Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan virus, can't do anything now


  • Please log in to reply
15 replies to this topic

#1 gerstley

gerstley

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 17 March 2013 - 08:43 PM

I am running XP.  The computer froze up. Restarted it and ran Microsoft Security Essentials.  It ran and detected a trojan virus.  It said it needed to download something to remove the virus and then froze up.  I restarted again and ran MSE again.  It froze up during the scan.
I tried to restart into safe mode but wheneverI enter to start up in safe mode, after a short time the same startup option screen pops up again.  I can only start up in normal mode it seems.  I am unable to start any other antivirus software and now MSE wont start either.  As a result I can't submit any logs.  Would you have any suggestions?
 
Thanks.

Mod Edit: Moved topic from the Logs forum, to Aii due to lack of logs. ~bloopie


Edited by bloopie, 17 March 2013 - 10:02 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:42 AM

Posted 18 March 2013 - 10:02 AM

    

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg

  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results


 



#3 gerstley

gerstley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 18 March 2013 - 12:23 PM

I can't do anything with the computer.  I am working on another computer.  i can start the computer in normal mode and the desktop comes up.  If I click on Firefox or any programs I have on the computer nothing happens.  The control panel and task manager also don't respond.  Sometimes, after rebooting I can get Firefox to start up but it soon freezes.



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:42 AM

Posted 18 March 2013 - 01:39 PM

Copy the tools from a clean PC to infected one using a flash drive



#5 gerstley

gerstley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 18 March 2013 - 02:11 PM

I tried the flash drive but the computer didn't recognize it.  Then it froze up again.  I find each time i restart the computer I can get a few minutes out of it before it freezes up.  I did mange to run the TDSkILLer.  It identified a couple threats but now I can't open the report file so I can't send you a copy.



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:42 AM

Posted 18 March 2013 - 02:13 PM

Restart the PC and try opening the log



#7 gerstley

gerstley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 18 March 2013 - 02:44 PM

I have done that 3 or 4 times.  Each time when I try to open the file, nothing happens. For what it is worth, when Security Essentials first ran yesterday and identified a virus it said it was an Alureon virus.  It needed to open windows defender to remove the virus and it froze up before it could do that.



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:42 AM

Posted 18 March 2013 - 04:49 PM

I have done that 3 or 4 times.

 

Run TDSSkiller and this time allow the tool to do its default options

 

For rootkit default option is CURE,allow it to CURE it(do not skip)

 

Restart the PC and let me know if you can run tools now.



#9 gerstley

gerstley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 18 March 2013 - 05:48 PM

I was able to run TDSSkiller and let it do the cure.  Things are working now.  I can use the computer again!



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:42 AM

Posted 18 March 2013 - 06:44 PM

Post the logs :)



#11 gerstley

gerstley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 19 March 2013 - 11:18 AM

ESET results

 

C:\Documents and Settings\Owner\Local Settings\temp\AskSLib.dll    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.03.2013_18.18.37\mbr0000\tdlfs0000\tsk0002.dta    Win64/Olmarik.AM trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.03.2013_18.32.37\tdlfs0000\tsk0002.dta    Win64/Olmarik.AM trojan    cleaned by deleting - quarantined

 

 

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-03-19 09:25:17
-----------------------------
09:25:17.000    OS Version: Windows 5.1.2600 Service Pack 3
09:25:17.000    Number of processors: 2 586 0x4303
09:25:17.000    ComputerName: DESKTOP1  UserName: Owner
09:25:17.609    Initialize success
09:29:48.734    AVAST engine defs: 13031900
09:30:13.859    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-e
09:30:13.859    Disk 0 Vendor: ST3250410AS 3.AAF Size: 238475MB BusType: 3
09:30:14.046    Disk 0 MBR read successfully
09:30:14.046    Disk 0 MBR scan
09:30:14.078    Disk 0 Windows XP default MBR code
09:30:14.078    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       238464 MB offset 63
09:30:14.078    Disk 0 scanning sectors +488376000
09:30:14.140    Disk 0 scanning C:\WINDOWS\system32\drivers
09:30:21.406    Service scanning
09:30:25.796    Service FXDrv32 D:\FXDrv32.sys **LOCKED** 21
09:30:37.562    Modules scanning
09:30:40.312    Disk 0 trace - called modules:
09:30:40.343    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
09:30:40.343    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a856ab8]
09:30:40.343    3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000065[0x8a80e9e8]
09:30:40.343    5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T1L0-e[0x8a7f6940]
09:30:41.031    AVAST engine scan C:\WINDOWS
09:30:49.750    AVAST engine scan C:\WINDOWS\system32
09:33:32.437    AVAST engine scan C:\WINDOWS\system32\drivers
09:33:45.906    AVAST engine scan C:\Documents and Settings\Owner
09:45:32.031    AVAST engine scan C:\Documents and Settings\All Users
09:52:37.843    Scan finished successfully
09:52:58.796    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
09:52:58.796    The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
 

 

 

 

 

