Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Concerned I may have malware/rootkit, but no idea what


  • Please log in to reply
11 replies to this topic

#1 TheLadyIsMad

TheLadyIsMad

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 26 February 2013 - 12:48 PM

Windows XP Professional version 2002 Service Pack 3
Internet Explorer 8 version 8.0.6001.18702
Winpatrol free version
PC Tools Firewall Plus free version
Avast Antivirus free version


 

I had suspected I might have a computer problem for a few weeks, but I put it off till I was able to deal with it.


 

Some weeks ago I was trying to download a file on Mediafire. When I clicked on the item that seemed to be the right download link, it appeared I was wrong, so I stopped it. After refreshing the page I was able to find the right download link. I can't recall if there was a virus alert from Avast at the time or not. My internet settings block pop-ups and require an ok from me to download anything, and yet I was able to download the right file without it first blocking me. I checked the settings and they were correct. Odd. Sometimes since that time, it allows a download without blocking first and sometimes it seems to work. It worries me also that even months before this, I haven't been able to download the security Update
KB2736416. Before you ask, yes I tried their fixit program, and yes I used the alternate mode they suggested. Didn't work.


 

I'd tried several programs: Avast, Malwarebytes, and at one point today, Gmer. Avast claimed dds.scr was a win32:Malware-gen, and that WinPatrol had an error "Error: File is ofline - it is currently not available (42006). Malwarebytes saw nothing. And now I've got a Gmer file (which I'll post below)
that seems to claim I have ALOT of malware/rootkits! Now I know some programs will give false positives, so I figured I'd better find out before I do anything stupid. I have <<NOT>> done Combofix.


 


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2013-02-26 08:43:59
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e ST3320620AS rev.3.AAK
Running: 0nqlj10v.exe; Driver: C:\DOCUME~1\Family\LOCALS~1\Temp\pgliapow.sys


 


---- System - GMER 1.0.15 ----


 

SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwAddBootEntry [0xF315C4BA]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                     ZwAllocateVirtualMemory [0xF3209C22]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwAssignProcessToJobObject [0xF315CED6]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwClose [0xF319E811]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwCreateEvent [0xF3167FA8]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwCreateEventPair [0xF3167FF4]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwCreateIoCompletion [0xF3168176]
SSDT            PCTCore.sys (PC Tools KDS Core Driver/PC Tools)                                                                           ZwCreateKey [0xF72A9E52]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwCreateMutant [0xF3167F16]
SSDT            PCTCore.sys (PC Tools KDS Core Driver/PC Tools)                                                                           ZwCreateProcess [0xF728ACDE]
SSDT            PCTCore.sys (PC Tools KDS Core Driver/PC Tools)                                                                           ZwCreateProcessEx [0xF728AED0]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwCreateSection [0xF3168038]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwCreateSemaphore [0xF3167F5E]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwCreateThread [0xF315D11C]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwCreateTimer [0xF3168130]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwDebugActiveProcess [0xF315D93E]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwDeleteBootEntry [0xF315C508]
SSDT            PCTCore.sys (PC Tools KDS Core Driver/PC Tools)                                                                           ZwDeleteKey [0xF72AA640]
SSDT            PCTCore.sys (PC Tools KDS Core Driver/PC Tools)                                                                           ZwDeleteValueKey [0xF72AA8F4]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwDuplicateObject [0xF31611C2]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwEnumerateKey [0xF319ED42]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwEnumerateValueKey [0xF319EBAD]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                     ZwFreeVirtualMemory [0xF3209CEA]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwLoadDriver [0xF315C170]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwModifyBootEntry [0xF315C556]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwNotifyChangeKey [0xF3161534]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwNotifyChangeMultipleKeys [0xF315E3A6]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwOpenEvent [0xF3167FD2]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwOpenEventPair [0xF3168016]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwOpenIoCompletion [0xF316819A]
SSDT            PCTCore.sys (PC Tools KDS Core Driver/PC Tools)                                                                           ZwOpenKey [0xF72A8B44]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwOpenMutant [0xF3167F3C]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwOpenProcess [0xF3160C3E]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwOpenSection [0xF31680BA]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwOpenSemaphore [0xF3167F86]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwOpenThread [0xF3160F14]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwOpenTimer [0xF3168154]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                     ZwProtectVirtualMemory [0xF3209E4A]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwQueryKey [0xF319EA28]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwQueryObject [0xF315E272]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwQueryValueKey [0xF319E87A]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwQueueApcThread [0xF315DDD4]
SSDT            PCTCore.sys (PC Tools KDS Core Driver/PC Tools)                                                                           ZwRenameKey [0xF72AAD60]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwRestoreKey [0xF319D838]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwSetBootEntryOrder [0xF315C5A4]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwSetBootOptions [0xF315C5F2]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwSetContextThread [0xF315D7BE]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwSetSystemInformation [0xF315C1FA]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwSetSystemPowerState [0xF315C3AA]
SSDT            PCTCore.sys (PC Tools KDS Core Driver/PC Tools)                                                                           ZwSetValueKey [0xF72AA112]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwShutdownSystem [0xF315C350]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwSuspendProcess [0xF315DAF8]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwSuspendThread [0xF315DC54]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwSystemDebugControl [0xF315C41A]
SSDT            PCTCore.sys (PC Tools KDS Core Driver/PC Tools)                                                                           ZwTerminateProcess [0xF728A984]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwTerminateThread [0xF315D636]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                     ZwUnloadDriver [0xF320841C]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwVdmControl [0xF315C640]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                     ZwWriteVirtualMemory [0xF315CF1A]


 

Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                     ObInsertObject
Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                     ObMakeTemporaryObject


 

---- Kernel code sections - GMER 1.0.15 ----


 

.text           ntkrnlpa.exe!ZwCallbackReturn + 2C40                                                                                      80504538 4 Bytes  CALL D0A13856
.text           ntkrnlpa.exe!ZwCallbackReturn + 2D28                                                                                      80504620 4 Bytes  JMP 9CF3209C
.text           ntkrnlpa.exe!ZwCallbackReturn + 2E5C                                                                                      80504754 4 Bytes  [28, EA, 19, F3] {SUB DL, CH; SBB EBX, ESI}
.text           ntkrnlpa.exe!ZwCallbackReturn + 2EA0                                                                                      80504798 4 Bytes  [7A, E8, 19, F3] {JP 0xffffffffffffffea; SBB EBX, ESI}
.text           ntkrnlpa.exe!ZwCallbackReturn + 2F28                                                                                      80504820 12 Bytes  [A4, C5, 15, F3, F2, C5, 15, ...]
.text           ...                                                                                                                      
PAGE            ntkrnlpa.exe!ObMakeTemporaryObject                                                                                        805BC55E 5 Bytes  JMP F321FCF6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE            ntkrnlpa.exe!ObInsertObject                                                                                               805C2FE2 5 Bytes  JMP F3221810 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text           C:\WINDOWS\System32\DRIVERS\nv4_mini.sys                                                                                  section is writeable [0xF61D8360, 0x32DEFD, 0xE8000020]


 

---- User code sections - GMER 1.0.15 ----


 

.text           C:\WINDOWS\system32\nvsvc32.exe[184] ntdll.dll!RtlDosSearchPath_U + 186                                                   7C916865 1 Byte  [62]
.text           C:\WINDOWS\system32\nvsvc32.exe[184] kernel32.dll!GetBinaryTypeW + 80                                                     7C868E04 1 Byte  [62]
.text           C:\WINDOWS\Explorer.EXE[288] ntdll.dll!RtlDosSearchPath_U + 186                                                           7C916865 1 Byte  [62]
.text           C:\WINDOWS\Explorer.EXE[288] kernel32.dll!GetBinaryTypeW + 80                                                             7C868E04 1 Byte  [62]
.text           C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe[604] ntdll.dll!RtlDosSearchPath_U + 186                            7C916865 1 Byte  [62]
.text           C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe[604] kernel32.dll!GetBinaryTypeW + 80                              7C868E04 1 Byte  [62]
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[632] ntdll.dll!RtlDosSearchPath_U + 186                        7C916865 1 Byte  [62]
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[632] kernel32.dll!GetBinaryTypeW + 80                          7C868E04 1 Byte  [62]
.text           C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe[684] ntdll.dll!RtlDosSearchPath_U + 186                           7C916865 1 Byte  [62]
.text           C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe[684] kernel32.dll!GetBinaryTypeW + 80                             7C868E04 1 Byte  [62]
.text           C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[692] ntdll.dll!RtlDosSearchPath_U + 186             7C916865 1 Byte  [62]
.text           C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[692] kernel32.dll!GetBinaryTypeW + 80               7C868E04 1 Byte  [62]
.text           C:\WINDOWS\system32\ctfmon.exe[700] ntdll.dll!RtlDosSearchPath_U + 186                                                    7C916865 1 Byte  [62]
.text           C:\WINDOWS\system32\ctfmon.exe[700] kernel32.dll!GetBinaryTypeW + 80                                                      7C868E04 1 Byte  [62]
.text           C:\Program Files\Alwil Software\Avast5\AvastUI.exe[728] ntdll.dll!RtlDosSearchPath_U + 186                                7C916865 1 Byte  [62]
.text           C:\Program Files\Alwil Software\Avast5\AvastUI.exe[728] kernel32.dll!GetBinaryTypeW + 80                                  7C868E04 1 Byte  [62]
.text           C:\WINDOWS\System32\svchost.exe[888] ntdll.dll!RtlDosSearchPath_U + 186                                                   7C916865 1 Byte  [62]
.text           C:\WINDOWS\System32\svchost.exe[888] kernel32.dll!GetBinaryTypeW + 80                                                     7C868E04 1 Byte  [62]
.text           C:\WINDOWS\System32\smss.exe[944] ntdll.dll!RtlDosSearchPath_U + 186                                                      7C916865 1 Byte  [62]
.text           C:\WINDOWS\System32\svchost.exe[976] ntdll.dll!RtlDosSearchPath_U + 186                                                   7C916865 1 Byte  [62]
.text           C:\WINDOWS\System32\svchost.exe[976] kernel32.dll!GetBinaryTypeW + 80                                                     7C868E04 1 Byte  [62]
.text           C:\WINDOWS\system32\csrss.exe[996] ntdll.dll!RtlDosSearchPath_U + 186                                                     7C916865 1 Byte  [62]
.text           C:\WINDOWS\system32\csrss.exe[996] KERNEL32.dll!GetBinaryTypeW + 80                                                       7C868E04 1 Byte  [62]
.text           C:\WINDOWS\system32\winlogon.exe[1020] ntdll.dll!RtlDosSearchPath_U + 186                                                 7C916865 1 Byte  [62]
.text           C:\WINDOWS\system32\winlogon.exe[1020] kernel32.dll!GetBinaryTypeW + 80                                                   7C868E04 1 Byte  [62]
.text           C:\WINDOWS\system32\services.exe[1064] ntdll.dll!RtlDosSearchPath_U + 186                                                 7C916865 1 Byte  [62]
.text           C:\WINDOWS\system32\services.exe[1064] kernel32.dll!GetBinaryTypeW + 80                                                   7C868E04 1 Byte  [62]
.text           C:\WINDOWS\system32\lsass.exe[1076] ntdll.dll!RtlDosSearchPath_U + 186                                                    7C916865 1 Byte  [62]
.text           C:\WINDOWS\system32\lsass.exe[1076] kernel32.dll!GetBinaryTypeW + 80                                                      7C868E04 1 Byte  [62]
.text           C:\WINDOWS\system32\svchost.exe[1244] ntdll.dll!RtlDosSearchPath_U + 186                                                  7C916865 1 Byte  [62]
.text           C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!GetBinaryTypeW + 80                                                    7C868E04 1 Byte  [62]
.text           C:\WINDOWS\system32\svchost.exe[1292] ntdll.dll!RtlDosSearchPath_U + 186                                                  7C916865 1 Byte  [62]
.text           C:\WINDOWS\system32\svchost.exe[1292] kernel32.dll!GetBinaryTypeW + 80                                                    7C868E04 1 Byte  [62]
.text           C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE[1336] ntdll.dll!RtlDosSearchPath_U + 186                                        7C916865 1 Byte  [62]
.text           C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE[1336] kernel32.dll!GetBinaryTypeW + 80                                          7C868E04 1 Byte  [62]
.text           C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[1364] ntdll.dll!RtlDosSearchPath_U + 186                                    7C916865 1 Byte  [62]
.text           C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[1364] kernel32.dll!GetBinaryTypeW + 80                                      7C868E04 1 Byte  [62]
.text           C:\WINDOWS\System32\svchost.exe[1416] ntdll.dll!RtlDosSearchPath_U + 186                                                  7C916865 1 Byte  [62]
.text           C:\WINDOWS\System32\svchost.exe[1416] kernel32.dll!GetBinaryTypeW + 80                                                    7C868E04 1 Byte  [62]
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1444] ntdll.dll!RtlDosSearchPath_U + 186                             7C916865 1 Byte  [62]
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1444] kernel32.dll!GetBinaryTypeW + 80                               7C868E04 1 Byte  [62]
.text           C:\WINDOWS\System32\svchost.exe[1540] ntdll.dll!RtlDosSearchPath_U + 186                                                  7C916865 1 Byte  [62]
.text           C:\WINDOWS\System32\svchost.exe[1540] kernel32.dll!GetBinaryTypeW + 80                                                    7C868E04 1 Byte  [62]
.text           C:\Program Files\McAfee\SiteAdvisor\McSACore.exe[1604] ntdll.dll!RtlDosSearchPath_U + 186                                 7C916865 1 Byte  [62]
.text           C:\Program Files\McAfee\SiteAdvisor\McSACore.exe[1604] kernel32.dll!GetBinaryTypeW + 80                                   7C868E04 1 Byte  [62]
.text           C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!RtlDosSearchPath_U + 186                                                  7C916865 1 Byte  [62]
.text           C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!GetBinaryTypeW + 80                                                    7C868E04 1 Byte  [62]
.text           C:\Program Files\PC Tools Firewall Plus\FWService.exe[1712] ntdll.dll!RtlDosSearchPath_U + 186                            7C916865 1 Byte  [62]
.text           C:\Program Files\PC Tools Firewall Plus\FWService.exe[1712] kernel32.dll!GetBinaryTypeW + 80                              7C868E04 1 Byte  [62]
.text           C:\WINDOWS\System32\svchost.exe[1716] ntdll.dll!RtlDosSearchPath_U + 186                                                  7C916865 1 Byte  [62]
.text           C:\WINDOWS\System32\svchost.exe[1716] kernel32.dll!GetBinaryTypeW + 80                                                    7C868E04 1 Byte  [62]
.text           C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1840] ntdll.dll!RtlDosSearchPath_U + 186                              7C916865 1 Byte  [62]
.text           C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1840] kernel32.dll!SetUnhandledExceptionFilter                        7C8449CD 4 Bytes  [C2, 04, 00, 90] {RET 0x4; NOP }
.text           C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1840] kernel32.dll!GetBinaryTypeW + 80                                7C868E04 1 Byte  [62]
.text           C:\WINDOWS\system32\spoolsv.exe[1996] ntdll.dll!RtlDosSearchPath_U + 186                                                  7C916865 1 Byte  [62]
.text           C:\WINDOWS\system32\spoolsv.exe[1996] kernel32.dll!GetBinaryTypeW + 80                                                    7C868E04 1 Byte  [62]
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ntdll.dll!LdrLoadDll                                                7C91632D 5 Bytes  JMP 003801F8
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ntdll.dll!RtlDosSearchPath_U + 186                                  7C916865 1 Byte  [62]
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ntdll.dll!LdrUnloadDll                                              7C9171CD 5 Bytes  JMP 003803FC
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] KERNEL32.dll!GetBinaryTypeW + 80                                    7C868E04 1 Byte  [62]
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ADVAPI32.dll!SetServiceObjectSecurity                               77E36D81 5 Bytes  JMP 01FC1014
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ADVAPI32.dll!ChangeServiceConfigA                                   77E36E69 5 Bytes  JMP 01FC0804
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ADVAPI32.dll!ChangeServiceConfigW                                   77E37001 5 Bytes  JMP 01FC0A08
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ADVAPI32.dll!ChangeServiceConfig2A                                  77E37101 5 Bytes  JMP 01FC0C0C
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ADVAPI32.dll!ChangeServiceConfig2W                                  77E37189 5 Bytes  JMP 01FC0E10
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ADVAPI32.dll!CreateServiceA                                         77E37211 5 Bytes  JMP 01FC01F8
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ADVAPI32.dll!CreateServiceW                                         77E373A9 5 Bytes  JMP 01FC03FC
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ADVAPI32.dll!DeleteService                                          77E374B1 3 Bytes  JMP 01FC0600
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ADVAPI32.dll!DeleteService + 4                                      77E374B5 1 Byte  [8A]
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!DialogBoxParamW                                          7E4247AB 5 Bytes  JMP 3E21550D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!SetWindowsHookExW                                        7E42820F 5 Bytes  JMP 3E2E9ABD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!CallNextHookEx                                           7E42B3C6 5 Bytes  JMP 3E2DD135 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!CreateWindowExW                                          7E42D0A3 5 Bytes  JMP 3E2EDB2C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!UnhookWindowsHookEx                                      7E42D5F3 5 Bytes  JMP 3E254674 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!SetWindowsHookExA                                        7E431211 5 Bytes  JMP 009E0600
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!SetWinEventHook                                          7E4317F7 5 Bytes  JMP 009E01F8
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!UnhookWinEvent                                           7E4318AC 5 Bytes  JMP 009E03FC
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!DialogBoxIndirectParamW                                  7E432072 5 Bytes  JMP 3E3E724F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!MessageBoxIndirectA                                      7E43A082 5 Bytes  JMP 3E3E7181 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!DialogBoxParamA                                          7E43B144 5 Bytes  JMP 3E3E71EC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!MessageBoxExW                                            7E450838 5 Bytes  JMP 3E3E7052 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!MessageBoxExA                                            7E45085C 5 Bytes  JMP 3E3E70B4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!DialogBoxIndirectParamA                                  7E456D7D 5 Bytes  JMP 3E3E72B2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] USER32.dll!MessageBoxIndirectW                                      7E4664D5 5 Bytes  JMP 3E3E7116 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ole32.dll!CoCreateInstance                                          774FF1BC 5 Bytes  JMP 3E2EDB88 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2352] ole32.dll!OleLoadFromStream                                         7752983B 5 Bytes  JMP 3E3E75D0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] ntdll.dll!LdrLoadDll                                          7C91632D 5 Bytes  JMP 003901F8
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] ntdll.dll!RtlDosSearchPath_U + 186                            7C916865 1 Byte  [62]
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] ntdll.dll!LdrUnloadDll                                        7C9171CD 5 Bytes  JMP 003903FC
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] KERNEL32.dll!GetBinaryTypeW + 80                              7C868E04 1 Byte  [62]
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] ADVAPI32.dll!SetServiceObjectSecurity                         77E36D81 5 Bytes  JMP 003F1014
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] ADVAPI32.dll!ChangeServiceConfigA                             77E36E69 5 Bytes  JMP 003F0804
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] ADVAPI32.dll!ChangeServiceConfigW                             77E37001 5 Bytes  JMP 003F0A08
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] ADVAPI32.dll!ChangeServiceConfig2A                            77E37101 5 Bytes  JMP 003F0C0C
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] ADVAPI32.dll!ChangeServiceConfig2W                            77E37189 5 Bytes  JMP 003F0E10
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] ADVAPI32.dll!CreateServiceA                                   77E37211 5 Bytes  JMP 003F01F8
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] ADVAPI32.dll!CreateServiceW                                   77E373A9 5 Bytes  JMP 003F03FC
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] ADVAPI32.dll!DeleteService                                    77E374B1 5 Bytes  JMP 003F0600
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] USER32.dll!SetWindowsHookExW                                  7E42820F 5 Bytes  JMP 00AA0804
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] USER32.dll!UnhookWindowsHookEx                                7E42D5F3 5 Bytes  JMP 00AA0A08
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] USER32.dll!SetWindowsHookExA                                  7E431211 5 Bytes  JMP 00AA0600
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] USER32.dll!SetWinEventHook                                    7E4317F7 5 Bytes  JMP 00AA01F8
.text           C:\Documents and Settings\Family\Desktop\0nqlj10v.exe[3156] USER32.dll!UnhookWinEvent                                     7E4318AC 5 Bytes  JMP 00AA03FC
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] ntdll.dll!LdrLoadDll                                                7C91632D 5 Bytes  JMP 003801F8
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] ntdll.dll!RtlDosSearchPath_U + 186                                  7C916865 1 Byte  [62]
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] ntdll.dll!LdrUnloadDll                                              7C9171CD 5 Bytes  JMP 003803FC
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] KERNEL32.dll!GetBinaryTypeW + 80                                    7C868E04 1 Byte  [62]
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] ADVAPI32.dll!SetServiceObjectSecurity                               77E36D81 5 Bytes  JMP 022C1014
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] ADVAPI32.dll!ChangeServiceConfigA                                   77E36E69 5 Bytes  JMP 022C0804
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] ADVAPI32.dll!ChangeServiceConfigW                                   77E37001 5 Bytes  JMP 022C0A08
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] ADVAPI32.dll!ChangeServiceConfig2A                                  77E37101 5 Bytes  JMP 022C0C0C
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] ADVAPI32.dll!ChangeServiceConfig2W                                  77E37189 5 Bytes  JMP 022C0E10
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] ADVAPI32.dll!CreateServiceA                                         77E37211 5 Bytes  JMP 022C01F8
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] ADVAPI32.dll!CreateServiceW                                         77E373A9 5 Bytes  JMP 022C03FC
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] ADVAPI32.dll!DeleteService                                          77E374B1 5 Bytes  JMP 022C0600
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!DialogBoxParamW                                          7E4247AB 5 Bytes  JMP 3E21550D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!SetWindowsHookExW                                        7E42820F 5 Bytes  JMP 3E2E9ABD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!CallNextHookEx                                           7E42B3C6 5 Bytes  JMP 3E2DD135 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!CreateWindowExW                                          7E42D0A3 5 Bytes  JMP 3E2EDB2C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!UnhookWindowsHookEx                                      7E42D5F3 5 Bytes  JMP 3E254674 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!SetWindowsHookExA                                        7E431211 5 Bytes  JMP 009E0600
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!SetWinEventHook                                          7E4317F7 5 Bytes  JMP 009E01F8
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!UnhookWinEvent                                           7E4318AC 5 Bytes  JMP 009E03FC
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!DialogBoxIndirectParamW                                  7E432072 5 Bytes  JMP 3E3E724F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!MessageBoxIndirectA                                      7E43A082 5 Bytes  JMP 3E3E7181 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!DialogBoxParamA                                          7E43B144 5 Bytes  JMP 3E3E71EC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!MessageBoxExW                                            7E450838 5 Bytes  JMP 3E3E7052 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!MessageBoxExA                                            7E45085C 5 Bytes  JMP 3E3E70B4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!DialogBoxIndirectParamA                                  7E456D7D 5 Bytes  JMP 3E3E72B2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] USER32.dll!MessageBoxIndirectW                                      7E4664D5 5 Bytes  JMP 3E3E7116 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] ole32.dll!CoCreateInstance                                          774FF1BC 5 Bytes  JMP 3E2EDB88 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3180] ole32.dll!OleLoadFromStream                                         7752983B 5 Bytes  JMP 3E3E75D0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\WINDOWS\System32\alg.exe[3192] ntdll.dll!RtlDosSearchPath_U + 186                                                      7C916865 1 Byte  [62]
.text           C:\WINDOWS\System32\alg.exe[3192] kernel32.dll!GetBinaryTypeW + 80                                                        7C868E04 1 Byte  [62]
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3332] ntdll.dll!LdrLoadDll                                     7C91632D 5 Bytes  JMP 003901F8
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3332] ntdll.dll!RtlDosSearchPath_U + 186                       7C916865 1 Byte  [62]
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3332] ntdll.dll!LdrUnloadDll                                   7C9171CD 5 Bytes  JMP 003903FC
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3332] KERNEL32.dll!GetBinaryTypeW + 80                         7C868E04 1 Byte  [62]
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3332] ADVAPI32.dll!SetServiceObjectSecurity                    77E36D81 5 Bytes  JMP 003E1014
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3332] ADVAPI32.dll!ChangeServiceConfigA                        77E36E69 5 Bytes  JMP 003E0804
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3332] ADVAPI32.dll!ChangeServiceConfigW                        77E37001 5 Bytes  JMP 003E0A08
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3332] ADVAPI32.dll!ChangeServiceConfig2A                       77E37101 5 Bytes  JMP 003E0C0C
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3332] ADVAPI32.dll!ChangeServiceConfig2W                       77E37189 5 Bytes  JMP 003E0E10
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3332] ADVAPI32.dll!CreateServiceA                              77E37211 5 Bytes  JMP 003E01F8
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3332] ADVAPI32.dll!CreateServiceW                              77E373A9 5 Bytes  JMP 003E03FC
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[3332] ADVAPI32.dll!DeleteService                               77E374B1 5 Bytes  JMP 003E0600
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] ntdll.dll!LdrLoadDll                                                7C91632D 5 Bytes  JMP 003801F8
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] ntdll.dll!RtlDosSearchPath_U + 186                                  7C916865 1 Byte  [62]
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] ntdll.dll!LdrUnloadDll                                              7C9171CD 5 Bytes  JMP 003803FC
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] KERNEL32.dll!GetBinaryTypeW + 80                                    7C868E04 1 Byte  [62]
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] ADVAPI32.dll!SetServiceObjectSecurity                               77E36D81 5 Bytes  JMP 01BA1014
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] ADVAPI32.dll!ChangeServiceConfigA                                   77E36E69 5 Bytes  JMP 01BA0804
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] ADVAPI32.dll!ChangeServiceConfigW                                   77E37001 5 Bytes  JMP 01BA0A08
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] ADVAPI32.dll!ChangeServiceConfig2A                                  77E37101 5 Bytes  JMP 01BA0C0C
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] ADVAPI32.dll!ChangeServiceConfig2W                                  77E37189 5 Bytes  JMP 01BA0E10
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] ADVAPI32.dll!CreateServiceA                                         77E37211 5 Bytes  JMP 01BA01F8
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] ADVAPI32.dll!CreateServiceW                                         77E373A9 5 Bytes  JMP 01BA03FC
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] ADVAPI32.dll!DeleteService                                          77E374B1 5 Bytes  JMP 01BA0600
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!DialogBoxParamW                                          7E4247AB 5 Bytes  JMP 3E21550D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!SetWindowsHookExW                                        7E42820F 5 Bytes  JMP 009E0804
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!CreateWindowExW                                          7E42D0A3 5 Bytes  JMP 3E2EDB2C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!UnhookWindowsHookEx                                      7E42D5F3 5 Bytes  JMP 009E0A08
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!SetWindowsHookExA                                        7E431211 5 Bytes  JMP 009E0600
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!SetWinEventHook                                          7E4317F7 5 Bytes  JMP 009E01F8
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!UnhookWinEvent                                           7E4318AC 5 Bytes  JMP 009E03FC
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!DialogBoxIndirectParamW                                  7E432072 5 Bytes  JMP 3E3E724F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!MessageBoxIndirectA                                      7E43A082 5 Bytes  JMP 3E3E7181 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!DialogBoxParamA                                          7E43B144 5 Bytes  JMP 3E3E71EC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!MessageBoxExW                                            7E450838 5 Bytes  JMP 3E3E7052 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!MessageBoxExA                                            7E45085C 5 Bytes  JMP 3E3E70B4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!DialogBoxIndirectParamA                                  7E456D7D 5 Bytes  JMP 3E3E72B2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3464] USER32.dll!MessageBoxIndirectW                                      7E4664D5 5 Bytes  JMP 3E3E7116 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\WINDOWS\system32\wuauclt.exe[3612] ntdll.dll!LdrLoadDll                                                                7C91632D 5 Bytes  JMP 002D01F8
.text           C:\WINDOWS\system32\wuauclt.exe[3612] ntdll.dll!RtlDosSearchPath_U + 186                                                  7C916865 1 Byte  [62]
.text           C:\WINDOWS\system32\wuauclt.exe[3612] ntdll.dll!LdrUnloadDll                                                              7C9171CD 5 Bytes  JMP 002D03FC
.text           C:\WINDOWS\system32\wuauclt.exe[3612] KERNEL32.dll!GetBinaryTypeW + 80                                                    7C868E04 1 Byte  [62]
.text           C:\WINDOWS\system32\wuauclt.exe[3612] ADVAPI32.dll!SetServiceObjectSecurity                                               77E36D81 5 Bytes  JMP 00911014
.text           C:\WINDOWS\system32\wuauclt.exe[3612] ADVAPI32.dll!ChangeServiceConfigA                                                   77E36E69 5 Bytes  JMP 00910804
.text           C:\WINDOWS\system32\wuauclt.exe[3612] ADVAPI32.dll!ChangeServiceConfigW                                                   77E37001 5 Bytes  JMP 00910A08
.text           C:\WINDOWS\system32\wuauclt.exe[3612] ADVAPI32.dll!ChangeServiceConfig2A                                                  77E37101 5 Bytes  JMP 00910C0C
.text           C:\WINDOWS\system32\wuauclt.exe[3612] ADVAPI32.dll!ChangeServiceConfig2W                                                  77E37189 5 Bytes  JMP 00910E10
.text           C:\WINDOWS\system32\wuauclt.exe[3612] ADVAPI32.dll!CreateServiceA                                                         77E37211 5 Bytes  JMP 009101F8
.text           C:\WINDOWS\system32\wuauclt.exe[3612] ADVAPI32.dll!CreateServiceW                                                         77E373A9 5 Bytes  JMP 009103FC
.text           C:\WINDOWS\system32\wuauclt.exe[3612] ADVAPI32.dll!DeleteService                                                          77E374B1 5 Bytes  JMP 00910600
.text           C:\Program Files\FS\Spyro Portal\FlashPortal.exe[4020] ntdll.dll!RtlDosSearchPath_U + 186                                 7C916865 1 Byte  [62]
.text           C:\Program Files\FS\Spyro Portal\FlashPortal.exe[4020] KERNEL32.dll!GetBinaryTypeW + 80                                   7C868E04 1 Byte  [62]


