Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System might be infected with TDSS/Google Redirect virus, Help?


  • Please log in to reply
9 replies to this topic

#1 jitomate

jitomate

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 08 March 2013 - 07:46 PM

Hey guys, I'm new here and I think I may have some computer problem(s). My computer has not been acting up lately but it has been redirecting me to different sites when I click a link in a search. I think it's the TDSS virus but I ran TDSSKiller with no threats under the name TDSS ...yet I'm still being directed? I have AVG, SUPERAntiSpyware, and TDSSKiller installed. Help me?


Edited by hamluis, 08 March 2013 - 07:49 PM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:46 PM

Posted 08 March 2013 - 07:50 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg

  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 jitomate

jitomate
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 08 March 2013 - 08:33 PM

Here's the TDSSKiller log

 

16:56:05.0921 2804  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:56:07.0921 2804  ============================================================
16:56:07.0921 2804  Current date / time: 2013/03/08 16:56:07.0921
16:56:07.0921 2804  SystemInfo:
16:56:07.0921 2804  
16:56:07.0921 2804  OS Version: 5.1.2600 ServicePack: 3.0
16:56:07.0921 2804  Product type: Workstation
16:56:07.0921 2804  ComputerName: MEGAN
16:56:07.0921 2804  UserName: Administrator
16:56:07.0921 2804  Windows directory: C:\WINDOWS
16:56:07.0921 2804  System windows directory: C:\WINDOWS
16:56:07.0921 2804  Processor architecture: Intel x86
16:56:07.0921 2804  Number of processors: 2
16:56:07.0921 2804  Page size: 0x1000
16:56:07.0921 2804  Boot type: Normal boot
16:56:07.0921 2804  ============================================================
16:56:13.0578 2804  BG loaded
16:56:14.0234 2804  Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1E49, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
16:56:14.0453 2804  ============================================================
16:56:14.0453 2804  \Device\Harddisk0\DR0:
16:56:14.0515 2804  MBR partitions:
16:56:14.0515 2804  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6535F71
16:56:14.0515 2804  \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x6535FEF, BlocksNum 0xA957A1
16:56:14.0515 2804  ============================================================
16:56:14.0734 2804  C: <-> \Device\Harddisk0\DR0\Partition1
16:56:14.0843 2804  D: <-> \Device\Harddisk0\DR0\Partition2
16:56:14.0984 2804  ============================================================
16:56:14.0984 2804  Initialize success
16:56:15.0000 2804  ============================================================
16:56:23.0625 4020  ============================================================
16:56:23.0625 4020  Scan started
16:56:23.0625 4020  Mode: Manual; TDLFS;
16:56:23.0625 4020  ============================================================
16:56:27.0187 4020  ================ Scan system memory ========================
16:56:27.0187 4020  System memory - ok
16:56:27.0187 4020  ================ Scan services =============================
16:56:29.0171 4020  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
16:56:29.0453 4020  !SASCORE - ok
16:56:32.0468 4020  Abiosdsk - ok
16:56:32.0484 4020  abp480n5 - ok
16:56:33.0203 4020  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:56:33.0406 4020  ACPI - ok
16:56:33.0421 4020  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
16:56:33.0656 4020  ACPIEC - ok
16:56:33.0875 4020  [ 761D5BBDB6A5867C9F8EBBB545AF7B34 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
16:56:33.0875 4020  ADIHdAudAddService - ok
16:56:34.0203 4020  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:56:34.0437 4020  AdobeFlashPlayerUpdateSvc - ok
16:56:34.0453 4020  adpu160m - ok
16:56:34.0781 4020  [ C984DE22ED71414ABC42C1E03D412E33 ] AEAudioService  C:\WINDOWS\system32\drivers\AEAudio.sys
16:56:34.0781 4020  AEAudioService - ok
16:56:34.0828 4020  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
16:56:34.0843 4020  aec - ok
16:56:34.0906 4020  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
16:56:34.0921 4020  AFD - ok
16:56:34.0968 4020  [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K           C:\WINDOWS\system32\drivers\AFS2K.sys
16:56:34.0968 4020  AFS2K - ok
16:56:40.0859 4020  [ 9C7B1314D5E1212BD3D654177C06E24D ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
16:56:41.0656 4020  AgereSoftModem - ok
16:56:41.0656 4020  Aha154x - ok
16:56:41.0671 4020  aic78u2 - ok
16:56:41.0687 4020  aic78xx - ok
16:56:42.0828 4020  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
16:56:43.0093 4020  Alerter - ok
16:56:59.0984 4020  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
16:56:59.0984 4020  ALG - ok
16:57:05.0390 4020  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
16:57:05.0406 4020  AliIde - ok
16:57:05.0421 4020  amsint - ok
16:57:13.0250 4020  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
16:57:13.0453 4020  AppMgmt - ok
16:57:14.0500 4020  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:57:14.0531 4020  Arp1394 - ok
16:57:14.0531 4020  asc - ok
16:57:14.0546 4020  asc3350p - ok
16:57:14.0546 4020  asc3550 - ok
16:57:22.0890 4020  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:57:23.0109 4020  aspnet_state - ok
16:57:23.0234 4020  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:57:23.0250 4020  AsyncMac - ok
16:57:23.0281 4020  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
16:57:23.0281 4020  atapi - ok
16:57:23.0296 4020  Atdisk - ok
16:57:23.0359 4020  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:57:23.0375 4020  Atmarpc - ok
16:57:23.0468 4020  [ 002ECB6F1197A7754CC87F2073F41841 ] ATSWPDRV        C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys
16:57:23.0515 4020  ATSWPDRV - ok
16:57:23.0640 4020  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
16:57:23.0687 4020  AudioSrv - ok
16:57:23.0750 4020  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
16:57:23.0750 4020  audstub - ok
16:57:27.0531 4020  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
16:57:31.0187 4020  AVGIDSAgent - ok
16:57:31.0390 4020  [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
16:57:31.0421 4020  AVGIDSDriver - ok
16:57:31.0437 4020  [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
16:57:31.0468 4020  AVGIDSHX - ok
16:57:31.0500 4020  [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
16:57:31.0500 4020  AVGIDSShim - ok
16:57:31.0671 4020  [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
16:57:31.0703 4020  Avgldx86 - ok
16:57:32.0281 4020  [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys
16:57:32.0359 4020  Avglogx - ok
16:57:32.0421 4020  [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
16:57:32.0453 4020  Avgmfx86 - ok
16:57:32.0687 4020  [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
16:57:32.0703 4020  Avgrkx86 - ok
16:57:32.0859 4020  [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
16:57:32.0890 4020  Avgtdix - ok
16:57:33.0312 4020  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
16:57:33.0343 4020  avgwd - ok
16:57:33.0484 4020  [ C0ACD392ECE55784884CC208AAFA06CE ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
16:57:33.0500 4020  b57w2k - ok
16:57:33.0546 4020  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:57:33.0546 4020  Beep - ok
16:57:33.0687 4020  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
16:57:33.0812 4020  BITS - ok
16:57:33.0906 4020  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
16:57:33.0906 4020  Browser - ok
16:57:33.0968 4020  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
16:57:34.0015 4020  cbidf2k - ok
16:57:34.0031 4020  cd20xrnt - ok
16:57:34.0062 4020  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
16:57:34.0078 4020  Cdaudio - ok
16:57:34.0140 4020  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
16:57:34.0171 4020  Cdfs - ok
16:57:34.0218 4020  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:57:34.0234 4020  Cdrom - ok
16:57:34.0234 4020  Changer - ok
16:57:34.0468 4020  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
16:57:34.0546 4020  CiSvc - ok
16:57:34.0640 4020  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
16:57:34.0656 4020  ClipSrv - ok
16:57:35.0015 4020  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:57:36.0218 4020  clr_optimization_v2.0.50727_32 - ok
16:57:36.0937 4020  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:57:37.0515 4020  clr_optimization_v4.0.30319_32 - ok
16:57:37.0562 4020  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
16:57:37.0562 4020  CmBatt - ok
16:57:37.0578 4020  CmdIde - ok
16:57:37.0656 4020  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:57:37.0671 4020  Compbatt - ok
16:57:37.0687 4020  COMSysApp - ok
16:57:37.0734 4020  Cpqarray - ok
16:57:37.0796 4020  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
16:57:37.0796 4020  CryptSvc - ok
16:57:37.0812 4020  dac2w2k - ok
16:57:37.0812 4020  dac960nt - ok
16:57:37.0968 4020  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:57:38.0000 4020  DcomLaunch - ok
16:57:38.0078 4020  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
16:57:38.0093 4020  Dhcp - ok
16:57:38.0187 4020  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
16:57:38.0218 4020  Disk - ok
16:57:38.0421 4020  [ F4DCC4DF6B27EE4E3D08258ECDDECB1F ] DLAPoolM        C:\WINDOWS\system32\DLA\DLAPoolM.SYS
16:57:38.0421 4020  DLAPoolM - ok
16:57:38.0453 4020  [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N        C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
16:57:38.0468 4020  DLARTL_N - ok
16:57:38.0515 4020  [ BDE11A8C697C5E22AEDF34CA3FDB5940 ] DLAUDFAM        C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
16:57:38.0531 4020  DLAUDFAM - ok
16:57:38.0562 4020  [ 069D67EED1CEC572DC28CB5582B5AA96 ] DLAUDF_M        C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
16:57:38.0578 4020  DLAUDF_M - ok
16:57:38.0578 4020  dmadmin - ok
16:57:39.0046 4020  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
16:57:39.0546 4020  dmboot - ok
16:57:39.0953 4020  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
16:57:40.0015 4020  dmio - ok
16:57:40.0234 4020  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
16:57:40.0265 4020  dmload - ok
16:57:40.0562 4020  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
16:57:40.0562 4020  dmserver - ok
16:57:40.0750 4020  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
16:57:40.0765 4020  DMusic - ok
16:57:40.0812 4020  [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:57:40.0828 4020  Dnscache - ok
16:57:44.0453 4020  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
16:57:44.0500 4020  Dot3svc - ok
16:57:44.0515 4020  dpti2o - ok
16:57:44.0593 4020  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
16:57:44.0625 4020  drmkaud - ok
16:57:44.0656 4020  [ FE923D5529144D47B907663D2838C032 ] DRVMCDB         C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
16:57:44.0671 4020  DRVMCDB - ok
16:57:44.0750 4020  [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM         C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
16:57:44.0750 4020  DRVNDDM - ok
16:57:44.0828 4020  [ B5CB3084046146FD2587D8C9B219FEB4 ] eabfiltr        C:\WINDOWS\system32\DRIVERS\eabfiltr.sys
16:57:44.0828 4020  eabfiltr - ok
16:57:44.0875 4020  [ 231F4547AE1E4B3E60ECA66C3A96D218 ] eabusb          C:\WINDOWS\system32\DRIVERS\eabusb.sys
16:57:44.0921 4020  eabusb - ok
16:57:45.0046 4020  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
16:57:45.0046 4020  EapHost - ok
16:57:45.0109 4020  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
16:57:45.0109 4020  ERSvc - ok
16:57:45.0187 4020  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
16:57:45.0203 4020  Eventlog - ok
16:57:45.0281 4020  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
16:57:45.0453 4020  EventSystem - ok
16:57:45.0687 4020  [ 56DED3ADE453272E6A0AD582D945D1A4 ] EvtEng          C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
16:57:45.0687 4020  EvtEng - ok
16:57:45.0734 4020  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
16:57:45.0750 4020  Fastfat - ok
16:57:45.0812 4020  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:57:45.0828 4020  FastUserSwitchingCompatibility - ok
16:57:45.0906 4020  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
16:57:45.0906 4020  Fdc - ok
16:57:45.0953 4020  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
16:57:45.0968 4020  Fips - ok
16:57:46.0093 4020  [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:57:46.0156 4020  FLEXnet Licensing Service - ok
16:57:46.0187 4020  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:57:46.0187 4020  Flpydisk - ok
16:57:46.0234 4020  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:57:46.0234 4020  FltMgr - ok
16:57:46.0328 4020  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:57:46.0343 4020  FontCache3.0.0.0 - ok
16:57:46.0375 4020  [ 455F778EE14368468560BD7CB8C854D0 ] FsVga           C:\WINDOWS\system32\DRIVERS\fsvga.sys
16:57:46.0375 4020  FsVga - ok
16:57:46.0421 4020  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:57:46.0421 4020  Fs_Rec - ok
16:57:46.0437 4020  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:57:46.0453 4020  Ftdisk - ok
16:57:46.0515 4020  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:57:46.0531 4020  Gpc - ok
16:57:46.0625 4020  [ 43C810F58B5C796F63D68EA91C1C98F2 ] GTIPCI21        C:\WINDOWS\system32\DRIVERS\gtipci21.sys
16:57:46.0656 4020  GTIPCI21 - ok
16:57:46.0781 4020  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
16:57:46.0796 4020  gupdate - ok
16:57:46.0812 4020  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
16:57:46.0812 4020  gupdatem - ok
16:57:46.0843 4020  [ 4D4D97671C63C3AF869B3518E6054204 ] HBtnKey         C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
16:57:46.0843 4020  HBtnKey - ok
16:57:46.0937 4020  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:57:46.0937 4020  HDAudBus - ok
16:57:47.0062 4020  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:57:47.0078 4020  helpsvc - ok
16:57:47.0078 4020  HidServ - ok
16:57:47.0140 4020  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:57:47.0156 4020  HidUsb - ok
16:57:47.0328 4020  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
16:57:47.0390 4020  hkmsvc - ok
16:57:47.0406 4020  hpn - ok
16:57:47.0578 4020  [ 04C1DCBB226C6AE647B794833CE3CEB6 ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
16:57:47.0578 4020  hpqwmiex - ok
16:57:47.0625 4020  [ 863CC3A82C63C9F60ACF2E85D5310620 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
16:57:47.0671 4020  HPZid412 - ok
16:57:47.0750 4020  [ 08CB72E95DD75B61F2966B311D0E4366 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
16:57:47.0750 4020  HPZipr12 - ok
16:57:48.0046 4020  [ CA990306ED4EF732AF9695BFF24FC96F ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
16:57:48.0062 4020  HPZius12 - ok
16:57:48.0125 4020  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
16:57:48.0125 4020  HTTP - ok
16:57:48.0218 4020  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
16:57:48.0250 4020  HTTPFilter - ok
16:57:48.0250 4020  i2omgmt - ok
16:57:48.0265 4020  i2omp - ok
16:57:48.0312 4020  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:57:48.0328 4020  i8042prt - ok
16:57:48.0609 4020  [ 0F0194C4B635C10C3F785E4FEE52D641 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
16:57:49.0375 4020  ialm - ok
16:57:49.0531 4020  [ 309C4D86D989FB1FCF64BD30DC81C51B ] iaStor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
16:57:49.0593 4020  iaStor - ok
16:57:49.0734 4020  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:57:49.0890 4020  IDriverT - ok
16:57:50.0062 4020  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:57:50.0484 4020  idsvc - ok
16:57:50.0546 4020  [ 1988575194189863932F73B43D9A0AD9 ] IFXSpMgtSrv     C:\WINDOWS\system32\IFXSPMGT.exe
16:57:50.0562 4020  IFXSpMgtSrv - ok
16:57:50.0734 4020  [ 67C2F969E5CC2E000A540D292B340B7C ] IFXTCS          C:\WINDOWS\system32\IFXTCS.exe
16:57:50.0843 4020  IFXTCS - ok
16:57:51.0000 4020  [ 0A359837E021BC04A04A6FD189492C65 ] IFXTPM          C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
16:57:51.0015 4020  IFXTPM - ok
16:57:51.0281 4020  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
16:57:51.0296 4020  Imapi - ok
16:57:51.0421 4020  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
16:57:51.0500 4020  ImapiService - ok
16:57:51.0500 4020  ini910u - ok
16:57:51.0578 4020  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
16:57:51.0593 4020  IntelIde - ok
16:57:51.0875 4020  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:57:51.0890 4020  intelppm - ok
16:57:51.0984 4020  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
16:57:52.0015 4020  Ip6Fw - ok
16:57:52.0140 4020  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:57:52.0140 4020  IpFilterDriver - ok
16:57:52.0203 4020  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:57:52.0234 4020  IpInIp - ok
16:57:52.0390 4020  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:57:52.0453 4020  IpNat - ok
16:57:52.0500 4020  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:57:52.0515 4020  IPSec - ok
16:57:52.0671 4020  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
16:57:52.0750 4020  IRENUM - ok
16:57:52.0812 4020  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:57:52.0843 4020  isapnp - ok
16:57:52.0875 4020  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:57:52.0890 4020  Kbdclass - ok
16:57:53.0000 4020  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:57:53.0015 4020  kbdhid - ok
16:57:53.0046 4020  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
16:57:53.0078 4020  kmixer - ok
16:57:53.0265 4020  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
16:57:53.0296 4020  KSecDD - ok
16:57:53.0468 4020  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
16:57:53.0500 4020  lanmanserver - ok
16:57:53.0593 4020  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:57:53.0671 4020  lanmanworkstation - ok
16:57:53.0687 4020  lbrtfdc - ok
16:57:53.0843 4020  [ 9696786759C4B43FA5C894747E893EA2 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
16:57:53.0906 4020  LightScribeService - ok
16:57:54.0390 4020  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
16:57:54.0437 4020  LmHosts - ok
16:57:54.0531 4020  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
16:57:54.0593 4020  Messenger - ok
16:57:54.0781 4020  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
16:57:54.0812 4020  mnmdd - ok
16:57:54.0859 4020  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
16:57:54.0906 4020  mnmsrvc - ok
16:57:55.0031 4020  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
16:57:55.0062 4020  Modem - ok
16:57:55.0109 4020  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:57:55.0125 4020  Mouclass - ok
16:57:55.0218 4020  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:57:55.0234 4020  mouhid - ok
16:57:55.0265 4020  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
16:57:55.0281 4020  MountMgr - ok
16:57:55.0609 4020  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:57:55.0734 4020  MozillaMaintenance - ok
16:57:55.0859 4020  [ EEE50BF24CAEEDB515A8F3B22756D3BB ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
16:57:55.0875 4020  MQAC - ok
16:57:55.0890 4020  mraid35x - ok
16:57:55.0984 4020  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:57:56.0062 4020  MRxDAV - ok
16:57:56.0375 4020  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:57:56.0468 4020  MRxSmb - ok
16:57:56.0593 4020  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
16:57:56.0640 4020  MSDTC - ok
16:57:56.0687 4020  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:57:56.0750 4020  Msfs - ok
16:57:56.0750 4020  MSIServer - ok
16:57:57.0703 4020  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:57:57.0734 4020  MSKSSRV - ok
16:57:58.0078 4020  [ E9B5F354AE80325283FD5C1C05217B01 ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
16:57:58.0109 4020  MSMQ - ok
16:57:58.0875 4020  [ 10E6B9022B0A5C9C41E2DA6AEAE5D404 ] MSMQTriggers    C:\WINDOWS\system32\mqtgsvc.exe
16:57:58.0906 4020  MSMQTriggers - ok
16:57:59.0515 4020  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:57:59.0562 4020  MSPCLOCK - ok
16:58:00.0250 4020  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
16:58:00.0328 4020  MSPQM - ok
16:58:00.0578 4020  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:58:00.0578 4020  mssmbios - ok
16:58:00.0765 4020  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
16:58:00.0859 4020  Mup - ok
16:58:01.0250 4020  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
16:58:01.0484 4020  napagent - ok
16:58:01.0750 4020  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
16:58:01.0906 4020  NDIS - ok
16:58:01.0968 4020  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:58:02.0031 4020  NdisTapi - ok
16:58:02.0046 4020  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:58:02.0062 4020  Ndisuio - ok
16:58:02.0218 4020  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:58:02.0296 4020  NdisWan - ok
16:58:02.0437 4020  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
16:58:02.0468 4020  NDProxy - ok
16:58:02.0531 4020  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
16:58:02.0562 4020  NetBIOS - ok
16:58:02.0687 4020  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
16:58:02.0765 4020  NetBT - ok
16:58:03.0609 4020  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
16:58:03.0656 4020  NetDDE - ok
16:58:03.0703 4020  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
16:58:03.0703 4020  NetDDEdsdm - ok
16:58:03.0859 4020  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:58:03.0859 4020  Netlogon - ok
16:58:04.0375 4020  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
16:58:04.0468 4020  Netman - ok
16:58:04.0656 4020  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:58:04.0750 4020  NetTcpPortSharing - ok
16:58:04.0781 4020  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:58:04.0812 4020  NIC1394 - ok
16:58:05.0109 4020  [ 832E4DD8964AB7ACC880B2837CB1ED20 ] Nla             C:\WINDOWS\System32\mswsock.dll
16:58:05.0250 4020  Nla - ok
16:58:05.0656 4020  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:58:05.0687 4020  Npfs - ok
16:58:06.0640 4020  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
16:58:06.0812 4020  Ntfs - ok
16:58:06.0906 4020  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
16:58:06.0921 4020  NtLmSsp - ok
16:58:07.0453 4020  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
16:58:07.0609 4020  NtmsSvc - ok
16:58:07.0718 4020  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:58:07.0750 4020  Null - ok
16:58:08.0250 4020  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:58:08.0265 4020  NwlnkFlt - ok
16:58:08.0328 4020  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:58:08.0343 4020  NwlnkFwd - ok
16:58:08.0484 4020  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:58:08.0531 4020  ohci1394 - ok
16:58:08.0718 4020  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
16:58:08.0734 4020  Parport - ok
16:58:08.0796 4020  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
16:58:08.0812 4020  PartMgr - ok
16:58:08.0906 4020  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
16:58:09.0109 4020  ParVdm - ok
16:58:09.0343 4020  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
16:58:09.0390 4020  PCI - ok
16:58:09.0390 4020  PCIDump - ok
16:58:09.0500 4020  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
16:58:09.0531 4020  PCIIde - ok
16:58:09.0546 4020  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
16:58:09.0562 4020  Pcmcia - ok
16:58:09.0578 4020  PDCOMP - ok
16:58:09.0593 4020  PDFRAME - ok
16:58:09.0593 4020  PDRELI - ok
16:58:09.0609 4020  PDRFRAME - ok
16:58:09.0609 4020  perc2 - ok
16:58:09.0625 4020  perc2hib - ok
16:58:09.0734 4020  [ E1653A632F878E353399B96F2CEF6570 ] PersonalSecureDrive C:\WINDOWS\System32\drivers\psd.sys
16:58:09.0765 4020  PersonalSecureDrive - ok
16:58:10.0109 4020  [ 2705BD86D5A1FA46755BCC48C5BE0F18 ] PersonalSecureDriveService C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
16:58:10.0125 4020  PersonalSecureDriveService - ok
16:58:10.0281 4020  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
16:58:10.0296 4020  PlugPlay - ok
16:58:10.0468 4020  [ FB03F341FF5380394BF2EE52F1979925 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
16:58:10.0515 4020  Pml Driver HPZ12 - ok
16:58:10.0703 4020  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
16:58:10.0703 4020  PolicyAgent - ok