18:32:36.0934 2976  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:32:37.0246 2976  ============================================================
18:32:37.0246 2976  Current date / time: 2013/03/18 18:32:37.0246
18:32:37.0246 2976  SystemInfo:
18:32:37.0246 2976  
18:32:37.0246 2976  OS Version: 5.1.2600 ServicePack: 3.0
18:32:37.0246 2976  Product type: Workstation
18:32:37.0246 2976  ComputerName: DESKTOP1
18:32:37.0246 2976  UserName: Owner
18:32:37.0246 2976  Windows directory: C:\WINDOWS
18:32:37.0246 2976  System windows directory: C:\WINDOWS
18:32:37.0246 2976  Processor architecture: Intel x86
18:32:37.0246 2976  Number of processors: 2
18:32:37.0246 2976  Page size: 0x1000
18:32:37.0246 2976  Boot type: Normal boot
18:32:37.0246 2976  ============================================================
18:32:43.0387 2976  BG loaded
18:32:43.0902 2976  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:32:44.0199 2976  ============================================================
18:32:44.0199 2976  \Device\Harddisk0\DR0:
18:32:44.0324 2976  MBR partitions:
18:32:44.0324 2976  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
18:32:44.0324 2976  ============================================================
18:32:44.0699 2976  C: <-> \Device\Harddisk0\DR0\Partition1
18:32:44.0777 2976  ============================================================
18:32:44.0777 2976  Initialize success
18:32:44.0777 2976  ============================================================
18:33:58.0839 3676  ============================================================
18:33:58.0839 3676  Scan started
18:33:58.0839 3676  Mode: Manual; TDLFS;
18:33:58.0839 3676  ============================================================
18:33:59.0214 3676  ================ Scan system memory ========================
18:33:59.0214 3676  System memory - ok
18:33:59.0214 3676  ================ Scan services =============================
18:33:59.0354 3676  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
18:33:59.0354 3676  !SASCORE - ok
18:33:59.0479 3676  Abiosdsk - ok
18:33:59.0479 3676  abp480n5 - ok
18:33:59.0526 3676  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:33:59.0526 3676  ACPI - ok
18:33:59.0573 3676  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
18:33:59.0604 3676  ACPIEC - ok
18:33:59.0870 3676  [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
18:33:59.0870 3676  AdobeActiveFileMonitor9.0 - ok
18:33:59.0964 3676  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:33:59.0964 3676  AdobeFlashPlayerUpdateSvc - ok
18:33:59.0979 3676  adpu160m - ok
18:34:00.0026 3676  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:34:00.0026 3676  aec - ok
18:34:00.0057 3676  [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc             C:\WINDOWS\system32\drivers\Afc.sys
18:34:00.0057 3676  Afc - ok
18:34:00.0104 3676  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:34:00.0104 3676  AFD - ok
18:34:00.0120 3676  Aha154x - ok
18:34:00.0120 3676  aic78u2 - ok
18:34:00.0120 3676  aic78xx - ok
18:34:00.0151 3676  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:34:00.0167 3676  Alerter - ok
18:34:00.0198 3676  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
18:34:00.0198 3676  ALG - ok
18:34:00.0198 3676  AliIde - ok
18:34:00.0214 3676  [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM          C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
18:34:00.0214 3676  AmdPPM - ok
18:34:00.0229 3676  amsint - ok
18:34:00.0370 3676  [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:34:00.0370 3676  Apple Mobile Device - ok
18:34:00.0385 3676  AppMgmt - ok
18:34:00.0385 3676  asc - ok
18:34:00.0385 3676  asc3350p - ok
18:34:00.0401 3676  asc3550 - ok
18:34:00.0542 3676  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:34:00.0604 3676  aspnet_state - ok
18:34:00.0635 3676  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:34:00.0635 3676  AsyncMac - ok
18:34:00.0682 3676  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:34:00.0682 3676  atapi - ok
18:34:00.0682 3676  Atdisk - ok
18:34:00.0745 3676  [ 666E4E583A7CF1233C6425DA16ECDC89 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
18:34:00.0745 3676  Ati HotKey Poller - ok
18:34:00.0792 3676  [ CA2033C7C5491B12C628A1CFDB99D75E ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe
18:34:00.0792 3676  ATI Smart - ok
18:34:00.0870 3676  [ 0C2CA1C294938139829B1983A0C38B31 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:34:00.0885 3676  ati2mtag - ok
18:34:00.0917 3676  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:34:00.0917 3676  Atmarpc - ok
18:34:00.0932 3676  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:34:00.0932 3676  AudioSrv - ok
18:34:00.0979 3676  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:34:00.0979 3676  audstub - ok
18:34:01.0010 3676  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:34:01.0010 3676  Beep - ok
18:34:01.0042 3676  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
18:34:01.0198 3676  BITS - ok
18:34:01.0307 3676  [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:34:01.0307 3676  Bonjour Service - ok
18:34:01.0354 3676  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
18:34:01.0354 3676  Browser - ok
18:34:01.0385 3676  [ 6A9A0DCAEEF488BB872B7FCA33AED3C2 ] Ca50xav         C:\WINDOWS\system32\Drivers\Ca50xav.sys
18:34:01.0385 3676  Ca50xav - ok
18:34:01.0448 3676  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:34:01.0448 3676  cbidf2k - ok
18:34:01.0495 3676  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:34:01.0495 3676  CCDECODE - ok
18:34:01.0495 3676  cd20xrnt - ok
18:34:01.0510 3676  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:34:01.0510 3676  Cdaudio - ok
18:34:01.0542 3676  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:34:01.0542 3676  Cdfs - ok
18:34:01.0557 3676  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:34:01.0557 3676  Cdrom - ok
18:34:01.0573 3676  Changer - ok
18:34:01.0573 3676  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:34:01.0573 3676  CiSvc - ok
18:34:01.0588 3676  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:34:01.0588 3676  ClipSrv - ok
18:34:01.0635 3676  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:34:01.0682 3676  clr_optimization_v2.0.50727_32 - ok
18:34:01.0713 3676  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:34:01.0807 3676  clr_optimization_v4.0.30319_32 - ok
18:34:01.0807 3676  CmdIde - ok
18:34:01.0807 3676  COMSysApp - ok
18:34:01.0823 3676  Cpqarray - ok
18:34:01.0870 3676  [ C2EB4539A4F6AB6EDD01BDC191619975 ] cpuz135         C:\WINDOWS\system32\drivers\cpuz135_x32.sys
18:34:01.0870 3676  cpuz135 - ok
18:34:01.0901 3676  [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.exe
18:34:01.0901 3676  Creative Service for CDROM Access - ok
18:34:01.0901 3676  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:34:01.0901 3676  CryptSvc - ok
18:34:01.0917 3676  dac2w2k - ok
18:34:01.0917 3676  dac960nt - ok
18:34:01.0963 3676  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:34:01.0963 3676  DcomLaunch - ok
18:34:01.0979 3676  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:34:01.0979 3676  Dhcp - ok
18:34:01.0995 3676  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:34:01.0995 3676  Disk - ok
18:34:01.0995 3676  dmadmin - ok
18:34:02.0026 3676  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:34:02.0042 3676  dmboot - ok
18:34:02.0057 3676  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
18:34:02.0057 3676  dmio - ok
18:34:02.0104 3676  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:34:02.0104 3676  dmload - ok
18:34:02.0135 3676  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:34:02.0135 3676  dmserver - ok
18:34:02.0167 3676  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:34:02.0167 3676  DMusic - ok
18:34:02.0198 3676  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:34:02.0198 3676  Dnscache - ok
18:34:02.0229 3676  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:34:02.0229 3676  Dot3svc - ok
18:34:02.0229 3676  dpti2o - ok
18:34:02.0260 3676  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:34:02.0260 3676  drmkaud - ok
18:34:02.0276 3676  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:34:02.0276 3676  EapHost - ok
18:34:02.0417 3676  [ EC6A73CD8413F68655E5E0B99C415A21 ] EPSON_EB_RPCV4_01 C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
18:34:02.0417 3676  EPSON_EB_RPCV4_01 - ok
18:34:02.0417 3676  [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] EPSON_PM_RPCV4_01 C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
18:34:02.0417 3676  EPSON_PM_RPCV4_01 - ok
18:34:02.0432 3676  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:34:02.0432 3676  ERSvc - ok
18:34:02.0463 3676  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
18:34:02.0479 3676  Eventlog - ok
18:34:02.0526 3676  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
18:34:02.0542 3676  EventSystem - ok
18:34:02.0557 3676  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:34:02.0557 3676  Fastfat - ok
18:34:02.0588 3676  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:34:02.0588 3676  FastUserSwitchingCompatibility - ok
18:34:02.0604 3676  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
18:34:02.0604 3676  Fdc - ok
18:34:02.0620 3676  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:34:02.0620 3676  Fips - ok
18:34:02.0620 3676  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
18:34:02.0620 3676  Flpydisk - ok
18:34:02.0667 3676  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:34:02.0667 3676  FltMgr - ok
18:34:02.0760 3676  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:34:02.0760 3676  FontCache3.0.0.0 - ok
18:34:02.0792 3676  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:34:02.0792 3676  Fs_Rec - ok
18:34:02.0792 3676  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:34:02.0792 3676  Ftdisk - ok
18:34:02.0792 3676  FXDrv32 - ok
18:34:02.0838 3676  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
18:34:02.0838 3676  GEARAspiWDM - ok
18:34:02.0854 3676  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:34:02.0854 3676  Gpc - ok
18:34:02.0932 3676  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
18:34:02.0948 3676  gupdate - ok
18:34:02.0948 3676  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
18:34:02.0948 3676  gupdatem - ok
18:34:03.0010 3676  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:34:03.0010 3676  gusvc - ok
18:34:03.0010 3676  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:34:03.0010 3676  HDAudBus - ok
18:34:03.0042 3676  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:34:03.0042 3676  helpsvc - ok
18:34:03.0104 3676  [ 0F7DD92F73C993B5EBEC3EDE88C926B4 ] hidkmdf         C:\WINDOWS\system32\DRIVERS\hidkmdf.sys
18:34:03.0104 3676  hidkmdf - ok
18:34:03.0120 3676  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
18:34:03.0120 3676  HidServ - ok
18:34:03.0151 3676  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:34:03.0151 3676  HidUsb - ok
18:34:03.0182 3676  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:34:03.0182 3676  hkmsvc - ok
18:34:03.0182 3676  hpn - ok
18:34:03.0213 3676  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:34:03.0229 3676  HTTP - ok
18:34:03.0276 3676  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:34:03.0276 3676  HTTPFilter - ok
18:34:03.0276 3676  i2omgmt - ok
18:34:03.0276 3676  i2omp - ok
18:34:03.0323 3676  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:34:03.0323 3676  i8042prt - ok
18:34:03.0417 3676  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:34:03.0432 3676  IDriverT - ok
18:34:03.0682 3676  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:34:03.0745 3676  idsvc - ok
18:34:03.0776 3676  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:34:03.0792 3676  Imapi - ok
18:34:03.0870 3676  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:34:03.0870 3676  ImapiService - ok
18:34:03.0870 3676  ini910u - ok
18:34:05.0495 3676  [ 8F924588C272FDAA28CF31A9BBC21A72 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:34:07.0213 3676  IntcAzAudAddService - ok
18:34:07.0213 3676  IntelIde - ok
18:34:07.0323 3676  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:34:07.0323 3676  Ip6Fw - ok
18:34:07.0432 3676  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:34:07.0432 3676  IpFilterDriver - ok
18:34:07.0463 3676  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:34:07.0495 3676  IpInIp - ok
18:34:07.0573 3676  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:34:07.0573 3676  IpNat - ok
18:34:08.0010 3676  [ 3A6D4D8ABACF64292D060C9E06D2050D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:34:08.0307 3676  iPod Service - ok
18:34:08.0463 3676  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:34:08.0479 3676  IPSec - ok
18:34:08.0557 3676  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:34:08.0604 3676  IRENUM - ok
18:34:08.0682 3676  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:34:08.0760 3676  isapnp - ok
18:34:08.0979 3676  [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
18:34:08.0979 3676  JavaQuickStarterService - ok
18:34:08.0995 3676  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:34:08.0995 3676  Kbdclass - ok
18:34:09.0026 3676  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:34:09.0026 3676  kbdhid - ok
18:34:09.0041 3676  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:34:09.0041 3676  kmixer - ok
18:34:09.0073 3676  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:34:09.0073 3676  KSecDD - ok
18:34:09.0135 3676  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
18:34:09.0135 3676  LanmanServer - ok
18:34:09.0182 3676  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:34:09.0198 3676  lanmanworkstation - ok
18:34:09.0198 3676  lbrtfdc - ok
18:34:09.0245 3676  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:34:09.0245 3676  LmHosts - ok
18:34:09.0307 3676  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
18:34:09.0307 3676  MDM - ok
18:34:09.0354 3676  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:34:09.0354 3676  Messenger - ok
18:34:09.0354 3676  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:34:09.0354 3676  mnmdd - ok
18:34:09.0401 3676  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
18:34:09.0401 3676  mnmsrvc - ok
18:34:09.0432 3676  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:34:09.0432 3676  Modem - ok
18:34:09.0463 3676  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:34:09.0463 3676  Mouclass - ok
18:34:09.0463 3676  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:34:09.0463 3676  mouhid - ok
18:34:09.0479 3676  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:34:09.0479 3676  MountMgr - ok
18:34:09.0526 3676  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:34:09.0541 3676  MozillaMaintenance - ok
18:34:09.0557 3676  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
18:34:09.0573 3676  MpFilter - ok
18:34:09.0635 3676  [ A69630D039C38018689190234F866D77 ] MpKsl36a9df7b   c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{62BD963E-67D1-4FC9-9C06-857C449874EF}\MpKsl36a9df7b.sys
18:34:09.0698 3676  MpKsl36a9df7b - ok
18:34:09.0698 3676  mraid35x - ok
18:34:09.0713 3676  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:34:09.0729 3676  MRxDAV - ok
18:34:09.0776 3676  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:34:09.0776 3676  MRxSmb - ok
18:34:09.0885 3676  [ BBCDBEBBF1BD6DC5912240391874C0DC ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS32.exe
18:34:09.0885 3676  MSCamSvc - ok
18:34:09.0948 3676  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
18:34:09.0948 3676  MSDTC - ok
18:34:09.0963 3676  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:34:09.0963 3676  Msfs - ok
18:34:09.0995 3676  [ 066F26EFE273125B352E35405D258E85 ] MSHUSBVideo     C:\WINDOWS\system32\Drivers\nx6000.sys
18:34:10.0010 3676  MSHUSBVideo - ok
18:34:10.0010 3676  MSIServer - ok
18:34:10.0041 3676  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:34:10.0041 3676  MSKSSRV - ok
18:34:10.0104 3676  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:34:10.0104 3676  MsMpSvc - ok