 

---- User IAT/EAT - GMER 1.0.15 ----


 

IAT             C:\Program Files\Alwil Software\Avast5\AvastUI.exe[728] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW]    [64C8F6D0] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll (Common functions/AVAST Software)
IAT             C:\WINDOWS\system32\services.exe[1064] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW]             00390002
IAT             C:\WINDOWS\system32\services.exe[1064] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW]                   00390000
IAT             C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1840] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW]  [64C8F6D0] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll (Common functions/AVAST Software)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[2352] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]       [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[3180] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]       [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)


 

---- Devices - GMER 1.0.15 ----


 

Device          \FileSystem\Ntfs \Ntfs                                                                                                    aswSP.SYS (avast! self protection module/AVAST Software)


 

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                                    aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                                    InCDrec.SYS (InCD File System Recognizer/Nero AG)
AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                                  pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                                  aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                                 pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                                 aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                                 pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                                 aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                               pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                               aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)


 

Device                                                                                                                                    mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device                                                                                                                                    Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)


 

---- Files - GMER 1.0.15 ----


 

File            C:\avast! sandbox                                                                                                         0 bytes
File            C:\avast! sandbox\S-1-5-21-515967899-1637723038-839522115-1003                                                            0 bytes
File            C:\avast! sandbox\S-1-5-21-515967899-1637723038-839522115-1003\webStorage                                                 0 bytes
File            C:\avast! sandbox\S-1-5-21-515967899-1637723038-839522115-1003\webStorage\C                                               0 bytes
File            C:\avast! sandbox\S-1-5-21-515967899-1637723038-839522115-1003\webStorage\snx_fs.dat                                      180 bytes
File            C:\avast! sandbox\snx_rhive                                                                                               262144 bytes
File            C:\avast! sandbox\snx_rhive.LOG                                                                                           1024 bytes


 

---- EOF - GMER 1.0.15 ----


 


Edited by hamluis, 26 February 2013 - 12:51 PM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 AM

Posted 26 February 2013 - 12:59 PM

I'm not seeing anything malicious in the logs but lets run some checks

 

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results



#3 TheLadyIsMad

TheLadyIsMad
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 26 February 2013 - 03:50 PM

Ok. Here's what I've got:

 

TDSSKIller gave me two logs from one scan-

 

10:03:16.0738 4016  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:03:17.0316 4016  ============================================================
10:03:17.0316 4016  Current date / time: 2013/02/26 10:03:17.0316
10:03:17.0316 4016  SystemInfo:
10:03:17.0316 4016 
10:03:17.0316 4016  OS Version: 5.1.2600 ServicePack: 3.0
10:03:17.0316 4016  Product type: Workstation
10:03:17.0316 4016  ComputerName: COMPUTER1
10:03:17.0316 4016  UserName: Family
10:03:17.0316 4016  Windows directory: C:\WINDOWS
10:03:17.0316 4016  System windows directory: C:\WINDOWS
10:03:17.0316 4016  Processor architecture: Intel x86
10:03:17.0316 4016  Number of processors: 2
10:03:17.0316 4016  Page size: 0x1000
10:03:17.0316 4016  Boot type: Normal boot
10:03:17.0316 4016  ============================================================
10:03:18.0613 4016  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:03:18.0629 4016  ============================================================
10:03:18.0629 4016  \Device\Harddisk0\DR0:
10:03:18.0629 4016  MBR partitions:
10:03:18.0629 4016  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFAC05
10:03:18.0629 4016  ============================================================
10:03:18.0644 4016  C: <-> \Device\Harddisk0\DR0\Partition1
10:03:18.0644 4016  ============================================================
10:03:18.0644 4016  Initialize success
10:03:18.0644 4016  ============================================================
10:04:18.0507 2304  Deinitialize success
 

 