16:58:10.0937 4020  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:58:10.0968 4020  PptpMiniport - ok
16:58:11.0093 4020  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:58:11.0093 4020  ProtectedStorage - ok
16:58:11.0187 4020  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
16:58:11.0203 4020  PSched - ok
16:58:11.0328 4020  [ 32C8A8C670DD3108F2F9760D96293136 ] PTHSBUS         C:\WINDOWS\system32\DRIVERS\PTHSBUS.sys
16:58:11.0390 4020  PTHSBUS - ok
16:58:11.0484 4020  [ 568F9835C6BF8B71D0CBEB9D01638432 ] PTHSMDM         C:\WINDOWS\system32\DRIVERS\PTHSMDM.sys
16:58:11.0515 4020  PTHSMDM - ok
16:58:11.0546 4020  [ 1E5E47F5AF8E92A813DAA0588C3290B3 ] PTHSVSP         C:\WINDOWS\system32\DRIVERS\PTHSVSP.sys
16:58:11.0609 4020  PTHSVSP - ok
16:58:11.0656 4020  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:58:11.0671 4020  Ptilink - ok
16:58:11.0687 4020  ql1080 - ok
16:58:11.0687 4020  Ql10wnt - ok
16:58:11.0703 4020  ql12160 - ok
16:58:11.0703 4020  ql1240 - ok
16:58:11.0718 4020  ql1280 - ok
16:58:11.0750 4020  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:58:11.0750 4020  RasAcd - ok
16:58:11.0812 4020  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
16:58:11.0828 4020  RasAuto - ok
16:58:11.0859 4020  [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda         C:\WINDOWS\system32\DRIVERS\rasirda.sys
16:58:11.0875 4020  Rasirda - ok
16:58:11.0921 4020  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:58:11.0968 4020  Rasl2tp - ok
16:58:12.0109 4020  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:58:12.0109 4020  RasMan - ok
16:58:12.0140 4020  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:58:12.0187 4020  RasPppoe - ok
16:58:12.0343 4020  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
16:58:12.0375 4020  Raspti - ok
16:58:12.0453 4020  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:58:12.0531 4020  Rdbss - ok
16:58:12.0609 4020  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:58:12.0609 4020  RDPCDD - ok
16:58:12.0687 4020  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:58:12.0734 4020  rdpdr - ok
16:58:12.0828 4020  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
16:58:12.0828 4020  RDPWD - ok
16:58:12.0937 4020  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
16:58:12.0953 4020  RDSessMgr - ok
16:58:13.0015 4020  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
16:58:13.0046 4020  redbook - ok
16:58:13.0140 4020  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:58:13.0171 4020  RemoteAccess - ok
16:58:13.0218 4020  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
16:58:13.0250 4020  RemoteRegistry - ok
16:58:13.0296 4020  [ 96F7A9A7BF0C9C0440A967440065D33C ] RMCAST          C:\WINDOWS\system32\drivers\RMCast.sys
16:58:13.0328 4020  RMCAST - ok
16:58:13.0359 4020  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
16:58:13.0375 4020  RpcLocator - ok
16:58:13.0484 4020  [ 6684437F3628EF237C354F77D33426D1 ] rpcnet          C:\WINDOWS\system32\rpcnet.exe
16:58:13.0500 4020  rpcnet - ok
16:58:13.0593 4020  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
16:58:13.0609 4020  RpcSs - ok
16:58:13.0671 4020  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
16:58:13.0703 4020  RSVP - ok
16:58:13.0734 4020  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
16:58:13.0734 4020  SamSs - ok
16:58:13.0781 4020  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
16:58:13.0796 4020  SASDIFSV - ok
16:58:13.0812 4020  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
16:58:13.0843 4020  SASKUTIL - ok
16:58:14.0218 4020  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
16:58:14.0250 4020  SCardSvr - ok
16:58:14.0375 4020  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:58:14.0406 4020  Schedule - ok
16:58:14.0531 4020  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
16:58:14.0562 4020  sdbus - ok
16:58:14.0609 4020  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:58:14.0640 4020  Secdrv - ok
16:58:14.0703 4020  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
16:58:14.0718 4020  seclogon - ok
16:58:14.0750 4020  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
16:58:14.0781 4020  SENS - ok
16:58:14.0843 4020  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
16:58:14.0859 4020  serenum - ok
16:58:15.0546 4020  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
16:58:15.0562 4020  Serial - ok
16:58:15.0609 4020  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
16:58:15.0625 4020  Sfloppy - ok
16:58:15.0828 4020  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:58:15.0859 4020  SharedAccess - ok
16:58:15.0875 4020  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:58:15.0890 4020  ShellHWDetection - ok
16:58:15.0890 4020  Simbad - ok
16:58:16.0000 4020  [ 707647A1AA0EDB6CBEF61B0C75C28ED3 ] SMCIRDA         C:\WINDOWS\system32\DRIVERS\smcirda.sys
16:58:16.0015 4020  SMCIRDA - ok
16:58:16.0031 4020  Sparrow - ok
16:58:16.0062 4020  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
16:58:16.0093 4020  splitter - ok
16:58:16.0156 4020  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
16:58:16.0156 4020  Spooler - ok
16:58:16.0218 4020  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
16:58:16.0250 4020  sr - ok
16:58:16.0359 4020  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
16:58:16.0375 4020  srservice - ok
16:58:16.0593 4020  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
16:58:16.0703 4020  Srv - ok
16:58:16.0734 4020  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
16:58:16.0750 4020  SSDPSRV - ok
16:58:16.0812 4020  [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
16:58:16.0828 4020  StillCam - ok
16:58:16.0984 4020  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
16:58:17.0062 4020  stisvc - ok
16:58:17.0109 4020  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
16:58:17.0140 4020  swenum - ok
16:58:17.0171 4020  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
16:58:17.0187 4020  swmidi - ok
16:58:17.0187 4020  SwPrv - ok
16:58:17.0203 4020  symc810 - ok
16:58:17.0218 4020  symc8xx - ok
16:58:17.0234 4020  sym_hi - ok
16:58:17.0250 4020  sym_u3 - ok
16:58:17.0343 4020  [ C9A1785CC0D7A040DD0FDBFEAA8BE135 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:58:17.0359 4020  SynTP - ok
16:58:17.0421 4020  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
16:58:17.0453 4020  sysaudio - ok
16:58:17.0515 4020  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
16:58:17.0546 4020  SysmonLog - ok
16:58:17.0609 4020  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
16:58:17.0687 4020  TapiSrv - ok
16:58:17.0812 4020  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:58:17.0843 4020  Tcpip - ok
16:58:17.0890 4020  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
16:58:17.0906 4020  TDPIPE - ok
16:58:17.0937 4020  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
16:58:17.0953 4020  TDTCP - ok
16:58:18.0000 4020  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
16:58:18.0031 4020  TermDD - ok
16:58:18.0156 4020  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
16:58:18.0218 4020  TermService - ok
16:58:18.0250 4020  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
16:58:18.0250 4020  Themes - ok
16:58:18.0343 4020  [ 244CFBFFDEFB77F3DF571A8CD108FC06 ] tifm21          C:\WINDOWS\system32\drivers\tifm21.sys
16:58:18.0375 4020  tifm21 - ok
16:58:18.0484 4020  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
16:58:18.0531 4020  TlntSvr - ok
16:58:18.0546 4020  TosIde - ok
16:58:18.0625 4020  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
16:58:18.0640 4020  TrkWks - ok
16:58:18.0718 4020  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
16:58:18.0734 4020  Udfs - ok
16:58:18.0750 4020  ultra - ok
16:58:18.0796 4020  [ 3D571A3CBF127E9555EAD2F8598F425F ] UnsignedThemes  C:\WINDOWS\UnsignedThemesSvc.exe
16:58:19.0437 4020  UnsignedThemes - ok
16:58:19.0562 4020  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
16:58:19.0609 4020  Update - ok
16:58:19.0718 4020  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:58:19.0750 4020  upnphost - ok
16:58:19.0781 4020  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
16:58:19.0796 4020  UPS - ok
16:58:19.0828 4020  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:58:19.0859 4020  usbccgp - ok
16:58:19.0890 4020  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:58:19.0890 4020  usbehci - ok
16:58:19.0953 4020  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:58:19.0984 4020  usbhub - ok
16:58:20.0015 4020  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:58:20.0046 4020  usbprint - ok
16:58:20.0125 4020  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:58:20.0125 4020  usbscan - ok
16:58:20.0156 4020  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:58:20.0171 4020  USBSTOR - ok
16:58:20.0203 4020  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:58:20.0234 4020  usbuhci - ok
16:58:20.0312 4020  [ 628C632710AB55747CB5BCC68716BE21 ] uxpatch         C:\WINDOWS\system32\drivers\uxpatch.sys
16:58:20.0328 4020  uxpatch - ok
16:58:20.0406 4020  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
16:58:20.0453 4020  VgaSave - ok
16:58:20.0515 4020  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
16:58:20.0546 4020  ViaIde - ok
16:58:20.0562 4020  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
16:58:20.0609 4020  VolSnap - ok
16:58:20.0703 4020  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
16:58:20.0734 4020  VSS - ok
16:58:20.0796 4020  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
16:58:20.0828 4020  W32Time - ok
16:58:21.0375 4020  [ B1F126E7E28877106D60E6FF3998D033 ] w39n51          C:\WINDOWS\system32\DRIVERS\w39n51.sys
16:58:21.0578 4020  w39n51 - ok
16:58:21.0625 4020  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:58:21.0656 4020  Wanarp - ok
16:58:21.0671 4020  WDICA - ok
16:58:21.0703 4020  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
16:58:21.0718 4020  wdmaud - ok
16:58:21.0781 4020  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
16:58:21.0781 4020  WebClient - ok
16:58:22.0031 4020  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
16:58:22.0062 4020  winmgmt - ok
16:58:22.0109 4020  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
16:58:22.0140 4020  WmdmPmSN - ok
16:58:22.0421 4020  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
16:58:22.0500 4020  Wmi - ok
16:58:22.0531 4020  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
16:58:22.0546 4020  WmiAcpi - ok
16:58:22.0625 4020  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:58:22.0656 4020  WmiApSrv - ok
16:58:22.0687 4020  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys
16:58:22.0703 4020  WpdUsb - ok
16:58:23.0015 4020  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:58:23.0125 4020  WPFFontCache_v0400 - ok
16:58:23.0187 4020  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
16:58:23.0265 4020  wscsvc - ok
16:58:23.0328 4020  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
16:58:23.0328 4020  wuauserv - ok
16:58:23.0421 4020  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:58:23.0500 4020  WudfPf - ok
16:58:23.0546 4020  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:58:23.0578 4020  WudfRd - ok
16:58:23.0625 4020  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
16:58:23.0640 4020  WudfSvc - ok
16:58:23.0781 4020  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
16:58:23.0812 4020  WZCSVC - ok
16:58:23.0859 4020  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
16:58:23.0875 4020  xmlprov - ok
16:58:24.0093 4020  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:58:24.0140 4020  YahooAUService - ok
16:58:24.0171 4020  ================ Scan global ===============================
16:58:24.0203 4020  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:58:24.0421 4020  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:58:24.0453 4020  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:58:24.0484 4020  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:58:24.0484 4020  [Global] - ok
16:58:24.0484 4020  ================ Scan MBR ==================================
16:58:24.0515 4020  [ 0C808E7238C810543120B2DC771ED1BA ] \Device\Harddisk0\DR0
16:58:26.0453 4020  \Device\Harddisk0\DR0 - ok
16:58:26.0453 4020  ================ Scan VBR ==================================
16:58:26.0468 4020  [ F8CF42FFED02836E4203E67309283FDE ] \Device\Harddisk0\DR0\Partition1
16:58:26.0468 4020  \Device\Harddisk0\DR0\Partition1 - ok
16:58:26.0531 4020  [ DAC1A8BD3A9550EE0648F61506157F7A ] \Device\Harddisk0\DR0\Partition2
16:58:26.0531 4020  \Device\Harddisk0\DR0\Partition2 - ok
16:58:26.0531 4020  ================ Scan active images ========================
16:58:26.0531 4020  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
16:58:26.0531 4020  C:\WINDOWS\system32\drivers\intelppm.sys - ok
16:58:26.0531 4020  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
16:58:26.0531 4020  C:\WINDOWS\system32\drivers\videoprt.sys - ok
16:58:26.0546 4020  [ 0F0194C4B635C10C3F785E4FEE52D641 ] C:\WINDOWS\system32\drivers\ialmnt5.sys
16:58:26.0546 4020  C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
16:58:26.0546 4020  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
16:58:26.0546 4020  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
16:58:26.0562 4020  [ B1F126E7E28877106D60E6FF3998D033 ] C:\WINDOWS\system32\drivers\w39n51.sys
16:58:26.0562 4020  C:\WINDOWS\system32\drivers\w39n51.sys - ok
16:58:26.0562 4020  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
16:58:26.0562 4020  C:\WINDOWS\system32\drivers\usbport.sys - ok
16:58:26.0578 4020  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
16:58:26.0578 4020  C:\WINDOWS\system32\drivers\nic1394.sys - ok
16:58:26.0578 4020  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
16:58:26.0578 4020  C:\WINDOWS\system32\drivers\usbehci.sys - ok
16:58:26.0578 4020  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
16:58:26.0578 4020  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
16:58:26.0593 4020  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] C:\WINDOWS\system32\drivers\sdbus.sys
16:58:26.0593 4020  C:\WINDOWS\system32\drivers\sdbus.sys - ok
16:58:26.0593 4020  [ 244CFBFFDEFB77F3DF571A8CD108FC06 ] C:\WINDOWS\system32\drivers\tifm21.sys
16:58:26.0593 4020  C:\WINDOWS\system32\drivers\tifm21.sys - ok
16:58:26.0609 4020  [ C0ACD392ECE55784884CC208AAFA06CE ] C:\WINDOWS\system32\drivers\b57xp32.sys
16:58:26.0609 4020  C:\WINDOWS\system32\drivers\b57xp32.sys - ok
16:58:26.0609 4020  [ 43C810F58B5C796F63D68EA91C1C98F2 ] C:\WINDOWS\system32\drivers\gtipci21.sys
16:58:26.0609 4020  C:\WINDOWS\system32\drivers\gtipci21.sys - ok
16:58:26.0625 4020  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
16:58:26.0625 4020  C:\WINDOWS\system32\drivers\serenum.sys - ok
16:58:26.0625 4020  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
16:58:26.0625 4020  C:\WINDOWS\system32\drivers\serial.sys - ok
16:58:26.0640 4020  [ 017DAECF0ED3AA731313433601EC40FA ] C:\WINDOWS\system32\drivers\smclib.sys
16:58:26.0640 4020  C:\WINDOWS\system32\drivers\smclib.sys - ok
16:58:26.0640 4020  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
16:58:26.0640 4020  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
16:58:26.0640 4020  [ 0A359837E021BC04A04A6FD189492C65 ] C:\WINDOWS\system32\drivers\ifxtpm.sys
16:58:26.0640 4020  C:\WINDOWS\system32\drivers\ifxtpm.sys - ok
16:58:26.0656 4020  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
16:58:26.0656 4020  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
16:58:26.0656 4020  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
16:58:26.0656 4020  C:\WINDOWS\system32\drivers\parport.sys - ok
16:58:26.0671 4020  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
16:58:26.0671 4020  C:\WINDOWS\system32\drivers\hidparse.sys - ok
16:58:26.0671 4020  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
16:58:26.0671 4020  C:\WINDOWS\system32\drivers\imapi.sys - ok
16:58:26.0687 4020  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
16:58:26.0687 4020  C:\WINDOWS\system32\drivers\mouclass.sys - ok
16:58:26.0687 4020  [ C9A1785CC0D7A040DD0FDBFEAA8BE135 ] C:\WINDOWS\system32\drivers\SynTP.sys
16:58:26.0687 4020  C:\WINDOWS\system32\drivers\SynTP.sys - ok
16:58:26.0703 4020  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
16:58:26.0703 4020  C:\WINDOWS\system32\drivers\usbd.sys - ok
16:58:26.0703 4020  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
16:58:26.0703 4020  C:\WINDOWS\system32\drivers\hidclass.sys - ok
16:58:26.0703 4020  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
16:58:26.0703 4020  C:\WINDOWS\system32\drivers\audstub.sys - ok
16:58:26.0718 4020  [ 0F6C187D38D98F8DF904589A5F94D411 ] C:\WINDOWS\system32\drivers\cmbatt.sys
16:58:26.0718 4020  C:\WINDOWS\system32\drivers\cmbatt.sys - ok
16:58:26.0718 4020  [ 4D4D97671C63C3AF869B3518E6054204 ] C:\WINDOWS\system32\drivers\CPQBttn.sys
16:58:26.0718 4020  C:\WINDOWS\system32\drivers\CPQBttn.sys - ok
16:58:26.0734 4020  [ 455F778EE14368468560BD7CB8C854D0 ] C:\WINDOWS\system32\drivers\fsvga.sys
16:58:26.0734 4020  C:\WINDOWS\system32\drivers\fsvga.sys - ok
16:58:26.0750 4020  [ A9573045BAA16EAB9B1085205B82F1ED ] C:\WINDOWS\system32\drivers\serscan.sys
16:58:26.0750 4020  C:\WINDOWS\system32\drivers\serscan.sys - ok
16:58:26.0750 4020  [ C42584FD66CE9E17403AEBCA199F7BDB ] C:\WINDOWS\system32\drivers\wmiacpi.sys
16:58:26.0750 4020  C:\WINDOWS\system32\drivers\wmiacpi.sys - ok
16:58:26.0765 4020  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
16:58:26.0765 4020  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
16:58:26.0781 4020  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
16:58:26.0781 4020  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
16:58:26.0781 4020  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
16:58:26.0781 4020  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
16:58:26.0796 4020  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
16:58:26.0796 4020  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
16:58:26.0812 4020  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
16:58:26.0812 4020  C:\WINDOWS\system32\drivers\msgpc.sys - ok
16:58:26.0812 4020  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
16:58:26.0812 4020  C:\WINDOWS\system32\drivers\psched.sys - ok
16:58:26.0828 4020  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
16:58:26.0828 4020  C:\WINDOWS\system32\drivers\raspptp.sys - ok
16:58:26.0843 4020  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
16:58:26.0843 4020  C:\WINDOWS\system32\drivers\tdi.sys - ok
16:58:26.0843 4020  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
16:58:26.0843 4020  C:\WINDOWS\system32\drivers\ptilink.sys - ok
16:58:26.0859 4020  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
16:58:26.0859 4020  C:\WINDOWS\system32\drivers\raspti.sys - ok
16:58:26.0875 4020  [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
16:58:26.0875 4020  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
16:58:26.0875 4020  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
16:58:26.0875 4020  C:\WINDOWS\system32\drivers\ks.sys - ok
16:58:26.0890 4020  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
16:58:26.0890 4020  C:\WINDOWS\system32\drivers\termdd.sys - ok
16:58:26.0890 4020  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
16:58:26.0890 4020  C:\WINDOWS\system32\drivers\swenum.sys - ok
16:58:26.0906 4020  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
16:58:26.0906 4020  C:\WINDOWS\system32\drivers\update.sys - ok
16:58:26.0906 4020  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
16:58:26.0906 4020  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
16:58:26.0906 4020  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
16:58:26.0906 4020  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
16:58:26.0921 4020  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
16:58:26.0921 4020  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
16:58:26.0921 4020  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
16:58:26.0921 4020  C:\WINDOWS\system32\drivers\drmk.sys - ok
16:58:26.0937 4020  [ 761D5BBDB6A5867C9F8EBBB545AF7B34 ] C:\WINDOWS\system32\drivers\ADIHdAud.sys
16:58:26.0937 4020  C:\WINDOWS\system32\drivers\ADIHdAud.sys - ok
16:58:26.0937 4020  [ C984DE22ED71414ABC42C1E03D412E33 ] C:\WINDOWS\system32\drivers\aeaudio.sys
16:58:26.0937 4020  C:\WINDOWS\system32\drivers\aeaudio.sys - ok
16:58:26.0953 4020  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
16:58:26.0953 4020  C:\WINDOWS\system32\drivers\portcls.sys - ok
16:58:26.0953 4020  [ 9C7B1314D5E1212BD3D654177C06E24D ] C:\WINDOWS\system32\drivers\AGRSM.sys
16:58:26.0953 4020  C:\WINDOWS\system32\drivers\AGRSM.sys - ok
16:58:26.0968 4020  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
16:58:26.0968 4020  C:\WINDOWS\system32\drivers\modem.sys - ok
16:58:26.0968 4020  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
16:58:26.0968 4020  C:\WINDOWS\system32\drivers\usbhub.sys - ok
16:58:26.0968 4020  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
16:58:26.0968 4020  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
16:58:26.0984 4020  [ 0EBB674888CBDEFD5773341C16DD6A07 ] C:\WINDOWS\system32\drivers\AFS2K.SYS
16:58:26.0984 4020  C:\WINDOWS\system32\drivers\AFS2K.SYS - ok
16:58:26.0984 4020  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
16:58:26.0984 4020  C:\WINDOWS\system32\drivers\cdrom.sys - ok
16:58:27.0000 4020  [ E1653A632F878E353399B96F2CEF6570 ] C:\WINDOWS\system32\drivers\psd.sys
16:58:27.0000 4020  C:\WINDOWS\system32\drivers\psd.sys - ok
16:58:27.0000 4020  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
16:58:27.0000 4020  C:\WINDOWS\system32\drivers\beep.sys - ok
16:58:27.0015 4020  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
16:58:27.0015 4020  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
16:58:27.0015 4020  [ 7EE0852AE8907689DF25049DCD2342E8 ] C:\WINDOWS\system32\drivers\DLARTL_N.SYS
16:58:27.0015 4020  C:\WINDOWS\system32\drivers\DLARTL_N.SYS - ok
16:58:27.0031 4020  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
16:58:27.0031 4020  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
16:58:27.0031 4020  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
16:58:27.0031 4020  C:\WINDOWS\system32\drivers\null.sys - ok
16:58:27.0031 4020  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
16:58:27.0031 4020  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
16:58:27.0046 4020  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
16:58:27.0046 4020  C:\WINDOWS\system32\drivers\vga.sys - ok
16:58:27.0046 4020  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
16:58:27.0046 4020  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
16:58:27.0062 4020  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
16:58:27.0062 4020  C:\WINDOWS\system32\drivers\msfs.sys - ok
16:58:27.0062 4020  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
16:58:27.0062 4020  C:\WINDOWS\system32\drivers\npfs.sys - ok
16:58:27.0078 4020  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
16:58:27.0078 4020  C:\WINDOWS\system32\drivers\ipsec.sys - ok
16:58:27.0078 4020  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
16:58:27.0078 4020  C:\WINDOWS\system32\drivers\rasacd.sys - ok
16:58:27.0078 4020  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
16:58:27.0078 4020  C:\WINDOWS\system32\drivers\tcpip.sys - ok
16:58:27.0093 4020  [ BA73B38E9033FC6018DB736B635706AE ] C:\WINDOWS\system32\drivers\avgtdix.sys
16:58:27.0093 4020  C:\WINDOWS\system32\drivers\avgtdix.sys - ok
16:58:27.0093 4020  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
16:58:27.0093 4020  C:\WINDOWS\system32\drivers\ipnat.sys - ok
16:58:27.0109 4020  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
16:58:27.0109 4020  C:\WINDOWS\system32\drivers\afd.sys - ok
16:58:27.0109 4020  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
16:58:27.0109 4020  C:\WINDOWS\system32\drivers\netbt.sys - ok
16:58:27.0125 4020  [ 39763504067962108505BFF25F024345 ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
16:58:27.0125 4020  C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok
16:58:27.0125 4020  [ 77B9FC20084B48408AD3E87570EB4A85 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
16:58:27.0125 4020  C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
16:58:27.0125 4020  [ B5CB3084046146FD2587D8C9B219FEB4 ] C:\WINDOWS\system32\drivers\eabfiltr.sys
16:58:27.0125 4020  C:\WINDOWS\system32\drivers\eabfiltr.sys - ok
16:58:27.0140 4020  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
16:58:27.0140 4020  C:\WINDOWS\system32\drivers\netbios.sys - ok