18:34:10.0120 3676  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:34:10.0120 3676  MSPCLOCK - ok
18:34:10.0135 3676  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:34:10.0151 3676  MSPQM - ok
18:34:10.0166 3676  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:34:10.0166 3676  mssmbios - ok
18:34:10.0198 3676  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:34:10.0213 3676  MSTEE - ok
18:34:10.0213 3676  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:34:10.0229 3676  Mup - ok
18:34:10.0245 3676  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:34:10.0245 3676  NABTSFEC - ok
18:34:10.0260 3676  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:34:10.0276 3676  napagent - ok
18:34:10.0354 3676  [ 89844C3D3A7AAE8999E229C88E452633 ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
18:34:10.0370 3676  NBService - ok
18:34:10.0401 3676  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:34:10.0401 3676  NDIS - ok
18:34:10.0432 3676  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:34:10.0432 3676  NdisIP - ok
18:34:10.0463 3676  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:34:10.0463 3676  NdisTapi - ok
18:34:10.0479 3676  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:34:10.0479 3676  Ndisuio - ok
18:34:10.0479 3676  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:34:10.0479 3676  NdisWan - ok
18:34:10.0526 3676  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:34:10.0526 3676  NDProxy - ok
18:34:10.0541 3676  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:34:10.0541 3676  NetBIOS - ok
18:34:10.0557 3676  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:34:10.0557 3676  NetBT - ok
18:34:10.0588 3676  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:34:10.0588 3676  NetDDE - ok
18:34:10.0588 3676  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:34:10.0588 3676  NetDDEdsdm - ok
18:34:10.0635 3676  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:34:10.0635 3676  Netlogon - ok
18:34:10.0651 3676  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
18:34:10.0651 3676  Netman - ok
18:34:10.0698 3676  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:34:10.0729 3676  NetTcpPortSharing - ok
18:34:10.0760 3676  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:34:10.0760 3676  Nla - ok
18:34:10.0823 3676  [ 2C16E2FA673B51B7C047E888A9A164F0 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
18:34:11.0416 3676  NMIndexingService - ok
18:34:11.0526 3676  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:34:11.0541 3676  Npfs - ok
18:34:11.0807 3676  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:34:11.0995 3676  Ntfs - ok
18:34:12.0010 3676  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
18:34:12.0010 3676  NtLmSsp - ok
18:34:12.0198 3676  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:34:12.0213 3676  NtmsSvc - ok
18:34:12.0260 3676  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:34:12.0276 3676  Null - ok
18:34:12.0291 3676  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:34:12.0323 3676  NwlnkFlt - ok
18:34:12.0338 3676  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:34:12.0370 3676  NwlnkFwd - ok
18:34:12.0495 3676  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:34:12.0541 3676  ose - ok
18:34:12.0682 3676  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
18:34:12.0729 3676  Parport - ok
18:34:12.0760 3676  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:34:12.0791 3676  PartMgr - ok
18:34:12.0838 3676  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:34:12.0838 3676  ParVdm - ok
18:34:12.0870 3676  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:34:12.0901 3676  PCI - ok
18:34:12.0901 3676  PCIDump - ok
18:34:12.0963 3676  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:34:12.0963 3676  PCIIde - ok
18:34:13.0041 3676  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:34:13.0088 3676  Pcmcia - ok
18:34:13.0088 3676  PDCOMP - ok
18:34:13.0088 3676  PDFRAME - ok
18:34:13.0104 3676  PDRELI - ok
18:34:13.0104 3676  PDRFRAME - ok
18:34:13.0104 3676  perc2 - ok
18:34:13.0120 3676  perc2hib - ok
18:34:13.0151 3676  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
18:34:13.0151 3676  PlugPlay - ok
18:34:13.0213 3676  [ E5582E43E167CF367757D81E9727DA2A ] Point32         C:\WINDOWS\system32\DRIVERS\point32.sys
18:34:13.0260 3676  Point32 - ok
18:34:13.0291 3676  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:34:13.0291 3676  PolicyAgent - ok
18:34:13.0370 3676  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:34:13.0370 3676  PptpMiniport - ok
18:34:13.0416 3676  [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
18:34:13.0416 3676  Processor - ok
18:34:13.0432 3676  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:34:13.0432 3676  ProtectedStorage - ok
18:34:13.0448 3676  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:34:13.0448 3676  PSched - ok
18:34:13.0526 3676  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
18:34:13.0526 3676  PSI_SVC_2 - ok
18:34:13.0557 3676  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:34:13.0557 3676  Ptilink - ok
18:34:13.0588 3676  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:34:13.0588 3676  PxHelp20 - ok
18:34:13.0604 3676  ql1080 - ok
18:34:13.0619 3676  Ql10wnt - ok
18:34:13.0619 3676  ql12160 - ok
18:34:13.0635 3676  ql1240 - ok
18:34:13.0651 3676  ql1280 - ok
18:34:13.0651 3676  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:34:13.0651 3676  RasAcd - ok
18:34:13.0682 3676  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:34:13.0698 3676  RasAuto - ok
18:34:13.0713 3676  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:34:13.0713 3676  Rasl2tp - ok
18:34:13.0744 3676  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:34:13.0744 3676  RasMan - ok
18:34:13.0744 3676  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:34:13.0744 3676  RasPppoe - ok
18:34:13.0760 3676  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:34:13.0760 3676  Raspti - ok
18:34:13.0791 3676  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:34:13.0791 3676  Rdbss - ok
18:34:13.0807 3676  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:34:13.0807 3676  RDPCDD - ok
18:34:13.0854 3676  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:34:13.0854 3676  RDPWD - ok
18:34:13.0901 3676  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:34:13.0901 3676  RDSessMgr - ok
18:34:13.0948 3676  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:34:13.0948 3676  redbook - ok
18:34:13.0994 3676  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:34:13.0994 3676  RemoteAccess - ok
18:34:14.0088 3676  [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
18:34:14.0088 3676  RichVideo - ok
18:34:14.0119 3676  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:34:14.0119 3676  RpcLocator - ok
18:34:14.0135 3676  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
18:34:14.0135 3676  RpcSs - ok
18:34:14.0182 3676  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
18:34:14.0198 3676  RSVP - ok
18:34:14.0229 3676  [ 3400495F5B219D5153C770A95499579C ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
18:34:14.0229 3676  RTLE8023xp - ok
18:34:14.0276 3676  SABProcEnum - ok
18:34:14.0291 3676  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:34:14.0291 3676  SamSs - ok
18:34:14.0323 3676  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:34:14.0323 3676  SASDIFSV - ok
18:34:14.0354 3676  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:34:14.0354 3676  SASKUTIL - ok
18:34:14.0354 3676  SBRE - ok
18:34:14.0416 3676  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:34:14.0416 3676  SCardSvr - ok
18:34:14.0463 3676  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:34:14.0463 3676  Schedule - ok
18:34:14.0479 3676  [ BA0D892D2F786BCEBDF03B0A252B47F3 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:34:14.0479 3676  Secdrv - ok
18:34:14.0479 3676  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:34:14.0479 3676  seclogon - ok
18:34:14.0479 3676  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
18:34:14.0494 3676  SENS - ok
18:34:14.0526 3676  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
18:34:14.0526 3676  serenum - ok
18:34:14.0526 3676  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
18:34:14.0526 3676  Serial - ok
18:34:14.0557 3676  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:34:14.0557 3676  Sfloppy - ok
18:34:14.0588 3676  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:34:14.0588 3676  SharedAccess - ok
18:34:14.0604 3676  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:34:14.0604 3676  ShellHWDetection - ok
18:34:14.0619 3676  Simbad - ok
18:34:14.0682 3676  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
18:34:14.0682 3676  SkypeUpdate - ok
18:34:14.0729 3676  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:34:14.0729 3676  SLIP - ok
18:34:14.0729 3676  Sparrow - ok
18:34:14.0760 3676  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:34:14.0760 3676  splitter - ok
18:34:14.0791 3676  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:34:14.0791 3676  Spooler - ok
18:34:14.0823 3676  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:34:14.0823 3676  sr - ok
18:34:14.0854 3676  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
18:34:14.0854 3676  srservice - ok
18:34:14.0901 3676  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:34:14.0916 3676  Srv - ok
18:34:14.0948 3676  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:34:14.0948 3676  SSDPSRV - ok
18:34:15.0010 3676  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:34:15.0010 3676  stisvc - ok
18:34:15.0041 3676  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:34:15.0041 3676  streamip - ok
18:34:15.0057 3676  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:34:15.0057 3676  swenum - ok
18:34:15.0151 3676  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:34:15.0166 3676  SwitchBoard - ok
18:34:15.0166 3676  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:34:15.0166 3676  swmidi - ok
18:34:15.0182 3676  SwPrv - ok
18:34:15.0182 3676  symc810 - ok
18:34:15.0182 3676  symc8xx - ok
18:34:15.0198 3676  sym_hi - ok
18:34:15.0198 3676  sym_u3 - ok
18:34:15.0213 3676  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:34:15.0213 3676  sysaudio - ok
18:34:15.0229 3676  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:34:15.0229 3676  SysmonLog - ok
18:34:15.0369 3676  [ A94413D29FEBFCA872A2CFD748CF6C07 ] TabletServiceWacom C:\WINDOWS\system32\Wacom_Tablet.exe
18:34:15.0401 3676  TabletServiceWacom - ok
18:34:15.0416 3676  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:34:15.0416 3676  TapiSrv - ok
18:34:15.0463 3676  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:34:15.0479 3676  Tcpip - ok
18:34:15.0510 3676  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:34:15.0510 3676  TDPIPE - ok
18:34:15.0526 3676  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:34:15.0526 3676  TDTCP - ok
18:34:15.0557 3676  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:34:15.0557 3676  TermDD - ok
18:34:15.0573 3676  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
18:34:15.0573 3676  TermService - ok
18:34:15.0588 3676  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:34:15.0588 3676  Themes - ok
18:34:15.0588 3676  TosIde - ok
18:34:15.0604 3676  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:34:15.0604 3676  TrkWks - ok
18:34:15.0619 3676  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:34:15.0635 3676  Udfs - ok
18:34:15.0635 3676  ultra - ok
18:34:15.0666 3676  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:34:15.0666 3676  Update - ok
18:34:15.0698 3676  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:34:15.0698 3676  upnphost - ok
18:34:15.0713 3676  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
18:34:15.0713 3676  UPS - ok
18:34:15.0744 3676  [ 4B8A9C16B6D9258ED99C512AECB8C555 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
18:34:15.0776 3676  USBAAPL - ok
18:34:15.0807 3676  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
18:34:15.0807 3676  usbaudio - ok
18:34:15.0838 3676  [ 2038824260EFDFFA6F78D9BEF767622D ] USBCamera       C:\WINDOWS\system32\Drivers\Bulk50x.sys
18:34:15.0854 3676  USBCamera - ok
18:34:15.0854 3676  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:34:15.0854 3676  usbccgp - ok
18:34:15.0869 3676  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:34:15.0869 3676  usbehci - ok
18:34:15.0885 3676  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:34:15.0885 3676  usbhub - ok
18:34:15.0901 3676  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:34:15.0916 3676  usbohci - ok
18:34:15.0948 3676  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:34:15.0948 3676  usbprint - ok
18:34:15.0994 3676  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:34:15.0994 3676  usbscan - ok
18:34:16.0010 3676  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:34:16.0010 3676  usbstor - ok
18:34:16.0026 3676  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
18:34:16.0026 3676  usbvideo - ok
18:34:16.0057 3676  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:34:16.0057 3676  VgaSave - ok
18:34:16.0057 3676  ViaIde - ok
18:34:16.0104 3676  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:34:16.0104 3676  VolSnap - ok
18:34:16.0213 3676  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
18:34:16.0354 3676  VSS - ok
18:34:16.0541 3676  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
18:34:16.0541 3676  W32Time - ok
18:34:16.0604 3676  [ A9EED4B15BC5895C427F33E9472E257E ] WacHidRouter    C:\WINDOWS\system32\DRIVERS\wachidrouter.sys
18:34:16.0698 3676  WacHidRouter - ok
18:34:16.0838 3676  [ AD73D2F9A0355B5B5B19E06C77BBEACB ] wacomrouterfilter C:\WINDOWS\system32\DRIVERS\wacomrouterfilter.sys
18:34:16.0869 3676  wacomrouterfilter - ok
18:34:16.0885 3676  wacomvhid - ok
18:34:16.0932 3676  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:34:16.0948 3676  Wanarp - ok
18:34:17.0088 3676  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
18:34:17.0354 3676  Wdf01000 - ok
18:34:17.0354 3676  WDICA - ok
18:34:17.0401 3676  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:34:17.0401 3676  wdmaud - ok
18:34:17.0448 3676  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:34:17.0463 3676  WebClient - ok
18:34:17.0573 3676  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:34:17.0573 3676  winmgmt - ok
18:34:17.0619 3676  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
18:34:17.0619 3676  WmdmPmSN - ok
18:34:17.0651 3676  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:34:17.0651 3676  WmiApSrv - ok
18:34:17.0760 3676  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
18:34:17.0791 3676  WMPNetworkSvc - ok
18:34:17.0823 3676  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:34:17.0823 3676  WpdUsb - ok
18:34:17.0948 3676  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:34:18.0026 3676  WPFFontCache_v0400 - ok
18:34:18.0073 3676  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:34:18.0073 3676  WS2IFSL - ok
18:34:18.0119 3676  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:34:18.0119 3676  wscsvc - ok
18:34:18.0151 3676  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:34:18.0151 3676  WSTCODEC - ok
18:34:18.0260 3676  [ 8DCFE436DEA474C4F682D1A71293CB4A ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
18:34:18.0276 3676  WTabletServicePro - ok
18:34:18.0323 3676  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:34:18.0323 3676  wuauserv - ok
18:34:18.0369 3676  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:34:18.0369 3676  WudfPf - ok
18:34:18.0416 3676  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:34:18.0416 3676  WudfRd - ok
18:34:18.0432 3676  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
18:34:18.0432 3676  WudfSvc - ok
18:34:18.0463 3676  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:34:18.0510 3676  WZCSVC - ok
18:34:18.0526 3676  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:34:18.0557 3676  xmlprov - ok
18:34:18.0573 3676  ================ Scan global ===============================