10:07:21.0421 0564  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:07:23.0328 0564  ============================================================
10:07:23.0328 0564  Current date / time: 2013/02/26 10:07:23.0328
10:07:23.0328 0564  SystemInfo:
10:07:23.0328 0564 
10:07:23.0328 0564  OS Version: 5.1.2600 ServicePack: 3.0
10:07:23.0328 0564  Product type: Workstation
10:07:23.0328 0564  ComputerName: COMPUTER1
10:07:23.0328 0564  UserName: Family
10:07:23.0328 0564  Windows directory: C:\WINDOWS
10:07:23.0328 0564  System windows directory: C:\WINDOWS
10:07:23.0328 0564  Processor architecture: Intel x86
10:07:23.0328 0564  Number of processors: 2
10:07:23.0328 0564  Page size: 0x1000
10:07:23.0328 0564  Boot type: Normal boot
10:07:23.0328 0564  ============================================================
10:07:27.0203 0564  BG loaded
10:07:27.0656 0564  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:07:27.0687 0564  ============================================================
10:07:27.0687 0564  \Device\Harddisk0\DR0:
10:07:27.0718 0564  MBR partitions:
10:07:27.0718 0564  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFAC05
10:07:27.0718 0564  ============================================================
10:07:27.0796 0564  C: <-> \Device\Harddisk0\DR0\Partition1
10:07:27.0796 0564  ============================================================
10:07:27.0796 0564  Initialize success
10:07:27.0796 0564  ============================================================
10:09:58.0859 3300  ============================================================
10:09:58.0859 3300  Scan started
10:09:58.0859 3300  Mode: Manual;
10:09:58.0859 3300  ============================================================
10:09:59.0156 3300  ================ Scan system memory ========================
10:09:59.0156 3300  System memory - ok
10:09:59.0156 3300  ================ Scan services =============================
10:09:59.0234 3300  0203141261084531mcinstcleanup - ok
10:09:59.0343 3300  [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4        C:\WINDOWS\system32\drivers\Aavmker4.sys
10:09:59.0343 3300  Aavmker4 - ok
10:09:59.0343 3300  Abiosdsk - ok
10:09:59.0406 3300  [ 82CD4F28228543173813475076891649 ] ABIT-IO         C:\Program Files\U-ABIT\abitEQ\ABIT-IO.sys
10:09:59.0406 3300  ABIT-IO - ok
10:09:59.0421 3300  abp480n5 - ok
10:09:59.0453 3300  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:09:59.0468 3300  ACPI - ok
10:09:59.0484 3300  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
10:09:59.0500 3300  ACPIEC - ok
10:09:59.0562 3300  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:09:59.0578 3300  AdobeFlashPlayerUpdateSvc - ok
10:09:59.0593 3300  adpu160m - ok
10:09:59.0640 3300  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
10:09:59.0656 3300  aec - ok
10:09:59.0718 3300  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:09:59.0718 3300  AFD - ok
10:09:59.0750 3300  Aha154x - ok
10:09:59.0765 3300  aic78u2 - ok
10:09:59.0781 3300  aic78xx - ok
10:09:59.0812 3300  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:09:59.0828 3300  Alerter - ok
10:09:59.0843 3300  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
10:09:59.0859 3300  ALG - ok
10:09:59.0859 3300  AliIde - ok
10:09:59.0906 3300  [ EFBB0956BAED786E137351B5CA272AEF ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
10:09:59.0906 3300  AmdK8 - ok
10:09:59.0921 3300  amsint - ok
10:09:59.0953 3300  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
10:09:59.0968 3300  AppMgmt - ok
10:09:59.0984 3300  asc - ok
10:09:59.0984 3300  asc3350p - ok
10:10:00.0000 3300  asc3550 - ok
10:10:00.0078 3300  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:10:00.0093 3300  aspnet_state - ok
10:10:00.0109 3300  [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk        C:\WINDOWS\system32\drivers\aswFsBlk.sys
10:10:00.0125 3300  aswFsBlk - ok
10:10:00.0140 3300  [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2         C:\WINDOWS\system32\drivers\aswMon2.sys
10:10:00.0156 3300  aswMon2 - ok
10:10:00.0171 3300  [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr.sys
10:10:00.0187 3300  aswRdr - ok
10:10:00.0265 3300  [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
10:10:00.0343 3300  aswSnx - ok
10:10:00.0406 3300  [ 67B558895695545FB0568B7541F3BCA7 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
10:10:00.0437 3300  aswSP - ok
10:10:00.0453 3300  [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
10:10:00.0468 3300  aswTdi - ok
10:10:00.0484 3300  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:10:00.0484 3300  AsyncMac - ok
10:10:00.0500 3300  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
10:10:00.0500 3300  atapi - ok
10:10:00.0500 3300  Atdisk - ok
10:10:00.0531 3300  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:10:00.0531 3300  Atmarpc - ok
10:10:00.0578 3300  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:10:00.0593 3300  AudioSrv - ok
10:10:00.0625 3300  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:10:00.0625 3300  audstub - ok
10:10:00.0687 3300  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
10:10:00.0687 3300  avast! Antivirus - ok
10:10:00.0718 3300  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:10:00.0734 3300  Beep - ok
10:10:00.0812 3300  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:10:00.0906 3300  BITS - ok
10:10:00.0937 3300  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
10:10:00.0937 3300  Browser - ok
10:10:01.0000 3300  catchme - ok
10:10:01.0031 3300  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:10:01.0046 3300  cbidf2k - ok
10:10:01.0046 3300  cd20xrnt - ok
10:10:01.0078 3300  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:10:01.0093 3300  Cdaudio - ok
10:10:01.0125 3300  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:10:01.0140 3300  Cdfs - ok
10:10:01.0171 3300  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:10:01.0187 3300  Cdrom - ok
10:10:01.0203 3300  Changer - ok
10:10:01.0218 3300  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc           C:\WINDOWS\system32\cisvc.exe
10:10:01.0234 3300  cisvc - ok
10:10:01.0250 3300  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:10:01.0265 3300  ClipSrv - ok
10:10:01.0328 3300  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:10:01.0359 3300  clr_optimization_v2.0.50727_32 - ok
10:10:01.0375 3300  CmdIde - ok
10:10:01.0390 3300  COMSysApp - ok
10:10:01.0421 3300  Cpqarray - ok
10:10:01.0453 3300  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:10:01.0468 3300  CryptSvc - ok
10:10:01.0484 3300  dac2w2k - ok
10:10:01.0500 3300  dac960nt - ok
10:10:01.0578 3300  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:10:01.0640 3300  DcomLaunch - ok
10:10:01.0687 3300  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:10:01.0703 3300  Dhcp - ok
10:10:01.0734 3300  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:10:01.0750 3300  Disk - ok
10:10:01.0750 3300  dmadmin - ok
10:10:01.0875 3300  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:10:02.0000 3300  dmboot - ok
10:10:02.0031 3300  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:10:02.0062 3300  dmio - ok
10:10:02.0078 3300  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:10:02.0093 3300  dmload - ok
10:10:02.0125 3300  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:10:02.0140 3300  dmserver - ok
10:10:02.0171 3300  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
10:10:02.0171 3300  DMusic - ok
10:10:02.0218 3300  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:10:02.0218 3300  Dnscache - ok
10:10:02.0281 3300  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:10:02.0312 3300  Dot3svc - ok
10:10:02.0328 3300  dpti2o - ok
10:10:02.0359 3300  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:10:02.0359 3300  drmkaud - ok
10:10:02.0390 3300  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:10:02.0390 3300  EapHost - ok
10:10:02.0421 3300  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:10:02.0421 3300  ERSvc - ok
10:10:02.0468 3300  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
10:10:02.0484 3300  Eventlog - ok
10:10:02.0546 3300  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\System32\es.dll
10:10:02.0593 3300  EventSystem - ok
10:10:02.0640 3300  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:10:02.0687 3300  Fastfat - ok
10:10:02.0734 3300  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:10:02.0750 3300  FastUserSwitchingCompatibility - ok
10:10:02.0781 3300  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
10:10:02.0781 3300  Fdc - ok
10:10:02.0812 3300  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:10:02.0828 3300  Fips - ok
10:10:02.0843 3300  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:10:02.0859 3300  Flpydisk - ok
10:10:02.0906 3300  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:10:02.0921 3300  FltMgr - ok
10:10:02.0984 3300  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:10:03.0000 3300  FontCache3.0.0.0 - ok
10:10:03.0015 3300  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:10:03.0031 3300  Fs_Rec - ok
10:10:03.0062 3300  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:10:03.0078 3300  Ftdisk - ok
10:10:03.0109 3300  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:10:03.0125 3300  Gpc - ok
10:10:03.0156 3300  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:10:03.0187 3300  HDAudBus - ok
10:10:03.0234 3300  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:10:03.0250 3300  helpsvc - ok
10:10:03.0265 3300  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
10:10:03.0281 3300  HidServ - ok
10:10:03.0296 3300  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:10:03.0296 3300  hidusb - ok
10:10:03.0328 3300  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:10:03.0343 3300  hkmsvc - ok
10:10:03.0359 3300  hpn - ok
10:10:03.0375 3300  hpt3xx - ok
10:10:03.0437 3300  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:10:03.0453 3300  HTTP - ok
10:10:03.0468 3300  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:10:03.0500 3300  HTTPFilter - ok
10:10:03.0500 3300  i2omgmt - ok
10:10:03.0515 3300  i2omp - ok
10:10:03.0546 3300  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:10:03.0562 3300  i8042prt - ok
10:10:03.0718 3300  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:10:03.0828 3300  idsvc - ok
10:10:03.0890 3300  [ 78DF31CDD3A380E7F9CFCC8B4E24813C ] IJPLMSVC        C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
10:10:03.0890 3300  IJPLMSVC - ok
10:10:03.0921 3300  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:10:03.0937 3300  Imapi - ok
10:10:03.0984 3300  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:10:03.0984 3300  ImapiService - ok
10:10:04.0031 3300  [ 580A81790CD0A48D85DA322267DA7AC4 ] InCDfs          C:\WINDOWS\system32\drivers\InCDFs.sys
10:10:04.0062 3300  InCDfs - ok
10:10:04.0078 3300  [ AAA2789D2CE21B31BE9406BA1CEB7285 ] InCDPass        C:\WINDOWS\system32\drivers\InCDPass.sys
10:10:04.0093 3300  InCDPass - ok
10:10:04.0125 3300  [ 4D022577E9072B5D22E0A383A7806BBB ] InCDrec         C:\WINDOWS\system32\drivers\InCDrec.sys
10:10:04.0125 3300  InCDrec - ok
10:10:04.0156 3300  [ C258E57321A3C3737F4FA815FA69EE0B ] incdrm          C:\WINDOWS\system32\drivers\InCDRm.sys
10:10:04.0171 3300  incdrm - ok
10:10:04.0406 3300  [ 9792B85E32E058CD6A43DB274BA47D57 ] InCDsrv         C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
10:10:04.0421 3300  InCDsrv - ok
10:10:04.0453 3300  ini910u - ok
10:10:04.0953 3300  [ CBDDAB14249B2F05407FC09AB8FFFB88 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:10:05.0359 3300  IntcAzAudAddService - ok
10:10:05.0375 3300  IntelIde - ok
10:10:05.0421 3300  [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys
10:10:05.0421 3300  ip6fw - ok
10:10:05.0453 3300  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:10:05.0453 3300  IpFilterDriver - ok
10:10:05.0468 3300  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:10:05.0484 3300  IpInIp - ok
10:10:05.0515 3300  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:10:05.0531 3300  IpNat - ok
10:10:05.0531 3300  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:10:05.0546 3300  IPSec - ok
10:10:05.0562 3300  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:10:05.0578 3300  IRENUM - ok
10:10:05.0593 3300  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:10:05.0609 3300  isapnp - ok
10:10:05.0656 3300  [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
10:10:05.0671 3300  JavaQuickStarterService - ok
10:10:05.0687 3300  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:10:05.0687 3300  Kbdclass - ok
10:10:05.0703 3300  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:10:05.0703 3300  kbdhid - ok
10:10:05.0734 3300  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
10:10:05.0750 3300  kmixer - ok
10:10:05.0796 3300  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:10:05.0796 3300  KSecDD - ok
10:10:05.0828 3300  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
10:10:05.0843 3300  lanmanserver - ok
10:10:05.0875 3300  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:10:05.0906 3300  lanmanworkstation - ok
10:10:05.0921 3300  Lbd - ok
10:10:05.0937 3300  lbrtfdc - ok
10:10:06.0000 3300  [ 53710476495886D9961BE46983A6A33F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:10:06.0015 3300  LightScribeService - ok
10:10:06.0031 3300  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:10:06.0046 3300  LmHosts - ok
10:10:06.0062 3300  LXCDWFEUXRKK - ok
10:10:06.0125 3300  [ 19D95F16CDC256078EA45D4E566EA1DB ] McAfee SiteAdvisor Service C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
10:10:06.0125 3300  McAfee SiteAdvisor Service - ok
10:10:06.0171 3300  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:10:06.0187 3300  Messenger - ok
10:10:06.0218 3300  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:10:06.0218 3300  mnmdd - ok
10:10:06.0250 3300  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
10:10:06.0265 3300  mnmsrvc - ok
10:10:06.0281 3300  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:10:06.0296 3300  Modem - ok
10:10:06.0312 3300  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:10:06.0328 3300  Mouclass - ok
10:10:06.0359 3300  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:10:06.0359 3300  mouhid - ok
10:10:06.0406 3300  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:10:06.0421 3300  MountMgr - ok
10:10:06.0437 3300  mraid35x - ok
10:10:06.0468 3300  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:10:06.0500 3300  MRxDAV - ok
10:10:06.0593 3300  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:10:06.0640 3300  MRxSmb - ok
10:10:06.0671 3300  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
10:10:06.0687 3300  MSDTC - ok
10:10:06.0718 3300  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:10:06.0734 3300  Msfs - ok
10:10:06.0750 3300  MSIServer - ok
10:10:06.0781 3300  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:10:06.0781 3300  MSKSSRV - ok
10:10:06.0796 3300  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:10:06.0796 3300  MSPCLOCK - ok
10:10:06.0812 3300  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:10:06.0828 3300  MSPQM - ok
10:10:06.0859 3300  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:10:06.0875 3300  mssmbios - ok
10:10:06.0890 3300  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:10:06.0921 3300  Mup - ok
10:10:06.0984 3300  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:10:07.0031 3300  napagent - ok
10:10:07.0156 3300  [ B498A14133BD09AD0817590ACE4470AD ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
10:10:07.0265 3300  NBService - ok
10:10:07.0296 3300  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:10:07.0328 3300  NDIS - ok
10:10:07.0359 3300  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:10:07.0359 3300  NdisTapi - ok
10:10:07.0390 3300  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:10:07.0390 3300  Ndisuio - ok
10:10:07.0437 3300  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:10:07.0453 3300  NdisWan - ok
10:10:07.0468 3300  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:10:07.0484 3300  NDProxy - ok
10:10:07.0500 3300  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:10:07.0500 3300  NetBIOS - ok
10:10:07.0546 3300  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:10:07.0562 3300  NetBT - ok
10:10:07.0609 3300  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:10:07.0625 3300  NetDDE - ok
10:10:07.0656 3300  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:10:07.0656 3300  NetDDEdsdm - ok
10:10:07.0687 3300  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:10:07.0718 3300  Netlogon - ok
10:10:07.0765 3300  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
10:10:07.0765 3300  Netman - ok
10:10:07.0812 3300  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:10:07.0828 3300  NetTcpPortSharing - ok
10:10:07.0890 3300  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:10:07.0921 3300  Nla - ok
10:10:08.0000 3300  [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
10:10:08.0046 3300  NMIndexingService - ok
10:10:08.0078 3300  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:10:08.0093 3300  Npfs - ok
10:10:08.0187 3300  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:10:08.0265 3300  Ntfs - ok
10:10:08.0281 3300  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe
10:10:08.0296 3300  NtLmSsp - ok
10:10:08.0375 3300  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:10:08.0437 3300  NtmsSvc - ok
10:10:08.0468 3300  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:10:08.0468 3300  Null - ok
10:10:09.0109 3300  [ 70CB8915895CCB92DDF23CE890C4F5BE ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:10:09.0687 3300  nv - ok
10:10:09.0718 3300  [ 7D275ECDA4628318912F6C945D5CF963 ] NVENETFD        C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
10:10:09.0718 3300  NVENETFD - ok
10:10:09.0734 3300  [ B64AACEFAD2BE5BFF5353FE681253C67 ] nvnetbus        C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
10:10:09.0750 3300  nvnetbus - ok
10:10:09.0765 3300  [ F96DF45CFBDC670584293E03C2AB602A ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
10:10:09.0781 3300  NVSvc - ok
10:10:09.0796 3300  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:10:09.0796 3300  NwlnkFlt - ok
10:10:09.0812 3300  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:10:09.0812 3300  NwlnkFwd - ok
10:10:09.0875 3300  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:10:09.0890 3300  ose - ok
10:10:10.0328 3300  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:10:10.0765 3300  osppsvc - ok
10:10:10.0796 3300  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
10:10:10.0812 3300  Parport - ok
10:10:10.0843 3300  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:10:10.0843 3300  PartMgr - ok
10:10:10.0859 3300  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:10:10.0859 3300  ParVdm - ok
10:10:10.0875 3300  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:10:10.0890 3300  PCI - ok
10:10:10.0890 3300  PCIDump - ok
10:10:10.0906 3300  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:10:10.0921 3300  PCIIde - ok
10:10:10.0937 3300  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:10:10.0953 3300  Pcmcia - ok
10:10:10.0984 3300  [ CC174F32CC9C18EA3109C4B0FC2CA8DF ] PCTAppEvent     C:\WINDOWS\system32\drivers\PCTAppEvent.sys
10:10:11.0000 3300  PCTAppEvent - ok
10:10:11.0031 3300  [ AD629E621CB1242BA8707CD9C2C5B6EC ] PCTCore         C:\WINDOWS\system32\drivers\PCTCore.sys
10:10:11.0046 3300  PCTCore - ok
10:10:11.0078 3300  [ 0AFD401E45033C6264080989647989D2 ] PCTFW-DNS       C:\WINDOWS\system32\drivers\pctNdis-DNS.sys
10:10:11.0078 3300  PCTFW-DNS - ok
10:10:11.0109 3300  [ 4A7EF973FCD9C6CAD6040EBB61262A5C ] PCTFW-PacketFilter C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys
10:10:11.0125 3300  PCTFW-PacketFilter - ok
10:10:11.0156 3300  [ 39E8623F9F29DBC9E053A696D85F8AC6 ] pctgntdi        C:\WINDOWS\system32\drivers\pctgntdi.sys
10:10:11.0187 3300  pctgntdi - ok
10:10:11.0218 3300  [ 8BBE917BC4DA64B0BA8DB33D4C0E0B7D ] pctNDIS         C:\WINDOWS\system32\DRIVERS\pctNdis.sys
10:10:11.0218 3300  pctNDIS - ok
10:10:11.0312 3300  [ C45ED958D60B95E98BACB45F4F2F1649 ] PCToolsFirewallPlus C:\Program Files\PC Tools Firewall Plus\FWService.exe
10:10:11.0312 3300  PCToolsFirewallPlus - ok
10:10:11.0343 3300  [ 6D74DF36716A458619A62DD764FC4F8B ] pctplfw         C:\WINDOWS\system32\drivers\pctplfw.sys
10:10:11.0359 3300  pctplfw - ok
10:10:11.0359 3300  PDCOMP - ok
10:10:11.0375 3300  PDFRAME - ok
10:10:11.0375 3300  PDRELI - ok
10:10:11.0375 3300  PDRFRAME - ok
10:10:11.0406 3300  [ 03F37BEBD1F699B12304C4AEEEDC0FAE ] pelmouse        C:\WINDOWS\system32\DRIVERS\pelmouse.sys
10:10:11.0406 3300  pelmouse - ok
10:10:11.0437 3300  [ A448E46C8FCB8F7F4EE0C64C97FE86CE ] pelusblf        C:\WINDOWS\system32\DRIVERS\pelusblf.sys
10:10:11.0437 3300  pelusblf - ok
10:10:11.0453 3300  perc2 - ok
10:10:11.0453 3300  perc2hib - ok
10:10:11.0500 3300  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
10:10:11.0500 3300  PlugPlay - ok
10:10:11.0515 3300  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:10:11.0515 3300  PolicyAgent - ok
10:10:11.0531 3300  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:10:11.0531 3300  PptpMiniport - ok
10:10:11.0546 3300  [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
10:10:11.0562 3300  Processor - ok
10:10:11.0578 3300  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:10:11.0593 3300  ProtectedStorage - ok
10:10:11.0593 3300  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
10:10:11.0609 3300  PSched - ok
10:10:11.0625 3300  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:10:11.0640 3300  Ptilink - ok
10:10:11.0656 3300  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:10:11.0671 3300  PxHelp20 - ok
10:10:11.0671 3300  ql1080 - ok
10:10:11.0687 3300  Ql10wnt - ok
10:10:11.0687 3300  ql12160 - ok
10:10:11.0703 3300  ql1240 - ok
10:10:11.0703 3300  ql1280 - ok
10:10:11.0718 3300  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:10:11.0718 3300  RasAcd - ok
10:10:11.0765 3300  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:10:11.0765 3300  RasAuto - ok
10:10:11.0781 3300  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:10:11.0796 3300  Rasl2tp - ok
10:10:11.0828 3300  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:10:11.0843 3300  RasMan - ok
10:10:11.0843 3300  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:10:11.0859 3300  RasPppoe - ok
10:10:11.0859 3300  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:10:11.0875 3300  Raspti - ok
10:10:11.0890 3300  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:10:11.0921 3300  Rdbss - ok
10:10:11.0921 3300  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:10:11.0937 3300  RDPCDD - ok
10:10:11.0953 3300  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:10:11.0984 3300  rdpdr - ok
10:10:12.0015 3300  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
10:10:12.0031 3300  RDPWD - ok
10:10:12.0062 3300  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
10:10:12.0078 3300  RDSessMgr - ok
10:10:12.0093 3300  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:10:12.0109 3300  redbook - ok
10:10:12.0125 3300  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:10:12.0140 3300  RemoteAccess - ok
10:10:12.0156 3300  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:10:12.0187 3300  RemoteRegistry - ok
10:10:12.0203 3300  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\System32\locator.exe
10:10:12.0203 3300  RpcLocator - ok
10:10:12.0250 3300  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
10:10:12.0265 3300  RpcSs - ok
10:10:12.0296 3300  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\System32\rsvp.exe
10:10:12.0312 3300  RSVP - ok
10:10:12.0328 3300  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:10:12.0328 3300  SamSs - ok
10:10:12.0343 3300  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:10:12.0359 3300  SCardSvr - ok
10:10:12.0406 3300  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:10:12.0421 3300  Schedule - ok
10:10:12.0453 3300  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:10:12.0453 3300  Secdrv - ok
10:10:12.0468 3300  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:10:12.0468 3300  seclogon - ok
10:10:12.0484 3300  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
10:10:12.0500 3300  SENS - ok
10:10:12.0515 3300  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
10:10:12.0515 3300  Serial - ok
10:10:12.0546 3300  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
10:10:12.0546 3300  Sfloppy - ok
10:10:12.0625 3300  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:10:12.0656 3300  SharedAccess - ok
10:10:12.0671 3300  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:10:12.0687 3300  ShellHWDetection - ok
10:10:12.0687 3300  Simbad - ok
10:10:12.0703 3300  Sparrow - ok
10:10:12.0703 3300  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
10:10:12.0718 3300  splitter - ok
10:10:12.0750 3300  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:10:12.0765 3300  Spooler - ok
10:10:12.0812 3300  [ 3F4892C5EFBF92B9332A6F3BFA9C57EC ] SpyroService    C:\Program Files\FS\Spyro Portal\FlashPortal.exe
10:10:12.0812 3300  SpyroService - ok
10:10:12.0843 3300  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:10:12.0843 3300  sr - ok
10:10:12.0875 3300  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
10:10:12.0906 3300  srservice - ok
10:10:12.0953 3300  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:10:13.0000 3300  Srv - ok
10:10:13.0015 3300  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:10:13.0031 3300  SSDPSRV - ok
10:10:13.0078 3300  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:10:13.0125 3300  stisvc - ok
10:10:13.0140 3300  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:10:13.0140 3300  swenum - ok
10:10:13.0156 3300  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
10:10:13.0156 3300  swmidi - ok
10:10:13.0187 3300  [ 3D4776AB6520240AE06D277AC45BF836 ] swmsflt         C:\WINDOWS\system32\DRIVERS\swmsflt.sys
10:10:13.0203 3300  swmsflt - ok
10:10:13.0203 3300  SWMX00 - ok
10:10:13.0203 3300  SWNC5E00 - ok
10:10:13.0218 3300  SwPrv - ok
10:10:13.0234 3300  SWUMX20 - ok
10:10:13.0265 3300  symc810 - ok
10:10:13.0281 3300  symc8xx - ok
10:10:13.0281 3300  sym_hi - ok
10:10:13.0296 3300  sym_u3 - ok
10:10:13.0421 3300  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
10:10:13.0437 3300  sysaudio - ok
10:10:13.0453 3300  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:10:13.0468 3300  SysmonLog - ok
10:10:13.0515 3300  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:10:13.0515 3300  TapiSrv - ok
10:10:13.0562 3300  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:10:13.0609 3300  Tcpip - ok
10:10:13.0656 3300  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
10:10:13.0671 3300  TDPIPE - ok
10:10:13.0671 3300  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
10:10:13.0687 3300  TDTCP - ok
10:10:13.0703 3300  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
10:10:13.0703 3300  TermDD - ok
10:10:13.0750 3300  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
10:10:13.0750 3300  TermService - ok
10:10:13.0781 3300  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:10:13.0781 3300  Themes - ok
10:10:13.0796 3300  THL - ok
10:10:13.0812 3300  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\System32\tlntsvr.exe
10:10:13.0843 3300  TlntSvr - ok
10:10:13.0843 3300  TosIde - ok
10:10:13.0859 3300  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:10:13.0875 3300  TrkWks - ok
10:10:13.0921 3300  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:10:13.0921 3300  Udfs - ok
10:10:13.0937 3300  ultra - ok
10:10:13.0984 3300  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:10:14.0015 3300  Update - ok
10:10:14.0046 3300  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:10:14.0078 3300  upnphost - ok
10:10:14.0093 3300  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
10:10:14.0109 3300  UPS - ok
10:10:14.0125 3300  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:10:14.0125 3300  usbccgp - ok
10:10:14.0140 3300  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:10:14.0140 3300  usbehci - ok
10:10:14.0156 3300  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:10:14.0171 3300  usbhub - ok
10:10:14.0187 3300  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
10:10:14.0187 3300  usbohci - ok
10:10:14.0203 3300  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:10:14.0203 3300  usbprint - ok
10:10:14.0250 3300  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:10:14.0250 3300  usbscan - ok
10:10:14.0265 3300  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:10:14.0281 3300  USBSTOR - ok
10:10:14.0296 3300  [ 9BF2EA54E5ED5ACDF96F1DEC84C117C4 ] VClone          C:\WINDOWS\system32\DRIVERS\VClone.sys
10:10:14.0296 3300  VClone - ok
10:10:14.0328 3300  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:10:14.0328 3300  VgaSave - ok
10:10:14.0343 3300  ViaIde - ok
10:10:14.0359 3300  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:10:14.0375 3300  VolSnap - ok
10:10:14.0421 3300  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
10:10:14.0453 3300  VSS - ok
10:10:14.0484 3300  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
10:10:14.0515 3300  W32Time - ok
10:10:14.0531 3300  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:10:14.0531 3300  Wanarp - ok
10:10:14.0593 3300  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
10:10:14.0656 3300  Wdf01000 - ok
10:10:14.0656 3300  WDICA - ok
10:10:14.0671 3300  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
10:10:14.0687 3300  wdmaud - ok
10:10:14.0703 3300  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:10:14.0718 3300  WebClient - ok
10:10:14.0765 3300  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:10:14.0781 3300  winmgmt - ok
10:10:14.0812 3300  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
10:10:14.0812 3300  WinUSB - ok
10:10:14.0843 3300  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
10:10:14.0843 3300  WmdmPmSN - ok
10:10:14.0921 3300  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
10:10:14.0984 3300  Wmi - ok
10:10:15.0000 3300  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
10:10:15.0000 3300  WmiAcpi - ok
10:10:15.0031 3300  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
10:10:15.0046 3300  WmiApSrv - ok
10:10:15.0156 3300  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
10:10:15.0250 3300  WMPNetworkSvc - ok
10:10:15.0281 3300  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:10:15.0281 3300  WS2IFSL - ok
10:10:15.0312 3300  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:10:15.0328 3300  wscsvc - ok
10:10:15.0343 3300  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:10:15.0343 3300  wuauserv - ok
10:10:15.0375 3300  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:10:15.0375 3300  WudfPf - ok
10:10:15.0406 3300  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:10:15.0406 3300  WudfRd - ok
10:10:15.0421 3300  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
10:10:15.0453 3300  WudfSvc - ok
10:10:15.0515 3300  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:10:15.0562 3300  WZCSVC - ok
10:10:15.0562 3300  XGIRDLHYUFWWE - ok
10:10:15.0593 3300  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:10:15.0640 3300  xmlprov - ok
10:10:15.0640 3300  ================ Scan global ===============================
10:10:15.0671 3300  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:10:15.0718 3300  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
10:10:15.0781 3300  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
10:10:15.0796 3300  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:10:15.0812 3300  [Global] - ok
10:10:15.0812 3300  ================ Scan MBR ==================================
10:10:15.0812 3300  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
10:10:16.0046 3300  \Device\Harddisk0\DR0 - ok
10:10:16.0046 3300  ================ Scan VBR ==================================
10:10:16.0046 3300  [ DBB02015E60DE2DAB3CA64FCDE53CE88 ] \Device\Harddisk0\DR0\Partition1
10:10:16.0062 3300  \Device\Harddisk0\DR0\Partition1 - ok
10:10:16.0062 3300  ================ Scan active images ========================
10:10:16.0062 3300  [ EFBB0956BAED786E137351B5CA272AEF ] C:\WINDOWS\system32\drivers\AmdK8.sys
10:10:16.0062 3300  C:\WINDOWS\system32\drivers\AmdK8.sys - ok
10:10:16.0062 3300  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
10:10:16.0062 3300  C:\WINDOWS\system32\drivers\fdc.sys - ok
10:10:16.0078 3300  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
10:10:16.0078 3300  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
10:10:16.0078 3300  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
10:10:16.0078 3300  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
10:10:16.0093 3300  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
10:10:16.0093 3300  C:\WINDOWS\system32\drivers\usbport.sys - ok
10:10:16.0093 3300  [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys
10:10:16.0093 3300  C:\WINDOWS\system32\drivers\usbohci.sys - ok
10:10:16.0093 3300  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
10:10:16.0093 3300  C:\WINDOWS\system32\drivers\cdrom.sys - ok
10:10:16.0109 3300  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
10:10:16.0109 3300  C:\WINDOWS\system32\drivers\imapi.sys - ok
10:10:16.0109 3300  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
10:10:16.0109 3300  C:\WINDOWS\system32\drivers\usbehci.sys - ok
10:10:16.0109 3300  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
10:10:16.0109 3300  C:\WINDOWS\system32\drivers\ks.sys - ok
10:10:16.0125 3300  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
10:10:16.0125 3300  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
10:10:16.0125 3300  [ AAA2789D2CE21B31BE9406BA1CEB7285 ] C:\WINDOWS\system32\drivers\InCDPass.sys
10:10:16.0125 3300  C:\WINDOWS\system32\drivers\InCDPass.sys - ok
10:10:16.0140 3300  [ C258E57321A3C3737F4FA815FA69EE0B ] C:\WINDOWS\system32\drivers\InCDRm.sys
10:10:16.0140 3300  C:\WINDOWS\system32\drivers\InCDRm.sys - ok
10:10:16.0140 3300  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
10:10:16.0140 3300  C:\WINDOWS\system32\drivers\redbook.sys - ok
10:10:16.0156 3300  [ C5A2952901DC5E1CC33014E809296D30 ] C:\WINDOWS\system32\drivers\nvnrm.sys
10:10:16.0156 3300  C:\WINDOWS\system32\drivers\nvnrm.sys - ok
10:10:16.0156 3300  [ B64AACEFAD2BE5BFF5353FE681253C67 ] C:\WINDOWS\system32\drivers\nvnetbus.sys
10:10:16.0156 3300  C:\WINDOWS\system32\drivers\nvnetbus.sys - ok
10:10:16.0156 3300  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
10:10:16.0156 3300  C:\WINDOWS\system32\drivers\videoprt.sys - ok
10:10:16.0171 3300  [ 70CB8915895CCB92DDF23CE890C4F5BE ] C:\WINDOWS\system32\drivers\nv4_mini.sys
10:10:16.0171 3300  C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
10:10:16.0171 3300  [ C42584FD66CE9E17403AEBCA199F7BDB ] C:\WINDOWS\system32\drivers\wmiacpi.sys
10:10:16.0171 3300  C:\WINDOWS\system32\drivers\wmiacpi.sys - ok
10:10:16.0187 3300  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
10:10:16.0187 3300  C:\WINDOWS\system32\drivers\audstub.sys - ok
10:10:16.0187 3300  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
10:10:16.0187 3300  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
10:10:16.0187 3300  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
10:10:16.0187 3300  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
10:10:16.0203 3300  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
10:10:16.0203 3300  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
10:10:16.0203 3300  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
10:10:16.0203 3300  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
10:10:16.0218 3300  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
10:10:16.0218 3300  C:\WINDOWS\system32\drivers\tdi.sys - ok
10:10:16.0218 3300  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
10:10:16.0218 3300  C:\WINDOWS\system32\drivers\msgpc.sys - ok
10:10:16.0234 3300  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
10:10:16.0234 3300  C:\WINDOWS\system32\drivers\psched.sys - ok
10:10:16.0234 3300  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
10:10:16.0234 3300  C:\WINDOWS\system32\drivers\raspptp.sys - ok
10:10:16.0234 3300  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
10:10:16.0234 3300  C:\WINDOWS\system32\drivers\ptilink.sys - ok
10:10:16.0250 3300  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
10:10:16.0250 3300  C:\WINDOWS\system32\drivers\raspti.sys - ok
10:10:16.0250 3300  [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
10:10:16.0250 3300  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
10:10:16.0265 3300  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
10:10:16.0265 3300  C:\WINDOWS\system32\drivers\termdd.sys - ok
10:10:16.0265 3300  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
10:10:16.0265 3300  C:\WINDOWS\system32\drivers\mouclass.sys - ok
10:10:16.0281 3300  [ 8BBE917BC4DA64B0BA8DB33D4C0E0B7D ] C:\WINDOWS\system32\drivers\pctNdis.sys
10:10:16.0281 3300  C:\WINDOWS\system32\drivers\pctNdis.sys - ok
10:10:16.0281 3300  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
10:10:16.0281 3300  C:\WINDOWS\system32\drivers\swenum.sys - ok
10:10:16.0281 3300  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
10:10:16.0281 3300  C:\WINDOWS\system32\drivers\update.sys - ok
10:10:16.0296 3300  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
10:10:16.0296 3300  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
10:10:16.0296 3300  [ 399C974DDA25FD3E59F22BAB787F662B ] C:\WINDOWS\system32\drivers\wdfldr.sys
10:10:16.0296 3300  C:\WINDOWS\system32\drivers\wdfldr.sys - ok
10:10:16.0312 3300  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] C:\WINDOWS\system32\drivers\winusb.sys
10:10:16.0312 3300  C:\WINDOWS\system32\drivers\winusb.sys - ok
10:10:16.0312 3300  [ D918617B46457B9AC28027722E30F647 ] C:\WINDOWS\system32\drivers\wdf01000.sys
10:10:16.0312 3300  C:\WINDOWS\system32\drivers\wdf01000.sys - ok
10:10:16.0312 3300  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
10:10:16.0312 3300  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
10:10:16.0328 3300  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
10:10:16.0328 3300  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
10:10:16.0328 3300  [ 7D275ECDA4628318912F6C945D5CF963 ] C:\WINDOWS\system32\drivers\NVENETFD.sys
10:10:16.0328 3300  C:\WINDOWS\system32\drivers\NVENETFD.sys - ok
10:10:16.0343 3300  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
10:10:16.0343 3300  C:\WINDOWS\system32\drivers\usbd.sys - ok
10:10:16.0343 3300  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
10:10:16.0343 3300  C:\WINDOWS\system32\drivers\usbhub.sys - ok
10:10:16.0359 3300  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
