"
+ "HSF_DP"    "HSF_DP driver"    "Conexant Systems, Inc."    "c:\windows\new\system32\drivers\hsfdpsp2.sys"
+ "HSFHWBS2"    "HSF_HWB2 WDM driver"    "Conexant Systems, Inc."    "c:\windows\new\system32\drivers\hsfbs2s2.sys"
+ "i2omgmt"    ""    ""    "File not found: C:\WINDOWS\NEW\System32\Drivers\i2omgmt.sys"
+ "lbrtfdc"    ""    ""    "File not found: C:\WINDOWS\NEW\System32\Drivers\lbrtfdc.sys"
+ "LVUSBSta"    "USB Statistic Driver"    "Logitech Inc."    "c:\windows\new\system32\drivers\lvusbsta.sys"
+ "MBAMProtector"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\windows\new\system32\drivers\mbam.sys"
+ "mdmxsdk"    "Diagnostic Interface DRIVER"    "Conexant"    "c:\windows\new\system32\drivers\mdmxsdk.sys"
+ "mmc_2K"    "CD-R/RW AddOn MMC Driver (W2K)"    "Roxio"    "c:\windows\new\system32\drivers\mmc_2k.sys"
+ "PCIDump"    ""    ""    "File not found: C:\WINDOWS\NEW\System32\Drivers\PCIDump.sys"
+ "PDCOMP"    ""    ""    "File not found: C:\WINDOWS\NEW\System32\Drivers\PDCOMP.sys"
+ "PDFRAME"    ""    ""    "File not found: C:\WINDOWS\NEW\System32\Drivers\PDFRAME.sys"
+ "PDRELI"    ""    ""    "File not found: C:\WINDOWS\NEW\System32\Drivers\PDRELI.sys"
+ "PDRFRAME"    ""    ""    "File not found: C:\WINDOWS\NEW\System32\Drivers\PDRFRAME.sys"
+ "Ptilink"    "Direct Parallel Link Driver"    "Parallel Technologies, Inc."    "c:\windows\new\system32\drivers\ptilink.sys"
+ "pwd_2k"    "Win2000 Framework for Packet Write Driver"    "Roxio"    "c:\windows\new\system32\drivers\pwd_2k.sys"
+ "rtl8139"    "Realtek RTL8139 NDIS 5.0 Driver"    "Realtek Semiconductor Corporation"    "c:\windows\new\system32\drivers\rtl8139.sys"
+ "Secdrv"    "SafeDisc driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\new\system32\drivers\secdrv.sys"
+ "ssmdrv"    "Avira Snapshot Driver"    "Avira GmbH"    "c:\windows\new\system32\drivers\ssmdrv.sys"
+ "UdfReadr_xp"    "CD-UDF NT Filesystem Reader Driver"    "Roxio"    "c:\windows\new\system32\drivers\udfreadr_xp.sys"
+ "USBAAPL"    "Apple Mobile Device USB Driver"    "Apple, Inc."    "c:\windows\new\system32\drivers\usbaapl.sys"
+ "WDICA"    ""    ""    "File not found: C:\WINDOWS\NEW\System32\Drivers\WDICA.sys"
+ "winachsf"    "HSF_CNXT driver"    "Conexant Systems, Inc."    "c:\windows\new\system32\drivers\hsfcxts2.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.iac2"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\new\system32\iac25_32.ax"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\new\system32\l3codeca.acm"
+ "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\new\system32\sl_anet.acm"
+ "msacm.trspch"    "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\new\system32\tssoft32.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\new\system32\iccvid.dll"
+ "VIDC.I420"    "Video Codec"    "Logitech Inc."    "c:\windows\new\system32\lvcodec2.dll"
+ "vidc.iv31"    ""    ""    "c:\windows\new\system32\ir32_32.dll"
+ "vidc.iv32"    ""    ""    "c:\windows\new\system32\ir32_32.dll"
+ "vidc.iv41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\new\system32\ir41_32.ax"
+ "vidc.iv50"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\new\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter"    ""    ""    ""
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\new\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\new\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\new\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\new\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "9x8Resize"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\new\system32\acelpdec.ax"
+ "Allocator Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Audio Chunker"    "Chunker Filter (Sample)"    "MGI Software Corp."    "c:\program files\common files\roxio shared\sharedcom\chunker.ax"