18:34:18.0604 3676  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:34:18.0651 3676  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:34:18.0666 3676  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:34:18.0698 3676  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
18:34:18.0698 3676  [Global] - ok
18:34:18.0698 3676  ================ Scan MBR ==================================
18:34:18.0729 3676  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:34:19.0166 3676  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:34:19.0166 3676  \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:34:19.0166 3676  ================ Scan VBR ==================================
18:34:19.0166 3676  [ AE84FA717C68F97EBD4012C7EB8EEB04 ] \Device\Harddisk0\DR0\Partition1
18:34:19.0166 3676  \Device\Harddisk0\DR0\Partition1 - ok
18:34:19.0166 3676  ================ Scan active images ========================
18:34:19.0166 3676  [ 033448D435E65C4BD72E70521FD05C76 ] C:\WINDOWS\system32\drivers\AmdPPM.sys
18:34:19.0166 3676  C:\WINDOWS\system32\drivers\AmdPPM.sys - ok
18:34:19.0182 3676  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
18:34:19.0182 3676  C:\WINDOWS\system32\drivers\videoprt.sys - ok
18:34:19.0182 3676  [ 0C2CA1C294938139829B1983A0C38B31 ] C:\WINDOWS\system32\drivers\ati2mtag.sys
18:34:19.0182 3676  C:\WINDOWS\system32\drivers\ati2mtag.sys - ok
18:34:19.0182 3676  [ 3400495F5B219D5153C770A95499579C ] C:\WINDOWS\system32\drivers\Rtenicxp.sys
18:34:19.0182 3676  C:\WINDOWS\system32\drivers\Rtenicxp.sys - ok
18:34:19.0182 3676  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
18:34:19.0182 3676  C:\WINDOWS\system32\drivers\imapi.sys - ok
18:34:19.0198 3676  [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] C:\WINDOWS\system32\drivers\afc.sys
18:34:19.0198 3676  C:\WINDOWS\system32\drivers\afc.sys - ok
18:34:19.0198 3676  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
18:34:19.0198 3676  C:\WINDOWS\system32\drivers\cdrom.sys - ok
18:34:19.0198 3676  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
18:34:19.0198 3676  C:\WINDOWS\system32\drivers\ks.sys - ok
18:34:19.0198 3676  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
18:34:19.0213 3676  C:\WINDOWS\system32\drivers\redbook.sys - ok
18:34:19.0213 3676  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
18:34:19.0213 3676  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
18:34:19.0213 3676  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
18:34:19.0213 3676  C:\WINDOWS\system32\drivers\usbport.sys - ok
18:34:19.0213 3676  [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys
18:34:19.0213 3676  C:\WINDOWS\system32\drivers\usbohci.sys - ok
18:34:19.0229 3676  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
18:34:19.0229 3676  C:\WINDOWS\system32\drivers\usbehci.sys - ok
18:34:19.0229 3676  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
18:34:19.0229 3676  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
18:34:19.0229 3676  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
18:34:19.0229 3676  C:\WINDOWS\system32\drivers\serial.sys - ok
18:34:19.0244 3676  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
18:34:19.0244 3676  C:\WINDOWS\system32\drivers\parport.sys - ok
18:34:19.0244 3676  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
18:34:19.0244 3676  C:\WINDOWS\system32\drivers\serenum.sys - ok
18:34:19.0244 3676  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
18:34:19.0244 3676  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
18:34:19.0244 3676  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
18:34:19.0244 3676  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
18:34:19.0260 3676  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
18:34:19.0260 3676  C:\WINDOWS\system32\drivers\audstub.sys - ok
18:34:19.0260 3676  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
18:34:19.0260 3676  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
18:34:19.0260 3676  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
18:34:19.0260 3676  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
18:34:19.0260 3676  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
18:34:19.0260 3676  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
18:34:19.0276 3676  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
18:34:19.0276 3676  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
18:34:19.0276 3676  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
18:34:19.0276 3676  C:\WINDOWS\system32\drivers\tdi.sys - ok
18:34:19.0276 3676  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
18:34:19.0276 3676  C:\WINDOWS\system32\drivers\raspptp.sys - ok
18:34:19.0291 3676  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
18:34:19.0291 3676  C:\WINDOWS\system32\drivers\msgpc.sys - ok
18:34:19.0291 3676  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
18:34:19.0291 3676  C:\WINDOWS\system32\drivers\psched.sys - ok
18:34:19.0291 3676  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
18:34:19.0291 3676  C:\WINDOWS\system32\drivers\ptilink.sys - ok
18:34:19.0291 3676  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
18:34:19.0291 3676  C:\WINDOWS\system32\drivers\raspti.sys - ok
18:34:19.0307 3676  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
18:34:19.0307 3676  C:\WINDOWS\system32\drivers\termdd.sys - ok
18:34:19.0307 3676  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
18:34:19.0307 3676  C:\WINDOWS\system32\drivers\mouclass.sys - ok
18:34:19.0307 3676  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
18:34:19.0307 3676  C:\WINDOWS\system32\drivers\swenum.sys - ok
18:34:19.0323 3676  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
18:34:19.0323 3676  C:\WINDOWS\system32\drivers\update.sys - ok
18:34:19.0323 3676  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
18:34:19.0323 3676  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
18:34:19.0323 3676  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
18:34:19.0323 3676  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
18:34:19.0323 3676  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
18:34:19.0323 3676  C:\WINDOWS\system32\drivers\usbd.sys - ok
18:34:19.0338 3676  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
18:34:19.0338 3676  C:\WINDOWS\system32\drivers\usbhub.sys - ok
18:34:19.0338 3676  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
18:34:19.0338 3676  C:\WINDOWS\system32\drivers\drmk.sys - ok
18:34:19.0338 3676  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
18:34:19.0338 3676  C:\WINDOWS\system32\drivers\portcls.sys - ok
18:34:19.0354 3676  [ 8F924588C272FDAA28CF31A9BBC21A72 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:34:19.0354 3676  C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
18:34:19.0354 3676  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
18:34:19.0354 3676  C:\WINDOWS\system32\drivers\fdc.sys - ok
18:34:19.0354 3676  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
18:34:19.0354 3676  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
18:34:19.0354 3676  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
18:34:19.0354 3676  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
18:34:19.0369 3676  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
18:34:19.0369 3676  C:\WINDOWS\system32\drivers\beep.sys - ok
18:34:19.0369 3676  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
18:34:19.0369 3676  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
18:34:19.0369 3676  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
18:34:19.0369 3676  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
18:34:19.0369 3676  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
18:34:19.0369 3676  C:\WINDOWS\system32\drivers\hidparse.sys - ok
18:34:19.0385 3676  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
18:34:19.0385 3676  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
18:34:19.0385 3676  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
18:34:19.0385 3676  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
18:34:19.0385 3676  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
18:34:19.0385 3676  C:\WINDOWS\system32\drivers\null.sys - ok
18:34:19.0401 3676  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
18:34:19.0401 3676  C:\WINDOWS\system32\drivers\vga.sys - ok
18:34:19.0401 3676  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
18:34:19.0401 3676  C:\WINDOWS\system32\drivers\msfs.sys - ok
18:34:19.0401 3676  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
18:34:19.0401 3676  C:\WINDOWS\system32\drivers\npfs.sys - ok
18:34:19.0401 3676  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
18:34:19.0401 3676  C:\WINDOWS\system32\drivers\rasacd.sys - ok
18:34:19.0416 3676  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
18:34:19.0416 3676  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
18:34:19.0416 3676  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
18:34:19.0416 3676  C:\WINDOWS\system32\drivers\ipsec.sys - ok
18:34:19.0416 3676  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
18:34:19.0416 3676  C:\WINDOWS\system32\drivers\netbt.sys - ok
18:34:19.0432 3676  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
18:34:19.0432 3676  C:\WINDOWS\system32\drivers\tcpip.sys - ok
18:34:19.0432 3676  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
18:34:19.0432 3676  C:\WINDOWS\system32\drivers\afd.sys - ok
18:34:19.0432 3676  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
18:34:19.0432 3676  C:\WINDOWS\system32\drivers\ipnat.sys - ok
18:34:19.0432 3676  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
18:34:19.0432 3676  C:\WINDOWS\system32\drivers\netbios.sys - ok
18:34:19.0448 3676  [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
18:34:19.0448 3676  C:\WINDOWS\system32\drivers\processr.sys - ok
18:34:19.0448 3676  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
18:34:19.0448 3676  C:\WINDOWS\system32\drivers\wanarp.sys - ok
18:34:19.0448 3676  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:34:19.0448 3676  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
18:34:19.0463 3676  [ 39763504067962108505BFF25F024345 ] C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:34:19.0463 3676  C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS - ok
18:34:19.0463 3676  [ 77B9FC20084B48408AD3E87570EB4A85 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:34:19.0463 3676  C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
18:34:19.0463 3676  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
18:34:19.0463 3676  C:\WINDOWS\system32\drivers\rdbss.sys - ok
18:34:19.0463 3676  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
18:34:19.0463 3676  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
18:34:19.0479 3676  [ A69630D039C38018689190234F866D77 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{62BD963E-67D1-4FC9-9C06-857C449874EF}\MpKsl36a9df7b.sys
18:34:19.0479 3676  C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{62BD963E-67D1-4FC9-9C06-857C449874EF}\MpKsl36a9df7b.sys - ok
18:34:19.0479 3676  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
18:34:19.0479 3676  C:\WINDOWS\system32\drivers\fips.sys - ok
18:34:19.0479 3676  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
18:34:19.0479 3676  C:\WINDOWS\system32\smss.exe - ok
18:34:19.0479 3676  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
18:34:19.0479 3676  C:\WINDOWS\system32\ntdll.dll - ok
18:34:19.0494 3676  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
18:34:19.0494 3676  C:\WINDOWS\system32\autochk.exe - ok
18:34:19.0494 3676  [ 362BC5AF8EAF712832C58CC13AE05750 ] C:\WINDOWS\system32\sfcfiles.dll
18:34:19.0494 3676  C:\WINDOWS\system32\sfcfiles.dll - ok
18:34:19.0494 3676  [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
18:34:19.0494 3676  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
18:34:19.0526 3676  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
18:34:19.0526 3676  C:\WINDOWS\system32\drivers\cdfs.sys - ok
18:34:19.0526 3676  [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
18:34:19.0526 3676  C:\WINDOWS\system32\drivers\usbstor.sys - ok
18:34:19.0526 3676  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
18:34:19.0526 3676  C:\WINDOWS\system32\drivers\hidclass.sys - ok
18:34:19.0526 3676  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
18:34:19.0526 3676  C:\WINDOWS\system32\drivers\hidusb.sys - ok
18:34:19.0526 3676  [ 066F26EFE273125B352E35405D258E85 ] C:\WINDOWS\system32\drivers\nx6000.sys
18:34:19.0526 3676  C:\WINDOWS\system32\drivers\nx6000.sys - ok
18:34:19.0526 3676  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] C:\WINDOWS\system32\drivers\usbvideo.sys
18:34:19.0526 3676  C:\WINDOWS\system32\drivers\usbvideo.sys - ok
18:34:19.0541 3676  [ E919708DB44ED8543A7C017953148330 ] C:\WINDOWS\system32\drivers\USBAUDIO.sys
18:34:19.0541 3676  C:\WINDOWS\system32\drivers\USBAUDIO.sys - ok
18:34:19.0541 3676  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
18:34:19.0541 3676  C:\WINDOWS\system32\drivers\mouhid.sys - ok
18:34:19.0541 3676  [ E5582E43E167CF367757D81E9727DA2A ] C:\WINDOWS\system32\drivers\point32.sys
18:34:19.0541 3676  C:\WINDOWS\system32\drivers\point32.sys - ok
18:34:19.0557 3676  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
18:34:19.0557 3676  C:\WINDOWS\system32\drivers\wmilib.sys - ok
18:34:19.0557 3676  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
18:34:19.0557 3676  C:\WINDOWS\system32\drivers\atapi.sys - ok
18:34:19.0557 3676  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
18:34:19.0557 3676  C:\WINDOWS\system32\drivers\dxapi.sys - ok
18:34:19.0557 3676  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
18:34:19.0557 3676  C:\WINDOWS\system32\watchdog.sys - ok
18:34:19.0573 3676  [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
18:34:19.0573 3676  C:\WINDOWS\system32\win32k.sys - ok
18:34:19.0573 3676  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:34:19.0573 3676  C:\WINDOWS\system32\basesrv.dll - ok
18:34:19.0573 3676  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
18:34:19.0573 3676  C:\WINDOWS\system32\csrsrv.dll - ok
18:34:19.0588 3676  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
18:34:19.0588 3676  C:\WINDOWS\system32\csrss.exe - ok
18:34:19.0588 3676  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
18:34:19.0588 3676  C:\WINDOWS\system32\gdi32.dll - ok
18:34:19.0588 3676  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:34:19.0588 3676  C:\WINDOWS\system32\winsrv.dll - ok
18:34:19.0588 3676  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
18:34:19.0588 3676  C:\WINDOWS\system32\kernel32.dll - ok
18:34:19.0604 3676  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
18:34:19.0604 3676  C:\WINDOWS\system32\user32.dll - ok
18:34:19.0604 3676  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
18:34:19.0604 3676  C:\WINDOWS\system32\drivers\dxg.sys - ok
18:34:19.0604 3676  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
18:34:19.0604 3676  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
18:34:19.0604 3676  [ D0AFAD076196B52477C386B0E989497F ] C:\WINDOWS\system32\ati2cqag.dll
18:34:19.0604 3676  C:\WINDOWS\system32\ati2cqag.dll - ok
18:34:19.0619 3676  [ 09E4059A439609650A6DCEB14099C579 ] C:\WINDOWS\system32\ati2dvag.dll
18:34:19.0619 3676  C:\WINDOWS\system32\ati2dvag.dll - ok
18:34:19.0619 3676  [ 975C3EB8C9DCE3E2A05F544230D08B07 ] C:\WINDOWS\system32\atikvmag.dll
18:34:19.0619 3676  C:\WINDOWS\system32\atikvmag.dll - ok
18:34:19.0619 3676  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
18:34:19.0619 3676  C:\WINDOWS\system32\vga.dll - ok
18:34:19.0635 3676  [ 14333A42D3C0E1D05D9FBF13AD275027 ] C:\WINDOWS\system32\atiok3x2.dll
18:34:19.0635 3676  C:\WINDOWS\system32\atiok3x2.dll - ok
18:34:19.0635 3676  [ EBBA38711885EB6F68C9DD65A721485E ] C:\WINDOWS\system32\ati3duag.dll
18:34:19.0635 3676  C:\WINDOWS\system32\ati3duag.dll - ok
18:34:19.0635 3676  [ 8B05528E62309FAE347F1593F306FA17 ] C:\WINDOWS\system32\ativvaxx.dll
18:34:19.0635 3676  C:\WINDOWS\system32\ativvaxx.dll - ok
18:34:19.0635 3676  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