16:58:27.0140 4020  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
16:58:27.0140 4020  C:\WINDOWS\system32\drivers\rdbss.sys - ok
16:58:27.0156 4020  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
16:58:27.0156 4020  C:\WINDOWS\system32\drivers\redbook.sys - ok
16:58:27.0156 4020  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
16:58:27.0156 4020  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
16:58:27.0171 4020  [ D53D35031365A0ECCB1DC1BC1B15B18E ] C:\WINDOWS\system32\drivers\avgldx86.sys
16:58:27.0171 4020  C:\WINDOWS\system32\drivers\avgldx86.sys - ok
16:58:27.0171 4020  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
16:58:27.0171 4020  C:\WINDOWS\system32\drivers\fips.sys - ok
16:58:27.0187 4020  [ 002ECB6F1197A7754CC87F2073F41841 ] C:\WINDOWS\system32\drivers\atswpdrv.sys
16:58:27.0187 4020  C:\WINDOWS\system32\drivers\atswpdrv.sys - ok
16:58:27.0187 4020  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
16:58:27.0187 4020  C:\WINDOWS\system32\drivers\wanarp.sys - ok
16:58:27.0187 4020  [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
16:58:27.0187 4020  C:\WINDOWS\system32\drivers\arp1394.sys - ok
16:58:27.0203 4020  [ 7BB2C605094DBCA536D127B434214862 ] C:\WINDOWS\system32\drivers\avgidsdriverx.sys
16:58:27.0203 4020  C:\WINDOWS\system32\drivers\avgidsdriverx.sys - ok
16:58:27.0203 4020  [ A8DE230CC8536790CA07D37FBCD87A74 ] C:\WINDOWS\system32\drivers\avgidsshimx.sys
16:58:27.0203 4020  C:\WINDOWS\system32\drivers\avgidsshimx.sys - ok
16:58:27.0218 4020  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
16:58:27.0218 4020  C:\WINDOWS\system32\smss.exe - ok
16:58:27.0218 4020  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
16:58:27.0218 4020  C:\WINDOWS\system32\ntdll.dll - ok
16:58:27.0234 4020  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
16:58:27.0234 4020  C:\WINDOWS\system32\autochk.exe - ok
16:58:27.0234 4020  [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
16:58:27.0234 4020  C:\WINDOWS\system32\drivers\fastfat.sys - ok
16:58:27.0234 4020  [ 544D486301588C8199187C9AB5778B4B ] C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
16:58:27.0234 4020  C:\PROGRA~1\AVG\AVG2013\avgrsx.exe - ok
16:58:27.0250 4020  [ 484987420BC8DED2CB26C6F4EC9BA7F2 ] C:\Program Files\AVG\AVG2013\avgsysx.dll
16:58:27.0250 4020  C:\Program Files\AVG\AVG2013\avgsysx.dll - ok
16:58:27.0250 4020  [ 42836D10270B1940F9A2FF77AE679537 ] C:\Program Files\AVG\AVG2013\avgntopensslx.dll
16:58:27.0250 4020  C:\Program Files\AVG\AVG2013\avgntopensslx.dll - ok
16:58:27.0265 4020  [ 1C2E1FC9F8ED794CC191E92F27D1391C ] C:\Program Files\AVG\AVG2013\avglogx.dll
16:58:27.0265 4020  C:\Program Files\AVG\AVG2013\avglogx.dll - ok
16:58:27.0265 4020  [ 491918E4C46ED4CEB6E7A90F7B73924D ] C:\Program Files\AVG\AVG2013\avgxpl.dll
16:58:27.0265 4020  C:\Program Files\AVG\AVG2013\avgxpl.dll - ok
16:58:27.0281 4020  [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Program Files\Google\Update\1.3.21.135\goopdateres_en.dll
16:58:27.0281 4020  C:\Program Files\Google\Update\1.3.21.135\goopdateres_en.dll - ok
16:58:27.0281 4020  [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
16:58:27.0281 4020  C:\WINDOWS\system32\qmgr.dll - ok
16:58:27.0296 4020  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] C:\Program Files\SUPERAntiSpyware\SASCore.exe
16:58:27.0296 4020  C:\Program Files\SUPERAntiSpyware\SASCore.exe - ok
16:58:27.0296 4020  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
16:58:27.0296 4020  C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
16:58:27.0312 4020  [ A4932026499FFE9A493E3E9BBFDAA682 ] C:\Program Files\AVG\AVG2013\avgemcx.exe
16:58:27.0312 4020  C:\Program Files\AVG\AVG2013\avgemcx.exe - ok
16:58:27.0312 4020  [ B40F5DCD59ED2A46EED8AE340CC167FB ] C:\Program Files\AVG\AVG2013\avgcfgx.dll
16:58:27.0312 4020  C:\Program Files\AVG\AVG2013\avgcfgx.dll - ok
16:58:27.0312 4020  [ 8622AE563E2AC2F8BF9FAFEE726FC7B8 ] C:\Program Files\AVG\AVG2013\avgsched.dll
16:58:27.0312 4020  C:\Program Files\AVG\AVG2013\avgsched.dll - ok
16:58:27.0328 4020  [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe
16:58:27.0328 4020  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
16:58:27.0328 4020  [ 1CA7C04957F8419E426E334B5FF2D0FA ] C:\Program Files\AVG\AVG2013\avgnsx.exe
16:58:27.0328 4020  C:\Program Files\AVG\AVG2013\avgnsx.exe - ok
16:58:27.0343 4020  [ FF9AFBD2864BBEA6A9E7F90F8C94F6B7 ] C:\Program Files\AVG\AVG2013\avgidpsdkx.dll
16:58:27.0343 4020  C:\Program Files\AVG\AVG2013\avgidpsdkx.dll - ok
16:58:27.0343 4020  [ 5014D9C982E360176066F30D633D6600 ] C:\Program Files\AVG\AVG2013\avgwd.dll
16:58:27.0343 4020  C:\Program Files\AVG\AVG2013\avgwd.dll - ok
16:58:27.0343 4020  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] C:\Program Files\AVG\AVG2013\avgwdsvc.exe
16:58:27.0343 4020  C:\Program Files\AVG\AVG2013\avgwdsvc.exe - ok
16:58:27.0359 4020  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
16:58:27.0359 4020  C:\WINDOWS\system32\dbghelp.dll - ok
16:58:27.0359 4020  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
16:58:27.0359 4020  C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
16:58:27.0375 4020  [ F67480EE1AC3CB32C63AF86B0AE57AC9 ] C:\Program Files\AVG\AVG2013\avgwdwsc.dll
16:58:27.0375 4020  C:\Program Files\AVG\AVG2013\avgwdwsc.dll - ok
16:58:27.0375 4020  [ 76FFA2433FEB42E78FB5421A50C8FBE3 ] C:\Program Files\AVG\AVG2013\avgclitx.dll
16:58:27.0375 4020  C:\Program Files\AVG\AVG2013\avgclitx.dll - ok
16:58:27.0390 4020  [ DD5A89274B47499CCFF7ADCA3A3C560E ] C:\WINDOWS\system32\ntoskrnl.exe
16:58:27.0390 4020  C:\WINDOWS\system32\ntoskrnl.exe - ok
16:58:27.0390 4020  [ 811EA84FF424B9B9D5A045A21753D1FE ] C:\WINDOWS\system32\url.dll
16:58:27.0390 4020  C:\WINDOWS\system32\url.dll - ok
16:58:27.0406 4020  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
16:58:27.0406 4020  C:\WINDOWS\system32\oleaut32.dll - ok
16:58:27.0406 4020  [ F161202C7139116D9CC2A20CC2387E26 ] C:\WINDOWS\system32\urlmon.dll
16:58:27.0406 4020  C:\WINDOWS\system32\urlmon.dll - ok
16:58:27.0406 4020  [ D38F3ECA6DCA72D30B3DC016758B17F4 ] C:\WINDOWS\system32\shdocvw.dll
16:58:27.0406 4020  C:\WINDOWS\system32\shdocvw.dll - ok
16:58:27.0421 4020  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
16:58:27.0421 4020  C:\WINDOWS\system32\csrss.exe - ok
16:58:27.0421 4020  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
16:58:27.0421 4020  C:\WINDOWS\system32\kbdus.dll - ok
16:58:27.0437 4020  [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll
16:58:27.0437 4020  C:\WINDOWS\system32\lz32.dll - ok
16:58:27.0437 4020  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
16:58:27.0437 4020  C:\WINDOWS\system32\sfc.dll - ok
16:58:27.0437 4020  [ 0A9BA6AF531AFE7FA5E4FB973852D863 ] C:\WINDOWS\system32\dllhost.exe
16:58:27.0437 4020  C:\WINDOWS\system32\dllhost.exe - ok
16:58:27.0453 4020  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
16:58:27.0453 4020  C:\WINDOWS\system32\lsass.exe - ok
16:58:27.0453 4020  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
16:58:27.0453 4020  C:\WINDOWS\system32\msidle.dll - ok
16:58:27.0468 4020  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
16:58:27.0468 4020  C:\WINDOWS\system32\msimg32.dll - ok
16:58:27.0468 4020  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
16:58:27.0468 4020  C:\WINDOWS\system32\nddeapi.dll - ok
16:58:27.0468 4020  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
16:58:27.0468 4020  C:\WINDOWS\system32\rasadhlp.dll - ok
16:58:27.0484 4020  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
16:58:27.0484 4020  C:\WINDOWS\system32\version.dll - ok
16:58:27.0484 4020  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
16:58:27.0484 4020  C:\WINDOWS\system32\vga.dll - ok
16:58:27.0500 4020  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
16:58:27.0500 4020  C:\WINDOWS\system32\wmi.dll - ok
16:58:27.0500 4020  [ 3B479B92A1159A2CFF613B3FAA2AD9CD ] C:\WINDOWS\system32\kbd101.dll
16:58:27.0500 4020  C:\WINDOWS\system32\kbd101.dll - ok
16:58:27.0500 4020  [ 012DF358CEBAA23ACB26D82077820817 ] C:\WINDOWS\system32\lpk.dll
16:58:27.0500 4020  C:\WINDOWS\system32\lpk.dll - ok
16:58:27.0515 4020  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] C:\WINDOWS\system32\msdtc.exe
16:58:27.0515 4020  C:\WINDOWS\system32\msdtc.exe - ok
16:58:27.0515 4020  [ D8361BEAB7109AB8B069F7F5028E37B1 ] C:\WINDOWS\system32\olesvr32.dll
16:58:27.0515 4020  C:\WINDOWS\system32\olesvr32.dll - ok
16:58:27.0531 4020  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
16:58:27.0531 4020  C:\WINDOWS\system32\profmap.dll - ok
16:58:27.0531 4020  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
16:58:27.0531 4020  C:\WINDOWS\system32\psapi.dll - ok
16:58:27.0531 4020  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
16:58:27.0531 4020  C:\WINDOWS\system32\sensapi.dll - ok
16:58:27.0546 4020  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
16:58:27.0546 4020  C:\WINDOWS\system32\svchost.exe - ok
16:58:27.0546 4020  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
16:58:27.0546 4020  C:\WINDOWS\system32\ws2help.dll - ok
16:58:27.0562 4020  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
16:58:27.0562 4020  C:\WINDOWS\system32\wtsapi32.dll - ok
16:58:27.0562 4020  [ 20EA06CF3B6457B9D840ACF00A5C4AB5 ] C:\WINDOWS\Temp\.nvdkit\987239acba334648\d5687f9dd9435984\lib\reg1.0\tclreg82.dll
16:58:27.0562 4020  C:\WINDOWS\Temp\.nvdkit\987239acba334648\d5687f9dd9435984\lib\reg1.0\tclreg82.dll - ok
16:58:27.0578 4020  [ 8985FCECE06A74017E23DDD093E34D4E ] C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll
16:58:27.0578 4020  C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll - ok
16:58:27.0578 4020  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
16:58:27.0578 4020  C:\WINDOWS\system32\csrsrv.dll - ok
16:58:27.0578 4020  [ 86440EDFF27095E03741AEDC5752AA51 ] C:\WINDOWS\system32\olecnv32.dll
16:58:27.0578 4020  C:\WINDOWS\system32\olecnv32.dll - ok
16:58:27.0593 4020  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
16:58:27.0593 4020  C:\WINDOWS\system32\wshtcpip.dll - ok
16:58:27.0593 4020  [ AE3470D2BF8F16FD93FA54167B87172D ] C:\WINDOWS\system32\xolehlp.dll
16:58:27.0593 4020  C:\WINDOWS\system32\xolehlp.dll - ok
16:58:27.0609 4020  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
16:58:27.0609 4020  C:\WINDOWS\system32\cryptdll.dll - ok
16:58:27.0609 4020  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
16:58:27.0609 4020  C:\WINDOWS\system32\dot3dlg.dll - ok
16:58:27.0609 4020  [ 6826E1E4D27C3E88777C9AD273A2FFB9 ] C:\WINDOWS\system32\ialmrnt5.dll
16:58:27.0609 4020  C:\WINDOWS\system32\ialmrnt5.dll - ok
16:58:27.0625 4020  [ C33B3ED4BEF24BAC604FF97FF2D97C49 ] C:\WINDOWS\system32\kbd106.dll
16:58:27.0625 4020  C:\WINDOWS\system32\kbd106.dll - ok
16:58:27.0625 4020  [ 3FBA2CB69D697D1EF5423F17691CD832 ] C:\WINDOWS\system32\kbdnec.dll
16:58:27.0625 4020  C:\WINDOWS\system32\kbdnec.dll - ok
16:58:27.0640 4020  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
16:58:27.0640 4020  C:\WINDOWS\system32\lmhsvc.dll - ok
16:58:27.0640 4020  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
16:58:27.0640 4020  C:\WINDOWS\system32\ncobjapi.dll - ok
16:58:27.0640 4020  [ FA1B9CAE64B23C950DA3D96ABBF23BD0 ] C:\WINDOWS\system32\olecli32.dll
16:58:27.0640 4020  C:\WINDOWS\system32\olecli32.dll - ok
16:58:27.0656 4020  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
16:58:27.0656 4020  C:\WINDOWS\system32\winrnr.dll - ok
16:58:27.0656 4020  [ 43D8779059D848BB26D725D4E6C3350C ] C:\Program Files\AVG\AVG2013\avgcorex.dll
16:58:27.0656 4020  C:\Program Files\AVG\AVG2013\avgcorex.dll - ok
16:58:27.0671 4020  [ C1F6BE746D98A17F428EEC6255257E95 ] C:\Program Files\HPQ\IAM\Bin\AsBioAt.dll
16:58:27.0671 4020  C:\Program Files\HPQ\IAM\Bin\AsBioAt.dll - ok
16:58:27.0671 4020  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:58:27.0671 4020  C:\WINDOWS\system32\basesrv.dll - ok
16:58:27.0687 4020  [ AE9543F20FCC1E7BCAA13051CC076147 ] C:\WINDOWS\system32\olethk32.dll
16:58:27.0687 4020  C:\WINDOWS\system32\olethk32.dll - ok
16:58:27.0687 4020  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
16:58:27.0687 4020  C:\WINDOWS\system32\atmfd.dll - ok
16:58:27.0687 4020  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
16:58:27.0687 4020  C:\WINDOWS\system32\kernel32.dll - ok
16:58:27.0703 4020  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
16:58:27.0703 4020  C:\WINDOWS\system32\mpr.dll - ok
16:58:27.0703 4020  [ C17F84BB637F6F4D8F364E52BEE46D77 ] C:\WINDOWS\Temp\.nvdkit\987239acba334648\d5687f9dd9435984\lib\tclsvc\tclsvc82.dll
16:58:27.0703 4020  C:\WINDOWS\Temp\.nvdkit\987239acba334648\d5687f9dd9435984\lib\tclsvc\tclsvc82.dll - ok
16:58:27.0718 4020  [ 81E9041DAC0983AACE5C8920AF73D64E ] C:\Program Files\Common Files\System\msadc\msadcer.dll
16:58:27.0718 4020  C:\Program Files\Common Files\System\msadc\msadcer.dll - ok
16:58:27.0718 4020  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
16:58:27.0718 4020  C:\WINDOWS\AppPatch\acadproc.dll - ok
16:58:27.0734 4020  [ 804B09FA1E3A86E729ABCCA7F30AE53C ] C:\WINDOWS\system32\kbdjpn.dll
16:58:27.0734 4020  C:\WINDOWS\system32\kbdjpn.dll - ok
16:58:27.0734 4020  [ BF38660A9125935658CFA3E53FDC7D65 ] C:\WINDOWS\system32\msvcr100.dll
16:58:27.0734 4020  C:\WINDOWS\system32\msvcr100.dll - ok
16:58:27.0750 4020  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
16:58:27.0750 4020  C:\WINDOWS\system32\secur32.dll - ok
16:58:27.0750 4020  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
16:58:27.0750 4020  C:\WINDOWS\system32\wsock32.dll - ok
16:58:27.0750 4020  [ A6251155B7017D4B4A77A3531A8DA6D8 ] C:\Program Files\AVG\AVG2013\avgcommx.dll
16:58:27.0750 4020  C:\Program Files\AVG\AVG2013\avgcommx.dll - ok
16:58:27.0765 4020  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
16:58:27.0765 4020  C:\WINDOWS\system32\apphelp.dll - ok
16:58:27.0765 4020  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
16:58:27.0765 4020  C:\WINDOWS\system32\authz.dll - ok
16:58:27.0781 4020  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
16:58:27.0781 4020  C:\WINDOWS\system32\msasn1.dll - ok
16:58:27.0781 4020  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
16:58:27.0781 4020  C:\WINDOWS\system32\regapi.dll - ok
16:58:27.0781 4020  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
16:58:27.0781 4020  C:\WINDOWS\system32\comdlg32.dll - ok
16:58:27.0796 4020  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
16:58:27.0796 4020  C:\WINDOWS\system32\dimsntfy.dll - ok
16:58:27.0796 4020  [ 99F59B3392AD68F08BB528791F5D880D ] C:\WINDOWS\system32\oleaccrc.dll
16:58:27.0796 4020  C:\WINDOWS\system32\oleaccrc.dll - ok
16:58:27.0812 4020  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
16:58:27.0812 4020  C:\WINDOWS\system32\winsta.dll - ok
16:58:27.0812 4020  [ D1A7920930C2524D99D6A9FA9CEDEEF0 ] C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
16:58:27.0812 4020  C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll - ok
16:58:27.0812 4020  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
16:58:27.0812 4020  C:\WINDOWS\system32\imagehlp.dll - ok
16:58:27.0828 4020  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
16:58:27.0828 4020  C:\WINDOWS\system32\msprivs.dll - ok
16:58:27.0828 4020  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
16:58:27.0828 4020  C:\WINDOWS\system32\shimeng.dll - ok
16:58:27.0843 4020  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
16:58:27.0843 4020  C:\WINDOWS\system32\gdi32.dll - ok
16:58:27.0843 4020  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
16:58:27.0843 4020  C:\WINDOWS\system32\powrprof.dll - ok
16:58:27.0843 4020  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
16:58:27.0843 4020  C:\WINDOWS\system32\rtutils.dll - ok
16:58:27.0859 4020  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
16:58:27.0859 4020  C:\WINDOWS\system32\wldap32.dll - ok
16:58:27.0859 4020  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
16:58:27.0859 4020  C:\WINDOWS\system32\dot3api.dll - ok
16:58:27.0875 4020  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
16:58:27.0875 4020  C:\WINDOWS\system32\eapolqec.dll - ok
16:58:27.0875 4020  [ 586519871167D5D3D41EF32E61E492BF ] C:\WINDOWS\system32\ialmdnt5.dll
16:58:27.0875 4020  C:\WINDOWS\system32\ialmdnt5.dll - ok
16:58:27.0890 4020  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
16:58:27.0890 4020  C:\WINDOWS\system32\wintrust.dll - ok
16:58:27.0890 4020  [ 474B4DC3983173E4B4C9740B0DAC98A6 ] C:\WINDOWS\system32\dnsrslvr.dll
16:58:27.0890 4020  C:\WINDOWS\system32\dnsrslvr.dll - ok
16:58:27.0890 4020  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
16:58:27.0890 4020  C:\WINDOWS\system32\imm32.dll - ok
16:58:27.0906 4020  [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
16:58:27.0906 4020  C:\WINDOWS\system32\snmpapi.dll - ok
16:58:27.0906 4020  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
16:58:27.0906 4020  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
16:58:27.0921 4020  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
16:58:27.0921 4020  C:\WINDOWS\system32\wdigest.dll - ok
16:58:27.0921 4020  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
16:58:27.0921 4020  C:\WINDOWS\system32\ws2_32.dll - ok
16:58:27.0921 4020  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
16:58:27.0921 4020  C:\WINDOWS\system32\msvcrt.dll - ok
16:58:27.0937 4020  [ 3D571A3CBF127E9555EAD2F8598F425F ] C:\WINDOWS\UnsignedThemesSvc.exe
16:58:27.0937 4020  C:\WINDOWS\UnsignedThemesSvc.exe - ok
16:58:27.0937 4020  [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\WINDOWS\system32\msvcp100.dll
16:58:27.0937 4020  C:\WINDOWS\system32\msvcp100.dll - ok
16:58:27.0953 4020  [ 045DF7AE14CAAED71338916D6FB66812 ] C:\WINDOWS\system32\wow32.dll
16:58:27.0953 4020  C:\WINDOWS\system32\wow32.dll - ok
16:58:27.0953 4020  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
16:58:27.0953 4020  C:\WINDOWS\system32\shlwapi.dll - ok
16:58:27.0953 4020  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
16:58:27.0953 4020  C:\WINDOWS\system32\odbcint.dll - ok
16:58:27.0968 4020  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
16:58:27.0968 4020  C:\WINDOWS\system32\user32.dll - ok
16:58:27.0968 4020  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
16:58:27.0968 4020  C:\WINDOWS\system32\eventlog.dll - ok
16:58:27.0984 4020  [ 681B807E53BDADA337735C28C0E48A1B ] C:\WINDOWS\system32\ntvdm.exe
16:58:27.0984 4020  C:\WINDOWS\system32\ntvdm.exe - ok
16:58:27.0984 4020  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
16:58:27.0984 4020  C:\WINDOWS\system32\shsvcs.dll - ok
16:58:27.0984 4020  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
16:58:27.0984 4020  C:\WINDOWS\system32\comctl32.dll - ok
16:58:28.0000 4020  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:58:28.0000 4020  C:\WINDOWS\system32\winsrv.dll - ok
16:58:28.0000 4020  [ A9846CC8B3DFEBEEEF4D73ED6476D984 ] C:\WINDOWS\system32\ialmdev5.dll
16:58:28.0000 4020  C:\WINDOWS\system32\ialmdev5.dll - ok
16:58:28.0015 4020  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
16:58:28.0015 4020  C:\WINDOWS\system32\samlib.dll - ok
16:58:28.0015 4020  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:58:28.0015 4020  C:\WINDOWS\system32\services.exe - ok
16:58:28.0031 4020  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
16:58:28.0031 4020  C:\WINDOWS\system32\sfc_os.dll - ok
16:58:28.0031 4020  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
16:58:28.0031 4020  C:\WINDOWS\system32\ersvc.dll - ok
16:58:28.0031 4020  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
16:58:28.0031 4020  C:\WINDOWS\system32\ntdsapi.dll - ok
16:58:28.0046 4020  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
16:58:28.0046 4020  C:\WINDOWS\system32\umpnpmgr.dll - ok
16:58:28.0046 4020  [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
16:58:28.0046 4020  C:\WINDOWS\system32\dmserver.dll - ok
16:58:28.0062 4020  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
16:58:28.0062 4020  C:\WINDOWS\system32\msvcrt40.dll - ok
16:58:28.0062 4020  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
16:58:28.0062 4020  C:\WINDOWS\system32\netapi32.dll - ok
16:58:28.0062 4020  [ 52A5A388661FF3A889593185367B7226 ] C:\WINDOWS\system32\odbc32.dll
16:58:28.0062 4020  C:\WINDOWS\system32\odbc32.dll - ok
16:58:28.0078 4020  [ 18697C1FDBE751AE52DD4EDB3E9025F9 ] C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
16:58:28.0078 4020  C:\Program Files\Intel\Wireless\Bin\IntStngs.dll - ok
16:58:28.0078 4020  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
16:58:28.0078 4020  C:\WINDOWS\system32\advapi32.dll - ok
16:58:28.0093 4020  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
16:58:28.0093 4020  C:\WINDOWS\system32\atl.dll - ok
16:58:28.0093 4020  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
16:58:28.0093 4020  C:\WINDOWS\system32\msacm32.dll - ok
16:58:28.0093 4020  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
16:58:28.0093 4020  C:\WINDOWS\system32\digest.dll - ok
16:58:28.0109 4020  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
16:58:28.0109 4020  C:\WINDOWS\system32\rpcrt4.dll - ok
16:58:28.0109 4020  [ 572334E13E0D4C8A2986CCA2A736DCE5 ] C:\WINDOWS\system32\msxml3r.dll
16:58:28.0109 4020  C:\WINDOWS\system32\msxml3r.dll - ok
16:58:28.0125 4020  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
16:58:28.0125 4020  C:\WINDOWS\system32\ole32.dll - ok
16:58:28.0125 4020  [ 5D3FDE8FB2801A2041D1B965372C4928 ] C:\WINDOWS\system32\dnsapi.dll
16:58:28.0125 4020  C:\WINDOWS\system32\dnsapi.dll - ok
16:58:28.0125 4020  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
16:58:28.0125 4020  C:\WINDOWS\system32\eappprxy.dll - ok
16:58:28.0140 4020  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
16:58:28.0140 4020  C:\WINDOWS\system32\iphlpapi.dll - ok
16:58:28.0140 4020  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
16:58:28.0140 4020  C:\WINDOWS\system32\msapsspc.dll - ok
16:58:28.0156 4020  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
16:58:28.0156 4020  C:\WINDOWS\system32\pstorsvc.dll - ok
16:58:28.0156 4020  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
16:58:28.0156 4020  C:\WINDOWS\system32\winipsec.dll - ok
16:58:28.0156 4020  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
16:58:28.0156 4020  C:\WINDOWS\system32\sfcfiles.dll - ok
16:58:28.0171 4020  [ 4B1D05056FE6216CCEC8D633F0088CC8 ] C:\WINDOWS\Temp\.nvdkit\987239acba334648\d5687f9dd9435984\lib\sentcl\sentcl82.dll
16:58:28.0171 4020  C:\WINDOWS\Temp\.nvdkit\987239acba334648\d5687f9dd9435984\lib\sentcl\sentcl82.dll - ok
16:58:28.0171 4020  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
16:58:28.0171 4020  C:\WINDOWS\system32\crypt32.dll - ok
16:58:28.0187 4020  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
16:58:28.0187 4020  C:\WINDOWS\system32\userenv.dll - ok
16:58:28.0187 4020  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
16:58:28.0187 4020  C:\WINDOWS\system32\winscard.dll - ok
16:58:28.0203 4020  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
16:58:28.0203 4020  C:\WINDOWS\system32\cryptui.dll - ok
16:58:28.0203 4020  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
16:58:28.0203 4020  C:\WINDOWS\system32\msv1_0.dll - ok
16:58:28.0218 4020  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
16:58:28.0218 4020  C:\WINDOWS\system32\winmm.dll - ok
16:58:28.0218 4020  [ F86A2C7C279C746D5C5E06941ED4C337 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll
16:58:28.0218 4020  C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok
16:58:28.0218 4020  [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
16:58:28.0218 4020  C:\WINDOWS\system32\usp10.dll - ok
16:58:28.0234 4020  [ 7D4B3CCD737E50D2BBB0178B5458CA8D ] C:\WINDOWS\Temp\.nvdkit\987239acba334648\d5687f9dd9435984\lib\nvdtcl\nvdtcl82.dll
16:58:28.0234 4020  C:\WINDOWS\Temp\.nvdkit\987239acba334648\d5687f9dd9435984\lib\nvdtcl\nvdtcl82.dll - ok
16:58:28.0234 4020  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
16:58:28.0234 4020  C:\WINDOWS\system32\scesrv.dll - ok
16:58:28.0250 4020  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
16:58:28.0250 4020  C:\WINDOWS\system32\colbact.dll - ok
16:58:28.0250 4020  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
16:58:28.0250 4020  C:\WINDOWS\system32\msvcp60.dll - ok
16:58:28.0265 4020  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
16:58:28.0265 4020  C:\WINDOWS\system32\clusapi.dll - ok
16:58:28.0265 4020  [ EDB09E9C4D9D83A178059392CCE49FEA ] C:\WINDOWS\system32\ialmdd5.dll
16:58:28.0265 4020  C:\WINDOWS\system32\ialmdd5.dll - ok
16:58:28.0265 4020  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
16:58:28.0265 4020  C:\WINDOWS\system32\schannel.dll - ok