10:10:16.0359 3300  C:\WINDOWS\system32\drivers\drmk.sys - ok
10:10:16.0359 3300  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
10:10:16.0359 3300  C:\WINDOWS\system32\drivers\portcls.sys - ok
10:10:16.0359 3300  [ CBDDAB14249B2F05407FC09AB8FFFB88 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:10:16.0359 3300  C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
10:10:16.0375 3300  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
10:10:16.0375 3300  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
10:10:16.0375 3300  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
10:10:16.0375 3300  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
10:10:16.0375 3300  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
10:10:16.0375 3300  C:\WINDOWS\system32\drivers\beep.sys - ok
10:10:16.0390 3300  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
10:10:16.0390 3300  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
10:10:16.0390 3300  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
10:10:16.0390 3300  C:\WINDOWS\system32\drivers\hidparse.sys - ok
10:10:16.0406 3300  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
10:10:16.0406 3300  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
10:10:16.0406 3300  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
10:10:16.0406 3300  C:\WINDOWS\system32\drivers\null.sys - ok
10:10:16.0421 3300  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
10:10:16.0421 3300  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
10:10:16.0421 3300  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
10:10:16.0421 3300  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
10:10:16.0421 3300  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
10:10:16.0421 3300  C:\WINDOWS\system32\drivers\vga.sys - ok
10:10:16.0437 3300  [ 580A81790CD0A48D85DA322267DA7AC4 ] C:\WINDOWS\system32\drivers\InCDfs.sys
10:10:16.0437 3300  C:\WINDOWS\system32\drivers\InCDfs.sys - ok
10:10:16.0437 3300  [ 4D022577E9072B5D22E0A383A7806BBB ] C:\WINDOWS\system32\drivers\InCDrec.sys
10:10:16.0437 3300  C:\WINDOWS\system32\drivers\InCDrec.sys - ok
10:10:16.0453 3300  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
10:10:16.0453 3300  C:\WINDOWS\system32\drivers\msfs.sys - ok
10:10:16.0453 3300  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
10:10:16.0453 3300  C:\WINDOWS\system32\drivers\ipsec.sys - ok
10:10:16.0453 3300  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
10:10:16.0453 3300  C:\WINDOWS\system32\drivers\npfs.sys - ok
10:10:16.0468 3300  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
10:10:16.0468 3300  C:\WINDOWS\system32\drivers\rasacd.sys - ok
10:10:16.0468 3300  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
10:10:16.0468 3300  C:\WINDOWS\system32\drivers\tcpip.sys - ok
10:10:16.0484 3300  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
10:10:16.0484 3300  C:\WINDOWS\system32\drivers\ipnat.sys - ok
10:10:16.0484 3300  [ 39E8623F9F29DBC9E053A696D85F8AC6 ] C:\WINDOWS\system32\drivers\pctgntdi.sys
10:10:16.0484 3300  C:\WINDOWS\system32\drivers\pctgntdi.sys - ok
10:10:16.0500 3300  [ E3E73B2B73A4DFADFDDF557192C4B08A ] C:\WINDOWS\system32\drivers\aswTdi.sys
10:10:16.0500 3300  C:\WINDOWS\system32\drivers\aswTdi.sys - ok
10:10:16.0500 3300  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
10:10:16.0500 3300  C:\WINDOWS\system32\drivers\netbt.sys - ok
10:10:16.0500 3300  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
10:10:16.0500 3300  C:\WINDOWS\system32\drivers\wanarp.sys - ok
10:10:16.0515 3300  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
10:10:16.0515 3300  C:\WINDOWS\system32\drivers\afd.sys - ok
10:10:16.0515 3300  [ 7C9F0A2AB17D52261A9252A2EB320884 ] C:\WINDOWS\system32\drivers\aswRdr.sys
10:10:16.0515 3300  C:\WINDOWS\system32\drivers\aswRdr.sys - ok
10:10:16.0531 3300  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:10:16.0531 3300  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
10:10:16.0531 3300  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
10:10:16.0531 3300  C:\WINDOWS\system32\drivers\netbios.sys - ok
10:10:16.0531 3300  [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
10:10:16.0531 3300  C:\WINDOWS\system32\drivers\processr.sys - ok
10:10:16.0546 3300  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
10:10:16.0546 3300  C:\WINDOWS\system32\drivers\rdbss.sys - ok
10:10:16.0546 3300  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
10:10:16.0546 3300  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
10:10:16.0562 3300  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
10:10:16.0562 3300  C:\WINDOWS\system32\drivers\fips.sys - ok
10:10:16.0562 3300  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
10:10:16.0562 3300  C:\WINDOWS\system32\drivers\hidclass.sys - ok
10:10:16.0578 3300  [ 67B558895695545FB0568B7541F3BCA7 ] C:\WINDOWS\system32\drivers\aswSP.sys
10:10:16.0578 3300  C:\WINDOWS\system32\drivers\aswSP.sys - ok
10:10:16.0578 3300  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
10:10:16.0578 3300  C:\WINDOWS\system32\drivers\hidusb.sys - ok
10:10:16.0578 3300  [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] C:\WINDOWS\system32\drivers\aswSnx.sys
10:10:16.0578 3300  C:\WINDOWS\system32\drivers\aswSnx.sys - ok
10:10:16.0593 3300  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
10:10:16.0593 3300  C:\WINDOWS\system32\drivers\mouhid.sys - ok
10:10:16.0593 3300  [ 149A8F7ADF9742554DC323E290551E3E ] C:\WINDOWS\system32\drivers\aavmker4.sys
10:10:16.0593 3300  C:\WINDOWS\system32\drivers\aavmker4.sys - ok
10:10:16.0609 3300  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
10:10:16.0609 3300  C:\WINDOWS\system32\smss.exe - ok
10:10:16.0609 3300  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
10:10:16.0609 3300  C:\WINDOWS\system32\ntdll.dll - ok
10:10:16.0609 3300  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
10:10:16.0609 3300  C:\WINDOWS\system32\autochk.exe - ok
10:10:16.0625 3300  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
10:10:16.0625 3300  C:\WINDOWS\system32\drivers\cdfs.sys - ok
10:10:16.0625 3300  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
10:10:16.0625 3300  C:\WINDOWS\system32\drivers\wmilib.sys - ok
10:10:16.0640 3300  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
10:10:16.0640 3300  C:\WINDOWS\system32\drivers\atapi.sys - ok
10:10:16.0640 3300  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
10:10:16.0640 3300  C:\WINDOWS\system32\drivers\dxapi.sys - ok
10:10:16.0640 3300  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
10:10:16.0640 3300  C:\WINDOWS\system32\watchdog.sys - ok
10:10:16.0656 3300  [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
10:10:16.0656 3300  C:\WINDOWS\system32\win32k.sys - ok
10:10:16.0656 3300  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
10:10:16.0656 3300  C:\WINDOWS\system32\csrss.exe - ok
10:10:16.0671 3300  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
10:10:16.0671 3300  C:\WINDOWS\system32\csrsrv.dll - ok
10:10:16.0671 3300  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:10:16.0671 3300  C:\WINDOWS\system32\basesrv.dll - ok
10:10:16.0671 3300  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
10:10:16.0671 3300  C:\WINDOWS\system32\winsrv.dll - ok
10:10:16.0687 3300  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
10:10:16.0687 3300  C:\WINDOWS\system32\gdi32.dll - ok
10:10:16.0687 3300  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
10:10:16.0687 3300  C:\WINDOWS\system32\kernel32.dll - ok
10:10:16.0703 3300  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
10:10:16.0703 3300  C:\WINDOWS\system32\user32.dll - ok
10:10:16.0703 3300  [ 012DF358CEBAA23ACB26D82077820817 ] C:\WINDOWS\system32\lpk.dll
10:10:16.0703 3300  C:\WINDOWS\system32\lpk.dll - ok
10:10:16.0703 3300  [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
10:10:16.0703 3300  C:\WINDOWS\system32\usp10.dll - ok
10:10:16.0718 3300  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
10:10:16.0718 3300  C:\WINDOWS\system32\advapi32.dll - ok
10:10:16.0718 3300  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
10:10:16.0718 3300  C:\WINDOWS\system32\rpcrt4.dll - ok
10:10:16.0734 3300  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
10:10:16.0734 3300  C:\WINDOWS\system32\secur32.dll - ok
10:10:16.0734 3300  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
10:10:16.0734 3300  C:\WINDOWS\system32\drivers\dxg.sys - ok
10:10:16.0750 3300  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
10:10:16.0750 3300  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
10:10:16.0750 3300  [ 01EBE3E369ADE633700F8542D34FB9DA ] C:\WINDOWS\system32\nv4_disp.dll
10:10:16.0750 3300  C:\WINDOWS\system32\nv4_disp.dll - ok
10:10:16.0750 3300  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
10:10:16.0750 3300  C:\WINDOWS\system32\vga.dll - ok
10:10:16.0765 3300  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
10:10:16.0765 3300  C:\WINDOWS\system32\winlogon.exe - ok
10:10:16.0765 3300  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
10:10:16.0765 3300  C:\WINDOWS\system32\authz.dll - ok
10:10:16.0781 3300  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
10:10:16.0781 3300  C:\WINDOWS\system32\msvcrt.dll - ok
10:10:16.0781 3300  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
10:10:16.0781 3300  C:\WINDOWS\system32\crypt32.dll - ok
10:10:16.0781 3300  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
10:10:16.0781 3300  C:\WINDOWS\system32\msasn1.dll - ok
10:10:16.0796 3300  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
10:10:16.0796 3300  C:\WINDOWS\system32\nddeapi.dll - ok
10:10:16.0796 3300  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
10:10:16.0796 3300  C:\WINDOWS\system32\profmap.dll - ok
10:10:16.0812 3300  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
10:10:16.0812 3300  C:\WINDOWS\system32\netapi32.dll - ok
10:10:16.0812 3300  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
10:10:16.0812 3300  C:\WINDOWS\system32\userenv.dll - ok
10:10:16.0812 3300  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
10:10:16.0812 3300  C:\WINDOWS\system32\psapi.dll - ok
10:10:16.0828 3300  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
10:10:16.0828 3300  C:\WINDOWS\system32\regapi.dll - ok
10:10:16.0828 3300  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
10:10:16.0828 3300  C:\WINDOWS\system32\setupapi.dll - ok
10:10:16.0843 3300  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
10:10:16.0843 3300  C:\WINDOWS\system32\version.dll - ok
10:10:16.0843 3300  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
10:10:16.0843 3300  C:\WINDOWS\system32\winsta.dll - ok
10:10:16.0843 3300  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
10:10:16.0843 3300  C:\WINDOWS\system32\wintrust.dll - ok
10:10:16.0859 3300  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
10:10:16.0859 3300  C:\WINDOWS\system32\imagehlp.dll - ok
10:10:16.0859 3300  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
10:10:16.0859 3300  C:\WINDOWS\system32\ws2_32.dll - ok
10:10:16.0875 3300  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
10:10:16.0875 3300  C:\WINDOWS\system32\ws2help.dll - ok
10:10:16.0875 3300  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
10:10:16.0875 3300  C:\WINDOWS\system32\imm32.dll - ok
10:10:16.0875 3300  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
10:10:16.0875 3300  C:\WINDOWS\system32\kbdus.dll - ok
10:10:16.0890 3300  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
10:10:16.0890 3300  C:\WINDOWS\system32\msgina.dll - ok
10:10:16.0890 3300  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
10:10:16.0890 3300  C:\WINDOWS\system32\comctl32.dll - ok
10:10:16.0906 3300  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
10:10:16.0906 3300  C:\WINDOWS\system32\odbc32.dll - ok
10:10:16.0906 3300  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
10:10:16.0906 3300  C:\WINDOWS\system32\comdlg32.dll - ok
10:10:16.0906 3300  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
10:10:16.0906 3300  C:\WINDOWS\system32\shell32.dll - ok
10:10:16.0921 3300  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
10:10:16.0921 3300  C:\WINDOWS\system32\shlwapi.dll - ok
10:10:16.0921 3300  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
10:10:16.0921 3300  C:\WINDOWS\system32\sxs.dll - ok
10:10:16.0937 3300  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
10:10:16.0937 3300  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
10:10:16.0937 3300  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
10:10:16.0937 3300  C:\WINDOWS\system32\odbcint.dll - ok
10:10:16.0953 3300  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
10:10:16.0953 3300  C:\WINDOWS\system32\shsvcs.dll - ok
10:10:16.0953 3300  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
10:10:16.0953 3300  C:\WINDOWS\system32\sfc.dll - ok
10:10:16.0953 3300  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
10:10:16.0953 3300  C:\WINDOWS\system32\sfc_os.dll - ok
10:10:16.0968 3300  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
10:10:16.0968 3300  C:\WINDOWS\system32\ole32.dll - ok
10:10:16.0968 3300  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
10:10:16.0968 3300  C:\WINDOWS\system32\apphelp.dll - ok
10:10:16.0984 3300  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:10:16.0984 3300  C:\WINDOWS\system32\services.exe - ok
10:10:16.0984 3300  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
10:10:16.0984 3300  C:\WINDOWS\system32\lsass.exe - ok
10:10:16.0984 3300  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
10:10:16.0984 3300  C:\WINDOWS\system32\lsasrv.dll - ok
10:10:17.0000 3300  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
10:10:17.0000 3300  C:\WINDOWS\system32\ncobjapi.dll - ok
10:10:17.0000 3300  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
10:10:17.0000 3300  C:\WINDOWS\system32\msvcp60.dll - ok
10:10:17.0015 3300  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
10:10:17.0015 3300  C:\WINDOWS\system32\mpr.dll - ok
10:10:17.0015 3300  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
10:10:17.0015 3300  C:\WINDOWS\system32\scesrv.dll - ok
10:10:17.0015 3300  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
10:10:17.0015 3300  C:\WINDOWS\system32\ntdsapi.dll - ok
10:10:17.0031 3300  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
10:10:17.0046 3300  C:\WINDOWS\system32\umpnpmgr.dll - ok
10:10:17.0046 3300  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
10:10:17.0046 3300  C:\WINDOWS\system32\dnsapi.dll - ok
10:10:17.0046 3300  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
10:10:17.0046 3300  C:\WINDOWS\system32\shimeng.dll - ok
10:10:17.0062 3300  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
10:10:17.0062 3300  C:\WINDOWS\system32\wldap32.dll - ok
10:10:17.0062 3300  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
10:10:17.0062 3300  C:\WINDOWS\AppPatch\acadproc.dll - ok
10:10:17.0062 3300  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
10:10:17.0062 3300  C:\WINDOWS\system32\samlib.dll - ok
10:10:17.0078 3300  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
10:10:17.0078 3300  C:\WINDOWS\system32\samsrv.dll - ok
10:10:17.0078 3300  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
10:10:17.0078 3300  C:\WINDOWS\system32\cryptdll.dll - ok
10:10:17.0093 3300  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
10:10:17.0093 3300  C:\WINDOWS\AppPatch\acgenral.dll - ok
10:10:17.0093 3300  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
10:10:17.0093 3300  C:\WINDOWS\system32\winmm.dll - ok
10:10:17.0093 3300  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
10:10:17.0093 3300  C:\WINDOWS\system32\oleaut32.dll - ok
10:10:17.0109 3300  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
10:10:17.0109 3300  C:\WINDOWS\system32\msacm32.dll - ok
10:10:17.0109 3300  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
10:10:17.0109 3300  C:\WINDOWS\system32\uxtheme.dll - ok
10:10:17.0125 3300  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
10:10:17.0125 3300  C:\WINDOWS\system32\msapsspc.dll - ok
10:10:17.0125 3300  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
10:10:17.0125 3300  C:\WINDOWS\system32\msvcrt40.dll - ok
10:10:17.0125 3300  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
10:10:17.0125 3300  C:\WINDOWS\system32\schannel.dll - ok
10:10:17.0140 3300  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
10:10:17.0140 3300  C:\WINDOWS\system32\digest.dll - ok
10:10:17.0140 3300  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
10:10:17.0140 3300  C:\WINDOWS\system32\msnsspc.dll - ok
10:10:17.0156 3300  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
10:10:17.0156 3300  C:\WINDOWS\system32\msctfime.ime - ok
10:10:17.0156 3300  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
10:10:17.0156 3300  C:\WINDOWS\system32\msprivs.dll - ok
10:10:17.0156 3300  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
10:10:17.0156 3300  C:\WINDOWS\system32\kerberos.dll - ok
10:10:17.0171 3300  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
10:10:17.0171 3300  C:\WINDOWS\system32\atmfd.dll - ok
10:10:17.0171 3300  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
10:10:17.0171 3300  C:\WINDOWS\system32\msv1_0.dll - ok
10:10:17.0187 3300  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
10:10:17.0187 3300  C:\WINDOWS\system32\iphlpapi.dll - ok
10:10:17.0187 3300  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
10:10:17.0187 3300  C:\WINDOWS\system32\netlogon.dll - ok
10:10:17.0187 3300  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
10:10:17.0187 3300  C:\WINDOWS\system32\w32time.dll - ok
10:10:17.0203 3300  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
10:10:17.0203 3300  C:\WINDOWS\system32\wdigest.dll - ok
10:10:17.0203 3300  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
10:10:17.0203 3300  C:\WINDOWS\system32\rsaenh.dll - ok
10:10:17.0218 3300  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
10:10:17.0218 3300  C:\WINDOWS\system32\winscard.dll - ok
10:10:17.0218 3300  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
10:10:17.0218 3300  C:\WINDOWS\system32\wtsapi32.dll - ok
10:10:17.0218 3300  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
10:10:17.0218 3300  C:\WINDOWS\system32\scecli.dll - ok
10:10:17.0234 3300  [ DE6ED95AEF259979B2830450072A627B ] C:\WINDOWS\system32\drivers\aswFsBlk.sys
10:10:17.0234 3300  C:\WINDOWS\system32\drivers\aswFsBlk.sys - ok
10:10:17.0234 3300  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
10:10:17.0234 3300  C:\WINDOWS\system32\svchost.exe - ok
10:10:17.0250 3300  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
10:10:17.0250 3300  C:\WINDOWS\system32\ntmarta.dll - ok
10:10:17.0250 3300  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
10:10:17.0250 3300  C:\WINDOWS\system32\rpcss.dll - ok
10:10:17.0265 3300  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
10:10:17.0265 3300  C:\WINDOWS\system32\xpsp2res.dll - ok
10:10:17.0265 3300  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
10:10:17.0265 3300  C:\WINDOWS\system32\eventlog.dll - ok
10:10:17.0265 3300  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
10:10:17.0265 3300  C:\WINDOWS\system32\logonui.exe - ok
10:10:17.0281 3300  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
10:10:17.0281 3300  C:\WINDOWS\system32\mswsock.dll - ok
10:10:17.0281 3300  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
10:10:17.0281 3300  C:\WINDOWS\system32\duser.dll - ok
10:10:17.0296 3300  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
10:10:17.0296 3300  C:\WINDOWS\system32\hnetcfg.dll - ok
10:10:17.0296 3300  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
10:10:17.0296 3300  C:\WINDOWS\system32\msimg32.dll - ok
10:10:17.0312 3300  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
10:10:17.0312 3300  C:\WINDOWS\system32\oleacc.dll - ok
10:10:17.0312 3300  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
10:10:17.0312 3300  C:\WINDOWS\system32\wshtcpip.dll - ok
10:10:17.0312 3300  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
10:10:17.0312 3300  C:\WINDOWS\system32\winrnr.dll - ok
10:10:17.0328 3300  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
10:10:17.0328 3300  C:\WINDOWS\system32\rasadhlp.dll - ok
10:10:17.0328 3300  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
10:10:17.0328 3300  C:\WINDOWS\system32\clbcatq.dll - ok
10:10:17.0343 3300  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
10:10:17.0343 3300  C:\WINDOWS\system32\comres.dll - ok
10:10:17.0343 3300  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
10:10:17.0343 3300  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
10:10:17.0343 3300  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
10:10:17.0343 3300  C:\WINDOWS\system32\cscdll.dll - ok
10:10:17.0359 3300  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
10:10:17.0359 3300  C:\WINDOWS\system32\dhcpcsvc.dll - ok
10:10:17.0359 3300  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
10:10:17.0359 3300  C:\WINDOWS\system32\dimsntfy.dll - ok
10:10:17.0359 3300  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
10:10:17.0359 3300  C:\WINDOWS\system32\dnsrslvr.dll - ok
10:10:17.0375 3300  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
10:10:17.0375 3300  C:\WINDOWS\system32\shgina.dll - ok
10:10:17.0375 3300  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
10:10:17.0375 3300  C:\WINDOWS\system32\wlnotify.dll - ok
10:10:17.0390 3300  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
10:10:17.0390 3300  C:\WINDOWS\system32\winspool.drv - ok
10:10:17.0390 3300  [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
10:10:17.0390 3300  C:\WINDOWS\system32\WgaLogon.dll - ok
10:10:17.0390 3300  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
10:10:17.0390 3300  C:\WINDOWS\system32\msxml3.dll - ok
10:10:17.0406 3300  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
10:10:17.0406 3300  C:\WINDOWS\system32\lmhsvc.dll - ok
10:10:17.0406 3300  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
10:10:17.0406 3300  C:\WINDOWS\system32\wzcsvc.dll - ok
10:10:17.0421 3300  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
10:10:17.0421 3300  C:\WINDOWS\system32\rtutils.dll - ok
10:10:17.0421 3300  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
10:10:17.0421 3300  C:\WINDOWS\system32\eapolqec.dll - ok
10:10:17.0421 3300  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
10:10:17.0421 3300  C:\WINDOWS\system32\wmi.dll - ok
10:10:17.0437 3300  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
10:10:17.0437 3300  C:\WINDOWS\system32\atl.dll - ok
10:10:17.0437 3300  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
10:10:17.0437 3300  C:\WINDOWS\system32\qutil.dll - ok
10:10:17.0453 3300  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
10:10:17.0453 3300  C:\WINDOWS\system32\dot3api.dll - ok
10:10:17.0453 3300  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
10:10:17.0453 3300  C:\WINDOWS\system32\esent.dll - ok
10:10:17.0453 3300  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
10:10:17.0468 3300  C:\WINDOWS\system32\rastls.dll - ok
10:10:17.0468 3300  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
10:10:17.0468 3300  C:\WINDOWS\system32\cryptui.dll - ok
10:10:17.0468 3300  [ D175F91A4C98B8848818C9B5089F88A2 ] C:\WINDOWS\system32\wininet.dll
10:10:17.0468 3300  C:\WINDOWS\system32\wininet.dll - ok
10:10:17.0484 3300  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
10:10:17.0484 3300  C:\WINDOWS\system32\normaliz.dll - ok
10:10:17.0484 3300  [ 84A5C7B9B1B82F94A8245781FD44D8BA ] C:\WINDOWS\system32\urlmon.dll
10:10:17.0484 3300  C:\WINDOWS\system32\urlmon.dll - ok
10:10:17.0500 3300  [ D1B3D1E05BEDC8F9B0BBBC03D6033F82 ] C:\WINDOWS\system32\iertutil.dll
10:10:17.0500 3300  C:\WINDOWS\system32\iertutil.dll - ok
10:10:17.0500 3300  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
10:10:17.0500 3300  C:\WINDOWS\system32\mprapi.dll - ok
10:10:17.0500 3300  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
10:10:17.0500 3300  C:\WINDOWS\system32\activeds.dll - ok
10:10:17.0515 3300  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
10:10:17.0515 3300  C:\WINDOWS\system32\adsldpc.dll - ok
10:10:17.0515 3300  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
10:10:17.0515 3300  C:\WINDOWS\system32\rasapi32.dll - ok
10:10:17.0531 3300  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
10:10:17.0531 3300  C:\WINDOWS\system32\rasman.dll - ok
10:10:17.0531 3300  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
10:10:17.0531 3300  C:\WINDOWS\system32\tapi32.dll - ok
10:10:17.0531 3300  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
10:10:17.0531 3300  C:\WINDOWS\system32\riched20.dll - ok
10:10:17.0546 3300  [ 84F0BE324EE111338589F448C3E8BAB2 ] C:\WINDOWS\system32\drivers\aswmon2.sys
10:10:17.0546 3300  C:\WINDOWS\system32\drivers\aswmon2.sys - ok
10:10:17.0546 3300  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
10:10:17.0546 3300  C:\WINDOWS\system32\raschap.dll - ok
10:10:17.0562 3300  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
10:10:17.0562 3300  C:\WINDOWS\system32\cscui.dll - ok
10:10:17.0562 3300  [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
10:10:17.0562 3300  C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - ok
10:10:17.0578 3300  [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll
10:10:17.0578 3300  C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll - ok
10:10:17.0578 3300  [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll
10:10:17.0578 3300  C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll - ok
10:10:17.0578 3300  [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll
10:10:17.0578 3300  C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll - ok
10:10:17.0593 3300  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
10:10:17.0593 3300  C:\WINDOWS\system32\powrprof.dll - ok
10:10:17.0593 3300  [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
10:10:17.0593 3300  C:\WINDOWS\system32\dpcdll.dll - ok
10:10:17.0609 3300  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
10:10:17.0609 3300  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
10:10:17.0609 3300  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
10:10:17.0609 3300  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
10:10:17.0625 3300  [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\Alwil Software\Avast5\ashBase.dll
10:10:17.0625 3300  C:\Program Files\Alwil Software\Avast5\ashBase.dll - ok
10:10:17.0625 3300  [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll
10:10:17.0625 3300  C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll - ok
10:10:17.0640 3300  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
10:10:17.0640 3300  C:\WINDOWS\system32\wsock32.dll - ok
10:10:17.0640 3300  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
10:10:17.0640 3300  C:\WINDOWS\system32\dbghelp.dll - ok
10:10:17.0656 3300  [ B316906B4A04DD39985350D29DE31068 ] C:\Program Files\Alwil Software\Avast5\1033\Base.dll
10:10:17.0656 3300  C:\Program Files\Alwil Software\Avast5\1033\Base.dll - ok
10:10:17.0656 3300  [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\Alwil Software\Avast5\ashServ.dll
10:10:17.0656 3300  C:\Program Files\Alwil Software\Avast5\ashServ.dll - ok
10:10:17.0656 3300  [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\Alwil Software\Avast5\aswAux.dll
10:10:17.0656 3300  C:\Program Files\Alwil Software\Avast5\aswAux.dll - ok
10:10:17.0671 3300  [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\Alwil Software\Avast5\ashTask.dll
10:10:17.0671 3300  C:\Program Files\Alwil Software\Avast5\ashTask.dll - ok
10:10:17.0671 3300  [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll
10:10:17.0671 3300  C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll - ok
10:10:17.0687 3300  [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\Alwil Software\Avast5\aswLog.dll
10:10:17.0687 3300  C:\Program Files\Alwil Software\Avast5\aswLog.dll - ok
10:10:17.0687 3300  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
10:10:17.0687 3300  C:\WINDOWS\system32\userinit.exe - ok
10:10:17.0687 3300  [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\Alwil Software\Avast5\aswSqLt.dll
10:10:17.0687 3300  C:\Program Files\Alwil Software\Avast5\aswSqLt.dll - ok
10:10:17.0703 3300  [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
10:10:17.0703 3300  C:\WINDOWS\system32\WgaTray.exe - ok
10:10:17.0703 3300  [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\Alwil Software\Avast5\aswProperty.dll
10:10:17.0703 3300  C:\Program Files\Alwil Software\Avast5\aswProperty.dll - ok
10:10:17.0718 3300  [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\Alwil Software\Avast5\Aavm4h.dll
10:10:17.0718 3300  C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - ok
10:10:17.0718 3300  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
10:10:17.0718 3300  C:\WINDOWS\explorer.exe - ok
10:10:17.0718 3300  [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\Alwil Software\Avast5\AavmRpch.dll
10:10:17.0718 3300  C:\Program Files\Alwil Software\Avast5\AavmRpch.dll - ok
10:10:17.0734 3300  [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\Alwil Software\Avast5\aswIdle.dll
10:10:17.0734 3300  C:\Program Files\Alwil Software\Avast5\aswIdle.dll - ok
10:10:17.0734 3300  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
10:10:17.0734 3300  C:\WINDOWS\system32\browseui.dll - ok
10:10:17.0750 3300  [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\Alwil Software\Avast5\aswDld.dll
10:10:17.0750 3300  C:\Program Files\Alwil Software\Avast5\aswDld.dll - ok
10:10:17.0750 3300  [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\Alwil Software\Avast5\aswStrm.dll
10:10:17.0750 3300  C:\Program Files\Alwil Software\Avast5\aswStrm.dll - ok
10:10:17.0750 3300  [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
10:10:17.0750 3300  C:\WINDOWS\system32\shdocvw.dll - ok
10:10:17.0765 3300  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
10:10:17.0765 3300  C:\WINDOWS\system32\schedsvc.dll - ok
10:10:17.0765 3300  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
10:10:17.0765 3300  C:\WINDOWS\system32\msidle.dll - ok
10:10:17.0765 3300  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
10:10:17.0765 3300  C:\WINDOWS\system32\spoolsv.exe - ok
10:10:17.0796 3300  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
10:10:17.0796 3300  C:\WINDOWS\system32\audiosrv.dll - ok
10:10:17.0796 3300  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
10:10:17.0796 3300  C:\WINDOWS\system32\wkssvc.dll - ok
10:10:17.0796 3300  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
10:10:17.0796 3300  C:\WINDOWS\system32\wdmaud.drv - ok
10:10:17.0812 3300  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
10:10:17.0812 3300  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
10:10:17.0812 3300  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
10:10:17.0812 3300  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
10:10:17.0828 3300  [ 4D153BDE01AA3FD33414199052051549 ] C:\Program Files\Alwil Software\Avast5\ashShell.dll
10:10:17.0828 3300  C:\Program Files\Alwil Software\Avast5\ashShell.dll - ok
10:10:17.0828 3300  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
10:10:17.0828 3300  C:\WINDOWS\system32\drivers\splitter.sys - ok
10:10:17.0843 3300  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
10:10:17.0843 3300  C:\WINDOWS\system32\drivers\aec.sys - ok
10:10:17.0843 3300  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
10:10:17.0843 3300  C:\WINDOWS\system32\msi.dll - ok
10:10:17.0843 3300  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
10:10:17.0843 3300  C:\WINDOWS\system32\drivers\swmidi.sys - ok
10:10:17.0859 3300  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
10:10:17.0859 3300  C:\WINDOWS\system32\drivers\dmusic.sys - ok
10:10:17.0859 3300  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
10:10:17.0859 3300  C:\WINDOWS\system32\drivers\kmixer.sys - ok
10:10:17.0859 3300  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
10:10:17.0859 3300  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
10:10:17.0875 3300  [ 84E4752E63B334F926403DCA662523BF ] C:\Program Files\Alwil Software\Avast5\defs\13022600\aswEngin.dll
10:10:17.0875 3300  C:\Program Files\Alwil Software\Avast5\defs\13022600\aswEngin.dll - ok
10:10:17.0875 3300  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
10:10:17.0875 3300  C:\WINDOWS\system32\msacm32.drv - ok
10:10:17.0890 3300  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
10:10:17.0890 3300  C:\WINDOWS\system32\midimap.dll - ok
10:10:17.0890 3300  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
10:10:17.0890 3300  C:\WINDOWS\system32\desk.cpl - ok
10:10:17.0890 3300  [ B0387E7CFCBB41317AC94708204B19D5 ] C:\Program Files\Alwil Software\Avast5\defs\13022600\aswCmnOS.dll
10:10:17.0890 3300  C:\Program Files\Alwil Software\Avast5\defs\13022600\aswCmnOS.dll - ok
10:10:17.0906 3300  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
10:10:17.0906 3300  C:\WINDOWS\system32\themeui.dll - ok
10:10:17.0906 3300  [ 70FFC1872B842FF80CC48C1B0CB324A1 ] C:\Program Files\Alwil Software\Avast5\defs\13022600\aswCmnIS.dll
10:10:17.0906 3300  C:\Program Files\Alwil Software\Avast5\defs\13022600\aswCmnIS.dll - ok
10:10:17.0921 3300  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
10:10:17.0921 3300  C:\WINDOWS\system32\actxprxy.dll - ok
10:10:17.0921 3300  [ F77EF01C669BF4E4B9F8FF5D1025B496 ] C:\Program Files\Alwil Software\Avast5\defs\13022600\aswCmnBS.dll
10:10:17.0921 3300  C:\Program Files\Alwil Software\Avast5\defs\13022600\aswCmnBS.dll - ok
10:10:17.0937 3300  [ 707715D4C54AC3F754D954CC8D759414 ] C:\Program Files\Alwil Software\Avast5\defs\13022600\aswScan.dll
10:10:17.0937 3300  C:\Program Files\Alwil Software\Avast5\defs\13022600\aswScan.dll - ok
10:10:17.0937 3300  [ C25001B470B1456BB32B20002C4DB9BB ] C:\Program Files\Alwil Software\Avast5\defs\13022600\aswRep.dll
10:10:17.0937 3300  C:\Program Files\Alwil Software\Avast5\defs\13022600\aswRep.dll - ok
10:10:17.0953 3300  [ C1F048B33A1BD8F5B05AF76469252F55 ] C:\Program Files\Alwil Software\Avast5\defs\13022600\aswFiDb.dll
10:10:17.0953 3300  C:\Program Files\Alwil Software\Avast5\defs\13022600\aswFiDb.dll - ok
10:10:17.0953 3300  [ 7F19838AC317C34FCED020BE529AF71E ] C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
10:10:17.0953 3300  C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe - ok
10:10:17.0953 3300  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
10:10:17.0953 3300  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
10:10:17.0968 3300  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
10:10:17.0968 3300  C:\WINDOWS\system32\webclnt.dll - ok
10:10:17.0968 3300  [ C8BE0B2353E2699F7E019FF893D09464 ] C:\Program Files\Alwil Software\Avast5\defs\13022600\algo.dll
10:10:17.0968 3300  C:\Program Files\Alwil Software\Avast5\defs\13022600\algo.dll - ok
10:10:18.0000 3300  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
10:10:18.0000 3300  C:\WINDOWS\system32\drivers\parport.sys - ok
10:10:18.0000 3300  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
10:10:18.0000 3300  C:\WINDOWS\system32\drivers\serial.sys - ok
10:10:18.0000 3300  [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll
10:10:18.0000 3300  C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll - ok
10:10:18.0015 3300  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
10:10:18.0015 3300  C:\WINDOWS\system32\cryptsvc.dll - ok
10:10:18.0015 3300  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
10:10:18.0015 3300  C:\WINDOWS\system32\certcli.dll - ok
10:10:18.0031 3300  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
10:10:18.0031 3300  C:\WINDOWS\system32\ersvc.dll - ok
10:10:18.0031 3300  [ 78DF31CDD3A380E7F9CFCC8B4E24813C ] C:\Program Files\Canon\IJPLM\ijplmsvc.exe
10:10:18.0031 3300  C:\Program Files\Canon\IJPLM\ijplmsvc.exe - ok
10:10:18.0031 3300  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
10:10:18.0031 3300  C:\WINDOWS\system32\es.dll - ok
10:10:18.0046 3300  [ 9792B85E32E058CD6A43DB274BA47D57 ] C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
10:10:18.0046 3300  C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe - ok
10:10:18.0046 3300  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Nero\Nero 7\InCD\msvcr71.dll
10:10:18.0046 3300  C:\Program Files\Nero\Nero 7\InCD\msvcr71.dll - ok
10:10:18.0062 3300  [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
10:10:18.0062 3300  C:\WINDOWS\system32\dmserver.dll - ok
10:10:18.0062 3300  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll
10:10:18.0062 3300  C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll - ok
10:10:18.0062 3300  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
10:10:18.0078 3300  C:\WINDOWS\system32\hidserv.dll - ok
10:10:18.0078 3300  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
10:10:18.0078 3300  C:\WINDOWS\system32\hid.dll - ok
10:10:18.0078 3300  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Nero\Nero 7\InCD\msvcp71.dll
10:10:18.0078 3300  C:\Program Files\Nero\Nero 7\InCD\msvcp71.dll - ok
10:10:18.0093 3300  [ 691B9B7C0CC1653732717D292D6B305D ] C:\Program Files\Java\jre6\bin\jqs.exe
10:10:18.0093 3300  C:\Program Files\Java\jre6\bin\jqs.exe - ok
10:10:18.0093 3300  [ 5281194E1977B8B3848A13AD6A203D1D ] C:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll
10:10:18.0093 3300  C:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll - ok
10:10:18.0109 3300  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Java\jre6\bin\msvcr71.dll
10:10:18.0109 3300  C:\Program Files\Java\jre6\bin\msvcr71.dll - ok
10:10:18.0109 3300  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
10:10:18.0109 3300  C:\WINDOWS\system32\cryptnet.dll - ok
10:10:18.0109 3300  [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
10:10:18.0109 3300  C:\WINDOWS\system32\faultrep.dll - ok
10:10:18.0125 3300  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
10:10:18.0125 3300  C:\WINDOWS\system32\sensapi.dll - ok
10:10:18.0125 3300  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
10:10:18.0125 3300  C:\WINDOWS\system32\pdh.dll - ok
10:10:18.0140 3300  [ FAA7459EF5ECC431D5FCC737219EDAF3 ] C:\Program Files\Common Files\Ahead\Lib\DriveLocker.dll
10:10:18.0140 3300  C:\Program Files\Common Files\Ahead\Lib\DriveLocker.dll - ok
10:10:18.0140 3300  [ 1D7450E913C1084E4D47C92A0A00C3BD ] C:\Program Files\Nero\Nero 7\InCD\InCDshx.dll
10:10:18.0140 3300  C:\Program Files\Nero\Nero 7\InCD\InCDshx.dll - ok
10:10:18.0156 3300  [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files\Nero\Nero 7\InCD\MFC71.dll
10:10:18.0156 3300  C:\Program Files\Nero\Nero 7\InCD\MFC71.dll - ok
10:10:18.0156 3300  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
10:10:18.0156 3300  C:\WINDOWS\system32\winhttp.dll - ok
10:10:18.0156 3300  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
10:10:18.0156 3300  C:\WINDOWS\system32\odbcbcp.dll - ok