18:34:19.0635 3676  C:\WINDOWS\system32\winlogon.exe - ok
18:34:19.0651 3676  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
18:34:19.0651 3676  C:\WINDOWS\system32\advapi32.dll - ok
18:34:19.0651 3676  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
18:34:19.0651 3676  C:\WINDOWS\system32\rpcrt4.dll - ok
18:34:19.0651 3676  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
18:34:19.0651 3676  C:\WINDOWS\system32\authz.dll - ok
18:34:19.0666 3676  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
18:34:19.0666 3676  C:\WINDOWS\system32\msvcrt.dll - ok
18:34:19.0666 3676  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
18:34:19.0666 3676  C:\WINDOWS\system32\secur32.dll - ok
18:34:19.0666 3676  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
18:34:19.0666 3676  C:\WINDOWS\system32\crypt32.dll - ok
18:34:19.0666 3676  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
18:34:19.0666 3676  C:\WINDOWS\system32\msasn1.dll - ok
18:34:19.0682 3676  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
18:34:19.0682 3676  C:\WINDOWS\system32\nddeapi.dll - ok
18:34:19.0682 3676  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
18:34:19.0682 3676  C:\WINDOWS\system32\netapi32.dll - ok
18:34:19.0682 3676  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
18:34:19.0682 3676  C:\WINDOWS\system32\profmap.dll - ok
18:34:19.0698 3676  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
18:34:19.0698 3676  C:\WINDOWS\system32\userenv.dll - ok
18:34:19.0698 3676  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
18:34:19.0698 3676  C:\WINDOWS\system32\psapi.dll - ok
18:34:19.0698 3676  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
18:34:19.0698 3676  C:\WINDOWS\system32\regapi.dll - ok
18:34:19.0698 3676  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
18:34:19.0698 3676  C:\WINDOWS\system32\setupapi.dll - ok
18:34:19.0713 3676  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
18:34:19.0713 3676  C:\WINDOWS\system32\version.dll - ok
18:34:19.0713 3676  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
18:34:19.0713 3676  C:\WINDOWS\system32\winsta.dll - ok
18:34:19.0713 3676  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
18:34:19.0713 3676  C:\WINDOWS\system32\wintrust.dll - ok
18:34:19.0713 3676  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
18:34:19.0713 3676  C:\WINDOWS\system32\imagehlp.dll - ok
18:34:19.0729 3676  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
18:34:19.0729 3676  C:\WINDOWS\system32\ws2_32.dll - ok
18:34:19.0729 3676  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
18:34:19.0729 3676  C:\WINDOWS\system32\imm32.dll - ok
18:34:19.0729 3676  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
18:34:19.0729 3676  C:\WINDOWS\system32\ws2help.dll - ok
18:34:19.0744 3676  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
18:34:19.0744 3676  C:\WINDOWS\system32\kbdus.dll - ok
18:34:19.0744 3676  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
18:34:19.0744 3676  C:\WINDOWS\system32\msgina.dll - ok
18:34:19.0744 3676  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
18:34:19.0744 3676  C:\WINDOWS\system32\comctl32.dll - ok
18:34:19.0744 3676  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
18:34:19.0744 3676  C:\WINDOWS\system32\comdlg32.dll - ok
18:34:19.0760 3676  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
18:34:19.0760 3676  C:\WINDOWS\system32\odbc32.dll - ok
18:34:19.0760 3676  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
18:34:19.0760 3676  C:\WINDOWS\system32\shell32.dll - ok
18:34:19.0760 3676  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
18:34:19.0760 3676  C:\WINDOWS\system32\shlwapi.dll - ok
18:34:19.0776 3676  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
18:34:19.0776 3676  C:\WINDOWS\system32\sxs.dll - ok
18:34:19.0776 3676  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
18:34:19.0776 3676  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
18:34:19.0776 3676  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
18:34:19.0776 3676  C:\WINDOWS\system32\odbcint.dll - ok
18:34:19.0776 3676  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
18:34:19.0776 3676  C:\WINDOWS\system32\shsvcs.dll - ok
18:34:19.0791 3676  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
18:34:19.0791 3676  C:\WINDOWS\system32\ole32.dll - ok
18:34:19.0791 3676  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
18:34:19.0791 3676  C:\WINDOWS\system32\sfc.dll - ok
18:34:19.0791 3676  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
18:34:19.0791 3676  C:\WINDOWS\system32\sfc_os.dll - ok
18:34:19.0807 3676  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
18:34:19.0807 3676  C:\WINDOWS\system32\apphelp.dll - ok
18:34:19.0807 3676  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
18:34:19.0807 3676  C:\WINDOWS\system32\lsasrv.dll - ok
18:34:19.0807 3676  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
18:34:19.0807 3676  C:\WINDOWS\system32\lsass.exe - ok
18:34:19.0807 3676  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
18:34:19.0807 3676  C:\WINDOWS\system32\msvcp60.dll - ok
18:34:19.0823 3676  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
18:34:19.0823 3676  C:\WINDOWS\system32\ncobjapi.dll - ok
18:34:19.0823 3676  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
18:34:19.0823 3676  C:\WINDOWS\system32\services.exe - ok
18:34:19.0823 3676  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
18:34:19.0823 3676  C:\WINDOWS\system32\scesrv.dll - ok
18:34:19.0838 3676  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
18:34:19.0838 3676  C:\WINDOWS\system32\mpr.dll - ok
18:34:19.0838 3676  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
18:34:19.0838 3676  C:\WINDOWS\system32\dnsapi.dll - ok
18:34:19.0838 3676  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
18:34:19.0838 3676  C:\WINDOWS\system32\ntdsapi.dll - ok
18:34:19.0854 3676  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
18:34:19.0854 3676  C:\WINDOWS\system32\shimeng.dll - ok
18:34:19.0854 3676  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
18:34:19.0854 3676  C:\WINDOWS\system32\umpnpmgr.dll - ok
18:34:19.0854 3676  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\AcAdProc.dll
18:34:19.0854 3676  C:\WINDOWS\AppPatch\AcAdProc.dll - ok
18:34:19.0854 3676  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
18:34:19.0854 3676  C:\WINDOWS\system32\samlib.dll - ok
18:34:19.0869 3676  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
18:34:19.0869 3676  C:\WINDOWS\system32\samsrv.dll - ok
18:34:19.0869 3676  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
18:34:19.0869 3676  C:\WINDOWS\system32\wldap32.dll - ok
18:34:19.0869 3676  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\AcGenral.dll
18:34:19.0869 3676  C:\WINDOWS\AppPatch\AcGenral.dll - ok
18:34:19.0885 3676  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
18:34:19.0885 3676  C:\WINDOWS\system32\cryptdll.dll - ok
18:34:19.0885 3676  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
18:34:19.0885 3676  C:\WINDOWS\system32\winmm.dll - ok
18:34:19.0885 3676  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
18:34:19.0885 3676  C:\WINDOWS\system32\oleaut32.dll - ok
18:34:19.0885 3676  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
18:34:19.0885 3676  C:\WINDOWS\system32\msacm32.dll - ok
18:34:19.0901 3676  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
18:34:19.0901 3676  C:\WINDOWS\system32\uxtheme.dll - ok
18:34:19.0901 3676  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
18:34:19.0901 3676  C:\WINDOWS\system32\msapsspc.dll - ok
18:34:19.0901 3676  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
18:34:19.0901 3676  C:\WINDOWS\system32\msvcrt40.dll - ok
18:34:19.0901 3676  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
18:34:19.0916 3676  C:\WINDOWS\system32\digest.dll - ok
18:34:19.0916 3676  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
18:34:19.0916 3676  C:\WINDOWS\system32\kerberos.dll - ok
18:34:19.0916 3676  [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\system32\msctfime.ime
18:34:19.0916 3676  C:\WINDOWS\system32\msctfime.ime - ok
18:34:19.0916 3676  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
18:34:19.0916 3676  C:\WINDOWS\system32\msnsspc.dll - ok
18:34:19.0932 3676  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
18:34:19.0932 3676  C:\WINDOWS\system32\msprivs.dll - ok
18:34:19.0932 3676  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
18:34:19.0932 3676  C:\WINDOWS\system32\schannel.dll - ok
18:34:19.0932 3676  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
18:34:19.0932 3676  C:\WINDOWS\system32\msv1_0.dll - ok
18:34:19.0932 3676  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
18:34:19.0932 3676  C:\WINDOWS\system32\atmfd.dll - ok
18:34:19.0948 3676  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
18:34:19.0948 3676  C:\WINDOWS\system32\iphlpapi.dll - ok
18:34:19.0948 3676  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
18:34:19.0948 3676  C:\WINDOWS\system32\netlogon.dll - ok
18:34:19.0948 3676  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
18:34:19.0948 3676  C:\WINDOWS\system32\w32time.dll - ok
18:34:19.0963 3676  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
18:34:19.0963 3676  C:\WINDOWS\system32\wdigest.dll - ok
18:34:19.0963 3676  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
18:34:19.0963 3676  C:\WINDOWS\system32\rsaenh.dll - ok
18:34:19.0963 3676  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
18:34:19.0963 3676  C:\WINDOWS\system32\winscard.dll - ok
18:34:19.0963 3676  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
18:34:19.0963 3676  C:\WINDOWS\system32\wtsapi32.dll - ok
18:34:19.0979 3676  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
18:34:19.0979 3676  C:\WINDOWS\system32\scecli.dll - ok
18:34:19.0979 3676  [ 666E4E583A7CF1233C6425DA16ECDC89 ] C:\WINDOWS\system32\ati2evxx.exe
18:34:19.0979 3676  C:\WINDOWS\system32\ati2evxx.exe - ok
18:34:19.0979 3676  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
18:34:19.0979 3676  C:\WINDOWS\system32\cfgmgr32.dll - ok
18:34:19.0994 3676  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
18:34:19.0994 3676  C:\WINDOWS\system32\powrprof.dll - ok
18:34:19.0994 3676  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
18:34:19.0994 3676  C:\WINDOWS\system32\svchost.exe - ok
18:34:19.0994 3676  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
18:34:19.0994 3676  C:\WINDOWS\system32\ntmarta.dll - ok
18:34:19.0994 3676  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
18:34:19.0994 3676  C:\WINDOWS\system32\rpcss.dll - ok
18:34:20.0010 3676  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
18:34:20.0010 3676  C:\WINDOWS\system32\xpsp2res.dll - ok
18:34:20.0010 3676  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
18:34:20.0010 3676  C:\WINDOWS\system32\eventlog.dll - ok
18:34:20.0010 3676  [ 1B55AADA26FB54ED88C7E9BD113AFC06 ] C:\WINDOWS\system32\ati2edxx.dll
18:34:20.0010 3676  C:\WINDOWS\system32\ati2edxx.dll - ok
18:34:20.0026 3676  [ EBD18D3B25D9F11769C63723B0DB53DB ] C:\WINDOWS\system32\atipdlxx.dll
18:34:20.0026 3676  C:\WINDOWS\system32\atipdlxx.dll - ok
18:34:20.0026 3676  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
18:34:20.0026 3676  C:\WINDOWS\system32\mswsock.dll - ok
18:34:20.0026 3676  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
18:34:20.0026 3676  C:\WINDOWS\system32\hnetcfg.dll - ok
18:34:20.0026 3676  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
18:34:20.0026 3676  C:\WINDOWS\system32\wshtcpip.dll - ok
18:34:20.0041 3676  [ 2B81226910F765A9191EB9DB93743237 ] C:\Program Files\Bonjour\mdnsNSP.dll
18:34:20.0041 3676  C:\Program Files\Bonjour\mdnsNSP.dll - ok
18:34:20.0041 3676  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
18:34:20.0041 3676  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
18:34:20.0041 3676  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
18:34:20.0041 3676  C:\WINDOWS\system32\rasadhlp.dll - ok
18:34:20.0057 3676  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
18:34:20.0057 3676  C:\WINDOWS\system32\winrnr.dll - ok
18:34:20.0057 3676  [ F556912E70B22D740C9C99E310E3C11F ] C:\Program Files\Microsoft Security Client\MpSvc.dll
18:34:20.0057 3676  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
18:34:20.0057 3676  [ 3D9381A332E4373F8811C71BA5078B31 ] C:\Program Files\Microsoft Security Client\MpClient.dll
18:34:20.0057 3676  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
18:34:20.0057 3676  [ 8DCFE436DEA474C4F682D1A71293CB4A ] C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
18:34:20.0057 3676  C:\Program Files\Tablet\Wacom\WTabletServicePro.exe - ok
18:34:20.0073 3676  [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Tablet\Wacom\msvcp100.dll
18:34:20.0073 3676  C:\Program Files\Tablet\Wacom\msvcp100.dll - ok
18:34:20.0073 3676  [ AA87D7709021503687326432DC59590D ] C:\Program Files\Microsoft Security Client\MpRTP.dll
18:34:20.0073 3676  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
18:34:20.0073 3676  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Tablet\Wacom\msvcr100.dll
18:34:20.0073 3676  C:\Program Files\Tablet\Wacom\msvcr100.dll - ok
18:34:20.0088 3676  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
18:34:20.0088 3676  C:\WINDOWS\system32\logonui.exe - ok
18:34:20.0088 3676  [ 7FB5C6AD0C3E7818DC87F199E225ED25 ] C:\WINDOWS\system32\ati2evxx.dll
18:34:20.0088 3676  C:\WINDOWS\system32\ati2evxx.dll - ok
18:34:20.0088 3676  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
18:34:20.0088 3676  C:\WINDOWS\system32\cscdll.dll - ok
18:34:20.0088 3676  [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
18:34:20.0088 3676  C:\WINDOWS\system32\fltlib.dll - ok
18:34:20.0104 3676  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
18:34:20.0104 3676  C:\WINDOWS\system32\dimsntfy.dll - ok
18:34:20.0104 3676  [ 5650B193FD9F06274BA17311DEACC5A8 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{62BD963E-67D1-4FC9-9C06-857C449874EF}\mpengine.dll
18:34:20.0104 3676  C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{62BD963E-67D1-4FC9-9C06-857C449874EF}\mpengine.dll - ok
18:34:20.0104 3676  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
18:34:20.0104 3676  C:\WINDOWS\system32\wlnotify.dll - ok
18:34:20.0104 3676  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
18:34:20.0104 3676  C:\WINDOWS\system32\winspool.drv - ok
18:34:20.0119 3676  [ 19E0B5B6202CE85796EA6C0EBB7334DF ] C:\Program Files\Tablet\Wacom\WacomHost.exe
18:34:20.0119 3676  C:\Program Files\Tablet\Wacom\WacomHost.exe - ok
18:34:20.0119 3676  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
18:34:20.0119 3676  C:\WINDOWS\system32\duser.dll - ok
18:34:20.0119 3676  [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
18:34:20.0119 3676  C:\WINDOWS\system32\WudfSvc.dll - ok
18:34:20.0135 3676  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
18:34:20.0135 3676  C:\WINDOWS\system32\clbcatq.dll - ok
18:34:20.0135 3676  [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
18:34:20.0135 3676  C:\WINDOWS\system32\WudfPlatform.dll - ok
18:34:20.0135 3676  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
18:34:20.0135 3676  C:\WINDOWS\system32\msimg32.dll - ok
18:34:20.0135 3676  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
18:34:20.0135 3676  C:\WINDOWS\system32\oleacc.dll - ok
18:34:20.0151 3676  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
18:34:20.0151 3676  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
18:34:20.0151 3676  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
18:34:20.0151 3676  C:\WINDOWS\system32\comres.dll - ok
18:34:20.0151 3676  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
18:34:20.0151 3676  C:\WINDOWS\system32\dhcpcsvc.dll - ok
18:34:20.0166 3676  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
18:34:20.0166 3676  C:\WINDOWS\system32\dnsrslvr.dll - ok
18:34:20.0166 3676  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
18:34:20.0166 3676  C:\WINDOWS\system32\lmhsvc.dll - ok
18:34:20.0166 3676  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