16:58:28.0281 4020  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
16:58:28.0281 4020  C:\WINDOWS\system32\samsrv.dll - ok
16:58:28.0281 4020  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
16:58:28.0281 4020  C:\WINDOWS\system32\mtxclu.dll - ok
16:58:28.0296 4020  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
16:58:28.0296 4020  C:\WINDOWS\system32\ntmarta.dll - ok
16:58:28.0296 4020  [ 2CDE496666A975A2CE8F969F3042C8DB ] C:\WINDOWS\system32\uxtheme.dll
16:58:28.0296 4020  C:\WINDOWS\system32\uxtheme.dll - ok
16:58:28.0312 4020  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
16:58:28.0312 4020  C:\WINDOWS\system32\winlogon.exe - ok
16:58:28.0312 4020  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
16:58:28.0312 4020  C:\WINDOWS\system32\sxs.dll - ok
16:58:28.0312 4020  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
16:58:28.0312 4020  C:\WINDOWS\system32\audiosrv.dll - ok
16:58:28.0328 4020  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
16:58:28.0328 4020  C:\WINDOWS\system32\msnsspc.dll - ok
16:58:28.0328 4020  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
16:58:28.0328 4020  C:\WINDOWS\system32\kerberos.dll - ok
16:58:28.0328 4020  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
16:58:28.0328 4020  C:\WINDOWS\system32\w32time.dll - ok
16:58:28.0343 4020  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
16:58:28.0343 4020  C:\WINDOWS\system32\rsaenh.dll - ok
16:58:28.0343 4020  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
16:58:28.0343 4020  C:\WINDOWS\system32\scecli.dll - ok
16:58:28.0359 4020  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
16:58:28.0359 4020  C:\WINDOWS\system32\lsasrv.dll - ok
16:58:28.0359 4020  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
16:58:28.0359 4020  C:\WINDOWS\system32\resutils.dll - ok
16:58:28.0359 4020  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
16:58:28.0359 4020  C:\WINDOWS\system32\setupapi.dll - ok
16:58:28.0375 4020  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
16:58:28.0375 4020  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
16:58:28.0375 4020  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
16:58:28.0375 4020  C:\WINDOWS\system32\msctf.dll - ok
16:58:28.0390 4020  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
16:58:28.0390 4020  C:\WINDOWS\system32\netlogon.dll - ok
16:58:28.0390 4020  [ 9972A6ED4F2388DBFA8E0A96F6F3FDF1 ] C:\WINDOWS\system32\msvcr70.dll
16:58:28.0390 4020  C:\WINDOWS\system32\msvcr70.dll - ok
16:58:28.0406 4020  [ 56DED3ADE453272E6A0AD582D945D1A4 ] C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
16:58:28.0406 4020  C:\Program Files\Intel\Wireless\Bin\EvtEng.exe - ok
16:58:28.0406 4020  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
16:58:28.0406 4020  C:\WINDOWS\system32\msgina.dll - ok
16:58:28.0406 4020  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
16:58:28.0406 4020  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
16:58:28.0421 4020  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
16:58:28.0421 4020  C:\WINDOWS\system32\rpcss.dll - ok
16:58:28.0421 4020  [ DA45AD502B4F2B7FC4ADEBA2E309F384 ] C:\WINDOWS\system32\netevent.dll
16:58:28.0421 4020  C:\WINDOWS\system32\netevent.dll - ok
16:58:28.0437 4020  [ 832E4DD8964AB7ACC880B2837CB1ED20 ] C:\WINDOWS\system32\mswsock.dll
16:58:28.0437 4020  C:\WINDOWS\system32\mswsock.dll - ok
16:58:28.0437 4020  [ 73BAFFA0B02320690CDC606241078CE4 ] C:\Program Files\Common Files\System\Ole DB\msdatl3.dll
16:58:28.0437 4020  C:\Program Files\Common Files\System\Ole DB\msdatl3.dll - ok
16:58:28.0453 4020  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
16:58:28.0453 4020  C:\WINDOWS\system32\shell32.dll - ok
16:58:28.0453 4020  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
16:58:28.0453 4020  C:\WINDOWS\AppPatch\acgenral.dll - ok
16:58:28.0453 4020  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
16:58:28.0453 4020  C:\WINDOWS\system32\xpsp2res.dll - ok
16:58:28.0468 4020  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
16:58:28.0468 4020  C:\WINDOWS\system32\hnetcfg.dll - ok
16:58:28.0468 4020  [ 1175911E055430E3119F06812E1FA8B8 ] C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll
16:58:28.0468 4020  C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll - ok
16:58:28.0484 4020  [ F9F696AB4F62D0281ED6380B50C0BDB0 ] C:\Program Files\Intel\Wireless\Bin\TraceAPI.dll
16:58:28.0484 4020  C:\Program Files\Intel\Wireless\Bin\TraceAPI.dll - ok
16:58:28.0484 4020  [ 5CE275CDC5FFB77B1EC29DBDFE4B6689 ] C:\WINDOWS\system32\odbcji32.dll
16:58:28.0484 4020  C:\WINDOWS\system32\odbcji32.dll - ok
16:58:28.0500 4020  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
16:58:28.0500 4020  C:\WINDOWS\system32\clbcatq.dll - ok
16:58:28.0500 4020  [ 2133B82CD52F1B62CDEA633769819A60 ] C:\Program Files\Common Files\System\ado\msado15.dll
16:58:28.0500 4020  C:\Program Files\Common Files\System\ado\msado15.dll - ok
16:58:28.0515 4020  [ 01F0CBEB457CAE7EF0CA52C7CCA5B0E8 ] C:\WINDOWS\system32\msdart.dll
16:58:28.0515 4020  C:\WINDOWS\system32\msdart.dll - ok
16:58:28.0515 4020  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
16:58:28.0515 4020  C:\WINDOWS\system32\wzcsapi.dll - ok
16:58:28.0515 4020  [ 1ED4C96EC76C3DDFCABD7644DA23F4B6 ] C:\Program Files\Common Files\System\Ole DB\msdasql.dll
16:58:28.0515 4020  C:\Program Files\Common Files\System\Ole DB\msdasql.dll - ok
16:58:28.0531 4020  [ F5FCF2B4068DDE641D16BF4B2E877C95 ] C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
16:58:28.0531 4020  C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll - ok
16:58:28.0531 4020  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
16:58:28.0531 4020  C:\WINDOWS\system32\dhcpcsvc.dll - ok
16:58:28.0546 4020  [ 0D14F07B29FBF0D750AA2495DD72B968 ] C:\WINDOWS\system32\msjter40.dll
16:58:28.0546 4020  C:\WINDOWS\system32\msjter40.dll - ok
16:58:28.0546 4020  [ 7E2B58CE8C4013287371667880B1080D ] C:\WINDOWS\system32\msjint40.dll
16:58:28.0546 4020  C:\WINDOWS\system32\msjint40.dll - ok
16:58:28.0562 4020  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
16:58:28.0562 4020  C:\WINDOWS\system32\rasman.dll - ok
16:58:28.0562 4020  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
16:58:28.0562 4020  C:\WINDOWS\system32\cscdll.dll - ok
16:58:28.0562 4020  [ 2C288AA87E4723AC9FF4D76A192EC3F8 ] C:\WINDOWS\system32\odbccp32.dll
16:58:28.0562 4020  C:\WINDOWS\system32\odbccp32.dll - ok
16:58:28.0578 4020  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
16:58:28.0578 4020  C:\WINDOWS\system32\spoolsv.exe - ok
16:58:28.0578 4020  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
16:58:28.0578 4020  C:\WINDOWS\system32\qutil.dll - ok
16:58:28.0578 4020  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
16:58:28.0578 4020  C:\WINDOWS\system32\shgina.dll - ok
16:58:28.0593 4020  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
16:58:28.0593 4020  C:\WINDOWS\system32\webclnt.dll - ok
16:58:28.0593 4020  [ C41D5390CC93D762DF4794CAF2453728 ] C:\WINDOWS\Temp\.nvdkit\987239acba334648\d5687f9dd9435984\bin\itcl31.dll
16:58:28.0593 4020  C:\WINDOWS\Temp\.nvdkit\987239acba334648\d5687f9dd9435984\bin\itcl31.dll - ok
16:58:28.0609 4020  [ F0D371D357790601C4A03B25F6AD09F8 ] C:\WINDOWS\system32\msdtclog.dll
16:58:28.0609 4020  C:\WINDOWS\system32\msdtclog.dll - ok
16:58:28.0609 4020  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
16:58:28.0609 4020  C:\WINDOWS\system32\oleacc.dll - ok
16:58:28.0625 4020  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
16:58:28.0625 4020  C:\WINDOWS\system32\wlnotify.dll - ok
16:58:28.0625 4020  [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
16:58:28.0625 4020  C:\WINDOWS\system32\xmlprovi.dll - ok
16:58:28.0625 4020  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
16:58:28.0625 4020  C:\WINDOWS\system32\comres.dll - ok
16:58:28.0640 4020  [ DC095DB6D468CB5B653E05F865487E57 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
16:58:28.0640 4020  C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok
16:58:28.0640 4020  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
16:58:28.0640 4020  C:\WINDOWS\system32\cryptsvc.dll - ok
16:58:28.0656 4020  [ 2CA3BDA4EDB557F8426EE46650D2C441 ] C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
16:58:28.0656 4020  C:\Program Files\Intel\Wireless\Bin\Libeay32.dll - ok
16:58:28.0656 4020  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
16:58:28.0656 4020  C:\WINDOWS\system32\comsvcs.dll - ok
16:58:28.0671 4020  [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
16:58:28.0671 4020  C:\WINDOWS\system32\mfc42.dll - ok
16:58:28.0671 4020  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
16:58:28.0671 4020  C:\WINDOWS\system32\netcfgx.dll - ok
16:58:28.0671 4020  [ 1B05DCC75FBB903A17E3E0DDAEA8D508 ] C:\WINDOWS\system32\odbcjt32.dll
16:58:28.0671 4020  C:\WINDOWS\system32\odbcjt32.dll - ok
16:58:28.0687 4020  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
16:58:28.0687 4020  C:\WINDOWS\system32\rastls.dll - ok
16:58:28.0687 4020  [ 9E70016C950B1F8FDEAA6F067E2E25A8 ] C:\WINDOWS\system32\msjet40.dll
16:58:28.0687 4020  C:\WINDOWS\system32\msjet40.dll - ok
16:58:28.0703 4020  [ AFDC647D16B285B9AE6140335B3B3255 ] C:\WINDOWS\system32\mswstr10.dll
16:58:28.0703 4020  C:\WINDOWS\system32\mswstr10.dll - ok
16:58:28.0703 4020  [ 142CEDECAE89E372EE347681C3FBB257 ] C:\Program Files\Common Files\System\msadc\msadce.dll
16:58:28.0703 4020  C:\Program Files\Common Files\System\msadc\msadce.dll - ok
16:58:28.0718 4020  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
16:58:28.0718 4020  C:\WINDOWS\system32\logonui.exe - ok
16:58:28.0718 4020  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
16:58:28.0718 4020  C:\WINDOWS\system32\duser.dll - ok
16:58:28.0718 4020  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
16:58:28.0718 4020  C:\WINDOWS\system32\wzcsvc.dll - ok
16:58:28.0734 4020  [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
16:58:28.0734 4020  C:\WINDOWS\system32\WgaLogon.dll - ok
16:58:28.0734 4020  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
16:58:28.0734 4020  C:\WINDOWS\system32\esent.dll - ok
16:58:28.0750 4020  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
16:58:28.0750 4020  C:\WINDOWS\system32\msxml3.dll - ok
16:58:28.0750 4020  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
16:58:28.0750 4020  C:\WINDOWS\system32\activeds.dll - ok
16:58:28.0750 4020  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
16:58:28.0750 4020  C:\WINDOWS\system32\mprapi.dll - ok
16:58:28.0765 4020  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
16:58:28.0765 4020  C:\WINDOWS\system32\adsldpc.dll - ok
16:58:28.0765 4020  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
16:58:28.0765 4020  C:\WINDOWS\system32\rasapi32.dll - ok
16:58:28.0781 4020  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
16:58:28.0781 4020  C:\WINDOWS\system32\tapi32.dll - ok
16:58:28.0781 4020  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
16:58:28.0781 4020  C:\WINDOWS\system32\riched20.dll - ok
16:58:28.0781 4020  [ F9EE3ACF6B372B7717F397402443C436 ] C:\Program Files\HPQ\IAM\Bin\ItMsg.dll
16:58:28.0781 4020  C:\Program Files\HPQ\IAM\Bin\ItMsg.dll - ok
16:58:28.0796 4020  [ A645EC9D53098AA22F154C7484CE46FD ] C:\Program Files\HPQ\IAM\Bin\TrayIcon.dll
16:58:28.0796 4020  C:\Program Files\HPQ\IAM\Bin\TrayIcon.dll - ok
16:58:28.0796 4020  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
16:58:28.0796 4020  C:\WINDOWS\system32\raschap.dll - ok
16:58:28.0812 4020  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
16:58:28.0812 4020  C:\WINDOWS\system32\schedsvc.dll - ok
16:58:28.0812 4020  [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
16:58:28.0812 4020  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
16:58:28.0828 4020  [ A60B76C73DDEACF7CE5FFAAAFC6136DF ] C:\Program Files\HPQ\IAM\Bin\HPBrand.dll
16:58:28.0828 4020  C:\Program Files\HPQ\IAM\Bin\HPBrand.dll - ok
16:58:28.0828 4020  [ 31E6A08C6DFB167E15F53B12E57F3F52 ] C:\WINDOWS\system32\msdtctm.dll
16:58:28.0828 4020  C:\WINDOWS\system32\msdtctm.dll - ok
16:58:28.0843 4020  [ 86D007E7A654B9A71D1D7D856B104353 ] C:\WINDOWS\system32\scardsvr.exe
16:58:28.0843 4020  C:\WINDOWS\system32\scardsvr.exe - ok
16:58:28.0843 4020  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
16:58:28.0843 4020  C:\WINDOWS\system32\wkssvc.dll - ok
16:58:28.0843 4020  [ 92E1A82CA4B048D1D970CBEA1A097F6E ] C:\WINDOWS\system32\msdtcprx.dll
16:58:28.0843 4020  C:\WINDOWS\system32\msdtcprx.dll - ok
16:58:28.0859 4020  [ D3667D69448D0E32C87E8DEC541E183F ] C:\Program Files\HPQ\IAM\Bin\BioAuth.dll
16:58:28.0859 4020  C:\Program Files\HPQ\IAM\Bin\BioAuth.dll - ok
16:58:28.0859 4020  [ B0FA616BCE7BD1E9CCB29008FD9E221B ] C:\Program Files\HPQ\IAM\Bin\ittal.dll
16:58:28.0859 4020  C:\Program Files\HPQ\IAM\Bin\ittal.dll - ok
16:58:28.0875 4020  [ 8EA38BC5C5A67551AF3CE33EC593D37C ] C:\WINDOWS\system32\ATSC63.dll
16:58:28.0875 4020  C:\WINDOWS\system32\ATSC63.dll - ok
16:58:28.0875 4020  [ F6F2BFC17069EB335ACCEEF7595F9302 ] C:\WINDOWS\system32\mfc42u.dll
16:58:28.0875 4020  C:\WINDOWS\system32\mfc42u.dll - ok
16:58:28.0890 4020  [ FF257CCCA321CD2A697BB5CA38C9EC87 ] C:\WINDOWS\system32\scarddlg.dll
16:58:28.0890 4020  C:\WINDOWS\system32\scarddlg.dll - ok
16:58:28.0890 4020  [ 453A92AE9E4F650637010D8A271C1A79 ] C:\Program Files\HPQ\IAM\Bin\STEngine.dll
16:58:28.0890 4020  C:\Program Files\HPQ\IAM\Bin\STEngine.dll - ok
16:58:28.0890 4020  [ 2B8B64AA14F817BDF3E3204FB041A61D ] C:\WINDOWS\system32\mtxoci.dll
16:58:28.0890 4020  C:\WINDOWS\system32\mtxoci.dll - ok
16:58:28.0906 4020  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:58:28.0906 4020  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
16:58:28.0906 4020  [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] C:\WINDOWS\system32\mscoree.dll
16:58:28.0906 4020  C:\WINDOWS\system32\mscoree.dll - ok
16:58:28.0921 4020  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
16:58:28.0921 4020  C:\WINDOWS\system32\certcli.dll - ok
16:58:28.0921 4020  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
16:58:28.0921 4020  C:\WINDOWS\system32\netman.dll - ok
16:58:28.0937 4020  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
16:58:28.0937 4020  C:\WINDOWS\system32\netshell.dll - ok
16:58:28.0937 4020  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
16:58:28.0937 4020  C:\WINDOWS\system32\credui.dll - ok
16:58:28.0937 4020  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
16:58:28.0937 4020  C:\WINDOWS\system32\eappcfg.dll - ok
16:58:28.0953 4020  [ 1988575194189863932F73B43D9A0AD9 ] C:\WINDOWS\system32\IFXSPMGT.exe
16:58:28.0953 4020  C:\WINDOWS\system32\IFXSPMGT.exe - ok
16:58:28.0953 4020  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
16:58:28.0953 4020  C:\WINDOWS\system32\onex.dll - ok
16:58:28.0968 4020  [ 7B93C623333F121DC9E689CCB1B7A733 ] C:\WINDOWS\system32\mfc71u.dll
16:58:28.0968 4020  C:\WINDOWS\system32\mfc71u.dll - ok
16:58:28.0968 4020  [ 0287C084D9086B71A8C220E8759BD0F1 ] C:\WINDOWS\system32\IFXSPArc.dll
16:58:28.0968 4020  C:\WINDOWS\system32\IFXSPArc.dll - ok
16:58:28.0968 4020  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\msvcp71.dll
16:58:28.0968 4020  C:\WINDOWS\system32\msvcp71.dll - ok
16:58:28.0984 4020  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\msvcr71.dll
16:58:28.0984 4020  C:\WINDOWS\system32\msvcr71.dll - ok
16:58:28.0984 4020  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
16:58:28.0984 4020  C:\WINDOWS\system32\mlang.dll - ok
16:58:29.0000 4020  [ 67C2F969E5CC2E000A540D292B340B7C ] C:\WINDOWS\system32\IFXTCS.exe
16:58:29.0000 4020  C:\WINDOWS\system32\IFXTCS.exe - ok
16:58:29.0000 4020  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
16:58:29.0000 4020  C:\WINDOWS\system32\es.dll - ok
16:58:29.0000 4020  [ 9696786759C4B43FA5C894747E893EA2 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
16:58:29.0000 4020  C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
16:58:29.0015 4020  [ 2285A8A562CCC334466813D215138F69 ] C:\WINDOWS\system32\IFXTPM.dll
16:58:29.0015 4020  C:\WINDOWS\system32\IFXTPM.dll - ok
16:58:29.0015 4020  [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
16:58:29.0015 4020  C:\WINDOWS\system32\regsvc.dll - ok
16:58:29.0031 4020  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
16:58:29.0031 4020  C:\WINDOWS\system32\srvsvc.dll - ok
16:58:29.0031 4020  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Common Files\LightScribe\msvcp71.dll
16:58:29.0031 4020  C:\Program Files\Common Files\LightScribe\msvcp71.dll - ok
16:58:29.0046 4020  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Common Files\LightScribe\msvcr71.dll
16:58:29.0046 4020  C:\Program Files\Common Files\LightScribe\msvcr71.dll - ok
16:58:29.0046 4020  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
16:58:29.0046 4020  C:\WINDOWS\system32\netmsg.dll - ok
16:58:29.0046 4020  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
16:58:29.0046 4020  C:\WINDOWS\system32\ipsecsvc.dll - ok
16:58:29.0062 4020  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
16:58:29.0062 4020  C:\WINDOWS\system32\oakley.dll - ok
16:58:29.0062 4020  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
16:58:29.0062 4020  C:\WINDOWS\system32\psbase.dll - ok
16:58:29.0062 4020  [ FC4FFDE5ABBFBD95AD7564DB199E1864 ] C:\Novadigm\ManagementAgent\nvdkit.exe
16:58:29.0062 4020  C:\Novadigm\ManagementAgent\nvdkit.exe - ok
16:58:29.0078 4020  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
16:58:29.0078 4020  C:\WINDOWS\system32\dssenh.dll - ok
16:58:29.0078 4020  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
16:58:29.0078 4020  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
16:58:29.0093 4020  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] C:\Program Files\AVG\AVG2013\avgidsagent.exe
16:58:29.0093 4020  C:\Program Files\AVG\AVG2013\avgidsagent.exe - ok
16:58:29.0093 4020  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
16:58:29.0093 4020  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
16:58:29.0109 4020  [ 8C22083ED515DC94D575438662F0BE6A ] C:\WINDOWS\system32\msi.dll
16:58:29.0109 4020  C:\WINDOWS\system32\msi.dll - ok
16:58:29.0109 4020  [ F820B93E4ABCCABD698A175FD5FC83FE ] C:\Program Files\AVG\AVG2013\avgntsqlitex.dll
16:58:29.0109 4020  C:\Program Files\AVG\AVG2013\avgntsqlitex.dll - ok
16:58:29.0109 4020  [ F036DB9CF05B3C21405403FF074A78D9 ] C:\Program Files\AVG\AVG2013\avgopensslx.dll
16:58:29.0109 4020  C:\Program Files\AVG\AVG2013\avgopensslx.dll - ok
16:58:29.0125 4020  [ 9E30B21B14FB24C383AC255BDFA47E0E ] C:\Program Files\AVG\AVG2013\avgsecapix.dll
16:58:29.0125 4020  C:\Program Files\AVG\AVG2013\avgsecapix.dll - ok
16:58:29.0125 4020  [ 15FC04CAE540D481C830C66200B32153 ] C:\WINDOWS\system32\wininet.dll
16:58:29.0125 4020  C:\WINDOWS\system32\wininet.dll - ok
16:58:29.0140 4020  [ 2C9091C3350E369BBB2464AABE2FD7CA ] C:\WINDOWS\system32\ntkrnlpa.exe
16:58:29.0140 4020  C:\WINDOWS\system32\ntkrnlpa.exe - ok
16:58:29.0140 4020  [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
16:58:29.0140 4020  C:\WINDOWS\system32\dpcdll.dll - ok
16:58:29.0140 4020  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
16:58:29.0140 4020  C:\WINDOWS\system32\cryptnet.dll - ok
16:58:29.0156 4020  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
16:58:29.0156 4020  C:\WINDOWS\system32\cscui.dll - ok
16:58:29.0156 4020  [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
16:58:29.0156 4020  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
16:58:29.0171 4020  [ 9A154FF99543F90760DEDD0F9D544020 ] C:\Program Files\HPQ\IAM\Bin\ItVCard.dll
16:58:29.0171 4020  C:\Program Files\HPQ\IAM\Bin\ItVCard.dll - ok
16:58:29.0171 4020  [ 0DDA39AF8D42BDFA23FC4DD5701BAE21 ] C:\Program Files\HPQ\IAM\Bin\NetAdmin.dll
16:58:29.0171 4020  C:\Program Files\HPQ\IAM\Bin\NetAdmin.dll - ok
16:58:29.0187 4020  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
16:58:29.0187 4020  C:\WINDOWS\system32\rasdlg.dll - ok
16:58:29.0187 4020  [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\WINDOWS\system32\msxml4.dll
16:58:29.0187 4020  C:\WINDOWS\system32\msxml4.dll - ok
16:58:29.0203 4020  [ CF34EEC288A4C53E71602D5E0D65EF89 ] C:\WINDOWS\system32\msxml4r.dll
16:58:29.0203 4020  C:\WINDOWS\system32\msxml4r.dll - ok
16:58:29.0203 4020  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
16:58:29.0203 4020  C:\WINDOWS\system32\mstask.dll - ok
16:58:29.0203 4020  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
16:58:29.0203 4020  C:\WINDOWS\system32\userinit.exe - ok
16:58:29.0218 4020  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
16:58:29.0218 4020  C:\WINDOWS\explorer.exe - ok
16:58:29.0218 4020  [ 08837D3AD65B20E7D4FE5889471A8D30 ] C:\WINDOWS\system32\IfxWlxEN.dll
16:58:29.0218 4020  C:\WINDOWS\system32\IfxWlxEN.dll - ok
16:58:29.0234 4020  [ 0B9CCC1EC5DCE5636A9EC140D0059DC0 ] C:\Program Files\HPQ\IAM\Bin\ItDAC.dll
16:58:29.0234 4020  C:\Program Files\HPQ\IAM\Bin\ItDAC.dll - ok
16:58:29.0234 4020  [ 1CFDACB17E70F518CB49A318351D6790 ] C:\Program Files\HPQ\IAM\Bin\ItAuth.dll
16:58:29.0234 4020  C:\Program Files\HPQ\IAM\Bin\ItAuth.dll - ok
16:58:29.0250 4020  [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
16:58:29.0250 4020  C:\WINDOWS\system32\WgaTray.exe - ok
16:58:29.0250 4020  [ 26119BAC1F871A90992FA336F4A8A860 ] C:\Program Files\ProtectTools\Embedded Security Software\SpUpgrade.exe
16:58:29.0250 4020  C:\Program Files\ProtectTools\Embedded Security Software\SpUpgrade.exe - ok
16:58:29.0250 4020  [ F5E58BEB16304B96BCD756C475FF6CA4 ] C:\WINDOWS\system32\xenroll.dll
16:58:29.0250 4020  C:\WINDOWS\system32\xenroll.dll - ok
16:58:29.0265 4020  [ D412AC27FE3C9F8BC19741DAC0E0329D ] C:\Program Files\Real\RealUpgrade\realupgrade.exe
16:58:29.0265 4020  C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok
16:58:29.0265 4020  [ 507C4733C0411B780E55DD44172C05ED ] C:\WINDOWS\system32\browseui.dll
16:58:29.0265 4020  C:\WINDOWS\system32\browseui.dll - ok
16:58:29.0281 4020  [ D549886FAA2C5CA51CD54E7ED9C865A6 ] C:\Program Files\HPQ\IAM\Bin\PkiAdmin.dll
16:58:29.0281 4020  C:\Program Files\HPQ\IAM\Bin\PkiAdmin.dll - ok
16:58:29.0281 4020  [ E9296800685ED622132C0E1FA9241F92 ] C:\Program Files\AVG\AVG2013\avgkrnlapix.dll
16:58:29.0281 4020  C:\Program Files\AVG\AVG2013\avgkrnlapix.dll - ok
16:58:29.0296 4020  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
16:58:29.0296 4020  C:\WINDOWS\system32\winhttp.dll - ok
16:58:29.0296 4020  [ D76E8AF79674CE160D1D6525ADBD5805 ] C:\WINDOWS\system32\IfxSpMgt.dll
16:58:29.0296 4020  C:\WINDOWS\system32\IfxSpMgt.dll - ok
16:58:29.0296 4020  [ 6C69EA6A0C308A0FB81992CAC9F39C59 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\fusion.dll
16:58:29.0296 4020  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\fusion.dll - ok
16:58:29.0312 4020  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
16:58:29.0312 4020  C:\WINDOWS\system32\odbcbcp.dll - ok
16:58:29.0312 4020  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
16:58:29.0312 4020  C:\WINDOWS\system32\pdh.dll - ok
16:58:29.0328 4020  [ 31087A3B8A2CC923BE2816AD9E1E6770 ] C:\Program Files\HPQ\IAM\Bin\SSOMngr.dll
16:58:29.0328 4020  C:\Program Files\HPQ\IAM\Bin\SSOMngr.dll - ok
16:58:29.0328 4020  [ 619E608EE2B7F13C8F83B6A4487C98F0 ] C:\WINDOWS\system32\kousd.dll
16:58:29.0328 4020  C:\WINDOWS\system32\kousd.dll - ok
16:58:29.0328 4020  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
16:58:29.0328 4020  C:\WINDOWS\system32\midimap.dll - ok
16:58:29.0343 4020  [ D6E594C1380AEA116F5667E42EDAFC9D ] C:\Program Files\HPQ\IAM\Bin\Aswallet.dll
16:58:29.0343 4020  C:\Program Files\HPQ\IAM\Bin\Aswallet.dll - ok
16:58:29.0343 4020  [ 69795745770D9ED895775C9856CC6F8C ] C:\Program Files\HPQ\IAM\Bin\ItSSO.dll
16:58:29.0343 4020  C:\Program Files\HPQ\IAM\Bin\ItSSO.dll - ok
16:58:29.0359 4020  [ 88A9999CBA070C3E8049D4DF72F9D84E ] C:\Program Files\HPQ\IAM\Bin\RasAdmin.dll
16:58:29.0359 4020  C:\Program Files\HPQ\IAM\Bin\RasAdmin.dll - ok
16:58:29.0359 4020  [ 6D5003F512D843DFC21CD74A7CC9287C ] C:\Program Files\HPQ\IAM\Bin\SFSShell.dll
16:58:29.0359 4020  C:\Program Files\HPQ\IAM\Bin\SFSShell.dll - ok
16:58:29.0375 4020  [ E11457C66FDD966EE415FBBC6D9BE643 ] C:\WINDOWS\system32\msimtf.dll
16:58:29.0375 4020  C:\WINDOWS\system32\msimtf.dll - ok
16:58:29.0375 4020  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
16:58:29.0375 4020  C:\WINDOWS\system32\actxprxy.dll - ok
16:58:29.0390 4020  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
16:58:29.0390 4020  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
16:58:29.0390 4020  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
16:58:29.0390 4020  C:\WINDOWS\system32\wuapi.dll - ok
16:58:29.0390 4020  [ 132D5EFF6E74FA644EB99EBFCD3A0F57 ] C:\WINDOWS\system32\mqrt.dll
16:58:29.0390 4020  C:\WINDOWS\system32\mqrt.dll - ok