10:10:18.0171 3300  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
10:10:18.0171 3300  C:\WINDOWS\system32\srvsvc.dll - ok
10:10:18.0171 3300  [ 53710476495886D9961BE46983A6A33F ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:10:18.0171 3300  C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
10:10:18.0187 3300  [ CC26451A90025F6C55F64146C333DEA5 ] C:\WINDOWS\system32\LegitCheckControl.dll
10:10:18.0187 3300  C:\WINDOWS\system32\LegitCheckControl.dll - ok
10:10:18.0187 3300  [ F686D5839A3B0079D20D57FB7683880F ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
10:10:18.0187 3300  C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
10:10:18.0187 3300  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
10:10:18.0187 3300  C:\WINDOWS\system32\netmsg.dll - ok
10:10:18.0203 3300  [ C227B31C13D80CBE59742B0C858CC0FA ] C:\Program Files\Common Files\LightScribe\LSLog.dll
10:10:18.0203 3300  C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
10:10:18.0203 3300  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
10:10:18.0203 3300  C:\WINDOWS\system32\drivers\srv.sys - ok
10:10:18.0218 3300  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
10:10:18.0218 3300  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
10:10:18.0218 3300  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
10:10:18.0218 3300  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
10:10:18.0234 3300  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
10:10:18.0234 3300  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
10:10:18.0234 3300  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
10:10:18.0234 3300  C:\WINDOWS\system32\spoolss.dll - ok
10:10:18.0250 3300  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
10:10:18.0250 3300  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
10:10:18.0250 3300  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
10:10:18.0250 3300  C:\WINDOWS\system32\cmd.exe - ok
10:10:18.0265 3300  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
10:10:18.0265 3300  C:\WINDOWS\system32\localspl.dll - ok
10:10:18.0265 3300  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
10:10:18.0265 3300  C:\WINDOWS\system32\cnbjmon.dll - ok
10:10:18.0265 3300  [ E6D9C7284A03F193496A0B268C5B39F9 ] C:\WINDOWS\system32\CNMLM8O.DLL
10:10:18.0265 3300  C:\WINDOWS\system32\CNMLM8O.DLL - ok
10:10:18.0281 3300  [ 05F1F8FC6A99A64F830D41DB03EB8361 ] C:\WINDOWS\system32\hpzlnt09.dll
10:10:18.0281 3300  C:\WINDOWS\system32\hpzlnt09.dll - ok
10:10:18.0281 3300  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
10:10:18.0281 3300  C:\WINDOWS\system32\pjlmon.dll - ok
10:10:18.0296 3300  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
10:10:18.0296 3300  C:\WINDOWS\system32\tcpmon.dll - ok
10:10:18.0296 3300  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
10:10:18.0296 3300  C:\WINDOWS\system32\usbmon.dll - ok
10:10:18.0296 3300  [ 53249B2147DDC8212B290ACF80570290 ] C:\WINDOWS\system32\ieframe.dll
10:10:18.0296 3300  C:\WINDOWS\system32\ieframe.dll - ok
10:10:18.0312 3300  [ DCA6F542B1119233DC828746299BFF35 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8O.DLL
10:10:18.0312 3300  C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8O.DLL - ok
10:10:18.0312 3300  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
10:10:18.0312 3300  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
10:10:18.0328 3300  [ 19D95F16CDC256078EA45D4E566EA1DB ] C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
10:10:18.0328 3300  C:\Program Files\McAfee\SiteAdvisor\McSACore.exe - ok
10:10:18.0328 3300  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
10:10:18.0328 3300  C:\WINDOWS\system32\win32spl.dll - ok
10:10:18.0343 3300  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
10:10:18.0343 3300  C:\WINDOWS\system32\netrap.dll - ok
10:10:18.0343 3300  [ C8A4A9B5BBC533A22209B9B32BE300B6 ] C:\Program Files\McAfee\SiteAdvisor\SaSSHMod.dll
10:10:18.0343 3300  C:\Program Files\McAfee\SiteAdvisor\SaSSHMod.dll - ok
10:10:18.0343 3300  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
10:10:18.0343 3300  C:\WINDOWS\system32\inetpp.dll - ok
10:10:18.0359 3300  [ F96DF45CFBDC670584293E03C2AB602A ] C:\WINDOWS\system32\nvsvc32.exe
10:10:18.0359 3300  C:\WINDOWS\system32\nvsvc32.exe - ok
10:10:18.0359 3300  [ FC26F5F887B077DBF64E2263BDDE2E9A ] C:\PROGRA~1\McAfee\SITEAD~1\apengine.dll
10:10:18.0359 3300  C:\PROGRA~1\McAfee\SITEAD~1\apengine.dll - ok
10:10:18.0359 3300  [ 78B7C9EBEF0EE888491EA9E6D289DB45 ] C:\PROGRA~1\McAfee\SITEAD~1\saupkeep.dll
10:10:18.0359 3300  C:\PROGRA~1\McAfee\SITEAD~1\saupkeep.dll - ok
10:10:18.0375 3300  [ CC174F32CC9C18EA3109C4B0FC2CA8DF ] C:\WINDOWS\system32\drivers\PCTAppEvent.sys
10:10:18.0375 3300  C:\WINDOWS\system32\drivers\PCTAppEvent.sys - ok
10:10:18.0375 3300  [ 89C7169D6161D98585880E3079D721F3 ] C:\WINDOWS\system32\nvcpl.dll
10:10:18.0375 3300  C:\WINDOWS\system32\nvcpl.dll - ok
10:10:18.0390 3300  [ C45ED958D60B95E98BACB45F4F2F1649 ] C:\Program Files\PC Tools Firewall Plus\FWService.exe
10:10:18.0390 3300  C:\Program Files\PC Tools Firewall Plus\FWService.exe - ok
10:10:18.0390 3300  [ D17453539D0BFD2DF8539E8B0D393684 ] C:\WINDOWS\system32\rpcns4.dll
10:10:18.0390 3300  C:\WINDOWS\system32\rpcns4.dll - ok
10:10:18.0390 3300  [ 4533CE2997C238F0766B97BAFEF437E1 ] C:\WINDOWS\system32\nvapi.dll
10:10:18.0390 3300  C:\WINDOWS\system32\nvapi.dll - ok
10:10:18.0406 3300  [ 6F1898B9E7EDB3F0A27D737FE0CAD273 ] C:\WINDOWS\system32\nvdisps.dll
10:10:18.0406 3300  C:\WINDOWS\system32\nvdisps.dll - ok
10:10:18.0406 3300  [ 692FEE227682CEC47C9DE912BF63EC32 ] C:\Program Files\McAfee\SiteAdvisor\SASet.dll
10:10:18.0406 3300  C:\Program Files\McAfee\SiteAdvisor\SASet.dll - ok
10:10:18.0421 3300  [ FB08230B0D7EB124C986409E1475EC97 ] C:\Program Files\McAfee\SiteAdvisor\sqlite3.dll
10:10:18.0421 3300  C:\Program Files\McAfee\SiteAdvisor\sqlite3.dll - ok
10:10:18.0421 3300  [ DFE8436FFEEEFA3E6F1095E5C1D053DE ] C:\Program Files\PC Tools Firewall Plus\FirewallWrapper.dll
10:10:18.0421 3300  C:\Program Files\PC Tools Firewall Plus\FirewallWrapper.dll - ok
10:10:18.0437 3300  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
10:10:18.0437 3300  C:\WINDOWS\system32\ipsecsvc.dll - ok
10:10:18.0437 3300  [ 3F4892C5EFBF92B9332A6F3BFA9C57EC ] C:\Program Files\FS\Spyro Portal\FlashPortal.exe
10:10:18.0437 3300  C:\Program Files\FS\Spyro Portal\FlashPortal.exe - ok
10:10:18.0437 3300  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
10:10:18.0437 3300  C:\WINDOWS\system32\seclogon.dll - ok
10:10:18.0453 3300  [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
10:10:18.0453 3300  C:\WINDOWS\system32\mscoree.dll - ok
10:10:18.0453 3300  [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
10:10:18.0453 3300  C:\WINDOWS\system32\regsvc.dll - ok
10:10:18.0468 3300  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
10:10:18.0468 3300  C:\WINDOWS\system32\ipnathlp.dll - ok
10:10:18.0468 3300  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
10:10:18.0468 3300  C:\WINDOWS\system32\oakley.dll - ok
10:10:18.0468 3300  [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
10:10:18.0468 3300  C:\WINDOWS\system32\rundll32.exe - ok
10:10:18.0484 3300  [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
10:10:18.0484 3300  C:\WINDOWS\system32\fltlib.dll - ok
10:10:18.0484 3300  [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\Alwil Software\Avast5\AhResBhv.dll
10:10:18.0484 3300  C:\Program Files\Alwil Software\Avast5\AhResBhv.dll - ok
10:10:18.0500 3300  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
10:10:18.0500 3300  C:\WINDOWS\system32\netshell.dll - ok
10:10:18.0500 3300  [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\Alwil Software\Avast5\AhResJs.dll
10:10:18.0500 3300  C:\Program Files\Alwil Software\Avast5\AhResJs.dll - ok
10:10:18.0500 3300  [ FB53A700132D9A97D1E10E9F80BD6174 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
10:10:18.0500 3300  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
10:10:18.0515 3300  [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\Alwil Software\Avast5\AhResMai.dll
10:10:18.0515 3300  C:\Program Files\Alwil Software\Avast5\AhResMai.dll - ok
10:10:18.0515 3300  [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\Alwil Software\Avast5\AhResMes.dll
10:10:18.0515 3300  C:\Program Files\Alwil Software\Avast5\AhResMes.dll - ok
10:10:18.0531 3300  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
10:10:18.0531 3300  C:\WINDOWS\system32\winipsec.dll - ok
10:10:18.0531 3300  [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\Alwil Software\Avast5\AhResNS.dll
10:10:18.0531 3300  C:\Program Files\Alwil Software\Avast5\AhResNS.dll - ok
10:10:18.0546 3300  [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\Alwil Software\Avast5\AhResP2P.dll
10:10:18.0546 3300  C:\Program Files\Alwil Software\Avast5\AhResP2P.dll - ok
10:10:18.0546 3300  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
10:10:18.0546 3300  C:\WINDOWS\system32\pstorsvc.dll - ok
10:10:18.0562 3300  [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\Alwil Software\Avast5\AhResStd.dll
10:10:18.0562 3300  C:\Program Files\Alwil Software\Avast5\AhResStd.dll - ok
10:10:18.0562 3300  [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\Alwil Software\Avast5\AhResWS.dll
10:10:18.0562 3300  C:\Program Files\Alwil Software\Avast5\AhResWS.dll - ok
10:10:18.0562 3300  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
10:10:18.0562 3300  C:\WINDOWS\system32\psbase.dll - ok
10:10:18.0578 3300  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
10:10:18.0578 3300  C:\WINDOWS\system32\dssenh.dll - ok
10:10:18.0578 3300  [ 823C5BEB3D5B79090473FBD00C2D05C8 ] C:\Program Files\Alwil Software\Avast5\defs\13022600\ArPot.dll
10:10:18.0578 3300  C:\Program Files\Alwil Software\Avast5\defs\13022600\ArPot.dll - ok
10:10:18.0593 3300  [ 1ABFFB6ABE8B70EDA4206F0F3D3D72F4 ] C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll
10:10:18.0593 3300  C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll - ok
10:10:18.0593 3300  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
10:10:18.0593 3300  C:\WINDOWS\system32\credui.dll - ok
10:10:18.0609 3300  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
10:10:18.0609 3300  C:\WINDOWS\system32\dot3dlg.dll - ok
10:10:18.0609 3300  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
10:10:18.0609 3300  C:\WINDOWS\system32\onex.dll - ok
10:10:18.0609 3300  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
10:10:18.0609 3300  C:\WINDOWS\system32\eappcfg.dll - ok
10:10:18.0625 3300  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
10:10:18.0625 3300  C:\WINDOWS\system32\eappprxy.dll - ok
10:10:18.0625 3300  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
10:10:18.0625 3300  C:\WINDOWS\system32\sens.dll - ok
10:10:18.0625 3300  [ 3CE0ED54976B9E0B2DF1A84FB9630A10 ] C:\Program Files\PC Tools Firewall Plus\PCTWSC.dll
10:10:18.0625 3300  C:\Program Files\PC Tools Firewall Plus\PCTWSC.dll - ok
10:10:18.0640 3300  [ 469FECA228965C449F6D37B2CB054167 ] C:\Program Files\PC Tools Firewall Plus\FirewallSDK.dll
10:10:18.0640 3300  C:\Program Files\PC Tools Firewall Plus\FirewallSDK.dll - ok
10:10:18.0640 3300  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
10:10:18.0640 3300  C:\WINDOWS\system32\comsvcs.dll - ok
10:10:18.0656 3300  [ 6CF93FC44E346AE4D117C7A1F340BE2F ] C:\Program Files\Alwil Software\Avast5\defs\13022600\exts.dll
10:10:18.0656 3300  C:\Program Files\Alwil Software\Avast5\defs\13022600\exts.dll - ok
10:10:18.0656 3300  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
10:10:18.0656 3300  C:\WINDOWS\system32\cabinet.dll - ok
10:10:18.0656 3300  [ 39EADCAA61372C038BCFED96DF5323DA ] C:\Program Files\Alwil Software\Avast5\ashWebSv.dll
10:10:18.0656 3300  C:\Program Files\Alwil Software\Avast5\ashWebSv.dll - ok
10:10:18.0671 3300  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
10:10:18.0671 3300  C:\WINDOWS\system32\colbact.dll - ok
10:10:18.0671 3300  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
10:10:18.0671 3300  C:\WINDOWS\system32\mtxclu.dll - ok
10:10:18.0687 3300  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
10:10:18.0687 3300  C:\WINDOWS\system32\clusapi.dll - ok
10:10:18.0687 3300  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
10:10:18.0687 3300  C:\WINDOWS\system32\resutils.dll - ok
10:10:18.0703 3300  [ 2786AEC3D77234997DF81C658F50F572 ] C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE
10:10:18.0703 3300  C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE - ok
10:10:18.0703 3300  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
10:10:18.0703 3300  C:\WINDOWS\system32\security.dll - ok
10:10:18.0703 3300  [ 96386E75BCFED6F339BE01359D6CBFAF ] C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll
10:10:18.0703 3300  C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll - ok
10:10:18.0718 3300  [ D79D3EABD4730970770EFA530D094E0F ] C:\Program Files\Alwil Software\Avast5\snxhk.dll
10:10:18.0718 3300  C:\Program Files\Alwil Software\Avast5\snxhk.dll - ok
10:10:18.0718 3300  [ CDA514D577716ABB638F65880EDE8C2E ] C:\Program Files\Alwil Software\Avast5\defs\13022600\aswAR.dll
10:10:18.0718 3300  C:\Program Files\Alwil Software\Avast5\defs\13022600\aswAR.dll - ok
10:10:18.0734 3300  [ AC0D8846F9938863D4D1B216674D0188 ] C:\Program Files\PC Tools Firewall Plus\PluginDllFW.dll
10:10:18.0734 3300  C:\Program Files\PC Tools Firewall Plus\PluginDllFW.dll - ok
10:10:18.0734 3300  [ 200D4A6CA70D1D8725851FA9A484033E ] C:\Program Files\Alwil Software\Avast5\defs\13022600\aswRawFS.dll
10:10:18.0734 3300  C:\Program Files\Alwil Software\Avast5\defs\13022600\aswRawFS.dll - ok
10:10:18.0750 3300  [ 47C2C652BAEC4BEBF29BF2DF6EFB0936 ] C:\Program Files\Common Files\PC Tools\GenTDI\GenericTdiDll.dll
10:10:18.0750 3300  C:\Program Files\Common Files\PC Tools\GenTDI\GenericTdiDll.dll - ok
10:10:18.0750 3300  [ 09523AFBC5937D7CC786FC9C74D2D516 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
10:10:18.0750 3300  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll - ok
10:10:18.0765 3300  [ 723528449ED0D1B0AD98AF3EDF23101D ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
10:10:18.0765 3300  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
10:10:18.0765 3300  [ 4A7EF973FCD9C6CAD6040EBB61262A5C ] C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys
10:10:18.0765 3300  C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys - ok
10:10:18.0765 3300  [ 6D74DF36716A458619A62DD764FC4F8B ] C:\WINDOWS\system32\drivers\pctplfw.sys
10:10:18.0765 3300  C:\WINDOWS\system32\drivers\pctplfw.sys - ok
10:10:18.0781 3300  [ 75B672660FE739C4E8EB37B2D008DABF ] C:\Program Files\Common Files\PC Tools\KDS\KDSInterface.dll
10:10:18.0781 3300  C:\Program Files\Common Files\PC Tools\KDS\KDSInterface.dll - ok
10:10:18.0781 3300  [ 0D9A0C8E9B01C3655A18B7743F2641AD ] C:\Program Files\Common Files\PC Tools\KDS\KDSAppEvent.dll
10:10:18.0781 3300  C:\Program Files\Common Files\PC Tools\KDS\KDSAppEvent.dll - ok
10:10:18.0796 3300  [ 4B3685AA700084E4ED6635FC1EFD9CC2 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
10:10:18.0796 3300  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll - ok
10:10:18.0796 3300  [ C1649188479440AA5834EDA555445CDC ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll
10:10:18.0796 3300  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll - ok
10:10:18.0812 3300  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
10:10:18.0812 3300  C:\WINDOWS\system32\srsvc.dll - ok
10:10:18.0812 3300  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
10:10:18.0812 3300  C:\WINDOWS\system32\trkwks.dll - ok
10:10:18.0828 3300  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
10:10:18.0828 3300  C:\WINDOWS\system32\wiaservc.dll - ok
10:10:18.0828 3300  [ 0C720C33E8D28AD60B7932EAD82309EA ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll
10:10:18.0828 3300  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll - ok
10:10:18.0828 3300  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
10:10:18.0828 3300  C:\WINDOWS\system32\browser.dll - ok
10:10:18.0843 3300  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
10:10:18.0843 3300  C:\WINDOWS\system32\cfgmgr32.dll - ok
10:10:18.0843 3300  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
10:10:18.0843 3300  C:\WINDOWS\system32\mscms.dll - ok
10:10:18.0859 3300  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
10:10:18.0859 3300  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
10:10:18.0859 3300  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
10:10:18.0859 3300  C:\WINDOWS\system32\vssapi.dll - ok
10:10:18.0859 3300  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
10:10:18.0859 3300  C:\WINDOWS\system32\wuauserv.dll - ok
10:10:18.0875 3300  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
10:10:18.0875 3300  C:\WINDOWS\system32\wuaueng.dll - ok
10:10:18.0875 3300  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
10:10:18.0875 3300  C:\WINDOWS\system32\mspatcha.dll - ok
10:10:18.0890 3300  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
10:10:18.0890 3300  C:\WINDOWS\system32\wscsvc.dll - ok
10:10:18.0890 3300  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
10:10:18.0890 3300  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
10:10:18.0890 3300  [ C3FED6BBC024AAFFE6969FD4EE9F5941 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
10:10:18.0890 3300  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll - ok
10:10:18.0906 3300  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
10:10:18.0906 3300  C:\WINDOWS\system32\wbem\esscli.dll - ok
10:10:18.0906 3300  [ EBC3260A585526643666D4B430614421 ] C:\Program Files\FS\Spyro Portal\SpyroLibrary.dll
10:10:18.0906 3300  C:\Program Files\FS\Spyro Portal\SpyroLibrary.dll - ok
10:10:18.0921 3300  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
10:10:18.0921 3300  C:\WINDOWS\system32\wbem\fastprox.dll - ok
10:10:18.0921 3300  [ D34A527493F39AF4491B3E909DC697CA ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
10:10:18.0921 3300  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll - ok
10:10:18.0937 3300  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
10:10:18.0937 3300  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
10:10:18.0937 3300  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
10:10:18.0937 3300  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
10:10:18.0937 3300  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
10:10:18.0937 3300  C:\WINDOWS\system32\wups.dll - ok
10:10:18.0953 3300  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
10:10:18.0953 3300  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
10:10:18.0953 3300  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
10:10:18.0953 3300  C:\WINDOWS\system32\wups2.dll - ok
10:10:18.0968 3300  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
10:10:18.0968 3300  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
10:10:18.0968 3300  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
10:10:18.0968 3300  C:\WINDOWS\system32\wbem\wbemess.dll - ok
10:10:18.0984 3300  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
10:10:18.0984 3300  C:\WINDOWS\system32\wuauclt.exe - ok
10:10:18.0984 3300  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
10:10:18.0984 3300  C:\WINDOWS\system32\wuapi.dll - ok
10:10:18.0984 3300  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
10:10:18.0984 3300  C:\WINDOWS\system32\termsrv.dll - ok
10:10:19.0000 3300  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
10:10:19.0000 3300  C:\WINDOWS\system32\icaapi.dll - ok
10:10:19.0000 3300  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
10:10:19.0000 3300  C:\WINDOWS\system32\mstlsapi.dll - ok
10:10:19.0015 3300  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
10:10:19.0015 3300  C:\WINDOWS\system32\tapisrv.dll - ok
10:10:19.0015 3300  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
10:10:19.0015 3300  C:\WINDOWS\system32\rasmans.dll - ok
10:10:19.0015 3300  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
10:10:19.0015 3300  C:\WINDOWS\system32\netcfgx.dll - ok
10:10:19.0031 3300  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
10:10:19.0031 3300  C:\WINDOWS\system32\rastapi.dll - ok
10:10:19.0031 3300  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
10:10:19.0031 3300  C:\WINDOWS\system32\unimdm.tsp - ok
10:10:19.0046 3300  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
10:10:19.0046 3300  C:\WINDOWS\system32\uniplat.dll - ok
10:10:19.0046 3300  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
10:10:19.0046 3300  C:\WINDOWS\system32\kmddsp.tsp - ok
10:10:19.0046 3300  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
10:10:19.0046 3300  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
10:10:19.0062 3300  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
10:10:19.0062 3300  C:\WINDOWS\system32\ndptsp.tsp - ok
10:10:19.0062 3300  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
10:10:19.0062 3300  C:\WINDOWS\system32\ipconf.tsp - ok
10:10:19.0078 3300  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
10:10:19.0078 3300  C:\WINDOWS\system32\h323.tsp - ok
10:10:19.0078 3300  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
10:10:19.0078 3300  C:\WINDOWS\system32\hidphone.tsp - ok
10:10:19.0078 3300  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
10:10:19.0078 3300  C:\WINDOWS\system32\rasppp.dll - ok
10:10:19.0093 3300  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
10:10:19.0093 3300  C:\WINDOWS\system32\ntlsapi.dll - ok
10:10:19.0093 3300  [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
10:10:19.0093 3300  C:\WINDOWS\system32\licwmi.dll - ok
10:10:19.0109 3300  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
10:10:19.0109 3300  C:\WINDOWS\system32\rasqec.dll - ok
10:10:19.0109 3300  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
10:10:19.0109 3300  C:\WINDOWS\system32\wbem\framedyn.dll - ok
10:10:19.0109 3300  [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
10:10:19.0109 3300  C:\WINDOWS\system32\licdll.dll - ok
10:10:19.0125 3300  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
10:10:19.0125 3300  C:\WINDOWS\system32\netman.dll - ok
10:10:19.0125 3300  [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\Alwil Software\Avast5\Setup\avast.setup
10:10:19.0125 3300  C:\Program Files\Alwil Software\Avast5\Setup\avast.setup - ok
10:10:19.0140 3300  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
10:10:19.0140 3300  C:\WINDOWS\system32\wzcsapi.dll - ok
10:10:19.0140 3300  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
10:10:19.0140 3300  C:\WINDOWS\system32\alg.exe - ok
10:10:19.0156 3300  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
10:10:19.0156 3300  C:\WINDOWS\system32\msxml6.dll - ok
10:10:19.0156 3300  [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
10:10:19.0156 3300  C:\WINDOWS\system32\oledlg.dll - ok
10:10:19.0156 3300  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
10:10:19.0156 3300  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
10:10:19.0171 3300  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Family\LOCALS~1\temp\92D82B4B-0104-43F3-95B6-FE37E15AE9E5.exe
10:10:19.0171 3300  C:\DOCUME~1\Family\LOCALS~1\temp\92D82B4B-0104-43F3-95B6-FE37E15AE9E5.exe - ok
10:10:19.0171 3300  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
10:10:19.0171 3300  C:\WINDOWS\system32\linkinfo.dll - ok
10:10:19.0187 3300  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
10:10:19.0187 3300  C:\WINDOWS\system32\ntshrui.dll - ok
10:10:19.0187 3300  [ 3CC5914797E99032DBDB15CFEEBE0774 ] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
10:10:19.0187 3300  C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe - ok
10:10:19.0187 3300  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
10:10:19.0187 3300  C:\WINDOWS\system32\upnp.dll - ok
10:10:19.0203 3300  [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
10:10:19.0203 3300  C:\WINDOWS\system32\drprov.dll - ok
10:10:19.0203 3300  [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
10:10:19.0203 3300  C:\WINDOWS\system32\ntlanman.dll - ok
10:10:19.0218 3300  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
10:10:19.0218 3300  C:\WINDOWS\system32\ssdpapi.dll - ok
10:10:19.0218 3300  [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
10:10:19.0218 3300  C:\WINDOWS\system32\netui0.dll - ok
10:10:19.0234 3300  [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
10:10:19.0234 3300  C:\WINDOWS\system32\netui1.dll - ok
10:10:19.0234 3300  [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
10:10:19.0234 3300  C:\WINDOWS\system32\davclnt.dll - ok
10:10:19.0234 3300  [ BE869F82F392E53AFBCC3592B1226E3C ] C:\PROGRA~1\BILLPS~1\TASKCA~1\TaskTrap.exe
10:10:19.0234 3300  C:\PROGRA~1\BILLPS~1\TASKCA~1\TaskTrap.exe - ok
10:10:19.0250 3300  [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
10:10:19.0250 3300  C:\WINDOWS\system32\drivers\http.sys - ok
10:10:19.0250 3300  [ B77081F8221968C7DAB794B0BA55C43E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
10:10:19.0250 3300  C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
10:10:19.0265 3300  [ 2C7B219CD45E962C49B1834083C75183 ] C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
10:10:19.0265 3300  C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll - ok
10:10:19.0265 3300  [ E0AF182E1CB1729430535992D5DAFCE5 ] C:\PROGRA~1\BILLPS~1\TASKCA~1\patrolpro.dll
10:10:19.0265 3300  C:\PROGRA~1\BILLPS~1\TASKCA~1\patrolpro.dll - ok
10:10:19.0281 3300  [ EE0009F5DACA10CBEF55A2995B998CC8 ] C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
10:10:19.0281 3300  C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll - ok
10:10:19.0281 3300  [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
10:10:19.0281 3300  C:\WINDOWS\system32\ssdpsrv.dll - ok
10:10:19.0281 3300  [ AF43C4F7F3C8BC95DAD95024F96CDC4A ] C:\Program Files\QuickTime\qttask.exe
10:10:19.0281 3300  C:\Program Files\QuickTime\qttask.exe - ok
10:10:19.0296 3300  [ 8EEEF4C038A3FF7E56D47D9C0B912EAC ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
10:10:19.0296 3300  C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok
10:10:19.0296 3300  [ 47C1DE0A890613FFCFF1D67648EEDF90 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:10:19.0296 3300  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
10:10:19.0312 3300  [ 083649EF692A066880C9326020915AFE ] C:\Program Files\Alwil Software\Avast5\AvastUI.exe
10:10:19.0312 3300  C:\Program Files\Alwil Software\Avast5\AvastUI.exe - ok
10:10:19.0312 3300  [ 179EED57FED3C7422A559633641032BA ] C:\Program Files\Alwil Software\Avast5\aswUtil.dll
10:10:19.0312 3300  C:\Program Files\Alwil Software\Avast5\aswUtil.dll - ok
10:10:19.0328 3300  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
10:10:19.0328 3300  C:\WINDOWS\system32\webcheck.dll - ok
10:10:19.0328 3300  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
10:10:19.0328 3300  C:\WINDOWS\system32\mlang.dll - ok
10:10:19.0328 3300  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
10:10:19.0328 3300  C:\WINDOWS\system32\stobject.dll - ok
10:10:19.0343 3300  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
10:10:19.0343 3300  C:\WINDOWS\system32\batmeter.dll - ok
10:10:19.0343 3300  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
10:10:19.0343 3300  C:\WINDOWS\system32\imapi.exe - ok
10:10:19.0359 3300  [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
10:10:19.0359 3300  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll - ok
10:10:19.0359 3300  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
10:10:19.0359 3300  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
10:10:19.0359 3300  [ B4C1C657FCCCAF24EBF028CE68E6D086 ] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
10:10:19.0359 3300  C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe - ok
10:10:19.0375 3300  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
10:10:19.0375 3300  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
10:10:19.0375 3300  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
10:10:19.0375 3300  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
10:10:19.0390 3300  [ 3C62EAE05B76BA809FA1DE327922E846 ] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
10:10:19.0390 3300  C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe - ok
10:10:19.0390 3300  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
10:10:19.0390 3300  C:\WINDOWS\system32\ctfmon.exe - ok
10:10:19.0390 3300  [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
10:10:19.0390 3300  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll - ok
10:10:19.0406 3300  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
10:10:19.0406 3300  C:\WINDOWS\system32\rasdlg.dll - ok
10:10:19.0406 3300  [ FDFB209C5A04B7784BB0BB4AF7F0B31C ] C:\Program Files\CCleaner\CCleaner.exe
10:10:19.0406 3300  C:\Program Files\CCleaner\CCleaner.exe - ok
10:10:19.0421 3300  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
10:10:19.0421 3300  C:\WINDOWS\system32\msctf.dll - ok
10:10:19.0421 3300  [ 13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\Alwil Software\Avast5\aswAra.dll
10:10:19.0421 3300  C:\Program Files\Alwil Software\Avast5\aswAra.dll - ok
10:10:19.0437 3300  [ F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\Alwil Software\Avast5\aswData.dll
10:10:19.0437 3300  C:\Program Files\Alwil Software\Avast5\aswData.dll - ok
10:10:19.0437 3300  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
10:10:19.0437 3300  C:\WINDOWS\system32\msutb.dll - ok
10:10:19.0437 3300  [ FA6C29F3668505A0C85C770951C68CF6 ] C:\Program Files\Common Files\LightScribe\QtCore4.dll
10:10:19.0437 3300  C:\Program Files\Common Files\LightScribe\QtCore4.dll - ok
10:10:19.0453 3300  [ 63E8D944AFBEEBB243F25C4ED07E74C5 ] C:\WINDOWS\system32\inetmib1.dll
10:10:19.0453 3300  C:\WINDOWS\system32\inetmib1.dll - ok
10:10:19.0453 3300  [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
10:10:19.0453 3300  C:\WINDOWS\system32\snmpapi.dll - ok
10:10:19.0468 3300  [ AB6E3DF509C6BD59062F685A40395C23 ] C:\Program Files\Alwil Software\Avast5\1033\uiLangRes.dll
10:10:19.0468 3300  C:\Program Files\Alwil Software\Avast5\1033\uiLangRes.dll - ok
10:10:19.0468 3300  [ AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\Alwil Software\Avast5\CommonRes.dll
10:10:19.0468 3300  C:\Program Files\Alwil Software\Avast5\CommonRes.dll - ok
10:10:19.0468 3300  [ 90703BD8D71099E43993F3AFAF2B5A10 ] C:\Program Files\Common Files\LightScribe\QtGui4.dll
10:10:19.0468 3300  C:\Program Files\Common Files\LightScribe\QtGui4.dll - ok
10:10:19.0484 3300  [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
10:10:19.0484 3300  C:\WINDOWS\ime\sptip.dll - ok
10:10:19.0484 3300  [ B694FFBEFA206B569846EC3BC2585F03 ] C:\Program Files\PC Tools Firewall Plus\FirewallPlugin.dll
10:10:19.0484 3300  C:\Program Files\PC Tools Firewall Plus\FirewallPlugin.dll - ok
10:10:19.0500 3300  [ 773EF34590D40EC9824A2145F80BB491 ] C:\Program Files\PC Tools Firewall Plus\PPSupport.dll
10:10:19.0500 3300  C:\Program Files\PC Tools Firewall Plus\PPSupport.dll - ok
10:10:19.0500 3300  [ 3C1DC306F1F20A8071C363FA4FCBE16B ] C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
10:10:19.0500 3300  C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll - ok
10:10:19.0515 3300  [ 59ABE2B48AE8AD9591A8F2D1DC979702 ] C:\Program Files\Common Files\LightScribe\LSCMHT.dll
10:10:19.0515 3300  C:\Program Files\Common Files\LightScribe\LSCMHT.dll - ok
10:10:19.0515 3300  [ 4158324326206AA3A0264842593E0F0B ] C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_149.ocx
10:10:19.0515 3300  C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_149.ocx - ok
10:10:19.0515 3300  [ A14D324C50EB71FB480DDD60481D0C04 ] C:\WINDOWS\system32\pstorec.dll
10:10:19.0515 3300  C:\WINDOWS\system32\pstorec.dll - ok
10:10:19.0531 3300  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\78457620.sys
10:10:19.0531 3300  C:\WINDOWS\system32\drivers\78457620.sys - ok
10:10:19.0531 3300  [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
10:10:19.0531 3300  C:\WINDOWS\system32\httpapi.dll - ok
10:10:19.0546 3300  [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
10:10:19.0546 3300  C:\WINDOWS\system32\w3ssl.dll - ok
10:10:19.0546 3300  [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
10:10:19.0546 3300  C:\WINDOWS\system32\strmfilt.dll - ok
10:10:19.0562 3300  [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
10:10:19.0562 3300  C:\WINDOWS\system32\dsound.dll - ok
10:10:19.0562 3300  [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
10:10:19.0562 3300  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
10:10:19.0578 3300  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
10:10:19.0578 3300  C:\WINDOWS\system32\mydocs.dll - ok
10:10:19.0578 3300  [ 18D56E724CE1DC4AE766469BAD5D6EA6 ] C:\WINDOWS\system32\inetcpl.cpl
10:10:19.0578 3300  C:\WINDOWS\system32\inetcpl.cpl - ok
10:10:19.0578 3300  [ 9D362539CB97E842E04B0FDA04870530 ] C:\Program Files\Alwil Software\Avast5\defs\13022600\uiext.dll
10:10:19.0578 3300  C:\Program Files\Alwil Software\Avast5\defs\13022600\uiext.dll - ok
10:10:19.0593 3300  [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll
10:10:19.0593 3300  C:\WINDOWS\system32\advpack.dll - ok
10:10:19.0593 3300  [ 727C9E97CB26879C17A30484C2C76E98 ] C:\WINDOWS\system32\mshtml.dll
10:10:19.0593 3300  C:\WINDOWS\system32\mshtml.dll - ok
10:10:19.0609 3300  [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] C:\WINDOWS\system32\msls31.dll
10:10:19.0609 3300  C:\WINDOWS\system32\msls31.dll - ok
10:10:19.0609 3300  [ F3370C98F4981EDA6036689D298E67B9 ] C:\WINDOWS\system32\browselc.dll
10:10:19.0609 3300  C:\WINDOWS\system32\browselc.dll - ok
10:10:19.0609 3300  [ 25A25D0567946FF4F6808477A4B14C7A ] C:\WINDOWS\system32\msfeeds.dll
10:10:19.0609 3300  C:\WINDOWS\system32\msfeeds.dll - ok
10:10:19.0625 3300  [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
10:10:19.0625 3300  C:\WINDOWS\system32\msisip.dll - ok
10:10:19.0625 3300  [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
10:10:19.0625 3300  C:\WINDOWS\system32\wshext.dll - ok
10:10:19.0640 3300  [ F3AD8EA144F411A6292775FA2B230DE5 ] C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll
10:10:19.0640 3300  C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll - ok
10:10:19.0640 3300  [ E9AF8B12CFFC04C0F4399ED8E4D3826E ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
10:10:19.0640 3300  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
10:10:19.0640 3300  [ B60DDDD2D63CE41CB8C487FCFBB6419E ] C:\Program Files\Internet Explorer\iexplore.exe
10:10:19.0640 3300  C:\Program Files\Internet Explorer\iexplore.exe - ok
10:10:19.0656 3300  [ E11457C66FDD966EE415FBBC6D9BE643 ] C:\WINDOWS\system32\msimtf.dll
10:10:19.0656 3300  C:\WINDOWS\system32\msimtf.dll - ok
10:10:19.0656 3300  [ F7D4A7047BCB7D3CC70B0DC23E928022 ] C:\Program Files\Alwil Software\Avast5\AhAScr.dll
10:10:19.0656 3300  C:\Program Files\Alwil Software\Avast5\AhAScr.dll - ok
10:10:19.0671 3300  [ 0689622E6484934EB6E5F4D3A96311F9 ] C:\WINDOWS\system32\jscript.dll
10:10:19.0671 3300  C:\WINDOWS\system32\jscript.dll - ok
10:10:19.0671 3300  [ AF8841FEF8DE40D36E77C6662843EDAE ] C:\WINDOWS\AppPatch\aclayers.dll
10:10:19.0671 3300  C:\WINDOWS\AppPatch\aclayers.dll - ok
10:10:19.0671 3300  [ 124715CD10C62A78404F1A3B1048D062 ] C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll
10:10:19.0687 3300  C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll - ok
10:10:19.0687 3300  [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
10:10:19.0687 3300  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
10:10:19.0687 3300  [ 5EB87BA0B93CA7E894FC8002E3CE4C2A ] C:\Program Files\Internet Explorer\sqmapi.dll
10:10:19.0687 3300  C:\Program Files\Internet Explorer\sqmapi.dll - ok
10:10:19.0703 3300  [ 11734790410900D2CD6B7839020E4DD9 ] C:\WINDOWS\system32\ieui.dll
10:10:19.0703 3300  C:\WINDOWS\system32\ieui.dll - ok
10:10:19.0703 3300  [ 35355BEDAEF1E12912DFC8F07A6E7DC7 ] C:\Program Files\Internet Explorer\xpshims.dll
10:10:19.0703 3300  C:\Program Files\Internet Explorer\xpshims.dll - ok
10:10:19.0718 3300  [ 739591BE466B2246144308825CE7D2EF ] C:\Program Files\Internet Explorer\ieproxy.dll
10:10:19.0718 3300  C:\Program Files\Internet Explorer\ieproxy.dll - ok
10:10:19.0718 3300  [ C88C65DF1ED4DFD34CFBD11CDFE519A3 ] C:\WINDOWS\system32\wucltui.dll
10:10:19.0718 3300  C:\WINDOWS\system32\wucltui.dll - ok
10:10:19.0718 3300  [ C31DD4CEC06D2908AE5F212A0B13805B ] C:\WINDOWS\system32\wuaucpl.cpl
10:10:19.0718 3300  C:\WINDOWS\system32\wuaucpl.cpl - ok
10:10:19.0734 3300  [ BBDFDBEAD1B7A1CFD44BFFFD177FB627 ] C:\WINDOWS\system32\mucltui.dll
10:10:19.0734 3300  C:\WINDOWS\system32\mucltui.dll - ok
10:10:19.0734 3300  [ D1E18F4AE94FFEC7270BE0A10C0B295E ] C:\WINDOWS\system32\xmllite.dll
10:10:19.0734 3300  C:\WINDOWS\system32\xmllite.dll - ok
10:10:19.0750 3300  [ 66F1C930F4572816BB15C3A863590305 ] C:\WINDOWS\system32\ieapfltr.dll
10:10:19.0750 3300  C:\WINDOWS\system32\ieapfltr.dll - ok
10:10:19.0750 3300  [ 8368B315DE37A3006AFE271123E4280B ] C:\WINDOWS\system32\iepeers.dll
10:10:19.0750 3300  C:\WINDOWS\system32\iepeers.dll - ok
10:10:19.0765 3300  [ A47F6A13202AA54541CA46D6CED79F5F ] C:\WINDOWS\system32\ddrawex.dll
10:10:19.0765 3300  C:\WINDOWS\system32\ddrawex.dll - ok
10:10:19.0765 3300  [ A340CD71EB535A3DD751B5F28723E50C ] C:\WINDOWS\system32\ddraw.dll
10:10:19.0765 3300  C:\WINDOWS\system32\ddraw.dll - ok
10:10:19.0765 3300  [ D8B91D94ECB123862B390FDE3250D3BB ] C:\WINDOWS\system32\dciman32.dll
10:10:19.0765 3300  C:\WINDOWS\system32\dciman32.dll - ok
10:10:19.0781 3300  [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
10:10:19.0781 3300  C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
10:10:19.0781 3300  [ ADA23DCD5DD87CA957AAF1DE9D6CE292 ] C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL
10:10:19.0781 3300  C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL - ok
10:10:19.0796 3300  [ 42B928FC8518D793BF7A5EAFC57B1D8B ] C:\WINDOWS\system32\imgutil.dll
10:10:19.0796 3300  C:\WINDOWS\system32\imgutil.dll - ok
10:10:19.0796 3300  [ E5FA1B044DAC5F6F600A1742D73F6936 ] C:\WINDOWS\system32\pngfilt.dll
10:10:19.0796 3300  C:\WINDOWS\system32\pngfilt.dll - ok
10:10:19.0796 3300  [ 0DFA4D5E8205614EDA53394E637812E4 ] C:\WINDOWS\system32\vdmdbg.dll
10:10:19.0796 3300  C:\WINDOWS\system32\vdmdbg.dll - ok
10:10:19.0812 3300  [ 5E1A0476E009A1930A524DFF4CA13982 ] C:\WINDOWS\system32\dxtrans.dll
10:10:19.0812 3300  C:\WINDOWS\system32\dxtrans.dll - ok
10:10:19.0812 3300  [ 057D53F1490598D41D9D4DEE9A92B0B1 ] C:\WINDOWS\system32\dxtmsft.dll
10:10:19.0812 3300  C:\WINDOWS\system32\dxtmsft.dll - ok
10:10:19.0828 3300  [ 56ADB11F7D4D0816C0BE1E701C1B5E52 ] C:\WINDOWS\system32\d3dim700.dll
10:10:19.0828 3300  C:\WINDOWS\system32\d3dim700.dll - ok
10:10:19.0828 3300  ============================================================
10:10:19.0828 3300  Scan finished
10:10:19.0828 3300  ============================================================
10:10:19.0843 3692  Detected object count: 0
10:10:19.0843 3692  Actual detected object count: 0
10:11:36.0625 3656  Deinitialize success
 