18:34:20.0166 3676  C:\WINDOWS\system32\wzcsvc.dll - ok
18:34:20.0166 3676  [ 2975C66459C426C20BC22D639DF6B611 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
18:34:20.0166 3676  C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
18:34:20.0182 3676  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
18:34:20.0182 3676  C:\WINDOWS\system32\shgina.dll - ok
18:34:20.0182 3676  [ C332870084DB9164F465D6F1B7472728 ] C:\WINDOWS\system32\urlmon.dll
18:34:20.0182 3676  C:\WINDOWS\system32\urlmon.dll - ok
18:34:20.0182 3676  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
18:34:20.0182 3676  C:\WINDOWS\system32\rtutils.dll - ok
18:34:20.0197 3676  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
18:34:20.0197 3676  C:\WINDOWS\system32\eapolqec.dll - ok
18:34:20.0197 3676  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
18:34:20.0197 3676  C:\WINDOWS\system32\wmi.dll - ok
18:34:20.0197 3676  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
18:34:20.0197 3676  C:\WINDOWS\system32\atl.dll - ok
18:34:20.0197 3676  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
18:34:20.0197 3676  C:\WINDOWS\system32\qutil.dll - ok
18:34:20.0213 3676  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
18:34:20.0213 3676  C:\WINDOWS\system32\dot3api.dll - ok
18:34:20.0213 3676  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
18:34:20.0213 3676  C:\WINDOWS\system32\esent.dll - ok
18:34:20.0213 3676  [ 47464CA4943F82E1B8FCB2C57DA15F83 ] C:\WINDOWS\system32\iertutil.dll
18:34:20.0213 3676  C:\WINDOWS\system32\iertutil.dll - ok
18:34:20.0229 3676  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
18:34:20.0229 3676  C:\WINDOWS\system32\cscui.dll - ok
18:34:20.0229 3676  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
18:34:20.0229 3676  C:\WINDOWS\system32\rastls.dll - ok
18:34:20.0229 3676  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
18:34:20.0229 3676  C:\WINDOWS\system32\cryptui.dll - ok
18:34:20.0229 3676  [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
18:34:20.0229 3676  C:\WINDOWS\system32\dpcdll.dll - ok
18:34:20.0244 3676  [ 5AACF4B4DEE1972B7952E8A747122232 ] C:\WINDOWS\system32\wininet.dll
18:34:20.0244 3676  C:\WINDOWS\system32\wininet.dll - ok
18:34:20.0244 3676  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
18:34:20.0244 3676  C:\WINDOWS\system32\mprapi.dll - ok
18:34:20.0244 3676  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
18:34:20.0244 3676  C:\WINDOWS\system32\activeds.dll - ok
18:34:20.0260 3676  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
18:34:20.0260 3676  C:\WINDOWS\system32\adsldpc.dll - ok
18:34:20.0260 3676  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
18:34:20.0260 3676  C:\WINDOWS\system32\normaliz.dll - ok
18:34:20.0260 3676  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
18:34:20.0260 3676  C:\WINDOWS\system32\rasapi32.dll - ok
18:34:20.0260 3676  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
18:34:20.0260 3676  C:\WINDOWS\system32\userinit.exe - ok
18:34:20.0276 3676  [ 6431BE8FDB03A9441AA12B778AFD7C16 ] C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
18:34:20.0276 3676  C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe - ok
18:34:20.0276 3676  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
18:34:20.0276 3676  C:\WINDOWS\system32\rasman.dll - ok
18:34:20.0276 3676  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
18:34:20.0276 3676  C:\WINDOWS\system32\tapi32.dll - ok
18:34:20.0291 3676  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
18:34:20.0291 3676  C:\WINDOWS\explorer.exe - ok
18:34:20.0291 3676  [ 193E7FF062E26A5332D9F0B1708D5D15 ] C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
18:34:20.0291 3676  C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe - ok
18:34:20.0291 3676  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
18:34:20.0291 3676  C:\WINDOWS\system32\riched20.dll - ok
18:34:20.0307 3676  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
18:34:20.0307 3676  C:\WINDOWS\system32\browseui.dll - ok
18:34:20.0307 3676  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
18:34:20.0307 3676  C:\WINDOWS\system32\raschap.dll - ok
18:34:20.0307 3676  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
18:34:20.0307 3676  C:\WINDOWS\system32\netman.dll - ok
18:34:20.0307 3676  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
18:34:20.0307 3676  C:\WINDOWS\system32\netshell.dll - ok
18:34:20.0322 3676  [ 13612A0871D9DD73971899743F71FC57 ] C:\Program Files\Tablet\Wacom\libxml2.dll
18:34:20.0322 3676  C:\Program Files\Tablet\Wacom\libxml2.dll - ok
18:34:20.0322 3676  [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
18:34:20.0322 3676  C:\WINDOWS\system32\shdocvw.dll - ok
18:34:20.0322 3676  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
18:34:20.0322 3676  C:\WINDOWS\system32\hid.dll - ok
18:34:20.0338 3676  [ CB6B671ED6D97F2E9F2274EADB7517B2 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
18:34:20.0338 3676  C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
18:34:20.0338 3676  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
18:34:20.0338 3676  C:\WINDOWS\system32\credui.dll - ok
18:34:20.0338 3676  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
18:34:20.0338 3676  C:\WINDOWS\system32\dot3dlg.dll - ok
18:34:20.0354 3676  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
18:34:20.0354 3676  C:\WINDOWS\system32\onex.dll - ok
18:34:20.0354 3676  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
18:34:20.0354 3676  C:\WINDOWS\system32\eappcfg.dll - ok
18:34:20.0354 3676  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
18:34:20.0354 3676  C:\WINDOWS\system32\eappprxy.dll - ok
18:34:20.0354 3676  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
18:34:20.0354 3676  C:\WINDOWS\system32\wzcsapi.dll - ok
18:34:20.0369 3676  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
18:34:20.0369 3676  C:\WINDOWS\system32\cabinet.dll - ok
18:34:20.0369 3676  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
18:34:20.0369 3676  C:\WINDOWS\system32\schedsvc.dll - ok
18:34:20.0369 3676  [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
18:34:20.0369 3676  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
18:34:20.0369 3676  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
18:34:20.0369 3676  C:\WINDOWS\system32\desk.cpl - ok
18:34:20.0385 3676  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
18:34:20.0385 3676  C:\WINDOWS\system32\themeui.dll - ok
18:34:20.0385 3676  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
18:34:20.0385 3676  C:\WINDOWS\system32\msidle.dll - ok
18:34:20.0385 3676  [ 42DD9011D54C3A91F14BDBBF50791DA9 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
18:34:20.0385 3676  C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
18:34:20.0401 3676  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
18:34:20.0401 3676  C:\WINDOWS\system32\actxprxy.dll - ok
18:34:20.0401 3676  [ 2DD5879AF66CE138D67F1588E0D585AC ] C:\WINDOWS\system32\Wacom_Tablet.dll
18:34:20.0401 3676  C:\WINDOWS\system32\Wacom_Tablet.dll - ok
18:34:20.0401 3676  [ A26E0A6A7EBB45815A3583E170C27031 ] C:\Program Files\Microsoft Security Client\LegitLib.dll
18:34:20.0401 3676  C:\Program Files\Microsoft Security Client\LegitLib.dll - ok
18:34:20.0416 3676  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
18:34:20.0416 3676  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
18:34:20.0416 3676  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
18:34:20.0416 3676  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
18:34:20.0432 3676  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
18:34:20.0432 3676  C:\WINDOWS\system32\spoolsv.exe - ok
18:34:20.0432 3676  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
18:34:20.0432 3676  C:\WINDOWS\system32\audiosrv.dll - ok
18:34:20.0432 3676  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
18:34:20.0432 3676  C:\WINDOWS\system32\wkssvc.dll - ok
18:34:20.0447 3676  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
18:34:20.0447 3676  C:\WINDOWS\system32\cmd.exe - ok
18:34:20.0447 3676  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
18:34:20.0447 3676  C:\WINDOWS\system32\wdmaud.drv - ok
18:34:20.0447 3676  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
18:34:20.0447 3676  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
18:34:20.0463 3676  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
18:34:20.0463 3676  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
18:34:20.0463 3676  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
18:34:20.0463 3676  C:\WINDOWS\system32\drivers\splitter.sys - ok
18:34:20.0463 3676  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
18:34:20.0463 3676  C:\WINDOWS\system32\drivers\aec.sys - ok
18:34:20.0479 3676  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\DMusic.sys
18:34:20.0479 3676  C:\WINDOWS\system32\drivers\DMusic.sys - ok
18:34:20.0479 3676  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
18:34:20.0479 3676  C:\WINDOWS\system32\drivers\swmidi.sys - ok
18:34:20.0479 3676  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
18:34:20.0479 3676  C:\WINDOWS\system32\drivers\kmixer.sys - ok
18:34:20.0494 3676  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
18:34:20.0494 3676  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
18:34:20.0494 3676  [ 59570CA554C9D75E72241AC3252E84BD ] C:\WINDOWS\system32\ieframe.dll
18:34:20.0494 3676  C:\WINDOWS\system32\ieframe.dll - ok
18:34:20.0494 3676  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
18:34:20.0494 3676  C:\WINDOWS\system32\msacm32.drv - ok
18:34:20.0510 3676  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
18:34:20.0510 3676  C:\WINDOWS\system32\midimap.dll - ok
18:34:20.0510 3676  [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files\Google\Update\GoogleUpdate.exe
18:34:20.0510 3676  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
18:34:20.0510 3676  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
18:34:20.0510 3676  C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
18:34:20.0541 3676  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
18:34:20.0541 3676  C:\WINDOWS\system32\msi.dll - ok
18:34:20.0541 3676  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
18:34:20.0541 3676  C:\WINDOWS\system32\dbghelp.dll - ok
18:34:20.0557 3676  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
18:34:20.0557 3676  C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
18:34:20.0557 3676  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
18:34:20.0557 3676  C:\WINDOWS\system32\mstask.dll - ok
18:34:20.0572 3676  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
18:34:20.0572 3676  C:\WINDOWS\system32\cryptnet.dll - ok
18:34:20.0572 3676  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
18:34:20.0572 3676  C:\WINDOWS\system32\sensapi.dll - ok
18:34:20.0572 3676  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
18:34:20.0572 3676  C:\WINDOWS\system32\winhttp.dll - ok
18:34:20.0588 3676  [ 9F4949D30C8C10E72F501FCBA1B60E3D ] C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
18:34:20.0588 3676  C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe - ok
18:34:20.0588 3676  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
18:34:20.0588 3676  C:\WINDOWS\system32\shfolder.dll - ok
18:34:20.0588 3676  [ CEB8B68B93C16AE82E7F1A5DB09AD437 ] C:\WINDOWS\system32\Wacom_Touch_Tablet.dll
18:34:20.0588 3676  C:\WINDOWS\system32\Wacom_Touch_Tablet.dll - ok
18:34:20.0604 3676  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
18:34:20.0604 3676  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
18:34:20.0604 3676  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
18:34:20.0604 3676  C:\WINDOWS\system32\webclnt.dll - ok
18:34:20.0604 3676  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
18:34:20.0604 3676  C:\Program Files\SUPERAntiSpyware\SASCORE.EXE - ok
18:34:20.0619 3676  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
18:34:20.0619 3676  C:\WINDOWS\system32\drivers\parvdm.sys - ok
18:34:20.0619 3676  [ 1474F121C3DF1232D3E7239C03691EE6 ] C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
18:34:20.0619 3676  C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe - ok
18:34:20.0619 3676  [ 232C0B9155F6A2C3736A9488F0C456DA ] C:\Program Files\Adobe\Elements 9 Organizer\platform.DLL
18:34:20.0619 3676  C:\Program Files\Adobe\Elements 9 Organizer\platform.DLL - ok
18:34:20.0635 3676  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
18:34:20.0635 3676  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
18:34:20.0635 3676  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
18:34:20.0635 3676  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
18:34:20.0635 3676  [ 20F6F19FE9E753F2780DC2FA083AD597 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:34:20.0635 3676  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
18:34:20.0651 3676  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
18:34:20.0651 3676  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
18:34:20.0651 3676  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
18:34:20.0651 3676  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
18:34:20.0651 3676  [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
18:34:20.0651 3676  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
18:34:20.0666 3676  [ DC70310B3D079D667B67F0C7067209F3 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
18:34:20.0666 3676  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
18:34:20.0666 3676  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
18:34:20.0666 3676  C:\WINDOWS\system32\wsock32.dll - ok
18:34:20.0666 3676  [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
18:34:20.0666 3676  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
18:34:20.0682 3676  [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
18:34:20.0682 3676  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
18:34:20.0682 3676  [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
18:34:20.0682 3676  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
18:34:20.0682 3676  [ D8D46A439659B8B43A41B266E4646527 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
18:34:20.0682 3676  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
18:34:20.0697 3676  [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
18:34:20.0697 3676  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
18:34:20.0697 3676  [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
18:34:20.0697 3676  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
18:34:20.0697 3676  [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
18:34:20.0697 3676  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
18:34:20.0713 3676  [ CA2033C7C5491B12C628A1CFDB99D75E ] C:\WINDOWS\system32\ati2sgag.exe
18:34:20.0713 3676  C:\WINDOWS\system32\ati2sgag.exe - ok
18:34:20.0713 3676  [ 1C87705CCB2F60172B0FC86B5D82F00D ] C:\Program Files\Bonjour\mDNSResponder.exe
18:34:20.0713 3676  C:\Program Files\Bonjour\mDNSResponder.exe - ok
18:34:20.0713 3676  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:34:20.0713 3676  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
18:34:20.0729 3676  [ 6A9A0DCAEEF488BB872B7FCA33AED3C2 ] C:\WINDOWS\system32\drivers\Ca50xav.sys
18:34:20.0729 3676  C:\WINDOWS\system32\drivers\Ca50xav.sys - ok
18:34:20.0729 3676  [ 3E5D89099DED9E86E5639F411693218F ] C:\WINDOWS\system32\drivers\stream.sys
18:34:20.0729 3676  C:\WINDOWS\system32\drivers\stream.sys - ok
18:34:20.0729 3676  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
18:34:20.0729 3676  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
18:34:20.0744 3676  [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] C:\WINDOWS\system32\mscoree.dll
18:34:20.0744 3676  C:\WINDOWS\system32\mscoree.dll - ok
18:34:20.0744 3676  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
18:34:20.0744 3676  C:\WINDOWS\system32\certcli.dll - ok
18:34:20.0744 3676  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
18:34:20.0744 3676  C:\WINDOWS\system32\cryptsvc.dll - ok
18:34:20.0760 3676  [ 3C8B6609712F4FF78E521F6DCFC4032B ] C:\WINDOWS\system32\CTSVCCDA.EXE