16:58:29.0406 4020  [ 10E6B9022B0A5C9C41E2DA6AEAE5D404 ] C:\WINDOWS\system32\mqtgsvc.exe
16:58:29.0406 4020  C:\WINDOWS\system32\mqtgsvc.exe - ok
16:58:29.0406 4020  [ 7E91548D064BE9A5238E19A23BADBBD4 ] C:\Program Files\HPQ\IAM\Bin\asghost.exe
16:58:29.0406 4020  C:\Program Files\HPQ\IAM\Bin\asghost.exe - ok
16:58:29.0421 4020  [ 186005D68BB8F87B2F66AFF4D2BF0C6B ] C:\WINDOWS\system32\mqtrig.dll
16:58:29.0421 4020  C:\WINDOWS\system32\mqtrig.dll - ok
16:58:29.0421 4020  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
16:58:29.0421 4020  C:\WINDOWS\system32\wbem\ncprov.dll - ok
16:58:29.0437 4020  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
16:58:29.0437 4020  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
16:58:29.0437 4020  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
16:58:29.0437 4020  C:\WINDOWS\system32\shfolder.dll - ok
16:58:29.0437 4020  [ 0E297F71CBFAA611F830407D1054DC70 ] C:\PROGRA~1\AVG\AVG2013\avgchjwx.dll
16:58:29.0437 4020  C:\PROGRA~1\AVG\AVG2013\avgchjwx.dll - ok
16:58:29.0453 4020  [ CCF775179F42797A3EE8BA5678543621 ] C:\PROGRA~1\AVG\AVG2013\avgcclix.dll
16:58:29.0453 4020  C:\PROGRA~1\AVG\AVG2013\avgcclix.dll - ok
16:58:29.0453 4020  [ 99997FA9056ACB38AA388BDA134CEF6E ] C:\Program Files\AVG\AVG2013\avgcsrvx.exe
16:58:29.0453 4020  C:\Program Files\AVG\AVG2013\avgcsrvx.exe - ok
16:58:29.0468 4020  [ 95EFDCB44DD093EDAD447F1D21C8A3F7 ] C:\Program Files\AVG\AVG2013\avgcertx.dll
16:58:29.0468 4020  C:\Program Files\AVG\AVG2013\avgcertx.dll - ok
16:58:29.0468 4020  [ 6F19639188F792BBB234B2A3FCB0C8C9 ] C:\Program Files\AVG\AVG2013\avgchclx.dll
16:58:29.0468 4020  C:\Program Files\AVG\AVG2013\avgchclx.dll - ok
16:58:29.0484 4020  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
16:58:29.0484 4020  C:\WINDOWS\system32\drivers\wmilib.sys - ok
16:58:29.0484 4020  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
16:58:29.0484 4020  C:\WINDOWS\system32\drivers\atapi.sys - ok
16:58:29.0484 4020  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
16:58:29.0484 4020  C:\WINDOWS\system32\drivers\dxapi.sys - ok
16:58:29.0500 4020  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
16:58:29.0500 4020  C:\WINDOWS\system32\watchdog.sys - ok
16:58:29.0500 4020  [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
16:58:29.0500 4020  C:\WINDOWS\system32\win32k.sys - ok
16:58:29.0515 4020  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
16:58:29.0515 4020  C:\WINDOWS\system32\drivers\dxg.sys - ok
16:58:29.0515 4020  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
16:58:29.0515 4020  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
16:58:29.0531 4020  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
16:58:29.0531 4020  C:\WINDOWS\system32\msctfime.ime - ok
16:58:29.0531 4020  [ B4869D320428CDC5EC4D7F5E808E99B5 ] C:\WINDOWS\system32\drivers\DRVNDDM.SYS
16:58:29.0531 4020  C:\WINDOWS\system32\drivers\DRVNDDM.SYS - ok
16:58:29.0546 4020  [ 628C632710AB55747CB5BCC68716BE21 ] C:\WINDOWS\system32\drivers\uxpatch.sys
16:58:29.0546 4020  C:\WINDOWS\system32\drivers\uxpatch.sys - ok
16:58:29.0546 4020  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
16:58:29.0546 4020  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
16:58:29.0546 4020  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
16:58:29.0546 4020  C:\WINDOWS\system32\winspool.drv - ok
16:58:29.0562 4020  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
16:58:29.0562 4020  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
16:58:29.0562 4020  [ EF0D2415062D0790E29CD27BC7035484 ] C:\Program Files\HPQ\IAM\Bin\ItReports.dll
16:58:29.0562 4020  C:\Program Files\HPQ\IAM\Bin\ItReports.dll - ok
16:58:29.0578 4020  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
16:58:29.0578 4020  C:\WINDOWS\system32\wdmaud.drv - ok
16:58:29.0578 4020  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
16:58:29.0578 4020  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
16:58:29.0578 4020  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
16:58:29.0578 4020  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
16:58:29.0593 4020  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
16:58:29.0593 4020  C:\WINDOWS\system32\drivers\splitter.sys - ok
16:58:29.0593 4020  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
16:58:29.0593 4020  C:\WINDOWS\system32\drivers\aec.sys - ok
16:58:29.0609 4020  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
16:58:29.0609 4020  C:\WINDOWS\system32\drivers\swmidi.sys - ok
16:58:29.0609 4020  [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\WINDOWS\system32\MFC71ENU.DLL
16:58:29.0609 4020  C:\WINDOWS\system32\MFC71ENU.DLL - ok
16:58:29.0625 4020  [ 2975C66459C426C20BC22D639DF6B611 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
16:58:29.0625 4020  C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
16:58:29.0625 4020  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
16:58:29.0625 4020  C:\WINDOWS\system32\drivers\dmusic.sys - ok
16:58:29.0640 4020  [ 254433A65913BA1B10316E4FB5E2EC6F ] C:\Program Files\HPQ\IAM\Bin\ITVCClient.dll
16:58:29.0640 4020  C:\Program Files\HPQ\IAM\Bin\ITVCClient.dll - ok
16:58:29.0640 4020  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
16:58:29.0640 4020  C:\WINDOWS\system32\drivers\srv.sys - ok
16:58:29.0640 4020  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
16:58:29.0640 4020  C:\WINDOWS\system32\drivers\kmixer.sys - ok
16:58:29.0656 4020  [ EEE50BF24CAEEDB515A8F3B22756D3BB ] C:\WINDOWS\system32\drivers\mqac.sys
16:58:29.0656 4020  C:\WINDOWS\system32\drivers\mqac.sys - ok
16:58:29.0656 4020  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
16:58:29.0656 4020  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
16:58:29.0671 4020  [ 12517C9BB249B072A3179C786A0DD32F ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
16:58:29.0671 4020  C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
16:58:29.0671 4020  [ 2705BD86D5A1FA46755BCC48C5BE0F18 ] C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
16:58:29.0671 4020  C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE - ok
16:58:29.0687 4020  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
16:58:29.0687 4020  C:\WINDOWS\system32\msacm32.drv - ok
16:58:29.0687 4020  [ 7D5A8BD7548FB8EE039F3F3B45B1FCC8 ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
16:58:29.0687 4020  C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
16:58:29.0703 4020  [ CC26451A90025F6C55F64146C333DEA5 ] C:\WINDOWS\system32\LegitCheckControl.dll
16:58:29.0703 4020  C:\WINDOWS\system32\LegitCheckControl.dll - ok
16:58:29.0703 4020  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
16:58:29.0703 4020  C:\WINDOWS\system32\desk.cpl - ok
16:58:29.0703 4020  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
16:58:29.0703 4020  C:\WINDOWS\system32\themeui.dll - ok
16:58:29.0718 4020  [ 96F7A9A7BF0C9C0440A967440065D33C ] C:\WINDOWS\system32\drivers\rmcast.sys
16:58:29.0718 4020  C:\WINDOWS\system32\drivers\rmcast.sys - ok
16:58:29.0718 4020  [ 6684437F3628EF237C354F77D33426D1 ] C:\WINDOWS\system32\rpcnet.exe
16:58:29.0718 4020  C:\WINDOWS\system32\rpcnet.exe - ok
16:58:29.0734 4020  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
16:58:29.0734 4020  C:\WINDOWS\system32\cmd.exe - ok
16:58:29.0734 4020  [ 11D2208DC9F65F704751862ED048AC04 ] C:\WINDOWS\system32\rpcnet.dll
16:58:29.0734 4020  C:\WINDOWS\system32\rpcnet.dll - ok
16:58:29.0734 4020  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
16:58:29.0734 4020  C:\WINDOWS\system32\seclogon.dll - ok
16:58:29.0750 4020  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
16:58:29.0750 4020  C:\WINDOWS\system32\sens.dll - ok
16:58:29.0750 4020  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
16:58:29.0750 4020  C:\WINDOWS\system32\srsvc.dll - ok
16:58:29.0765 4020  [ ABC9002269E569538901109441660DD2 ] C:\WINDOWS\system32\conime.exe
16:58:29.0765 4020  C:\WINDOWS\system32\conime.exe - ok
16:58:29.0765 4020  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
16:58:29.0765 4020  C:\WINDOWS\system32\trkwks.dll - ok
16:58:29.0765 4020  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
16:58:29.0765 4020  C:\WINDOWS\system32\wiaservc.dll - ok
16:58:29.0781 4020  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
16:58:29.0781 4020  C:\WINDOWS\system32\cfgmgr32.dll - ok
16:58:29.0781 4020  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:58:29.0781 4020  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe - ok
16:58:29.0796 4020  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
16:58:29.0796 4020  C:\WINDOWS\system32\mscms.dll - ok
16:58:29.0796 4020  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
16:58:29.0796 4020  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
16:58:29.0796 4020  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
16:58:29.0796 4020  C:\WINDOWS\system32\vssapi.dll - ok
16:58:29.0812 4020  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
16:58:29.0812 4020  C:\WINDOWS\system32\wuauserv.dll - ok
16:58:29.0812 4020  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
16:58:29.0812 4020  C:\WINDOWS\system32\wuaueng.dll - ok
16:58:29.0828 4020  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
16:58:29.0828 4020  C:\WINDOWS\system32\cabinet.dll - ok
16:58:29.0828 4020  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
16:58:29.0828 4020  C:\WINDOWS\system32\mspatcha.dll - ok
16:58:29.0828 4020  [ 04C1DCBB226C6AE647B794833CE3CEB6 ] C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
16:58:29.0828 4020  C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe - ok
16:58:29.0843 4020  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
16:58:29.0843 4020  C:\WINDOWS\system32\browser.dll - ok
16:58:29.0843 4020  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
16:58:29.0843 4020  C:\WINDOWS\system32\wups.dll - ok
16:58:29.0859 4020  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
16:58:29.0859 4020  C:\WINDOWS\system32\wups2.dll - ok
16:58:29.0859 4020  [ E9B5F354AE80325283FD5C1C05217B01 ] C:\WINDOWS\system32\mqsvc.exe
16:58:29.0859 4020  C:\WINDOWS\system32\mqsvc.exe - ok
16:58:29.0859 4020  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
16:58:29.0859 4020  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
16:58:29.0875 4020  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
16:58:29.0875 4020  C:\WINDOWS\system32\wbem\esscli.dll - ok
16:58:29.0875 4020  [ DEE675F3DBA03900DFBA174BCF981130 ] C:\WINDOWS\system32\mqqm.dll
16:58:29.0875 4020  C:\WINDOWS\system32\mqqm.dll - ok
16:58:29.0890 4020  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
16:58:29.0890 4020  C:\WINDOWS\system32\wbem\fastprox.dll - ok
16:58:29.0890 4020  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
16:58:29.0890 4020  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
16:58:29.0906 4020  [ AD4D987E49E27180954F5FB31FF5D2DC ] C:\WINDOWS\system32\mqutil.dll
16:58:29.0906 4020  C:\WINDOWS\system32\mqutil.dll - ok
16:58:29.0906 4020  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
16:58:29.0906 4020  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
16:58:29.0921 4020  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\6E03D093-5E4F-47E5-A911-E7A8DF001E88.exe
16:58:29.0921 4020  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\6E03D093-5E4F-47E5-A911-E7A8DF001E88.exe - ok
16:58:29.0921 4020  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
16:58:29.0921 4020  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
16:58:29.0921 4020  [ 7DBCAD793A31B4B144F8E948157564A5 ] C:\WINDOWS\system32\mqsec.dll
16:58:29.0921 4020  C:\WINDOWS\system32\mqsec.dll - ok
16:58:29.0937 4020  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
16:58:29.0937 4020  C:\WINDOWS\system32\security.dll - ok
16:58:29.0937 4020  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
16:58:29.0937 4020  C:\WINDOWS\system32\wuauclt.exe - ok
16:58:29.0953 4020  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
16:58:29.0953 4020  C:\WINDOWS\system32\ipnathlp.dll - ok
16:58:29.0953 4020  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
16:58:29.0953 4020  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
16:58:29.0968 4020  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
16:58:29.0968 4020  C:\WINDOWS\system32\wscsvc.dll - ok
16:58:29.0968 4020  [ B37D6067174291AA8EADE3F94A03CBFF ] C:\WINDOWS\system32\mqlogmgr.dll
16:58:29.0968 4020  C:\WINDOWS\system32\mqlogmgr.dll - ok
16:58:29.0968 4020  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
16:58:29.0968 4020  C:\WINDOWS\system32\wbem\wbemess.dll - ok
16:58:29.0984 4020  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\BFB2CE12-A1BE-4C59-9F90-2B15177A2AB2.exe
16:58:29.0984 4020  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\BFB2CE12-A1BE-4C59-9F90-2B15177A2AB2.exe - ok
16:58:29.0984 4020  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
16:58:29.0984 4020  C:\WINDOWS\system32\msutb.dll - ok
16:58:30.0000 4020  [ C3223B87062191A9DABEBF20ADCBE5E6 ] C:\Program Files\HPQ\IAM\Bin\AuthWiz.dll
16:58:30.0000 4020  C:\Program Files\HPQ\IAM\Bin\AuthWiz.dll - ok
16:58:30.0000 4020  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
16:58:30.0000 4020  C:\WINDOWS\system32\ntshrui.dll - ok
16:58:30.0015 4020  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\37401109.sys
16:58:30.0015 4020  C:\WINDOWS\system32\drivers\37401109.sys - ok
16:58:30.0015 4020  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
16:58:30.0015 4020  C:\WINDOWS\system32\termsrv.dll - ok
16:58:30.0031 4020  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
16:58:30.0031 4020  C:\WINDOWS\system32\icaapi.dll - ok
16:58:30.0031 4020  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
16:58:30.0031 4020  C:\WINDOWS\system32\spoolss.dll - ok
16:58:30.0031 4020  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
16:58:30.0031 4020  C:\WINDOWS\system32\mstlsapi.dll - ok
16:58:30.0046 4020  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
16:58:30.0046 4020  C:\WINDOWS\system32\localspl.dll - ok
16:58:30.0046 4020  [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
16:58:30.0046 4020  C:\WINDOWS\system32\verclsid.exe - ok
16:58:30.0062 4020  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
16:58:30.0062 4020  C:\WINDOWS\system32\alg.exe - ok
16:58:30.0062 4020  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
16:58:30.0062 4020  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
16:58:30.0062 4020  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
16:58:30.0062 4020  C:\WINDOWS\system32\cnbjmon.dll - ok
16:58:30.0078 4020  [ A246F118B3247C456DC68C5B7D929E75 ] C:\WINDOWS\system32\HPBMMON.DLL
16:58:30.0078 4020  C:\WINDOWS\system32\HPBMMON.DLL - ok
16:58:30.0078 4020  [ AAE2820726FF1346B501610CC56A9D9C ] C:\WINDOWS\system32\HPDOMON.DLL
16:58:30.0078 4020  C:\WINDOWS\system32\HPDOMON.DLL - ok
16:58:30.0093 4020  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
16:58:30.0093 4020  C:\WINDOWS\system32\pjlmon.dll - ok
16:58:30.0093 4020  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
16:58:30.0093 4020  C:\WINDOWS\system32\usbmon.dll - ok
16:58:30.0093 4020  [ C51A3D62B0F81897EB0CEF4E47392CB8 ] C:\WINDOWS\system32\HPBHEALR.DLL
16:58:30.0093 4020  C:\WINDOWS\system32\HPBHEALR.DLL - ok
16:58:30.0109 4020  [ E8A156FA1E600EE18B02B3EB96033AB0 ] C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
16:58:30.0109 4020  C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe - ok
16:58:30.0109 4020  [ 65195F21E201B9A6B09F975844751D17 ] C:\WINDOWS\system32\IFXTSP.dll
16:58:30.0109 4020  C:\WINDOWS\system32\IFXTSP.dll - ok
16:58:30.0125 4020  [ 82ECF86448F825546A7A377EB15DCE9F ] C:\WINDOWS\system32\HPMPMW.DLL
16:58:30.0125 4020  C:\WINDOWS\system32\HPMPMW.DLL - ok
16:58:30.0125 4020  [ 8F2097E8B174F38178570C611464935F ] C:\WINDOWS\system32\atl71.dll
16:58:30.0125 4020  C:\WINDOWS\system32\atl71.dll - ok
16:58:30.0125 4020  [ A113AF42DF92608DB8AD6329B31C0820 ] C:\WINDOWS\system32\HPMystPM.DLL
16:58:30.0125 4020  C:\WINDOWS\system32\HPMystPM.DLL - ok
16:58:30.0140 4020  [ FB44C8568224451A43B745C39C182406 ] C:\WINDOWS\system32\hpzsnt07.dll
16:58:30.0140 4020  C:\WINDOWS\system32\hpzsnt07.dll - ok
16:58:30.0140 4020  [ CA7A16E555E541CF7D0E58A158A656D9 ] C:\WINDOWS\system32\IFXTCSps.dll
16:58:30.0140 4020  C:\WINDOWS\system32\IFXTCSps.dll - ok
16:58:30.0156 4020  [ 1E17A715C193A0F887B31C40E49034E9 ] C:\Program Files\ProtectTools\Embedded Security Software\PSDrtUS.dll
16:58:30.0156 4020  C:\Program Files\ProtectTools\Embedded Security Software\PSDrtUS.dll - ok
16:58:30.0156 4020  [ 317E31E327A656E83262C5DE6BB5BF5E ] C:\Program Files\ProtectTools\Embedded Security Software\Psd.dll
16:58:30.0156 4020  C:\Program Files\ProtectTools\Embedded Security Software\Psd.dll - ok
16:58:30.0171 4020  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
16:58:30.0171 4020  C:\WINDOWS\system32\tcpmon.dll - ok
16:58:30.0171 4020  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
16:58:30.0171 4020  C:\WINDOWS\system32\linkinfo.dll - ok
16:58:30.0171 4020  [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
16:58:30.0171 4020  C:\WINDOWS\system32\licwmi.dll - ok
16:58:30.0187 4020  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
16:58:30.0187 4020  C:\WINDOWS\system32\wbem\framedyn.dll - ok
16:58:30.0187 4020  [ B9118DEF91E720999C6B8E6A719F7D44 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp35z.dll
16:58:30.0187 4020  C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp35z.dll - ok
16:58:30.0203 4020  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
16:58:30.0203 4020  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
16:58:30.0203 4020  [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
16:58:30.0203 4020  C:\WINDOWS\system32\licdll.dll - ok
16:58:30.0218 4020  [ 2726EC7E80DFF9F869484E1528739830 ] C:\WINDOWS\system32\IFXTPMCP.dll
16:58:30.0218 4020  C:\WINDOWS\system32\IFXTPMCP.dll - ok
16:58:30.0218 4020  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
16:58:30.0218 4020  C:\WINDOWS\system32\upnp.dll - ok
16:58:30.0234 4020  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
16:58:30.0234 4020  C:\WINDOWS\system32\win32spl.dll - ok
16:58:30.0234 4020  [ 2AFBD2C185863109EB1F2FF5DEB1F140 ] C:\Program Files\ProtectTools\Embedded Security Software\IfxSpURsUS.dll
16:58:30.0234 4020  C:\Program Files\ProtectTools\Embedded Security Software\IfxSpURsUS.dll - ok
16:58:30.0234 4020  [ FBDB9D0935B9907B809B381FDDF1627F ] C:\WINDOWS\system32\regsvr32.exe
16:58:30.0234 4020  C:\WINDOWS\system32\regsvr32.exe - ok
16:58:30.0250 4020  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
16:58:30.0250 4020  C:\WINDOWS\system32\netrap.dll - ok
16:58:30.0250 4020  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
16:58:30.0250 4020  C:\WINDOWS\system32\ssdpapi.dll - ok
16:58:30.0265 4020  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
16:58:30.0265 4020  C:\WINDOWS\system32\inetpp.dll - ok
16:58:30.0265 4020  [ 81A5A2CA780340784969D2EDCAB0800F ] C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
16:58:30.0265 4020  C:\Program Files\Analog Devices\SoundMAX\SMax4.exe - ok
16:58:30.0265 4020  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
16:58:30.0265 4020  C:\WINDOWS\system32\rasmans.dll - ok
16:58:30.0281 4020  [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
16:58:30.0281 4020  C:\WINDOWS\system32\drivers\http.sys - ok
16:58:30.0281 4020  [ E535E0A413655208D7180154150881C6 ] C:\WINDOWS\system32\webcheck.dll
16:58:30.0281 4020  C:\WINDOWS\system32\webcheck.dll - ok
16:58:30.0296 4020  [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
16:58:30.0296 4020  C:\WINDOWS\system32\ssdpsrv.dll - ok
16:58:30.0296 4020  [ DB81B078A7A8CA80C5AA8554CEE66694 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
16:58:30.0296 4020  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
16:58:30.0312 4020  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
16:58:30.0312 4020  C:\WINDOWS\system32\imapi.exe - ok
16:58:30.0312 4020  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
16:58:30.0312 4020  C:\WINDOWS\system32\stobject.dll - ok
16:58:30.0312 4020  [ 8A6B0D4C528ED7A79938A42260CF49FA ] C:\WINDOWS\system32\SynCOM.dll
16:58:30.0312 4020  C:\WINDOWS\system32\SynCOM.dll - ok
16:58:30.0328 4020  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
16:58:30.0328 4020  C:\WINDOWS\system32\batmeter.dll - ok
16:58:30.0328 4020  [ 2F2399327DE0FF381AB4ECF59E17B61F ] C:\WINDOWS\system32\SynTPAPI.dll
16:58:30.0328 4020  C:\WINDOWS\system32\SynTPAPI.dll - ok
16:58:30.0328 4020  [ A670FB8105D90C0687D43EB14259BDFE ] C:\Program Files\ProtectTools\Embedded Security Software\IfxTrsMs.dll
16:58:30.0328 4020  C:\Program Files\ProtectTools\Embedded Security Software\IfxTrsMs.dll - ok
16:58:30.0343 4020  [ 4701DB05F3D9F115C2EAB9F14DDB13FC ] C:\Program Files\ProtectTools\Embedded Security Software\IFXTRsUS.dll
16:58:30.0343 4020  C:\Program Files\ProtectTools\Embedded Security Software\IFXTRsUS.dll - ok
16:58:30.0343 4020  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
16:58:30.0343 4020  C:\WINDOWS\system32\tapisrv.dll - ok
16:58:30.0359 4020  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
16:58:30.0359 4020  C:\WINDOWS\system32\rastapi.dll - ok
16:58:30.0359 4020  [ 30E88ECA3D5D0B75E954E18181B9E6E5 ] C:\WINDOWS\system32\capicom.dll
16:58:30.0359 4020  C:\WINDOWS\system32\capicom.dll - ok
16:58:30.0375 4020  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
16:58:30.0375 4020  C:\WINDOWS\system32\unimdm.tsp - ok
16:58:30.0375 4020  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
16:58:30.0375 4020  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
16:58:30.0375 4020  [ 4D8B6AFE50BAE7BD301967BB38675221 ] C:\WINDOWS\system32\mssign32.dll
16:58:30.0375 4020  C:\WINDOWS\system32\mssign32.dll - ok
16:58:30.0390 4020  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
16:58:30.0390 4020  C:\WINDOWS\system32\uniplat.dll - ok
16:58:30.0390 4020  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
16:58:30.0390 4020  C:\WINDOWS\system32\msxml6.dll - ok
16:58:30.0406 4020  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
16:58:30.0406 4020  C:\WINDOWS\system32\mydocs.dll - ok
16:58:30.0406 4020  [ 29807914A72BD208DB979A64F94EADC0 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
16:58:30.0406 4020  C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe - ok
16:58:30.0406 4020  [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
16:58:30.0406 4020  C:\WINDOWS\system32\unimdmat.dll - ok
16:58:30.0421 4020  [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
16:58:30.0421 4020  C:\WINDOWS\system32\modemui.dll - ok
16:58:30.0421 4020  [ B6CB667FB41D3DABF3E2E620FFD4B73F ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll
16:58:30.0421 4020  C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll - ok
16:58:30.0437 4020  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
16:58:30.0437 4020  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
16:58:30.0437 4020  [ D80E50A8575723C1B56E2D8CAC814256 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqExec.dll
16:58:30.0437 4020  C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqExec.dll - ok
16:58:30.0453 4020  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
16:58:30.0453 4020  C:\WINDOWS\system32\kmddsp.tsp - ok
16:58:30.0453 4020  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
16:58:30.0453 4020  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
16:58:30.0453 4020  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
16:58:30.0453 4020  C:\WINDOWS\system32\ndptsp.tsp - ok
16:58:30.0468 4020  [ 03C9FAD0EA8572CAF0547A8DCD392EDB ] C:\Program Files\HPQ\Default Settings\Cpqset.exe
16:58:30.0468 4020  C:\Program Files\HPQ\Default Settings\Cpqset.exe - ok
16:58:30.0468 4020  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
16:58:30.0468 4020  C:\WINDOWS\system32\ipconf.tsp - ok
16:58:30.0484 4020  [ EF7F8D837998221691F9706F0DCDA7F4 ] C:\WINDOWS\SMINST\Recguard.exe
16:58:30.0484 4020  C:\WINDOWS\SMINST\Recguard.exe - ok
16:58:30.0484 4020  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
16:58:30.0484 4020  C:\WINDOWS\system32\h323.tsp - ok
16:58:30.0484 4020  [ DD561F978820B036473E45C3EE9D36CB ] C:\WINDOWS\CREATOR\Remind_XP.exe
16:58:30.0484 4020  C:\WINDOWS\CREATOR\Remind_XP.exe - ok
16:58:30.0500 4020  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
16:58:30.0500 4020  C:\WINDOWS\system32\hidphone.tsp - ok
16:58:30.0500 4020  ============================================================
16:58:30.0500 4020  Scan finished
16:58:30.0500 4020  ============================================================
16:58:30.0515 4012  Detected object count: 0
16:58:30.0515 4012  Actual detected object count: 0