 

aswmbr log (Didn't ask for engine defs, despite disabling real time protection for antivirus properly as instructed in the link you provided):

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-26 10:29:00
-----------------------------
10:29:00.406    OS Version: Windows 5.1.2600 Service Pack 3
10:29:00.406    Number of processors: 2 586 0x6B01
10:29:00.406    ComputerName: COMPUTER1  UserName: Family
10:29:01.968    Initialize success
10:29:05.562    AVAST engine defs: 13022600
10:30:57.734    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
10:30:57.734    Disk 0 Vendor: ST3320620AS 3.AAK Size: 305245MB BusType: 3
10:30:57.765    Disk 0 MBR read successfully
10:30:57.765    Disk 0 MBR scan
10:30:57.765    Disk 0 Windows XP default MBR code
10:30:57.781    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       131061 MB offset 63
10:30:57.796    Disk 0 scanning sectors +268414020
10:30:57.859    Disk 0 scanning C:\WINDOWS\system32\drivers
10:31:05.937    Service scanning
10:31:20.015    Modules scanning
10:31:27.328    Disk 0 trace - called modules:
10:31:27.343    ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys ACPI.sys hal.dll atapi.sys pciide.sys
10:31:27.359    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85f18ab8]
10:31:27.359    3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> [0x85f43e50]
10:31:27.375    5 PCTCore.sys[f725f891] -> nt!IofCallDriver -> \Device\00000078[0x86052650]
10:31:27.375    7 ACPI.sys[f7310620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x85fe3d98]
10:31:28.968    AVAST engine scan C:\WINDOWS
10:31:38.796    AVAST engine scan C:\WINDOWS\system32
10:35:10.140    AVAST engine scan C:\WINDOWS\system32\drivers
10:35:28.453    AVAST engine scan C:\Documents and Settings\Family
10:42:19.765    AVAST engine scan C:\Documents and Settings\All Users
10:43:06.812    Scan finished successfully
10:44:07.640    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Family\My Documents\MBR.dat"
10:44:07.656    The log file has been saved successfully to "C:\Documents and Settings\Family\My Documents\aswMBR.txt"