18:34:20.0760 3676  C:\WINDOWS\system32\CTSVCCDA.EXE - ok
18:34:20.0760 3676  [ C2EB4539A4F6AB6EDD01BDC191619975 ] C:\WINDOWS\system32\drivers\cpuz135_x32.sys
18:34:20.0760 3676  C:\WINDOWS\system32\drivers\cpuz135_x32.sys - ok
18:34:20.0760 3676  [ EC6A73CD8413F68655E5E0B99C415A21 ] C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
18:34:20.0760 3676  C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE - ok
18:34:20.0776 3676  [ D17453539D0BFD2DF8539E8B0D393684 ] C:\WINDOWS\system32\rpcns4.dll
18:34:20.0776 3676  C:\WINDOWS\system32\rpcns4.dll - ok
18:34:20.0776 3676  [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
18:34:20.0776 3676  C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE - ok
18:34:20.0776 3676  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
18:34:20.0776 3676  C:\WINDOWS\system32\ersvc.dll - ok
18:34:20.0791 3676  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
18:34:20.0791 3676  C:\WINDOWS\system32\es.dll - ok
18:34:20.0791 3676  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:34:20.0791 3676  C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - ok
18:34:20.0807 3676  [ B591E761161D1EF547D76EF236EAA6A5 ] C:\Program Files\Java\jre7\bin\jqs.exe
18:34:20.0807 3676  C:\Program Files\Java\jre7\bin\jqs.exe - ok
18:34:20.0807 3676  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
18:34:20.0807 3676  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
18:34:20.0807 3676  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
18:34:20.0807 3676  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
18:34:20.0822 3676  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
18:34:20.0822 3676  C:\WINDOWS\system32\hidserv.dll - ok
18:34:20.0822 3676  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
18:34:20.0822 3676  C:\WINDOWS\system32\pdh.dll - ok
18:34:20.0822 3676  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
18:34:20.0822 3676  C:\WINDOWS\system32\odbcbcp.dll - ok
18:34:20.0838 3676  [ 11F714F85530A2BD134074DC30E99FCA ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
18:34:20.0838 3676  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE - ok
18:34:20.0838 3676  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
18:34:20.0838 3676  C:\WINDOWS\system32\srvsvc.dll - ok
18:34:20.0838 3676  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
18:34:20.0838 3676  C:\WINDOWS\system32\netmsg.dll - ok
18:34:20.0854 3676  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
18:34:20.0854 3676  C:\WINDOWS\system32\drivers\srv.sys - ok
18:34:20.0854 3676  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
18:34:20.0854 3676  C:\WINDOWS\system32\perfos.dll - ok
18:34:20.0854 3676  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
18:34:20.0854 3676  C:\WINDOWS\system32\perfdisk.dll - ok
18:34:20.0869 3676  [ BBCDBEBBF1BD6DC5912240391874C0DC ] C:\Program Files\Microsoft LifeCam\MSCamS32.exe
18:34:20.0869 3676  C:\Program Files\Microsoft LifeCam\MSCamS32.exe - ok
18:34:20.0869 3676  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
18:34:20.0869 3676  C:\WINDOWS\system32\spoolss.dll - ok
18:34:20.0869 3676  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
18:34:20.0869 3676  C:\WINDOWS\system32\localspl.dll - ok
18:34:20.0885 3676  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
18:34:20.0885 3676  C:\WINDOWS\system32\cnbjmon.dll - ok
18:34:20.0885 3676  [ 3D8C8320B20674E322974C89AD43ED2E ] C:\WINDOWS\system32\bzpdf.dll
18:34:20.0885 3676  C:\WINDOWS\system32\bzpdf.dll - ok
18:34:20.0901 3676  [ F4F3EAE16AE6FD93E1F22DF295E2A7FC ] C:\WINDOWS\system32\E_FLBFIA.DLL
18:34:20.0901 3676  C:\WINDOWS\system32\E_FLBFIA.DLL - ok
18:34:20.0901 3676  [ A72F848C900364C9ACDDDEFF3B33686D ] C:\Program Files\Microsoft LifeCam\CAL2.dll
18:34:20.0901 3676  C:\Program Files\Microsoft LifeCam\CAL2.dll - ok
18:34:20.0901 3676  [ 1E5C7984CF487F3935902ED6565E4450 ] C:\WINDOWS\system32\EBPMON2.DLL
18:34:20.0901 3676  C:\WINDOWS\system32\EBPMON2.DLL - ok
18:34:20.0916 3676  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
18:34:20.0916 3676  C:\WINDOWS\system32\ipsecsvc.dll - ok
18:34:20.0916 3676  [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\WINDOWS\system32\mdimon.dll
18:34:20.0916 3676  C:\WINDOWS\system32\mdimon.dll - ok
18:34:20.0932 3676  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
18:34:20.0932 3676  C:\WINDOWS\system32\pjlmon.dll - ok
18:34:20.0932 3676  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
18:34:20.0932 3676  C:\WINDOWS\system32\tcpmon.dll - ok
18:34:20.0932 3676  [ A6A7AD767BF5141665F5C675F671B3E1 ] C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
18:34:20.0932 3676  C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe - ok
18:34:20.0947 3676  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
18:34:20.0947 3676  C:\WINDOWS\system32\oakley.dll - ok
18:34:20.0947 3676  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
18:34:20.0947 3676  C:\WINDOWS\system32\usbmon.dll - ok
18:34:20.0963 3676  [ EA8647A21BCB56C5F15712D4B7407501 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
18:34:20.0963 3676  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
18:34:20.0963 3676  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
18:34:20.0963 3676  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
18:34:20.0963 3676  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
18:34:20.0963 3676  C:\WINDOWS\system32\win32spl.dll - ok
18:34:20.0979 3676  [ BD517C7FB119997EFFBE39D5E4B37B05 ] C:\Program Files\CyberLink\Shared Files\RichVideo.exe
18:34:20.0979 3676  C:\Program Files\CyberLink\Shared Files\RichVideo.exe - ok
18:34:20.0979 3676  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
18:34:20.0979 3676  C:\WINDOWS\system32\netrap.dll - ok
18:34:20.0979 3676  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
18:34:20.0979 3676  C:\WINDOWS\system32\winipsec.dll - ok
18:34:20.0994 3676  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
18:34:20.0994 3676  C:\WINDOWS\system32\inetpp.dll - ok
18:34:20.0994 3676  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
18:34:20.0994 3676  C:\WINDOWS\system32\pstorsvc.dll - ok
18:34:21.0010 3676  [ AA5E22854F56C68148EB3345DBD62970 ] C:\WINDOWS\system32\devenum.dll
18:34:21.0010 3676  C:\WINDOWS\system32\devenum.dll - ok
18:34:21.0010 3676  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
18:34:21.0010 3676  C:\WINDOWS\system32\psbase.dll - ok
18:34:21.0010 3676  [ BA0D892D2F786BCEBDF03B0A252B47F3 ] C:\WINDOWS\system32\drivers\secdrv.sys
18:34:21.0010 3676  C:\WINDOWS\system32\drivers\secdrv.sys - ok
18:34:21.0026 3676  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
18:34:21.0026 3676  C:\WINDOWS\system32\seclogon.dll - ok
18:34:21.0026 3676  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
18:34:21.0026 3676  C:\WINDOWS\system32\dssenh.dll - ok
18:34:21.0026 3676  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
18:34:21.0026 3676  C:\WINDOWS\system32\sens.dll - ok
18:34:21.0041 3676  [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\Skype\Updater\Updater.exe
18:34:21.0041 3676  C:\Program Files\Skype\Updater\Updater.exe - ok
18:34:21.0041 3676  [ 01CFA88F8DEE91EC9F8E0988F49D106E ] C:\WINDOWS\system32\avicap32.dll
18:34:21.0041 3676  C:\WINDOWS\system32\avicap32.dll - ok
18:34:21.0041 3676  [ D25C03D04159D462D69F294BA7142BDB ] C:\WINDOWS\system32\msdmo.dll
18:34:21.0041 3676  C:\WINDOWS\system32\msdmo.dll - ok
18:34:21.0057 3676  [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll
18:34:21.0057 3676  C:\WINDOWS\system32\msvfw32.dll - ok
18:34:21.0057 3676  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
18:34:21.0057 3676  C:\WINDOWS\system32\msxml6.dll - ok
18:34:21.0057 3676  [ 407C16651ABB6C7D364BA2AAF121E70C ] C:\WINDOWS\system32\LcProxy.ax
18:34:21.0057 3676  C:\WINDOWS\system32\LcProxy.ax - ok
18:34:21.0072 3676  [ F1941197A42F9F373CC70042FC82C950 ] C:\WINDOWS\system32\ksproxy.ax
18:34:21.0072 3676  C:\WINDOWS\system32\ksproxy.ax - ok
18:34:21.0072 3676  [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9 ] C:\WINDOWS\system32\ksuser.dll
18:34:21.0072 3676  C:\WINDOWS\system32\ksuser.dll - ok
18:34:21.0072 3676  [ C9EF69B25DFA1C0E7932CB02FB8A7E91 ] C:\WINDOWS\system32\kswdmcap.ax
18:34:21.0072 3676  C:\WINDOWS\system32\kswdmcap.ax - ok
18:34:21.0088 3676  [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
18:34:21.0088 3676  C:\WINDOWS\system32\mfc42.dll - ok
18:34:21.0088 3676  [ 94BA90C6AF5C50FF5F7A6392514C4642 ] C:\WINDOWS\system32\vidcap.ax
18:34:21.0088 3676  C:\WINDOWS\system32\vidcap.ax - ok
18:34:21.0104 3676  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
18:34:21.0104 3676  C:\WINDOWS\system32\srsvc.dll - ok
18:34:21.0104 3676  [ A21C2A8E47D40FCC40A2B1573E666A53 ] C:\Program Files\Java\jre7\bin\awt.dll
18:34:21.0104 3676  C:\Program Files\Java\jre7\bin\awt.dll - ok
18:34:21.0104 3676  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
18:34:21.0104 3676  C:\WINDOWS\system32\wiaservc.dll - ok
18:34:21.0119 3676  [ A94413D29FEBFCA872A2CFD748CF6C07 ] C:\WINDOWS\system32\Wacom_Tablet.exe
18:34:21.0119 3676  C:\WINDOWS\system32\Wacom_Tablet.exe - ok
18:34:21.0119 3676  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
18:34:21.0119 3676  C:\WINDOWS\system32\mscms.dll - ok
18:34:21.0119 3676  [ 966CD21542A62F9AB237D84C451CC137 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
18:34:21.0119 3676  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
18:34:21.0135 3676  [ 39DD0C97932CDFDCF006569E1A942728 ] C:\WINDOWS\system32\wiavusd.dll
18:34:21.0135 3676  C:\WINDOWS\system32\wiavusd.dll - ok
18:34:21.0135 3676  [ 90760987BCCCF34D05EF6093EC278A96 ] C:\Program Files\Java\jre7\bin\dcpr.dll
18:34:21.0135 3676  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
18:34:21.0151 3676  [ D2D31D7A394A70040FCAC5F54A130FBA ] C:\Program Files\Java\jre7\bin\deploy.dll
18:34:21.0151 3676  C:\Program Files\Java\jre7\bin\deploy.dll - ok
18:34:21.0151 3676  [ C09775FEB73BDF16BB87A509C5FF12AD ] C:\Program Files\Java\jre7\bin\fontmanager.dll
18:34:21.0151 3676  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
18:34:21.0151 3676  [ B98F28229D292B99FF449FF3647F31BA ] C:\Program Files\Java\jre7\bin\java.dll
18:34:21.0151 3676  C:\Program Files\Java\jre7\bin\java.dll - ok
18:34:21.0166 3676  [ 23C84DBECF3BD95687623F23BCD66441 ] C:\Program Files\Java\jre7\bin\javaw.exe
18:34:21.0166 3676  C:\Program Files\Java\jre7\bin\javaw.exe - ok
18:34:21.0166 3676  [ 0384126B913AC2E090804C642302945E ] C:\Program Files\Java\jre7\bin\jp2native.dll
18:34:21.0166 3676  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
18:34:21.0213 3676  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
18:34:21.0213 3676  C:\WINDOWS\system32\trkwks.dll - ok
18:34:21.0213 3676  [ CB91CCFA95601066772A004550B55A85 ] C:\Program Files\Java\jre7\bin\jpeg.dll
18:34:21.0213 3676  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
18:34:21.0213 3676  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
18:34:21.0213 3676  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
18:34:21.0213 3676  [ 2E4A927544CDA0279501AA757FFFB538 ] C:\Program Files\Java\jre7\bin\net.dll
18:34:21.0213 3676  C:\Program Files\Java\jre7\bin\net.dll - ok
18:34:21.0229 3676  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
18:34:21.0229 3676  C:\WINDOWS\system32\vssapi.dll - ok
18:34:21.0229 3676  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
18:34:21.0229 3676  C:\WINDOWS\system32\wuauserv.dll - ok
18:34:21.0229 3676  [ 805766A11E747A44C7C5FBD7F26E9001 ] C:\Program Files\Java\jre7\bin\nio.dll
18:34:21.0229 3676  C:\Program Files\Java\jre7\bin\nio.dll - ok
18:34:21.0244 3676  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
18:34:21.0244 3676  C:\WINDOWS\system32\wuaueng.dll - ok
18:34:21.0244 3676  [ A9E333D4E8289F6D5F10B90F5D0F3944 ] C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
18:34:21.0244 3676  C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe - ok
18:34:21.0260 3676  [ 2D168A9627CFCE9C5AC20A90E54D66D4 ] C:\Program Files\Java\jre7\bin\verify.dll
18:34:21.0260 3676  C:\Program Files\Java\jre7\bin\verify.dll - ok
18:34:21.0260 3676  [ 9D54D4A8C18081F398FEC0D839340542 ] C:\Program Files\Java\jre7\bin\zip.dll
18:34:21.0260 3676  C:\Program Files\Java\jre7\bin\zip.dll - ok
18:34:21.0260 3676  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
18:34:21.0260 3676  C:\WINDOWS\system32\mspatcha.dll - ok
18:34:21.0276 3676  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
18:34:21.0276 3676  C:\WINDOWS\system32\browser.dll - ok
18:34:21.0276 3676  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
18:34:21.0276 3676  C:\WINDOWS\system32\ipnathlp.dll - ok
18:34:21.0291 3676  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
18:34:21.0291 3676  C:\WINDOWS\system32\wscsvc.dll - ok
18:34:21.0291 3676  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
18:34:21.0291 3676  C:\WINDOWS\system32\comsvcs.dll - ok
18:34:21.0291 3676  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
18:34:21.0291 3676  C:\WINDOWS\system32\colbact.dll - ok
18:34:21.0307 3676  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
18:34:21.0307 3676  C:\WINDOWS\system32\clusapi.dll - ok
18:34:21.0307 3676  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
18:34:21.0307 3676  C:\WINDOWS\system32\mtxclu.dll - ok
18:34:21.0307 3676  [ 2B8B64AA14F817BDF3E3204FB041A61D ] C:\WINDOWS\system32\mtxoci.dll
18:34:21.0307 3676  C:\WINDOWS\system32\mtxoci.dll - ok
18:34:21.0322 3676  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
18:34:21.0322 3676  C:\WINDOWS\system32\resutils.dll - ok
18:34:21.0322 3676  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
18:34:21.0322 3676  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
18:34:21.0338 3676  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
18:34:21.0338 3676  C:\WINDOWS\system32\wbem\esscli.dll - ok
18:34:21.0338 3676  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
18:34:21.0338 3676  C:\WINDOWS\system32\wbem\fastprox.dll - ok
18:34:21.0338 3676  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
18:34:21.0338 3676  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
18:34:21.0354 3676  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
18:34:21.0354 3676  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
18:34:21.0354 3676  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
18:34:21.0354 3676  C:\WINDOWS\system32\wups.dll - ok
18:34:21.0369 3676  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
18:34:21.0369 3676  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
18:34:21.0369 3676  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
18:34:21.0369 3676  C:\WINDOWS\system32\wups2.dll - ok
18:34:21.0369 3676  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
18:34:21.0369 3676  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
18:34:21.0385 3676  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
18:34:21.0385 3676  C:\WINDOWS\system32\wbem\wbemess.dll - ok
18:34:21.0385 3676  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
18:34:21.0385 3676  C:\WINDOWS\system32\wuauclt.exe - ok
18:34:21.0385 3676  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
18:34:21.0385 3676  C:\WINDOWS\system32\wuapi.dll - ok
18:34:21.0401 3676  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
18:34:21.0401 3676  C:\WINDOWS\system32\wbem\ncprov.dll - ok
18:34:21.0401 3676  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
18:34:21.0401 3676  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
18:34:21.0416 3676  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
18:34:21.0416 3676  C:\WINDOWS\system32\termsrv.dll - ok
18:34:21.0416 3676  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
18:34:21.0416 3676  C:\WINDOWS\system32\icaapi.dll - ok
18:34:21.0416 3676  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
18:34:21.0416 3676  C:\WINDOWS\system32\mstlsapi.dll - ok
18:34:21.0432 3676  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
18:34:21.0432 3676  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
18:34:21.0432 3676  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
18:34:21.0432 3676  C:\WINDOWS\system32\alg.exe - ok