 

Here's the aswMBR log

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-08 17:07:12
-----------------------------
17:07:12.187    OS Version: Windows 5.1.2600 Service Pack 3
17:07:12.187    Number of processors: 2 586 0xF06
17:07:12.187    ComputerName: MEGAN  UserName:
17:07:13.421    Initialize success
17:07:24.218    AVAST engine download error: 0
17:07:36.609    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:07:36.625    Disk 0 Vendor: FUJITSU_MHV2060BH_PL 892C Size: 57241MB BusType: 3
17:07:36.656    Disk 0 MBR read successfully
17:07:36.671    Disk 0 MBR scan
17:07:36.671    Disk 0 unknown MBR code
17:07:36.687    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        51819 MB offset 63
17:07:36.718    Disk 0 Partition 2 00     0C    FAT32 LBA RECOVERY     5418 MB offset 106127343
17:07:36.734    Disk 0 scanning sectors +117225360
17:07:36.812    Disk 0 scanning C:\WINDOWS\system32\drivers
17:07:44.546    Service scanning
17:08:02.609    Modules scanning
17:08:08.671    Disk 0 trace - called modules:
17:08:08.687    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
17:08:08.687    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86ed3ab8]
17:08:08.687    3 CLASSPNP.SYS[f75e7fd7] -> nt!IofCallDriver -> \Device\00000093[0x86eb6968]
17:08:08.687    5 ACPI.sys[f7402620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86f1f940]
17:08:08.687    Scan finished successfully
17:08:31.703    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
17:08:31.734    The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"

 

Also, I could not run ESET OnlineScan; I get the message "Can not get updated. Is proxy configured?" so I checked my settings in Firefox and there are no proxy settings at all.

 


 


Edited by jitomate, 08 March 2013 - 08:39 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:46 PM

Posted 08 March 2013 - 08:41 PM

Try to run ESET online scanner from safemode with networking

 

Please run all these scans in normal mode

 

 

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.
 

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily or permit them to allow the changes.



  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this .
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------



  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.
 

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------
 

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------
 

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:
 


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------
 

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
 

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

Edited by narenxp, 08 March 2013 - 08:42 PM.