 

Eset didn't make a log file, so I typed what the results page said. Scan results were:


 

scanned files 72851
infected files 0
cleaned files 0
total scan time 01:19:02
scan status finished


 

It also suggested I uninstall the program. Should I? And what would you recommend I do to get security update KB2736416 to actually install?


 


Edited by TheLadyIsMad, 26 February 2013 - 03:54 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 AM

Posted 26 February 2013 - 10:34 PM

What is the error code you get?

 

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#5 TheLadyIsMad

TheLadyIsMad
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 26 February 2013 - 11:26 PM

Ok. Avast had it listed from folder  WinPatrol\HOSTS  and the status was "Error file is offline - is it currently not available. (42006)

 

When I look at the logs from my Avast scans over the past few weeks, I have on 2/11 a full system scan "virus found" claiming dds.scr as a "threat Win32:Malware-gen" and above that, a listing for the WinPatrol folder with the error 42006. After I'd deleted dds.scr, I did a boot-time scan, very early on 2/12 with "no virus found". That morning, and later that evening of that same day, I checked again with full system scan, and I got "Some files could not be scanned" with once again WInPatrol and error 42006.

A quick scan on 2/22 showed nothing again. On 2/24 again the "Some files could not be scanned message. Again on the

25th I tried and it's the same. I honestly don't know why I get that message. I will do the steps you suggested and edit this post accordingly.

 

<<<<Edited 9:46pm pst>>>>

 

Oddly, when I reinstalled Malwarebytes, WinPatrol popped up a window asking about permission involving a \silent item for Malwarebytes? After accepting, it suddenly told me it had to close, and Windows tried to send an error report. Fun times.

 

 

Malwarebytes log:

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org


 

Database version: v2013.02.27.02


 

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Family :: COMPUTER1 [administrator]


 

2/26/2013 8:36:18 PM
mbam-log-2013-02-26 (20-36-18).txt


 

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220545
Time elapsed: 11 minute(s), 20 second(s)


 

Memory Processes Detected: 0
(No malicious items detected)


 

Memory Modules Detected: 0
(No malicious items detected)


 

Registry Keys Detected: 0
(No malicious items detected)


 

Registry Values Detected: 0
(No malicious items detected)


 

Registry Data Items Detected: 0
(No malicious items detected)


 

Folders Detected: 0
(No malicious items detected)


 

Files Detected: 0
(No malicious items detected)


 

(end)

 

 

MIniToolBox log:

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by Family (administrator) on 26-02-2013 at 20:51:03
Running from "C:\Documents and Settings\Family\My Documents"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************


 

========================= Flush DNS: ===================================


 


Windows IP Configuration


 

 


 

Successfully flushed the DNS Resolver Cache.


 


========================= IE Proxy Settings: ==============================


 

Proxy is not enabled.
No Proxy Server is set.


 

"Reset IE Proxy Settings": IE Proxy Settings were reset.


 

========================= FF Proxy Settings: ==============================


 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.


 

========================= Hosts content: =================================


 

127.0.0.1       localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com


 

There are 15219 more lines starting with "127.0.0.1"


 

========================= IP Configuration: ================================


 

NVIDIA nForce 10/100/1000 Mbps Ethernet  = Local Area Connection (Connected)


 


# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip


 


# Interface IP Configuration for "Local Area Connection"


 

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


 


popd
# End of interface IP configuration


 

 


 


Windows IP Configuration


 

 


 

        Host Name . . . . . . . . . . . . : COMPUTER1


 

        Primary Dns Suffix  . . . . . . . :


 

        Node Type . . . . . . . . . . . . : Unknown


 

        IP Routing Enabled. . . . . . . . : No


 

        WINS Proxy Enabled. . . . . . . . : No


 

        DNS Suffix Search List. . . . . . : netgear.com


 

 


 

Ethernet adapter Local Area Connection:


 

 


 

        Connection-specific DNS Suffix  . : netgear.com


 

        Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet


 

        Physical Address. . . . . . . . . : 00-50-8D-9F-62-40


 

        Dhcp Enabled. . . . . . . . . . . : Yes


 

        Autoconfiguration Enabled . . . . : Yes


 

        IP Address. . . . . . . . . . . . : 192.168.254.21


 

        Subnet Mask . . . . . . . . . . . : 255.255.255.0


 

        Default Gateway . . . . . . . . . : 192.168.254.254


 

        DHCP Server . . . . . . . . . . . : 192.168.254.254


 

        DNS Servers . . . . . . . . . . . : 192.168.254.254


 

        Lease Obtained. . . . . . . . . . : Tuesday, February 26, 2013 1:09:38 PM


 

        Lease Expires . . . . . . . . . . : Wednesday, February 27, 2013 1:09:38 PM


 

Server:  dslrouter.netgear.com
Address:  192.168.254.254


 

Name:    google.com
Addresses:  173.194.33.4, 173.194.33.5, 173.194.33.6, 173.194.33.7
   173.194.33.8, 173.194.33.9, 173.194.33.14, 173.194.33.0, 173.194.33.1
   173.194.33.2, 173.194.33.3


 

 


 

Pinging google.com [173.194.33.3] with 32 bytes of data:


 

 


 

Reply from 173.194.33.3: bytes=32 time=24ms TTL=55


 

Reply from 173.194.33.3: bytes=32 time=25ms TTL=55


 

 


 

Ping statistics for 173.194.33.3:


 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),


 

Approximate round trip times in milli-seconds:


 

    Minimum = 24ms, Maximum = 25ms, Average = 24ms


 

Server:  dslrouter.netgear.com
Address:  192.168.254.254


 

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109


 

 


 

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:


 

 


 

Reply from 98.138.253.109: bytes=32 time=110ms TTL=49


 

Reply from 98.138.253.109: bytes=32 time=89ms TTL=49


 

 


 

Ping statistics for 98.138.253.109:


 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),


 

Approximate round trip times in milli-seconds:


 

    Minimum = 89ms, Maximum = 110ms, Average = 99ms


 

 


 

Pinging 127.0.0.1 with 32 bytes of data:


 

 


 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128


 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128


 

 


 

Ping statistics for 127.0.0.1:


 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),


 

Approximate round trip times in milli-seconds:


 

    Minimum = 0ms, Maximum = 0ms, Average = 0ms


 

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 8d 9f 62 40 ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.254  192.168.254.21   20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
    192.168.254.0    255.255.255.0   192.168.254.21  192.168.254.21   20
   192.168.254.21  255.255.255.255        127.0.0.1       127.0.0.1   20
  192.168.254.255  255.255.255.255   192.168.254.21  192.168.254.21   20
        224.0.0.0        240.0.0.0   192.168.254.21  192.168.254.21   20
  255.255.255.255  255.255.255.255   192.168.254.21  192.168.254.21   1
Default Gateway:   192.168.254.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================


 

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)


 

========================= Event log errors: ===============================


 

Application errors:
==================
Error: (02/26/2013 08:32:27 PM) (Source: Application Error) (User: )
Description: Faulting application winpatrol.exe, version 26.1.2013.0, faulting module winpatrol.exe, version 26.1.2013.0, fault address 0x00015b26.
Processing media-specific event for [winpatrol.exe!ws!]


 

Error: (02/26/2013 01:12:26 PM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 3.5-kb2736416, P2 1033, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.


 

Error: (02/26/2013 01:12:25 PM) (Source: MsiInstaller) (User: COMPUTER1)
Description: Product: Microsoft .NET Framework 3.5 SP1 - Update 'KB2736416' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Family\LOCALS~1\Temp\Microsoft .NET Framework 3.5-KB2736416_20130226_211208062-Msi0.txt.


 

Error: (02/26/2013 01:09:50 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to open C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory


 

Error: (02/26/2013 10:06:22 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to open C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory


 

Error: (02/26/2013 07:33:14 AM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 3.5-kb2736416, P2 1033, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.


 

Error: (02/26/2013 07:33:13 AM) (Source: MsiInstaller) (User: COMPUTER1)
Description: Product: Microsoft .NET Framework 3.5 SP1 - Update 'KB2736416' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Family\LOCALS~1\Temp\Microsoft .NET Framework 3.5-KB2736416_20130226_153244800-Msi0.txt.


 

Error: (02/26/2013 07:30:00 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to open C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory


 

Error: (02/24/2013 09:58:34 PM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 3.5-kb2736416, P2 1033, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.


 

Error: (02/24/2013 09:58:33 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 3.5 SP1 - Update 'KB2736416' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 3.5-KB2736416_20130225_055818656-Msi0.txt.


 


System errors:
=============
Error: (02/26/2013 01:12:38 PM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2736416).