+ "Bitmap"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Dump"    "Roxio Dump Filter"    "Roxio"    "c:\program files\common files\roxio shared\dllshared\rxdump.ax"
+ "DVDDump"    "Roxio DVDDump Filter"    "Roxio"    "c:\program files\roxio\easy cd creator 6\pmstudio\dvddump.ax"
+ "Frame Eater"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo® audio software"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\new\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\new\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\new\system32\ir50_32.dll"
+ "MGI CrossGraph Renderer"    "MGICGFilter.ax"    "MGI Software Corp."    "c:\program files\common files\roxio shared\sharedcom\mgicgfilter.ax"
+ "MGI CrossGraph Source"    "MGICGFilter.ax"    "MGI Software Corp."    "c:\program files\common files\roxio shared\sharedcom\mgicgfilter.ax"
+ "MGI Scene Detector"    "Video Filter"    "MGI Software Corp"    "c:\program files\common files\roxio shared\sharedcom\scenedetector.ax"
+ "MGI-DV-Scene-Change-Detector-Tee"    "DV-Frame-Detector (Sample)"    "MyCompanyName"    "c:\program files\common files\roxio shared\sharedcom\dvscenecdtee.ax"
+ "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\new\system32\l3codecx.ax"
+ "Multi File Reader (Async.)"    "Roxio Source Filter"    "Roxio"    "c:\program files\common files\roxio shared\dllshared\multifilereader.ax"
+ "Partition Filter"    "ROXIO Partition Filter"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\partitionfilter.dll"
+ "Raw Reader (Async.)"    "Roxio Source Filter"    "Roxio"    "c:\program files\common files\roxio shared\dllshared\multifilereader.ax"
+ "RealPlayer Audio Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Roxio Audio Decoder (DVD)"    "ROXIO Audio Decoder"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\roxiodvdaudio.dll"
+ "Roxio DVD MPEG2 Decoder"    "ROXIO Video Codec"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\roxiodvddecoder.dll"
+ "Roxio MPEG Splitter"    "Roxio MPEG Stream Splitter"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\rxmpegx.ax"
+ "Roxio MPEG1 Audio Encoder"    "ROXIO MPEG Audio Encoder"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\roxioaudioenc.dll"
+ "Roxio MPEG1 Muxer"    "ROXIO MPEG MUXER"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\roxiompegmuxer.dll"
+ "Roxio MPEG1 Video Encoder"    "ROXIO Video Codec"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\roxiovideompeg.dll"
+ "Roxio MPEG2 Demuxer"    "ROXIO MPEG Demuxer"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Muxer"    "ROXIO MPEG MUXER"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\roxiompegmuxer.dll"
+ "Roxio MPEG2 Video Decoder"    "ROXIO Video Codec"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\roxiovideompeg.dll"
+ "Roxio MPEG2 Video Encoder"    "ROXIO Video Codec"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\roxiovideompeg.dll"
+ "Roxio Quicktime Parser"    "Roxio Quicktime Parser"    "Roxio Inc"    "c:\program files\common files\roxio shared\dllshared\rxquicktime.ax"
+ "ROXIO Raw Writer"    "ROXIO Raw Writer"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\mgirawwriter.dll"
+ "ROXIO Subpicture Decoder"    "ROXIO DVD Subpicture Decoder"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\subpictdec.dll"
+ "Roxio SVCD MPEG2 Decoder"    "ROXIO Video Codec"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\roxiodvddecoder.dll"
+ "ROXIO VCD/SVCD Navigator"    "ROXIO VCD/SVCD Navigator"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\navigator.dll"
+ "Roxio Video Transition"    "Roxio Video Transition Filter"    "Roxio"    "c:\program files\roxio\easy cd creator 6\pmstudio\videotransition.ax"
+ "ROXIO WAV Dest"    "MGI Filter"    "MGI Software Corp."    "c:\program files\common files\roxio shared\sharedcom\wavhead.ax"
+ "Roxio-DVFrameDet-Filter"    "DVFrameDet"    "MyCompanyName"    "c:\program files\roxio\easy cd creator 6\pmstudio\dvframedet.ax"