#5 jitomate

jitomate
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 08 March 2013 - 09:43 PM

MiniToolBox log

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Administrator (administrator) on 08-03-2013 at 17:52:25
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

 
127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : megan

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : domain_not_set.invalid



Ethernet adapter Local Area Connection:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet

        Physical Address. . . . . . . . . : 00-17-08-46-B5-82



Ethernet adapter Wireless Network Connection:



        Connection-specific DNS Suffix  . : domain_not_set.invalid

        Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection

        Physical Address. . . . . . . . . : 00-18-DE-BD-D3-A2

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.111

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 192.168.0.1

        Lease Obtained. . . . . . . . . . : Friday, March 08, 2013 4:55:40 PM

        Lease Expires . . . . . . . . . . : Saturday, March 09, 2013 4:55:40 PM

Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  74.125.227.78, 74.125.227.64, 74.125.227.65, 74.125.227.66
      74.125.227.67, 74.125.227.68, 74.125.227.69, 74.125.227.70, 74.125.227.71
      74.125.227.72, 74.125.227.73



Pinging google.com [74.125.227.6] with 32 bytes of data:



Reply from 74.125.227.6: bytes=32 time=56ms TTL=51

Reply from 74.125.227.6: bytes=32 time=65ms TTL=51



Ping statistics for 74.125.227.6:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 56ms, Maximum = 65ms, Average = 60ms

Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=371ms TTL=48

Reply from 98.138.253.109: bytes=32 time=408ms TTL=48



Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 371ms, Maximum = 408ms, Average = 389ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 17 08 46 b5 82 ...... Broadcom NetLink ™ Gigabit Ethernet - Packet Scheduler Miniport
0x3 ...00 18 de bd d3 a2 ...... Intel® PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.111      25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.1.0    255.255.255.0    192.168.1.111   192.168.1.111      25
    192.168.1.111  255.255.255.255        127.0.0.1       127.0.0.1      25
    192.168.1.255  255.255.255.255    192.168.1.111   192.168.1.111      25
        224.0.0.0        240.0.0.0    192.168.1.111   192.168.1.111      25
  255.255.255.255  255.255.255.255    192.168.1.111               2      1
  255.255.255.255  255.255.255.255    192.168.1.111   192.168.1.111      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/08/2013 01:00:51 PM) (Source: Application Hang) (User: )
Description: Hanging application PTHost.exe, version 2.0.3.3, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/08/2013 10:35:15 AM) (Source: Application Error) (User: )
Description: Faulting application update.exe, version 0.0.0.0, faulting module update.exe, version 0.0.0.0, fault address 0x0006bd41.
Processing media-specific event for [update.exe!ws!]

Error: (03/07/2013 04:09:54 PM) (Source: Application Error) (User: )
Description: Faulting application update.exe, version 0.0.0.0, faulting module update.exe, version 0.0.0.0, fault address 0x0006bd41.
Processing media-specific event for [update.exe!ws!]

Error: (03/06/2013 05:34:54 PM) (Source: Application Error) (User: )
Description: Faulting application update.exe, version 0.0.0.0, faulting module update.exe, version 0.0.0.0, fault address 0x0006bd41.
Processing media-specific event for [update.exe!ws!]

Error: (03/06/2013 05:33:11 PM) (Source: ESENT) (User: )
Description: svchost (1588) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (03/06/2013 05:33:10 PM) (Source: ESENT) (User: )
Description: svchost (1588) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (03/06/2013 05:33:08 PM) (Source: ESENT) (User: )
Description: svchost (1588) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (03/06/2013 05:33:07 PM) (Source: ESENT) (User: )
Description: svchost (1588) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (03/06/2013 05:33:02 PM) (Source: ESENT) (User: )
Description: svchost (1588) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (03/05/2013 09:37:29 PM) (Source: Application Error) (User: )
Description: Faulting application update.exe, version 0.0.0.0, faulting module update.exe, version 0.0.0.0, fault address 0x0006bd41.
Processing media-specific event for [update.exe!ws!]


System errors:
=============
Error: (03/08/2013 04:56:14 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AliIde
iaStor
PCIIde
ViaIde

Error: (03/08/2013 04:56:14 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (03/08/2013 04:55:50 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (03/08/2013 03:53:18 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (03/08/2013 03:53:18 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (03/08/2013 01:27:10 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (03/08/2013 01:27:05 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (03/08/2013 01:27:05 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (03/08/2013 01:20:46 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/08/2013 10:36:55 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0xd0000005: Security Update for Windows XP (KB975558).


Microsoft Office Sessions:
=========================
Error: (03/08/2013 01:00:51 PM) (Source: Application Hang)(User: )
Description: PTHost.exe2.0.3.3hungapp0.0.0.000000000

Error: (03/08/2013 10:35:15 AM) (Source: Application Error)(User: )
Description: update.exe0.0.0.0update.exe0.0.0.00006bd41

Error: (03/07/2013 04:09:54 PM) (Source: Application Error)(User: )
Description: update.exe0.0.0.0update.exe0.0.0.00006bd41

Error: (03/06/2013 05:34:54 PM) (Source: Application Error)(User: )
Description: update.exe0.0.0.0update.exe0.0.0.00006bd41

Error: (03/06/2013 05:33:11 PM) (Source: ESENT)(User: )
Description: svchost1588C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (03/06/2013 05:33:10 PM) (Source: ESENT)(User: )
Description: svchost1588C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (03/06/2013 05:33:08 PM) (Source: ESENT)(User: )
Description: svchost1588C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (03/06/2013 05:33:07 PM) (Source: ESENT)(User: )
Description: svchost1588C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (03/06/2013 05:33:02 PM) (Source: ESENT)(User: )
Description: svchost1588C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (03/05/2013 09:37:29 PM) (Source: Application Error)(User: )
Description: update.exe0.0.0.0update.exe0.0.0.00006bd41


=========================== Installed Programs ============================

Adobe After Effects CS4 (Version: 9)
Adobe After Effects CS4 Presets (Version: 9)
Adobe After Effects CS4 Third Party Content (Version: 9)
Adobe AIR (Version: 1.1.0.5790)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color Video Profiles AE CS4 (Version: 2.0)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Dynamiclink Support (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 11 Plugin (Version: 11.6.602.171)
Adobe Fonts All (Version: 2.0)
Adobe Media Encoder CS4 (Version: 1.0)
Adobe Media Encoder CS4 Additional Exporter (Version: 1.0)
Adobe Media Encoder CS4 Exporter (Version: 1.0)
Adobe MotionPicture Color Files CS4 (Version: 2.0)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Reader 7.0.5 (Version: 7.0.5)
Adobe Setup (Version: 2.0)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
Agere Systems HDA Modem
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Application Installer 4.00.B5 (Version: 4.00.B5)
Audacity 1.3.14 (Unicode)
AVG 2013 (Version: 13.0.2641)
AVG 2013 (Version: 13.0.2904)
AVG 2013 (Version: 2013.0.2904)
Broadcom NetXtreme Ethernet Controller (Version: 8.22.12)
CCleaner (Version: 3.24)
Fingerprint Sensor Minimum Install (Version: 6.5.1.4)
FL Studio 10
GIMP 2.6.11 (Version: 2.6.11)
Google Toolbar for Internet Explorer
Google Update Helper (Version: 1.3.21.135)
HP Backup & Recovery Manager Pre-Load Module (Version: 1.2.5C9)
HP Backup and Recovery Manager Installer (Version: 2.1Z)
HP BIOS Configuration for ProtectTools 2.00 E1 (Version: 2.00 E1)
HP Credential Manager for ProtectTools (Version: 1.5.0.631.36.F)
HP Embedded Security for ProtectTools (Version: 4.5)
HP Help and Support (Version: 4.2.0009)
HP Memories Disc (Version: 1.0.4.805)
HP Notebook Accessories Product Tour (Version: 11.00.0000)
HP Photo and Imaging 1.0 - Scanjet 2300c Series (Version: 1.00.0000)
HP ProtectTools Security Manager 2.00 C3 (Version: 2.00 C3)
HP Quick Launch Buttons 6.00 H1 (Version: 6.00 H1)
HP Smart Card Security for ProtectTools 5.00 D4 (Version: 5.00 D4)
HP Software Update (Version: 3.0.7.014)
HP Support Phone Numbers (Version: 1.00.0002)
HP User Guides 0015 (Version: 1.04.0002)
HP Wireless Assistant 2.00 E1 (Version: 2.00 E1)
HpSdpAppCoreApp (Version: 3.00.0000)
IL Download Manager
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4543)
Intel® PROSet/Wireless Software (Version: 10.01.0000)
InterVideo DVD Check
InterVideo WinDVD (Version: 5.0-B11.672)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
LightScribe  1.4.62.1 (Version: 1.4.62.1)
mCore (Version: 5.40.0000)
mDrWiFi (Version: 5.40.0000)
mHelp (Version: 5.40.0000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
mIWA (Version: 5.40.0000)
mLogView (Version: 5.40.0000)
mMHouse (Version: 5.40.0000)
Mozilla Firefox 19.0.2 (x86 en-US) (Version: 19.0.2)
Mozilla Maintenance Service (Version: 19.0.2)
mPfMgr (Version: 5.40.0000)
mPfWiz (Version: 5.40.0000)
mProSafe (Version: 9.00.0000)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
mWlsSafe (Version: 9.00.0000)
mXML (Version: 5.40.0000)
mZConfig (Version: 5.40.0000)
PANTECH Handset Driver (Version: 2.2.1030.1122)
Photoshop Camera Raw (Version: 5.0)
Pixel Bender Toolkit (Version: 1.0)
QuickTime (Version: 7.71.80.42)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
RealUpgrade 1.1 (Version: 1.1.0)
RPG Maker VX RTP (Version: 1.02)
ShareIns (Version: 1.00.0000)
Sonic Audio Module (Version: 2.0.4)
Sonic Copy Module (Version: 2.0.4)
Sonic Data Module (Version: 2.0.4)
Sonic DLA (Version: 5.2.0)
Sonic Express Labeler (Version: 2.0.0)
Sonic Update Manager (Version: 3.0.0)
SoundMAX (Version: 5.10.01.4321)
Suite Shared Configuration CS4 (Version: 1.0)
SUPERAntiSpyware (Version: 5.6.1014)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 8.2.16.4)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
UTAU 歌声合成ツール (Version: 1.0.74)
UxStyle Core Beta (Version: 0.2.1.1)
Vegas Pro 10.0 (Version: 10.0.387)
Verizon Tool Launcher for CDM8992 (Version: 2.00.0000)
WebFldrs XP (Version: 9.50.7523)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Media Connect
Windows Media Connect (Version: 1.0.0.0)
Windows Media Format 11 runtime
Windows Media Player 10
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Yahoo! Software Update
Yahoo! Toolbar

========================= Devices: ================================

Name: ACPI Multiprocessor PC
Description: ACPI Multiprocessor PC
Class Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPI

Name: Intel® Core™2 CPU         T5600  @ 1.83GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm

Name: Intel® Core™2 CPU         T5600  @ 1.83GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm

Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI bus
Description: PCI bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Mobile Intel® 955XM/945GM/PM/GMS/940GML Express Processor to DRAM Controller ? 27A0
Description: Mobile Intel® 955XM/945GM/PM/GMS/940GML Express Processor to DRAM Controller ? 27A0
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:

Name: Mobile Intel® 945GM Express Chipset Family
Description: Mobile Intel® 945GM Express Chipset Family
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: ialm

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Mobile Intel® 945GM Express Chipset Family
Description: Mobile Intel® 945GM Express Chipset Family
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: ialm

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Microsoft UAA Bus Driver for High Definition Audio
Description: Microsoft UAA Bus Driver for High Definition Audio
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: SoundMAX Integrated Digital HD Audio
Description: SoundMAX Integrated Digital HD Audio
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Analog Devices
Service: ADIHdAudAddService

Name: Agere Systems HDA Modem
Description: Agere Systems HDA Modem
Class Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Agere
Service: Modem

Name: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D0
Description: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D0
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: Intel® PRO/Wireless 3945ABG Network Connection
Description: Intel® PRO/Wireless 3945ABG Network Connection
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: w39n51

Name: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D4
Description: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D4
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D6
Description: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D6
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C8
Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C8
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C9
Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C9
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CA
Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CA
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CB
Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CB
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CC
Description: Intel® 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CC
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub

Name: AuthenTec Inc.  AES2501.
Description: AuthenTec Inc.  AES2501.
Class Guid: {53D29EF7-377C-4D14-864B-EB3A85769359}
Manufacturer: AuthenTec, Inc.
Service: ATSWPDRV

Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: Generic CardBus Controller
Description: Generic CardBus Controller
Class Guid: {4D36E977-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: pcmcia

Name: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
Description: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
Class Guid: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
Manufacturer: Texas Instruments
Service: ohci1394

Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394

Name: Texas Instruments PCIxx12 Integrated FlashMedia Controller
Description: Texas Instruments PCIxx12 Integrated FlashMedia Controller
Class Guid: {4D36E970-E325-11CE-BFC1-08002BE10318}
Manufacturer: Texas Instruments Inc
Service: tifm21

Name: SDA Standard Compliant SD Host Controller
Description: SDA Standard Compliant SD Host Controller
Class Guid: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6}
Manufacturer: SDA Standard Compliant SD Host Controller Vendor
Service: sdbus

Name: Texas Instruments PCI GemCore based SmartCard controller
Description: Texas Instruments PCI GemCore based SmartCard controller
Class Guid: {50DD5230-BA8A-11D1-BF5D-0000F805F530}
Manufacturer: Texas Instruments
Service: GTIPCI21

Name: Broadcom NetLink ™ Gigabit Ethernet
Description: Broadcom NetLink ™ Gigabit Ethernet
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: b57w2k

Name: Intel® 82801GBM (ICH7-M) LPC Interface Controller - 27B9
Description: Intel® 82801GBM (ICH7-M) LPC Interface Controller - 27B9
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: isapnp

Name: ISAPNP Read Data Port
Description: ISAPNP Read Data Port
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPIEC

Name: Extended IO Bus
Description: Extended IO Bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Communications Port (COM1)
Description: Communications Port
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard port types)
Service: Serial

Name: ECP Printer Port (LPT1)
Description: ECP Printer Port
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard port types)
Service: Parport

Name: Printer Port Logical Interface
Description: Printer Port Logical Interface
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Infineon Trusted Platform Module
Description: Windows XP / Windows Server 2003 device driver for the Infineon Trusted Platform Module
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Infineon Technologies AG
Service: IFXTPM

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System timer
Description: System timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System speaker
Description: System speaker
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Synaptics
Service: i8042prt

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® 82801GBM/GHM (ICH7-M Family) Serial ATA Storage Controller - 27C4
Description: Intel® 82801GBM/GHM (ICH7-M Family) Serial ATA Storage Controller - 27C4
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: intelide

Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: FUJITSU MHV2060BH PL
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: HL-DT-ST RW/DVD GCC-4244N
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : Windows successfully loaded the device driver for this hardware but cannot find the hardware device. (Code 41)
Resolution: A driver was loaded but Windows cannot find the device. This happens when Windows does not detect a non-Plug and Play device.
If the device was removed, uninstall the driver, install the device, and then click "Scan for hardware changes" to reinstall the driver. If the hardware was not removed, obtain a new or updated driver for the device.
If the device is a non-Plug and Play device, a newer version of the driver might be needed. To install non-Plug and Play devices, use the Add Hardware wizard.
Click "Performance and Maintenance" on "Control Panel", click "System", and on the "Hardware" tab, click "Add Hardware Wizard".

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: HP Quick Launch Buttons
Description: HP Quick Launch Buttons
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: Hewlett-Packard
Service: HBtnKey

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service:

Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: kbdhid

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt

Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Compbatt

Name: Full screen video driver for console
Description: Full screen video driver for console
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft Corporation
Service: FsVga

Name: Logical Disk Manager
Description: Logical Disk Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: dmio

Name: Volume Manager
Description: Volume Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: ftdisk

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: Hewlett Packard PhotoSmart C20 Digital Camera
Description: Hewlett Packard PhotoSmart C20 Digital Camera
Class Guid: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Manufacturer: Hewlett Packard
Service: StillCam

Name: AEGIS Protocol (IEEE 802.1x) v3.4.9.0
Description: AEGIS Protocol (IEEE 802.1x) v3.4.9.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AegisP

Name: AFD
Description: AFD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: 1394 ARP Client Protocol
Description: 1394 ARP Client Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Arp1394

Name: AVGIDSDriver
Description: AVGIDSDriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSDriver

Name: AVGIDSHX
Description: AVGIDSHX
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSHX

Name: AVGIDSShim
Description: AVGIDSShim
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSShim

Name: AVG AVI Loader Driver
Description: AVG AVI Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avgldx86

Name: AVG Logging Driver
Description: AVG Logging Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avglogx

Name: AVG TDI Driver
Description: AVG TDI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avgtdix

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: dmboot
Description: dmboot
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmboot

Name: dmload
Description: dmload
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmload

Name: eabfiltr
Description: eabfiltr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: eabfiltr

Name: Fips
Description: Fips
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Fips

Name: Generic Packet Classifier
Description: Generic Packet Classifier
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Gpc

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpNat

Name: IPSEC driver
Description: IPSEC driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IPSec

Name: ksecdd
Description: ksecdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ksecdd

Name: mnmdd
Description: mnmdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mnmdd

Name: mountmgr
Description: mountmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: Message Queuing access control
Description: Message Queuing access control
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MQAC

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NdisTapi

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: NetBios over Tcpip
Description: NetBios over Tcpip
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: ParVdm
Description: ParVdm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ParVdm

Name: PersonalSecureDrive
Description: PersonalSecureDrive
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PersonalSecureDrive

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: Reliable Multicast Protocol driver
Description: Reliable Multicast Protocol driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RMCAST

Name: WLAN Transport
Description: WLAN Transport
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: s24trans

Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASDIFSV

Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASKUTIL

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: uxpatch
Description: uxpatch
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: uxpatch

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: VolSnap
Description: VolSnap
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VolSnap

Name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarp

Name: Audio Codecs
Description: Audio Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Audio Drivers
Description: Legacy Audio Drivers
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Media Control Devices
Description: Media Control Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Video Capture Devices
Description: Legacy Video Capture Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Video Codecs
Description: Video Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: WAN Miniport (IP) - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Broadcom NetLink ™ Gigabit Ethernet - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Intel® PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Direct Parallel
Description: Direct Parallel
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Raspti

Name: Terminal Server Device Redirector
Description: Terminal Server Device Redirector
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: rdpdr

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Microsoft WINMM WDM Audio Compatibility Driver
Description: Microsoft WINMM WDM Audio Compatibility Driver
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: wdmaud

Name: Microsoft Kernel System Audio Device
Description: Microsoft Kernel System Audio Device
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: sysaudio

Name: Microsoft Kernel Wave Audio Mixer
Description: Microsoft Kernel Wave Audio Mixer
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: kmixer

Name: Microcode Update Device
Description: Microcode Update Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: update

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: mssmbios


========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 1015.36 MB
Available physical RAM: 554.34 MB
Total Pagefile: 3816.82 MB
Available Pagefile: 3229.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 1980.92 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:50.61 GB) (Free:21.53 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:5.28 GB) (Free:0.58 GB) FAT32

========================= Users: ========================================

User accounts for \\MEGAN

Administrator            ASPNET                   Guest                    
HelpAssistant            SUPPORT_388945a0         


**** End of log ****
 

Farbar's Service Scanner log

Farbar Service Scanner Version: 03-03-2013
Ran by Administrator (administrator) on 08-03-2013 at 17:56:00
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2004-08-04 00:00] - [2008-04-13 16:12] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2004-08-04 00:00] - [2009-02-06 03:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


Extra List:
=======
Avgtdix(13) Gpc(7) IPSec(5) NetBT(6) PSched(8) Tcpip(4)
0x0D00000005000000010000000200000003000000040000000C0000000B0000000D000000060000000700000008000000090000000A000000
IpSec Tag value is correct.