 

Error: (02/26/2013 10:41:07 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2


 

Error: (02/26/2013 10:40:41 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2


 

Error: (02/26/2013 10:39:42 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2


 

Error: (02/26/2013 08:01:50 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2


 

Error: (02/26/2013 08:01:35 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2


 

Error: (02/26/2013 08:01:35 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2


 

Error: (02/26/2013 07:59:32 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2


 

Error: (02/26/2013 07:58:45 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2


 

Error: (02/26/2013 07:58:44 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2


 


Microsoft Office Sessions:
=========================
Error: (02/26/2013 08:32:27 PM) (Source: Application Error)(User: )
Description: winpatrol.exe26.1.2013.0winpatrol.exe26.1.2013.000015b26


 

Error: (02/26/2013 01:12:26 PM) (Source: HotFixInstaller)(User: )
Description: visualstudio8setupmicrosoft .net framework 3.5-kb273641610331603msif9.0.40215.0installx86xp0


 

Error: (02/26/2013 01:12:25 PM) (Source: MsiInstaller)(User: COMPUTER1)
Description: Microsoft .NET Framework 3.5 SP1KB27364161603C:\DOCUME~1\Family\LOCALS~1\Temp\Microsoft .NET Framework 3.5-KB2736416_20130226_211208062-Msi0.txt


 

Error: (02/26/2013 01:09:50 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to open C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory


 

Error: (02/26/2013 10:06:22 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to open C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory


 

Error: (02/26/2013 07:33:14 AM) (Source: HotFixInstaller)(User: )
Description: visualstudio8setupmicrosoft .net framework 3.5-kb273641610331603msif9.0.40215.0installx86xp0


 

Error: (02/26/2013 07:33:13 AM) (Source: MsiInstaller)(User: COMPUTER1)
Description: Microsoft .NET Framework 3.5 SP1KB27364161603C:\DOCUME~1\Family\LOCALS~1\Temp\Microsoft .NET Framework 3.5-KB2736416_20130226_153244800-Msi0.txt


 

Error: (02/26/2013 07:30:00 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to open C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory


 

Error: (02/24/2013 09:58:34 PM) (Source: HotFixInstaller)(User: )
Description: visualstudio8setupmicrosoft .net framework 3.5-kb273641610331603msif9.0.40215.0installx86xp0


 

Error: (02/24/2013 09:58:33 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft .NET Framework 3.5 SP1KB27364161603C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 3.5-KB2736416_20130225_055818656-Msi0.txt


 


=========================== Installed Programs ============================


 

abitEQ V1.1.1.1 (Version: 1.1.1.1)
AC3Filter 1.63b (Version: 1.63b)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Reader 8.3.1 (Version: 8.3.1)
avast! Free Antivirus (Version: 7.0.1474.0)
BigSpeed Zipper
Canon iP1800 series User Registration
Canon My Printer
Canon Utilities Easy-LayoutPrint
Canon Utilities Easy-PhotoPrint
CCleaner
Character Builder (Version: 1.10.0000)
Combined Community Codec Pack 2008-09-21 16:18 (Version: 2008.09.21.0)
Critical Update for Windows Media Player 11 (KB959772)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ERUNT 1.1j
ESET Online Scanner v3
Eusing Free Registry Cleaner
ffdshow [rev 3065] [2009-09-02] (Version: 1.0)
Haali Media Splitter
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HiJackThis (Version: 1.0.0)
HijackThis 2.0.2 (Version: 2.0.2)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 37 (Version: 6.0.370)
LightScribe System Software  1.10.13.1 (Version: 1.10.13.1)
LingvoSoft Dictionary 2006 (English<->Japanese Kanji Romaji) for Windows (Version: 3.1.41)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee SiteAdvisor (Version: 3.0.163)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Age of Empires Gold
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft DirectX SDK (March 2009) (Version: 9.26.1590.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders  (English) 14 (Version: 14.0.6029.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WinUsb 2.0
Mouse Suite
Mozilla Firefox (2.0.0.9) (Version: 2.0.0.9 (en-US))
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
MyDefrag v4.2.5 (Version: 4.0.0.0)
Nero - Burning Rom (Version: 5.5.7.1)
Nero 7 Essentials (Version: 7.03.0581)
neroxml (Version: 1.0.0)
NVIDIA Drivers
Pando Media Booster (Version: 2.3.5.4)
PC Tools Firewall Plus 6.0 (Version: 6.0)
PIXMA Extended Survey Program
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 5.10.0.5391)
SpyroDriver (Version: 1.06.0000)
SpyroPortalDriver (Version: 1.0.1)
Spyware Doctor 7.0 (Version: 7.0)
SpywareBlaster 4.6 (Version: 4.6.0)
Task Catcher
Tweaking.com - Windows Repair (All in One) (Version: 1.9.10)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2362765) (Version: 1)
Update for Windows Internet Explorer 8 (KB971180) (Version: 1)
Update for Windows Internet Explorer 8 (KB973874) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebFldrs XP (Version: 9.50.5318)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0) (Version: 05/27/2006 1.3.2.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows PowerShell™ 1.0 (Version: 2)
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPatrol (Version: 26.1.2013.0)
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
Xvid 1.1.3 final uninstall (Version: 1.1)


 

========================= Devices: ================================


 

Name: Activision Xbox360 Spyro Portal
Description: Activision Xbox360 Spyro Portal
Class Guid: {4A9C2FA7-D63F-44C5-A247-BB3289A3739F}
Manufacturer: Activision
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


 


========================= Memory info: ===================================


 

Percentage of memory in use: 66%
Total physical RAM: 958.48 MB
Available physical RAM: 316.36 MB
Total Pagefile: 2314.43 MB
Available Pagefile: 1734.53 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.14 MB


 

========================= Partitions: =====================================


 

2 Drive c: () (Fixed) (Total:127.99 GB) (Free:99.2 GB) NTFS


 

========================= Users: ========================================


 

User accounts for \\COMPUTER1


 

Administrator            Family                   Guest                   
HelpAssistant            SUPPORT_388945a0        


 


**** End of log ****

 

 

Farbar's Service Scanner log:

 

Farbar Service Scanner Version: 20-02-2013
Ran by Family (administrator) on 26-02-2013 at 20:55:20
Running from "C:\Documents and Settings\Family\My Documents"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************


 

Internet Services:
============


 

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


 


Windows Firewall:
=============


 

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


 


System Restore:
============


 

System Restore Disabled Policy:
========================


 


Security Center:
============


 

Windows Update:
============


 

Windows Autoupdate Disabled Policy:
============================


 


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2007-07-30 23:16] - [2008-04-13 16:12] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A


 

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2001-08-23 04:00] - [2009-02-06 03:11] - 0110592 _____ (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


 


Extra List:
=======
aswTdi(8) Gpc(3) IPSec(5) NetBT(6) pctgntdi(10) pctNDIS(9) PSched(7) Tcpip(4)
0x0A00000005000000010000000200000003000000040000000A00000008000000060000000700000009000000
IpSec Tag value is correct.


 

**** End of log ****

 

 

AdwCleaner log:

 

# AdwCleaner v2.113 - Logfile created 02/26/2013 at 20:57:15
# Updated 23/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Family - COMPUTER1
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Family\My Documents\AdwCleaner.exe
# Option [Delete]


 


***** [Services] *****


 


***** [Files / Folders] *****


 

Folder Deleted : C:\Documents and Settings\All Users\Application Data\InstallMate


 

***** [Registry] *****


 

Key Deleted : HKCU\Software\Headlight


 

***** [Internet Browsers] *****


 

-\\ Internet Explorer v8.0.6001.18702


 

[OK] Registry is clean.


 

-\\ Mozilla Firefox v2.0.0.9 (en-US)


 

File : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\2oeh9pwe.default\prefs.js


 

[OK] File is clean.


 

*************************


 

AdwCleaner[S1].txt - [834 octets] - [26/02/2013 20:57:15]


 

########## EOF - C:\AdwCleaner[S1].txt - [893 octets] ##########

 

 

Junkware Removal Tool log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.5 (02.18.2013:1)
OS: Microsoft Windows XP x86
Ran by Family on Tue 02/26/2013 at 21:14:34.96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


 

 


 


~~~ Services


 

 


 

~~~ Registry Values


 

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL


 

 


 

~~~ Registry Keys


 

Successfully deleted: [Registry Key] hkey_current_user\software\billp studios\detected\startup
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}


 

 


 

~~~ Files


 

 


 

~~~ Folders


 

 


 

 


 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/26/2013 at 21:22:57.20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

Rkill log:

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html


 

Program started at: 02/26/2013 09:27:06 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3


 

Checking for Windows services to stop:


 

 * No malware services found to stop.


 

Checking for processes to terminate:


 

 * No malware processes found to kill.


 

Checking Registry for malware related settings:


 

 * No issues found in the Registry.


 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.


 

Performing miscellaneous checks:


 

 * Windows Firewall Disabled


 

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000


 

Checking Windows Service Integrity:


 

 * RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]


 

Searching for Missing Digital Signatures:


 

 * No issues found.


 

Checking HOSTS File:


 

 * HOSTS file entries found:


 

  127.0.0.1       localhost
  127.0.0.1 www.007guard.com
  127.0.0.1 007guard.com
  127.0.0.1 008i.com
  127.0.0.1 www.008k.com
  127.0.0.1 008k.com
  127.0.0.1 www.00hq.com
  127.0.0.1 00hq.com
  127.0.0.1 010402.com
  127.0.0.1 www.032439.com
  127.0.0.1 032439.com
  127.0.0.1 www.0scan.com
  127.0.0.1 0scan.com
  127.0.0.1 1000gratisproben.com
  127.0.0.1 www.1000gratisproben.com
  127.0.0.1 1001namen.com
  127.0.0.1 www.1001namen.com
  127.0.0.1 www.100888290cs.com
  127.0.0.1 100888290cs.com
  127.0.0.1 100sexlinks.com


 

  20 out of 15239 HOSTS entries shown.
  Please review HOSTS file for further entries.


 

Program finished at: 02/26/2013 09:27:40 PM
Execution time: 0 hours(s), 0 minute(s), and 34 seconds(s)

 

 

Autoruns log:

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 8.0\reader\reader_sl.exe"
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\alwil software\avast5\avastui.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "Task Catcher" "Task Catcher System Monitor" "BillP Studios" "c:\program files\billp studios\task catcher\tasktrap.exe"
+ "Task Catcher Real-Time Detector" "Task Catcher System Monitor" "BillP Studios" "c:\program files\billp studios\task catcher\tasktrap.exe"
+ "WinPatrol" "WinPatrol System Monitor" "BillP Studios" "c:\program files\billp studios\winpatrol\winpatrol.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lsrunonce.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "avast! Antivirus" "avast! Antivirus" "AVAST Software" "c:\program files\alwil software\avast5\avastui.exe"
+ "ccleaner" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lightscribecontrolpanel.exe"
+ "PC Tools Firewall GUI" "PC Tools Firewall GUI" "PC Tools" "c:\program files\pc tools firewall plus\firewallgui.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashshell.dll"
+ "BigSpeedZipper" "Inernet-enabled zip compression control" "BigSpeedSoft" "c:\program files\bigspeed zipper\bszcm.dll"
+ "Cover Designer" "Cover Designer" "Nero AG" "c:\program files\nero\nero 7\nero coverdesigner\coveredextension.dll"
+ "InCDShellExt" "InCD" "Nero AG" "c:\program files\nero\nero 7\incd\incdshx.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "InCDUdfPerm" "InCD" "Nero AG" "c:\program files\nero\nero 7\incd\incdup.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashshell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "InCDShellExt" "InCD" "Nero AG" "c:\program files\nero\nero 7\incd\incdshx.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "00nView" "NVIDIA Desktop Explorer, Version 120.64 " "NVIDIA Corporation" "c:\windows\system32\nvshell.dll"
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "Haali Column Provider" "" "" "c:\program files\haali\matroskasplitter\mmfinfo.dll"
+ "NeroDigitalColumnHandler Class" "Nero Digital Shell Extension" "Nero AG" "c:\program files\common files\ahead\lib\nerodigitalext.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashshell.dll"
+ "BigSpeedZipper" "Inernet-enabled zip compression control" "BigSpeedSoft" "c:\program files\bigspeed zipper\bszcm.dll"
+ "InCDShellExt" "InCD" "Nero AG" "c:\program files\nero\nero 7\incd\incdshx.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "NBShellHook" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\PropertySheetHandlers" "" "" ""
+ "InCDUdfPerm" "InCD" "Nero AG" "c:\program files\nero\nero 7\incd\incdup.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\alwil software\avast5\aswwebrepie.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\alwil software\avast5\aswwebrepie.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "Adobe Flash Player Updater.job" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "avast! Emergency Update.job" "avast! Emergency Update" "AVAST Software" "c:\program files\alwil software\avast5\avastemupdate.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\alwil software\avast5\avastsvc.exe"
+ "IJPLMSVC" "Collects log data from the IJ printer and manages data transmission." "" "c:\program files\canon\ijplm\ijplmsvc.exe"
+ "InCDsrv" "Helper service for the InCD filesystem driver" "Nero AG" "c:\program files\nero\nero 7\incd\incdsrv.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jqs.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lssrvc.exe"
+ "McAfee SiteAdvisor Service" "Provides low-level support for McAfee SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcsacore.exe"
+ "NBService" "Nero BackItUp Service is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP." "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbservice.exe"
+ "NMIndexingService" "Nero Home" "Nero AG" "c:\program files\common files\ahead\lib\nmindexingservice.exe"
+ "NVSvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvsvc32.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PCToolsFirewallPlus" "PC Tools Firewall Plus service" "PC Tools" "c:\program files\pc tools firewall plus\fwservice.exe"
+ "SpyroService" "FlashPortal" "FS" "c:\program files\fs\spyro portal\flashportal.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Aavmker4" "avast! Asynchronous Virus Monitor" "AVAST Software" "c:\windows\system32\drivers\aavmker4.sys"
+ "ABIT-IO" "" "" "c:\program files\u-abit\abiteq\abit-io.sys"
+ "AmdK8" "AMD Processor Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdk8.sys"
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMon2" "avast! File System Filter Driver for Windows XP" "AVAST Software" "c:\windows\system32\drivers\aswmon2.sys"
+ "aswRdr" "avast! TDI Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "catchme" "" "" "File not found: C:\DOCUME~1\Family\LOCALS~1\Temp\catchme.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "InCDPass" "Ahead RW Filter Driver" "Nero AG" "c:\windows\system32\drivers\incdpass.sys"
+ "incdrm" "Nero MRW Filter Driver" "Nero AG" "c:\windows\system32\drivers\incdrm.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkhdaud.sys"
+ "Lbd" "Ad-Aware mini-filter driver" "" "File not found: system32\DRIVERS\Lbd.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "nv" "NVIDIA Compatible Windows 2000 Miniport Driver, Version 178.13 " "NVIDIA Corporation" "c:\windows\system32\drivers\nv4_mini.sys"
+ "NVENETFD" "NVIDIA Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvenetfd.sys"
+ "nvnetbus" "NVIDIA Networking Bus Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvnetbus.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PCTAppEvent" "PC Tools App Monitor Driver" "PC Tools" "c:\windows\system32\drivers\pctappevent.sys"
+ "PCTCore" "PC Tools KDS Core Driver" "PC Tools" "c:\windows\system32\drivers\pctcore.sys"
+ "PCTFW-DNS" "PC Tools NDIS - DNS" "PC Tools" "c:\windows\system32\drivers\pctndis-dns.sys"
+ "PCTFW-PacketFilter" "PC Tools NDIS - Packet Filter" "PC Tools" "c:\windows\system32\drivers\pctndis-packetfilter.sys"
+ "pctgntdi" "PC Tools Generic TDI Driver" "PC Tools" "c:\windows\system32\drivers\pctgntdi.sys"
+ "pctNDIS" "PC Tools NDIS Driver" "PC Tools" "c:\windows\system32\drivers\pctndis.sys"
+ "pctplfw" "PC Tools FW Plugin Driver" "PC Tools" "c:\windows\system32\drivers\pctplfw.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "pelmouse" "Mouse Suite Driver (For Windows 2000 and Whistler Only)" "Primax Electronics Ltd." "c:\windows\system32\drivers\pelmouse.sys"
+ "pelusblf" "USB Mouse Low Filter Driver(Win2000 only)" "Primax Electronics Ltd." "c:\windows\system32\drivers\pelusblf.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "swmsflt" "Sierra Wireless Filter Driver" "" "c:\windows\system32\drivers\swmsflt.sys"
+ "SWMX00" "" "" "File not found: system32\DRIVERS\swmx00.sys"
+ "SWNC5E00" "" "" "File not found: system32\DRIVERS\SWNC5E00.sys"
+ "SWUMX20" "" "" "File not found: system32\DRIVERS\swumx20.sys"
+ "VClone" "VirtualCloneCD Driver" "Elaborate Bytes AG" "c:\windows\system32\drivers\vclone.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3filter" "" "" "c:\windows\system32\ac3filter.acm"
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.ffds" "" "" "c:\windows\system32\ff_vfw.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "vidc.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "AC3Filter" "ac3filter" "" "c:\program files\ac3filter\ac3filter.ax"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\combined community codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\combined community codec pack\filters\vsfilter.dll"
+ "DV Scenes" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero 7\nero vision\nvdv.dll"
+ "DV Source Filter" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero 7\nero vision\nvdv.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\haali\matroskasplitter\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "HighMAT and MPV Navigator Filter" "MPV Playback Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "HighMAT/MPV Navigation Client Filter" "MPV Playback Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "Indeo Video ® 5.1 Progressive Download Source" "Intel Indeo® video IVF Source Filter 5.10" "Intel Corporation" "c:\windows\system32\ivfsrc.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "Gabest" "c:\program files\combined community codec pack\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "Gabest" "c:\program files\combined community codec pack\filters\flvsplitter.ax"
+ "MPC - MPEG-2 Video Decoder (Gabest)" "MPEG-2 Decoder Filter for DirectShow" "Gabest" "c:\program files\combined community codec pack\filters\mpeg2decfilter.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "MPEG-2 PSI Reader Filter" "Mpeg2PsiReader" "Nero AG" "c:\program files\common files\ahead\dsfilter\mpeg2psireader.ax"
+ "MPEG-2 Stream Reader Filter" "Mpeg2StreamReader" "Nero AG" "c:\program files\common files\ahead\dsfilter\mpeg2streamreader.ax"
+ "NeAudio2" "Nero Audio Decoder 2" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudio2.ax"
+ "Nero Audible Decoder" "Nero Audible Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudible.ax"
+ "Nero Audio CD Filter" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio CD Navigator" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero AV Synchronizer" "Audio/Video Synchronizer" "Nero AG" "c:\program files\common files\ahead\dsfilter\neavsync.ax"
+ "Nero Deinterlace" "Deinterlacing Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedeinterlace.ax"
+ "Nero Digital AVC Audio Encoder" "AAC LC/HE Audio Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendaud.ax"
+ "Nero Digital AVC File Writer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Muxer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Null Renderer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Subpicture Enc" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Video Enc" "MPEG4 and H.264 (AVC) Video Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendvid.ax"
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero DV Splitter" "DV Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedvsplitter.ax"
+ "Nero DVD Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero DVD Navigator" "DVD Navigator Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedvd.ax"
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero File Source" "Nero SVCD source filter" "Nero AG " "c:\program files\common files\ahead\dsfilter\nefilesrc.ax"
+ "Nero File Source (Async.)" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefilesourceasync.ax"
+ "Nero File Source / Splitter" "Push Mode VOB Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefsource.ax"
+ "Nero FLV Splitter" "Nero FLV Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neflvsplitter.ax"
+ "Nero Format Converter" "Frame rate / Color space converter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neroformatconv.ax"
+ "Nero Frame Capture" "Direct Show frame grabber filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\necapture.ax"
+ "Nero FTC" "Frame Time Corrector Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neftc.ax"
+ "Nero InteractiveGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero MP3 Encoder" "MP3 Encoding Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nemp3encoder.ax"
+ "Nero MP4 Splitter" "MP4 Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nemp4splitter.ax"
+ "Nero Mpeg2 Encoder" "MPEG 1/2 encoder filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcr.ax"
+ "Nero Ogg Splitter" "Ogg Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neoggsplitter.ax"
+ "Nero Overlay Mixer" "Overlay Mixer Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neoverlaymixer.ax"
+ "Nero Photo Source" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nephotosource.ax"
+ "Nero PresentationGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero PS Muxer" "" "" "c:\program files\common files\ahead\dsfilter\nepsmuxer.ax"
+ "Nero QuickTime™ Audio Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero Resize" "Resizing Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neresize.ax"
+ "Nero Sample Queue" "Sample Queue Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesamplequeue.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Smart3D Text Effect Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero Smart3D Transition Effect Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero Smart3D Video Effect Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero Sound Processor" "Nero Sound Processor" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesoundproc.ax"
+ "Nero Splitter" "Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesplitter.ax"
+ "Nero Stream Buffer Sink" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Buffer Source" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Control" "Transport Stream Controller Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nestreamcontrol.ax"
+ "Nero Subpicture Decoder" "Nero Subpicture Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesubpicture.ax"
+ "Nero Subtitle" "Subtitle Mixer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesubtitle.ax"
+ "Nero Thumbnail Decoder" "Thumbnail Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdthumbnail.ax"
+ "Nero Vcd Navigator" "Nero Vcd Navigator Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcd.ax"
+ "Nero Video Analyzer" "Nero Video Analyzer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideoanalyzer.ax"
+ "Nero Video Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero Video Decoder HD" "Nero HD Video Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideohd.ax"
+ "Nero Video Processor" "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerovideoproc.ax"
+ "Nero Video Renderer" "Nero Video Renderer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideorenderer.ax"
+ "Nero Video Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "NeSoundSwitch" "Nero Sound Switcher" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesoundswitch.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotBoundaryDet" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files\combined community codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files\combined community codec pack\filters\wavpackdssplitter.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "Windows Media Pad VU Data Grabber" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor iP1800 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm8o.dll"
+ "HPZLNT09" "" "HP" "c:\windows\system32\hpzlnt09.dll"
 

 

Well, that's all of them. Hope this helps. Good night.


Edited by TheLadyIsMad, 27 February 2013 - 12:47 AM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 AM

Posted 27 February 2013 - 03:35 AM

There is nothing malicious with dds.scr.It is false positive.Ofcourse winpatrol would give a pop up when a software makes changes.

 

What is error code you receive during the update?



#7 TheLadyIsMad

TheLadyIsMad
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 27 February 2013 - 10:24 AM

If you mean the windows security update, it's this:

 

Some updates could not be installed


 

The following updates were not installed:
Security Update for Micosoft.NET Framework 3.5 P1 on Windows XP Server 2003, Vista, Server 2008 x86 (KB2736416)

 

 

I tried to check about the item I accepted that suddenly closed WinPatrol but I could not find it. I also tried to install that update several times, failing each time, so that the Error report would pop up, but strangely enough it didn't.



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 AM

Posted 27 February 2013 - 10:34 AM

Download .NET repair tool from here

 

http://download.microsoft.com/download/2/B/D/2BDE5459-2225-48B8-830C-AE19CAF038F1/NetFxRepairTool.exe

 

Run it,restart the PC and try to update again.



#9 TheLadyIsMad

TheLadyIsMad
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 27 February 2013 - 11:32 AM

It updated successfully! Thank you for everything!! Is there anything else I should do?



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 AM

Posted 27 February 2013 - 11:33 AM

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

 



#11 TheLadyIsMad

TheLadyIsMad
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 27 February 2013 - 12:04 PM

Thank you once again!



#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 AM

Posted 27 February 2013 - 12:08 PM

:welcome:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users