+ "Sewer"    "MVWcDSutil"    "MGI Software Corp."    "c:\program files\common files\roxio shared\sharedcom\mvwcdsutil.dll"
+ "ShotDetect"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "SubPicture Encoder"    "ROXIO SubPicture Encoder"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\subpictenc.dll"
+ "SubPicture Encoder"    "ROXIO Color Space Converter"    "Roxio, Inc."    "c:\program files\common files\roxio shared\sharedcom\colorspconv.dll"
+ "Video Effects"    "Roxio Video Effects Filter"    "Roxio"    "c:\program files\roxio\easy cd creator 6\pmstudio\vergb24.ax"
+ "VW AlphaSplitter"    "AlphaSplitter Filter (Sample)"    "MGI Software"    "c:\program files\common files\roxio shared\sharedcom\alphasplitter.ax"
+ "VW Audio Source"    "VW Audio Source"    "MGI Software"    "c:\program files\common files\roxio shared\sharedcom\audiosrc.ax"
+ "VW AudioConvert"    "AudioConvert Filter"    "MGI Software Corp"    "c:\program files\common files\roxio shared\sharedcom\audconv.ax"
+ "VW AudioGrabber"    "VideoWave Frame Grabber"    "MGI Software Corp."    "c:\program files\common files\roxio shared\sharedcom\thumbnailgraber.ax"
+ "VW AudioMixFlt"    "AudioFlt Filter"    "MyCompanyName"    "c:\program files\common files\roxio shared\sharedcom\audmf.ax"
+ "VW De-Interlace Filter"    "Video Filter"    "MGI Software Corp"    "c:\program files\common files\roxio shared\sharedcom\deinter.ax"
+ "VW Input Selector"    "Video Effect Filter"    "MGI Software Corp"    "c:\program files\common files\roxio shared\sharedcom\inputselector.ax"
+ "VW Input Selector 2"    "Video Effect Filter"    "MGI Software Corp"    "c:\program files\common files\roxio shared\sharedcom\inputselector.ax"
+ "VW Latency"    "Latency Filter (Sample)"    "MyCompanyName"    "c:\program files\common files\roxio shared\sharedcom\latency.ax"
+ "VW Looper"    "Looper Filter (Sample)"    "MGI Software"    "c:\program files\common files\roxio shared\sharedcom\looper.ax"
+ "VW MediaPlacer"    "VW MediaPlacer Filter"    "MGI Software Corp"    "c:\program files\common files\roxio shared\sharedcom\mediaplacer.ax"
+ "VW Pan Zoom Filter"    "Video Filter"    "MGI Software Corp"    "c:\program files\common files\roxio shared\sharedcom\panzoom.ax"
+ "VW QuickGrabber"    "VideoWave Frame Grabber"    "MGI Software Corp."    "c:\program files\common files\roxio shared\sharedcom\thumbnailgraber.ax"
+ "VW SpyPos"    "Null-In-Place (Sample)"    "MyCompanyName"    "c:\program files\common files\roxio shared\sharedcom\mginullip.ax"
+ "VW Switch Filter"    "MGI FilterGraph Routing filter"    "MGI Software Corp."    "c:\program files\common files\roxio shared\sharedcom\mgiswitch.ax"
+ "VW ThumbnailGrabber"    "VideoWave Frame Grabber"    "MGI Software Corp."    "c:\program files\common files\roxio shared\sharedcom\thumbnailgraber.ax"
+ "VW Video Resampler Filter"    "Video Filter"    "MGI Software Corp"    "c:\program files\common files\roxio shared\sharedcom\vresamfilt.ax"
+ "VW Video Transition"    "VW VInfo Transcoder"    "MGI Software Corp."    "c:\program files\common files\roxio shared\sharedcom\vwvinfoxcoder.ax"
+ "VW VideoCutList"    "Video CutList Filter"    "MGI Software"    "c:\program files\common files\roxio shared\sharedcom\vcutlist.ax"
+ "VW vlooper"    "Video Looper Filter (Sample)"    "MGI Software"    "c:\program files\common files\roxio shared\sharedcom\vlooper.ax"
+ "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\new\system32\wiasf.ax"
+ "WM VIH2 Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls"    ""    ""    ""
+ "C:\DOCUME~1\ALLUSE~1.NEW\APPLIC~1\Wincert\WIN32C~1.DLL "    ""    ""    "c:\documents and settings\all users.new\application data\wincert\win32c~1.dll "
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""
+ "hpzlnt08"    ""    "HP"    "c:\windows\new\system32\hpzlnt08.dll"
 