**** End of log ****

 

Malwarebytes log

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.09.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Administrator :: MEGAN [administrator]

3/8/2013 5:58:00 PM
mbam-log-2013-03-08 (17-58-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204844
Time elapsed: 11 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCR\CLSID\{35B7E48B-9D81-4C6C-9578-5FD4F620D886} (PUP.Spyware.MarketScore) -> Quarantined and deleted successfully.
HKCR\Setup.Player.2K2 (PUP.Spyware.MarketScore) -> Quarantined and deleted successfully.
HKCR\Setup.Player (PUP.Spyware.MarketScore) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|StartMenuLogoff (PUM.Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

Junkware Removal Tool log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on 03/08/2013 Fri at 18:17:34.15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin
Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] hkey_current_user\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\zugo
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\search toolbar"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\bing.xml.old"
Successfully deleted: [File] C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\78gt40n5.default\extensions\dpgvwjddwr@dpgvwjddwr.org.xpi [Tracur]
Successfully deleted: [File] C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\78gt40n5.default\searchplugins\bing-zugo.xml
Emptied folder: C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\78gt40n5.default\minidumps [4 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/08/2013 Fri at 18:26:55.21
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Rkill log

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/08/2013 06:29:36 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\WINDOWS\system32\IFXSPMGT.exe (PID: 1344) [WD-HEUR]
 * C:\WINDOWS\system32\IFXTCS.exe (PID: 1380) [WD-HEUR]
 * C:\WINDOWS\system32\mqsvc.exe (PID: 1840) [WD-HEUR]
 * C:\WINDOWS\system32\mqtgsvc.exe (PID: 2388) [WD-HEUR]
 * C:\WINDOWS\Sminst\Recguard.exe (PID: 3948) [WD-HEUR]
 * C:\WINDOWS\SMINST\Scheduler.exe (PID: 2000) [WD-HEUR]

6 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * C:\WINDOWS\System32\drivers\mqac.sys [NoSig]
 +-> C:\WINDOWS\$hf_mig$\KB971032\SP2QFE\mqac.sys : 91,776 : 06/22/2009 00:30 AM : 9229e191fe206628be17d1e67a5faed9 [Pos Repl]
 +-> C:\WINDOWS\ServicePackFiles\i386\mqac.sys : 92,544 : 04/13/2008 00:39 AM : 70c14f5cca5cf73f8a645c73a01d8726 [Pos Repl]
 +-> C:\WINDOWS\system32\dllcache\mqac.sys : 91,776 : 06/22/2009 00:48 AM : eee50bf24caeedb515a8f3b22756d3bb [Pos Repl]

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost
    

Program finished at: 03/08/2013 06:30:55 PM
Execution time: 0 hours(s), 1 minute(s), and 19 seconds(s)

 

Autoruns log

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "AGRSMMSG"    "SoftModem Messaging Applet"    "Agere Systems"    "c:\windows\agrsmmsg.exe"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_UI"    "AVG User Interface"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2013\avgui.exe"
+ "CognizanceTS"    "Terminal Services Virtual Channel Client"    "Cognizance Corporation"    "c:\program files\hpq\iam\bin\astsvcc.dll"
+ "Cpqset"    ""    ""    "c:\program files\hpq\default settings\cpqset.exe"
+ "HP Software Update"    "Hewlett-Packard Product Assistant"    "Hewlett-Packard Co."    "c:\program files\hp\hp software update\hpwuschd2.exe"
+ "hpWirelessAssistant"    "HP Wireless Assistant Module"    "Hewlett-Packard Development Company, L.P."    "c:\program files\hpq\hp wireless assistant\hp wireless assistant.exe"
+ "igfxhkcmd"    "hkcmd Module"    "Intel Corporation"    "c:\windows\system32\hkcmd.exe"
+ "igfxpers"    "persistence Module"    "Intel Corporation"    "c:\windows\system32\igfxpers.exe"
+ "igfxtray"    "igfxTray Module"    "Intel Corporation"    "c:\windows\system32\igfxtray.exe"
+ "IntelWireless"    "Intel Framework MFC Application"    "Intel Corporation"    "c:\program files\intel\wireless\bin\ifrmewrk.exe"
+ "IntelZeroConfig"    "ZeroCfgSvc MFC Application"    "Intel Corporation"    "c:\program files\intel\wireless\bin\zcfgsvc.exe"
+ "MSPY2002"    ""    ""    "c:\windows\system32\ime\pintlgnt\imscinst.exe"
+ "PTHOSTTR"    "Adds Security Manager System Tray functionality"    "Hewlett-Packard Development Company, L.P."    "c:\program files\hpq\hp protecttools security manager\pthosttr.exe"
+ "QlbCtrl"    "QLB Controller"    " Hewlett-Packard Development Company, L.P."    "c:\program files\hewlett-packard\hp quick launch buttons\qlbctrl.exe"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files\quicktime\qttask.exe"
+ "Recguard"    "Recguard Application"    ""    "c:\windows\sminst\recguard.exe"
+ "Reminder"    "Application MFC Reminder_XP"    ""    "c:\windows\creator\remind_xp.exe"
+ "Scheduler"    "Scheduler"    ""    "c:\windows\sminst\scheduler.exe"
+ "Share-to-Web Namespace Daemon"    "hpgs2wnd"    "Hewlett-Packard"    "c:\program files\hewlett-packard\hp share-to-web\hpgs2wnd.exe"
+ "SoundMAX"    "Audio Control Panel"    "Analog Devices, Inc."    "c:\program files\analog devices\soundmax\smax4.exe"
+ "SoundMAXPnP"    "SMax4PNP"    "Analog Devices, Inc."    "c:\program files\analog devices\core\smax4pnp.exe"
+ "SynTPEnh"    "Synaptics TouchPad Enhancements"    "Synaptics, Inc."    "c:\program files\synaptics\syntp\syntpenh.exe"
+ "TkBellExe"    "RealNetworks Scheduler"    "RealNetworks, Inc."    "c:\program files\real\realplayer\update\realsched.exe"
+ "WatchDog"    "DVDCheck Application"    "InterVideo Inc."    "c:\program files\intervideo\dvd check\dvdcheck.exe"
+ "zzzHPSETUP"    ""    ""    "File not found: E:\Setup.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup"    ""    ""    ""
+ "Adobe Reader Speed Launch.lnk"    "Adobe Acrobat SpeedLauncher"    "Adobe Systems Incorporated"    "c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe"
+ "DVD Check.lnk"    "DVDCheck Application"    "InterVideo Inc."    "c:\program files\intervideo\dvd check\dvdcheck.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Address Book 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "SUPERAntiSpyware"    "SUPERAntiSpyware Application"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\superantispyware.exe"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"    ""    ""    ""
+ "0"    ""    ""    "File not found: About:Home"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""
+ "SABShellExecuteHook Class"    "ShellExecuteHook"    "SuperAdBlocker.com"    "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "APSDShExt"    "Personal Secure Drive Shell Extension"    "Infineon Technologies AG"    "c:\program files\protecttools\embedded security software\psdshext.dll"
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2013\avgse.dll"
+ "Document Manager"    "Document Manager Service"    "Cognizance Corporation"    "c:\program files\hpq\iam\bin\sfsshell.dll"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Document Manager"    "Document Manager Service"    "Cognizance Corporation"    "c:\program files\hpq\iam\bin\sfsshell.dll"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "igfxcui"    "igfxpph Module"    "Intel Corporation"    "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "APSDShExt"    "Personal Secure Drive Shell Extension"    "Infineon Technologies AG"    "c:\program files\protecttools\embedded security software\psdshext.dll"
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2013\avgse.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ "Document Manager"    "Document Manager Service"    "Cognizance Corporation"    "c:\program files\hpq\iam\bin\sfsshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "AcroIEHlprObj Class"    "Adobe Acrobat IE Helper Version 7.0 for ActiveX"    "Adobe Systems Incorporated"    "c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll"
+ "DriveLetterAccess"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\dlashx_w.dll"
+ "Google Toolbar Helper"    "Google IE Client Toolbar"    "Google Inc."    "c:\program files\google\googletoolbar1.dll"
+ "HP Credential Manager for ProtectTools"    "SSO IE Listener"    "Infineon Technologies AG"    "c:\program files\hpq\iam\bin\itieaddin.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ 2 Platform Standard Edition binary"    "Sun Microsystems, Inc."    "c:\program files\java\jre1.5.0_06\bin\ssv.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer"    "RealPlayer Download and Record Plugin"    "RealPlayer"    "c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "SingleInstance Class"    "Yahoo! Single Instance for Mail"    "Yahoo! Inc"    "c:\program files\yahoo!\companion\installs\cpn\ytsingleinstance.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "&Google"    "Google IE Client Toolbar"    "Google Inc."    "c:\program files\google\googletoolbar1.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "Sun Java Console"    "Java™ 2 Platform Standard Edition binary"    "Sun Microsystems, Inc."    "c:\program files\java\jre1.5.0_06\bin\ssv.dll"
+ "Windows Messenger"    "Windows Messenger"    "Microsoft Corporation"    "c:\program files\messenger\msmsgs.exe"
"Task Scheduler"    ""    ""    ""
+ "Adobe Flash Player Updater.job"    "Adobe® Flash® Player Update Service 11.6 r602"    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "GoogleUpdateTaskMachineCore.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "RealUpgradeLogonTaskS-1-5-21-1185630821-2562979268-2462006494-500.job"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\real\realupgrade\realupgrade.exe"
+ "RealUpgradeScheduledTaskS-1-5-21-1185630821-2562979268-2462006494-500.job"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\real\realupgrade\realupgrade.exe"
+ "RegInOut Scheduled Scan - Administrator.job"    ""    ""    "File not found: C:\Program Files\RegInOut\RegInOut.exe SCHEDULE"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "!SASCORE"    "SUPERAntiSpyware Core Service"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sascore.exe"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AVGIDSAgent"    "Provides Identity Protection Against Cyber Crime."    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2013\avgidsagent.exe"
+ "avgwd"    "AVG Watchdog Service"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2013\avgwdsvc.exe"
+ "EvtEng"    "Manages the event trace messages for all the components of Intel® PROSet/Wireless software."    "Intel Corporation"    "c:\program files\intel\wireless\bin\evteng.exe"
+ "FLEXnet Licensing Service"    "This service performs licensing functions on behalf of FLEXnet enabled products."    "Acresso Software Inc."    "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "hpqwmiex"    "hpqwmiex Module"    "Hewlett-Packard Development Company, L.P."    "c:\program files\hewlett-packard\shared\hpqwmiex.exe"
+ "IDriverT"    "Provides support for the Running Object Table for InstallShield Drivers"    "Macrovision Corporation"    "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "IFXSpMgtSrv"    "Provides management services for the Security Platform."    "Infineon Technologies AG"    "c:\windows\system32\ifxspmgt.exe"
+ "IFXTCS"    "The Trusted Platform Core Service manages access to the Trusted Platform Module of this computer. If this service is stopped, the trustworthiness of this computer no longer can be verified. If this service is disabled, any services that explicitly depend on it will fail to start. "    "Infineon Technologies AG"    "c:\windows\system32\ifxtcs.exe"
+ "LightScribeService"    "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work."    "Hewlett-Packard Company"    "c:\program files\common files\lightscribe\lssrvc.exe"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "PersonalSecureDriveService"    "Personal Secure Drive service for encrypted drives"    "Infineon Technologies AG"    "c:\program files\protecttools\embedded security software\psdsrvc.exe"
+ "Pml Driver HPZ12"    "PML Driver"    "HP"    "c:\windows\system32\hpzipm12.exe"
+ "rpcnet"    "rpcnet"    "Absolute Software Corp."    "c:\windows\system32\rpcnet.exe"
+ "UnsignedThemes"    "Enables the use of unsigned themes."    "The Within Network, LLC"    "c:\windows\unsignedthemessvc.exe"
+ "YahooAUService"    "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements."    "Yahoo! Inc."    "c:\program files\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "ADIHdAudAddService"    "High Definition Audio Function Driver(Release Candidate 1)"    "Analog Devices, Inc."    "c:\windows\system32\drivers\adihdaud.sys"
+ "AEAudioService"    "Audio Noise Filtering Driver"    "Andrea Electronics Corporation"    "c:\windows\system32\drivers\aeaudio.sys"
+ "AFS2K"    "Audio File System"    "Oak Technology Inc."    "c:\windows\system32\drivers\afs2k.sys"
+ "AgereSoftModem"    "SoftModem Device Driver"    "Agere Systems"    "c:\windows\system32\drivers\agrsm.sys"
+ "AliIde"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"
+ "ATSWPDRV"    "Slide Fingerprint USB Driver"    "AuthenTec, Inc."    "c:\windows\system32\drivers\atswpdrv.sys"
+ "AVGIDSDriver"    "AVG Technologies IDS Application Activity Monitor Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidsdriverx.sys"
+ "AVGIDSHX"    "AVG Technologies IDS Application Activity Monitor Helper Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidshx.sys"
+ "AVGIDSShim"    "AVG Technologies IDS Application Activity Monitor Shim Loader Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidsshimx.sys"
+ "Avgldx86"    "AVG AVI Loader Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgldx86.sys"
+ "Avglogx"    "AVG Logging Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avglogx.sys"
+ "Avgmfx86"    "AVG Resident Shield Minifilter Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgmfx86.sys"
+ "Avgrkx86"    "AVG Anti-Rootkit Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgrkx86.sys"
+ "Avgtdix"    "AVG Network connection watcher"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgtdix.sys"
+ "b57w2k"    "Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57xp32.sys"
+ "Changer"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "DLAPoolM"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\dlapoolm.sys"
+ "DLARTL_N"    "Shared Driver Component"    "Sonic Solutions"    "c:\windows\system32\drivers\dlartl_n.sys"
+ "DLAUDF_M"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\dlaudf_m.sys"
+ "DLAUDFAM"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\dlaudfam.sys"
+ "DRVMCDB"    "Device Driver"    "Sonic Solutions"    "c:\windows\system32\drivers\drvmcdb.sys"
+ "DRVNDDM"    "Device Driver Manager"    "Sonic Solutions"    "c:\windows\system32\drivers\drvnddm.sys"
+ "eabfiltr"    "QLB PS/2 Keyboard filter driver"    "Hewlett-Packard Development Company, L.P."    "c:\windows\system32\drivers\eabfiltr.sys"
+ "eabusb"    "QLB USB Keyboard filter driver"    "Hewlett-Packard Development Company, L.P."    "c:\windows\system32\drivers\eabusb.sys"
+ "GTIPCI21"    "Texas Instruments PCI GemCore IFD Handler"    "Texas Instruments"    "c:\windows\system32\drivers\gtipci21.sys"
+ "HBtnKey"    "HP Tablet PC Key Button HID Driver"    "Hewlett-Packard Development Company, L.P."    "c:\windows\system32\drivers\cpqbttn.sys"
+ "HDAudBus"    "High Definition Audio Bus Driver v1.0a"    "Windows ® Server 2003 DDK provider"    "c:\windows\system32\drivers\hdaudbus.sys"
+ "HPZid412"    "IEEE-1284.4-1999 Driver (Windows 2000)"    "HP"    "c:\windows\system32\drivers\hpzid412.sys"
+ "HPZipr12"    "IEEE-1284.4-1999 Print Class Driver"    "HP"    "c:\windows\system32\drivers\hpzipr12.sys"
+ "HPZius12"    "1284.4<->Usb Datalink Driver (Windows 2000)"    "HP"    "c:\windows\system32\drivers\hpzius12.sys"
+ "i2omgmt"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "ialm"    "Intel Graphics Miniport Driver"    "Intel Corporation"    "c:\windows\system32\drivers\ialmnt5.sys"
+ "iaStor"    ""    "Intel Corporation"    "c:\windows\system32\drivers\iastor.sys"
+ "IFXTPM"    "Infineon Trusted Platform Module"    "Infineon Technologies AG"    "c:\windows\system32\drivers\ifxtpm.sys"
+ "lbrtfdc"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "PCIDump"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "PersonalSecureDrive"    "PSD Device Driver"    "Infineon Technologies AG"    "c:\windows\system32\drivers\psd.sys"
+ "PTHSBUS"    "USB Composite Device Driver (MSS Ver.3)"    "DEVGURU Co., LTD."    "c:\windows\system32\drivers\pthsbus.sys"
+ "PTHSMDM"    "PANTECH Handset Drivers (UDP)"    "DEVGURU Co., LTD.(www.devguru.co.kr)"    "c:\windows\system32\drivers\pthsmdm.sys"
+ "PTHSVSP"    "PANTECH Handset Diagnostic Serial Port (UDP)"    "DEVGURU Co., LTD.(www.devguru.co.kr)"    "c:\windows\system32\drivers\pthsvsp.sys"
+ "Ptilink"    "Direct Parallel Link Driver"    "Parallel Technologies, Inc."    "c:\windows\system32\drivers\ptilink.sys"
+ "SASDIFSV"    "SASDIFSV.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL"    "SASKUTIL.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\saskutil.sys"
+ "Secdrv"    "SafeDisc driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "SMCIRDA"    "SMC IrCC NDIS 5.0 IrDA FIR Device Driver"    "SMC"    "c:\windows\system32\drivers\smcirda.sys"
+ "SynTP"    "Synaptics Touchpad Driver"    "Synaptics, Inc."    "c:\windows\system32\drivers\syntp.sys"
+ "tifm21"    "tifm21.sys"    "Texas Instruments"    "c:\windows\system32\drivers\tifm21.sys"
+ "uxpatch"    ""    ""    "c:\windows\system32\drivers\uxpatch.sys"
+ "w39n51"    "Intel® Wireless LAN Driver"    "Intel® Corporation"    "c:\windows\system32\drivers\w39n51.sys"
+ "WDICA"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.iac2"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch"    "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\system32\tssoft32.acm"
+ "msacm.vorbis"    "Ogg Vorbis CODEC for MSACM"    "HMS http://hp.vector.co.jp/authors/VA012897/"    "c:\windows\system32\vorbis.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"
+ "vidc.iv31"    ""    ""    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32"    ""    ""    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter"    ""    ""    ""
+ "IL FL Studio DXi"    ""    "Image-Line"    "c:\program files\image-line\fl studio 10\system\plugin\dxi\fl studio dxi.dll"
+ "IL FL Studio DXi"    ""    "Image-Line"    "c:\program files\image-line\fl studio 10\system\plugin\dxi\fl studio dxi.dll"
+ "IL Multi FL Studio DXi"    ""    "Image-Line"    "c:\program files\image-line\fl studio 10\system\plugin\dxi\fl studio dxi (multi).dll"
+ "IL Multi FL Studio DXi"    ""    "Image-Line"    "c:\program files\image-line\fl studio 10\system\plugin\dxi\fl studio dxi (multi).dll"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Sony Amplitude Modulation"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Amplitude Modulation"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Chorus"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Chorus"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Distortion"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Distortion"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Dither"    "Sony TrackFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Dither"    "Sony TrackFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony ExpressFX Amplitude Modulation"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Amplitude Modulation"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Audio Restoration"    "Sony ExpressFX Audio Restoration"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\xpvinyl.dll"
+ "Sony ExpressFX Audio Restoration"    "Sony ExpressFX Audio Restoration"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\xpvinyl.dll"
+ "Sony ExpressFX Chorus"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Chorus"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Delay"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Delay"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Distortion"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Distortion"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Dynamics"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Dynamics"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Equalization"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Equalization"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Flange/Wah-Wah"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Flange/Wah-Wah"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Graphic EQ"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Graphic EQ"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Noise Gate"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Noise Gate"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Reverb"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Reverb"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Stutter"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Stutter"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Time Stretch"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Time Stretch"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony Flange/Wah-wah"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Flange/Wah-wah"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Gapper/Snipper"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Gapper/Snipper"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Graphic Dynamics"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Graphic Dynamics"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Graphic EQ"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Graphic EQ"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Band Dynamics"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Band Dynamics"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Tap Delay"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Multi-Tap Delay"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Noise Gate"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Noise Gate"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Pan"    "Sound Forge Pro Pan and Volume 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Sony Pan"    "Sound Forge Pro Pan and Volume 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Sony Paragraphic EQ"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Paragraphic EQ"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Parametric EQ"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Parametric EQ"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Pitch Shift"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Pitch Shift"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Resonant Filter"    "Sony Resonant Filter"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfresfilter.dll"
+ "Sony Resonant Filter"    "Sony Resonant Filter"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfresfilter.dll"
+ "Sony Reverb"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Reverb"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Simple Delay"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Simple Delay"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Smooth/Enhance"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Smooth/Enhance"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Time Stretch"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Time Stretch"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Track Compressor"    "Sony TrackFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track Compressor"    "Sony TrackFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track EQ"    "Sony TrackFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track EQ"    "Sony TrackFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track Noise Gate"    "Sony TrackFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track Noise Gate"    "Sony TrackFX 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Vibrato"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Vibrato"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Volume"    "Sound Forge Pro Pan and Volume 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Sony Volume"    "Sound Forge Pro Pan and Volume 1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "9x8Resize"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Dump"    "Adobe After Effects Plug-in"    "Adobe Systems Incorporated"    "c:\program files\adobe\adobe after effects cs4\support files\(media core plug-ins)\common\dvfilewriter.prm"
+ "Frame Eater"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo® audio software"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "InterVideo Audio Decoder"    "IVIAUDIO"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\iviaudio.ax"
+ "InterVideo Audio Processor"    ""    ""    "c:\program files\intervideo\common\bin\iviaudioprocess.ax"
+ "InterVideo Navigator"    "IVINAV"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\ivinav.ax"
+ "InterVideo Video Decoder"    "IVIVIDEO"    " InterVideo Inc."    "c:\program files\intervideo\common\bin\ivivideo.ax"
+ "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecx.ax"
+ "RealPlayer Audio Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Sony Wave Hammer Surround"    "Sony Wave Hammer 5.1"    "Sony Creative Software Inc."    "c:\program files\sony\shared plug-ins\audio\mchammer.dll"
+ "Stetch"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Video Memory Render Filter"    ""    ""    "c:\program files\image-line\fl studio 10\plugins\fruity\effects\zgameeditor visualizer\videomemoryrenderfilter.ax"
+ "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute"    ""    ""    ""
+ "C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart"    "AVG Resident Shield Service"    "AVG Technologies CZ, s.r.o."    "c:\program files\avg\avg2013\avgrsx.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""
+ "IfxWlxEN"    "Winlogon Event Notification DLL"    "Infineon Technologies AG"    "c:\windows\system32\ifxwlxen.dll"
+ "igfxcui"    "igfxdev Module"    "Intel Corporation"    "c:\windows\system32\igfxdev.dll"
+ "OneCard"    "Winlogon notification handler"    "Cognizance Corporation"    "c:\program files\hpq\iam\bin\aswlnpkg.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe"    ""    ""    ""
+ "C:\DOCUME~1\ADMINI~1\MYDOCU~1\BADAPP~1\BADAPP~1.SCR"    "BadApple!! Screen saver"    ""    "c:\documents and settings\administrator\my documents\badapplescreensaver\badapple!!.scr"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""
+ "HP Master Monitor"    "Win32 Master Monitor"    "Hewlett-Packard"    "c:\windows\system32\hpbmmon.dll"
+ "HP Mobile Printing Monitor"    "HPMPMW"    "Hewlett-Packard"    "c:\windows\system32\hpmpmw.dll"
+ "hpzsnt07"    ""    "HP"    "c:\windows\system32\hpzsnt07.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages"    ""    ""    ""
+ "AsWlnPkg"    "Winlogon notification handler"    "Cognizance Corporation"    "c:\program files\hpq\iam\bin\aswlnpkg.dll"
 

 

AdwCleaner log

 

# AdwCleaner v2.114 - Logfile created 03/08/2013 at 18:36:06
# Updated 05/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - MEGAN
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\78gt40n5.default\prefs.js

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

*************************

AdwCleaner[S1].txt - [346 octets] - [08/03/2013 18:21:49]
AdwCleaner[S2].txt - [1669 octets] - [08/03/2013 18:36:06]

########## EOF - C:\AdwCleaner[S2].txt - [1729 octets] ##########
 

 

I'm sorry but this is all I can do for today, I will not have acess to the internet from now until 2-3 days as I will be away temporarily. I'll be back.

 


 



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:46 PM

Posted 08 March 2013 - 09:46 PM

Ok.

 

I would like you to run ESET online scanner now in normal mode and post the log.

 

If that doesnt work try to run it safemode with networking.



#7 jitomate

jitomate
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 11 March 2013 - 01:34 AM

Here's the log, it worked in normal mode.
ESET online scanner log
 
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\36\70190024-6495e1c2    a variant of Java/TrojanDownloader.Agent.NDJ trojan    deleted - quarantined
C:\Documents and Settings\Administrator\My Documents\Downloads\Sony_keygen_2011.zip    a variant of Win32/Packed.VMProtect.AAD trojan    deleted - quarantined
 

Edited by jitomate, 11 March 2013 - 01:34 AM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:46 PM

Posted 11 March 2013 - 08:22 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

 



#9 jitomate

jitomate
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 11 March 2013 - 12:13 PM

Thank you! No problems so far.



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:46 PM

Posted 11 March 2013 - 01:20 PM

:welcome:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users