 
 
I was not able to run RKILL...every time I did so the pc went black, immediately restarted and said it had recovered from a serious issue. 
 
Hope this is enough to help...thank you 
Carla
 
 
 
 


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:40 PM

Posted 25 February 2013 - 02:36 PM

Launch Adware cleaner and click on DELETE,post the new log

 

Let me know the current issues you have.



#7 devilspride2k1

devilspride2k1
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:London UK
  • Local time:10:40 PM

Posted 26 February 2013 - 03:17 PM

# AdwCleaner v2.113 - Logfile created 02/26/2013 at 20:08:09
# Updated 23/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : New User - NEW-DA818C7C125
# Boot Mode : Normal
# Running from : C:\Documents and Settings\New User\Desktop\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
File Deleted : C:\DOCUME~1\NEWUSE~1\LOCALS~1\Temp\Searchqu.ini
Folder Deleted : C:\Documents and Settings\All Users.NEW\Application Data\Ask
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\SearchquSRTB
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
[OK] Registry is clean.
 
-\\ Google Chrome v25.0.1364.97
 
File : C:\Documents and Settings\New User\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
 
Deleted [l.53] : keyword = "search-results.com",
Deleted [l.56] : search_url = "hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=100&systemid=410&apn_dtid[...]
Deleted [l.1761] : homepage = "hxxp://www.searchnu.com/410",
Deleted [l.2258] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/410", "hxxp://www.google.com/" ]
 
*************************
 
AdwCleaner[R1].txt - [4046 octets] - [25/02/2013 17:52:09]
AdwCleaner[S1].txt - [346 octets] - [26/02/2013 20:07:52]
AdwCleaner[S2].txt - [3428 octets] - [26/02/2013 20:08:09]
 
########## EOF - C:\AdwCleaner[S2].txt - [3488 octets] ##########
 
 
after deletiing and the reboot it has appeared to fix the problem as the hijack toolbar did not appear ...I am hoping that this is true!!


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:40 PM

Posted 26 February 2013 - 10:32 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

 



#9 devilspride2k1

devilspride2k1
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:London UK
  • Local time:10:40 PM

Posted 27 February 2013 - 04:42 PM

Hi, I have completed all your above instructions, I think my anti-virus, and my security vigilance is working fairly ok, its been 3 yrs since my last problem, and to be fair I have 5 children, so hop you agree I am not doing too bad lol.....BUT I cannot thank you enough, once again BC.com has been amazing, and I have recommended to a friend tonight...just seems some ppl dont wish to listen....all your guys knowledge is 2nd to none ...a big fat huge massive thank you!!!!!!!



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:40 PM

Posted 27 February 2013 - 04:43 PM

:welcome:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users