18:34:21.0432 3676  [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
18:34:21.0432 3676  C:\WINDOWS\system32\licwmi.dll - ok
18:34:21.0447 3676  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
18:34:21.0447 3676  C:\WINDOWS\system32\wbem\framedyn.dll - ok
18:34:21.0447 3676  [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
18:34:21.0447 3676  C:\WINDOWS\system32\licdll.dll - ok
18:34:21.0447 3676  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
18:34:21.0447 3676  C:\WINDOWS\system32\netcfgx.dll - ok
18:34:21.0463 3676  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
18:34:21.0463 3676  C:\WINDOWS\system32\msxml3.dll - ok
18:34:21.0463 3676  [ 0E3D30F8CDD82E7E64938459CA90D9F0 ] C:\PROGRA~1\WINDOW~2\wmpband.dll
18:34:21.0463 3676  C:\PROGRA~1\WINDOW~2\wmpband.dll - ok
18:34:21.0463 3676  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
18:34:21.0463 3676  C:\WINDOWS\system32\linkinfo.dll - ok
18:34:21.0479 3676  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
18:34:21.0479 3676  C:\WINDOWS\system32\ntshrui.dll - ok
18:34:21.0479 3676  [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
18:34:21.0479 3676  C:\WINDOWS\system32\verclsid.exe - ok
18:34:21.0479 3676  [ 9DB17EA44276963E155E908B8EAF2DEF ] C:\WINDOWS\RTHDCPL.exe
18:34:21.0479 3676  C:\WINDOWS\RTHDCPL.exe - ok
18:34:21.0494 3676  [ CF28CEEEFA8253E4704ADD61573B792F ] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
18:34:21.0494 3676  C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe - ok
18:34:21.0494 3676  [ 4D2F7561D8A840450AABFAD3740B0E6B ] C:\Program Files\Microsoft Security Client\msseces.exe
18:34:21.0494 3676  C:\Program Files\Microsoft Security Client\msseces.exe - ok
18:34:21.0494 3676  [ 0A5D10D10E0B668247E886DB120B7E22 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
18:34:21.0494 3676  C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
18:34:21.0510 3676  [ 867BA8D62B2A821E0370F0F4087A04AE ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
18:34:21.0510 3676  C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe - ok
18:34:21.0510 3676  [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:34:21.0510 3676  C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
18:34:21.0510 3676  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
18:34:21.0510 3676  C:\WINDOWS\system32\upnp.dll - ok
18:34:21.0526 3676  [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files\QuickTime\QTTask.exe
18:34:21.0526 3676  C:\Program Files\QuickTime\QTTask.exe - ok
18:34:21.0526 3676  [ 2B5CB6B9ED2DB19F23C26E9BAE652052 ] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
18:34:21.0526 3676  C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe - ok
18:34:21.0526 3676  [ 35AC4B63CBB9FB6B4472913E9948B517 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:34:21.0526 3676  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
18:34:21.0541 3676  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
18:34:21.0541 3676  C:\WINDOWS\system32\ssdpapi.dll - ok
18:34:21.0541 3676  [ 5405413FFF79B8D9C747AA900F60F082 ] C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
18:34:21.0541 3676  C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll - ok
18:34:21.0541 3676  [ 310638EBDD87B49DF3D12EDB853D5166 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
18:34:21.0541 3676  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe - ok
18:34:21.0557 3676  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
18:34:21.0557 3676  C:\WINDOWS\system32\ctfmon.exe - ok
18:34:21.0572 3676  [ 6C63DC384A15E2AFD4A860031EF40267 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
18:34:21.0572 3676  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
18:34:21.0572 3676  [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
18:34:21.0572 3676  C:\WINDOWS\system32\drivers\http.sys - ok
18:34:21.0572 3676  [ 8AC802766A18E8EA5C19EDABB4DB364A ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll
18:34:21.0572 3676  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll - ok
18:34:21.0572 3676  [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
18:34:21.0572 3676  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
18:34:21.0588 3676  [ 165AE7A443F2139DD2C078AD87699F91 ] C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL
18:34:21.0588 3676  C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL - ok
18:34:21.0588 3676  [ 2DEDC3AFE3C49B5DAE717D0A9BEBF298 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
18:34:21.0588 3676  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
18:34:21.0588 3676  [ 2635B1A6B11105AACE0440CEC6830189 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll
18:34:21.0588 3676  C:\Program Files\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll - ok
18:34:21.0604 3676  [ EDBD18F10D85381FF3F1C93A63459753 ] C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
18:34:21.0604 3676  C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll - ok
18:34:21.0604 3676  [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
18:34:21.0604 3676  C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
18:34:21.0619 3676  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\MSCTF.dll
18:34:21.0619 3676  C:\WINDOWS\system32\MSCTF.dll - ok
18:34:21.0619 3676  [ B79FC64684813A5055E95353BB45CA68 ] C:\Program Files\Adobe\Elements 9 Organizer\ElementsOrganizerSyncAgent.exe
18:34:21.0619 3676  C:\Program Files\Adobe\Elements 9 Organizer\ElementsOrganizerSyncAgent.exe - ok
18:34:21.0619 3676  [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\system32\msvcp100.dll
18:34:21.0619 3676  C:\WINDOWS\system32\msvcp100.dll - ok
18:34:21.0635 3676  [ 4D197238FDFAA5793D1B0961AAEF649A ] C:\PROGRA~1\EPSONS~1\EVENTM~1\Mfc42.dll
18:34:21.0635 3676  C:\PROGRA~1\EPSONS~1\EVENTM~1\Mfc42.dll - ok
18:34:21.0635 3676  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
18:34:21.0635 3676  C:\WINDOWS\system32\msutb.dll - ok
18:34:21.0651 3676  [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
18:34:21.0651 3676  C:\WINDOWS\system32\ssdpsrv.dll - ok
18:34:21.0651 3676  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\system32\msvcr100.dll
18:34:21.0651 3676  C:\WINDOWS\system32\msvcr100.dll - ok
18:34:21.0651 3676  [ 209079A828549205F9B5A7EC713E7E87 ] C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll
18:34:21.0651 3676  C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll - ok
18:34:21.0651 3676  [ CBEC06E32D0AC9C3D0A9199EDC1FB959 ] C:\Program Files\Skype\Phone\Skype.exe
18:34:21.0651 3676  C:\Program Files\Skype\Phone\Skype.exe - ok
18:34:21.0666 3676  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
18:34:21.0666 3676  C:\WINDOWS\system32\webcheck.dll - ok
18:34:21.0666 3676  [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\SPTIP.dll
18:34:21.0666 3676  C:\WINDOWS\ime\SPTIP.dll - ok
18:34:21.0666 3676  [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
18:34:21.0666 3676  C:\WINDOWS\system32\dsound.dll - ok
18:34:21.0682 3676  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
18:34:21.0682 3676  C:\WINDOWS\system32\mlang.dll - ok
18:34:21.0682 3676  [ 8A6B867FC26B9850D446D2D86E5DB071 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
18:34:21.0682 3676  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
18:34:21.0682 3676  [ 9D143DE584AF0B120766B74AA41D1F28 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\libcurl.dll
18:34:21.0682 3676  C:\Program Files\Common Files\Adobe\CS6ServiceManager\libcurl.dll - ok
18:34:21.0682 3676  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
18:34:21.0682 3676  C:\WINDOWS\system32\tapisrv.dll - ok
18:34:21.0697 3676  [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx
18:34:21.0697 3676  C:\WINDOWS\system32\hhctrl.ocx - ok
18:34:21.0697 3676  [ 118D81523EA80B9E252CB840E94754C6 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
18:34:21.0697 3676  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
18:34:21.0697 3676  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
18:34:21.0697 3676  C:\WINDOWS\system32\rasmans.dll - ok
18:34:21.0713 3676  [ 3E0AB1C6506F149CC5ABA66433D35E62 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\libeay32.dll
18:34:21.0713 3676  C:\Program Files\Common Files\Adobe\CS6ServiceManager\libeay32.dll - ok
18:34:21.0713 3676  [ 6B3A7F710902CC2FB15869905C0BB240 ] C:\Program Files\Adobe\Elements 9 Organizer\Bib.dll
18:34:21.0713 3676  C:\Program Files\Adobe\Elements 9 Organizer\Bib.dll - ok
18:34:21.0713 3676  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
18:34:21.0713 3676  C:\WINDOWS\system32\rastapi.dll - ok
18:34:21.0713 3676  [ 98E53CA00D3C0A2E9FAA4E59C101AEBA ] C:\WINDOWS\system32\mslbui.dll
18:34:21.0713 3676  C:\WINDOWS\system32\mslbui.dll - ok
18:34:21.0729 3676  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
18:34:21.0729 3676  C:\WINDOWS\system32\unimdm.tsp - ok
18:34:21.0729 3676  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
18:34:21.0729 3676  C:\WINDOWS\system32\stobject.dll - ok
18:34:21.0729 3676  [ 3CAEAE7608F1BD7BA873A3B02895B106 ] C:\WINDOWS\system32\sti.dll
18:34:21.0729 3676  C:\WINDOWS\system32\sti.dll - ok
18:34:21.0744 3676  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
18:34:21.0744 3676  C:\WINDOWS\system32\imapi.exe - ok
18:34:21.0744 3676  [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
18:34:21.0744 3676  C:\WINDOWS\system32\msftedit.dll - ok
18:34:21.0744 3676  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
18:34:21.0744 3676  C:\WINDOWS\system32\uniplat.dll - ok
18:34:21.0744 3676  [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
18:34:21.0744 3676  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
18:34:21.0760 3676  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
18:34:21.0760 3676  C:\WINDOWS\system32\batmeter.dll - ok
18:34:21.0760 3676  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
18:34:21.0760 3676  C:\WINDOWS\system32\kmddsp.tsp - ok
18:34:21.0760 3676  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
18:34:21.0760 3676  C:\WINDOWS\system32\ndptsp.tsp - ok
18:34:21.0776 3676  [ 57E8C7791AB2596AFB8EE1273C2DF1F8 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
18:34:21.0776 3676  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
18:34:21.0776 3676  [ C8F952B0921ED6CA9160C5DD0212F67E ] C:\Program Files\Adobe\Elements 9 Organizer\AdobeXMPFiles.dll
18:34:21.0776 3676  C:\Program Files\Adobe\Elements 9 Organizer\AdobeXMPFiles.dll - ok
18:34:21.0776 3676  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
18:34:21.0776 3676  C:\WINDOWS\system32\ipconf.tsp - ok
18:34:21.0776 3676  [ 8903865A10349CF71CC206EF25A6D74D ] C:\Program Files\Adobe\Elements 9 Organizer\AdobeXMP.dll
18:34:21.0776 3676  C:\Program Files\Adobe\Elements 9 Organizer\AdobeXMP.dll - ok
18:34:21.0791 3676  [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
18:34:21.0791 3676  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
18:34:21.0791 3676  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
18:34:21.0791 3676  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
18:34:21.0791 3676  [ 83502D796852329CDFC906FEE2B5EDE4 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\ssleay32.dll
18:34:21.0791 3676  C:\Program Files\Common Files\Adobe\CS6ServiceManager\ssleay32.dll - ok
18:34:21.0807 3676  [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
18:34:21.0807 3676  C:\WINDOWS\system32\httpapi.dll - ok
18:34:21.0807 3676  [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
18:34:21.0807 3676  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
18:34:21.0807 3676  [ 5C4ADB808B54126C1ED2FBA0EAE06C63 ] C:\WINDOWS\system32\upnpui.dll
18:34:21.0807 3676  C:\WINDOWS\system32\upnpui.dll - ok
18:34:21.0807 3676  [ 7AD7938740BB1A6694E8E85E14DEAF51 ] C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
18:34:21.0807 3676  C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe - ok
18:34:21.0822 3676  [ CE0FF9DA42DB18EB83E843E78E7EA19A ] C:\Program Files\Creative\Sync Manager Unicode\CTIntrfu.dll
18:34:21.0822 3676  C:\Program Files\Creative\Sync Manager Unicode\CTIntrfu.dll - ok
18:34:21.0822 3676  [ D90DAD5EEA33A178BAC56FFF2847D4C2 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\zlib1.dll
18:34:21.0822 3676  C:\Program Files\Common Files\Adobe\CS6ServiceManager\zlib1.dll - ok
18:34:21.0822 3676  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
18:34:21.0822 3676  C:\WINDOWS\system32\mydocs.dll - ok
18:34:21.0838 3676  [ 757820C838E5ECF69FE6B3D9DE74159B ] C:\Program Files\Adobe\Elements 9 Organizer\QtCore4.dll
18:34:21.0838 3676  C:\Program Files\Adobe\Elements 9 Organizer\QtCore4.dll - ok
18:34:21.0838 3676  [ DFFEC6479C5E00A103A44AC33A1058AA ] C:\WINDOWS\system32\WMVCore.dll
18:34:21.0838 3676  C:\WINDOWS\system32\WMVCore.dll - ok
18:34:21.0838 3676  [ 5160A3D58EF8A6BD24A169508BB0A334 ] C:\WINDOWS\system32\asfsipc.dll
18:34:21.0854 3676  C:\WINDOWS\system32\asfsipc.dll - ok
18:34:21.0854 3676  [ DC367BBF467511585BAFD37EA5F5728D ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\IMSLib.dll
18:34:21.0854 3676  C:\Program Files\Common Files\Adobe\CS6ServiceManager\IMSLib.dll - ok
18:34:21.0854 3676  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
18:34:21.0854 3676  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
18:34:21.0869 3676  [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
18:34:21.0869 3676  C:\WINDOWS\system32\msisip.dll - ok
18:34:21.0869 3676  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
18:34:21.0869 3676  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
18:34:21.0869 3676  [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
18:34:21.0869 3676  C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
18:34:21.0869 3676  [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
18:34:21.0869 3676  C:\WINDOWS\system32\wshext.dll - ok
18:34:21.0885 3676  [ 7365B5CA9747C84178D42CCA72486277 ] C:\WINDOWS\system32\wmasf.dll
18:34:21.0885 3676  C:\WINDOWS\system32\wmasf.dll - ok
18:34:21.0885 3676  [ F3AD8EA144F411A6292775FA2B230DE5 ] C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll
18:34:21.0885 3676  C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll - ok
18:34:21.0885 3676  [ 40FA2F035ED88108850757CA51DAD942 ] C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL
18:34:21.0885 3676  C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL - ok
18:34:21.0901 3676  [ 52DA484B1147AAE6DF7E4CBADD9E1B9A ] C:\Program Files\Creative\Sync Manager Unicode\AVSrcU2.dll
18:34:21.0901 3676  C:\Program Files\Creative\Sync Manager Unicode\AVSrcU2.dll - ok
18:34:21.0901 3676  [ E146C4B5352A8E57EA98CC7E269CB95D ] C:\Program Files\Adobe\Elements 9 Organizer\QtGui4.dll
18:34:21.0901 3676  C:\Program Files\Adobe\Elements 9 Organizer\QtGui4.dll - ok
18:34:21.0901 3676  [ F36BC7FB3A87DE9138AAECC40F7BC116 ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
18:34:21.0901 3676  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
18:34:21.0901 3676  [ F6F2BFC17069EB335ACCEEF7595F9302 ] C:\WINDOWS\system32\mfc42u.dll
18:34:21.0901 3676  C:\WINDOWS\system32\mfc42u.dll - ok
18:34:21.0916 3676  [ 2FAD69503166BF30ED15B64DAA1B116D ] C:\Program Files\OpenOffice.org 3\program\quickstart.exe
18:34:21.0916 3676  C:\Program Files\OpenOffice.org 3\program\quickstart.exe - ok
18:34:21.0916 3676  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
18:34:21.0916 3676  C:\WINDOWS\system32\h323.tsp - ok
18:34:21.0916 3676  [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
18:34:21.0916 3676  C:\WINDOWS\system32\w3ssl.dll - ok
18:34:21.0932 3676  [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
18:34:21.0932 3676  C:\WINDOWS\system32\strmfilt.dll - ok
18:34:21.0932 3676  [ 80BC3382A00F4E6D89CBFBF46989317A ] C:\PROGRA~1\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\SCANEN~1.DLL
18:34:21.0932 3676  C:\PROGRA~1\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\SCANEN~1.DLL - ok
18:34:21.0932 3676  [ F2222E947E3F58A99FD8E77E1F7121EC ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll
18:34:21.0932 3676  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll - ok
18:34:21.0932 3676  [ 0BF1785D199B5DA3CB6C61D7AEECE654 ] C:\PROGRA~1\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\Ism.dll
18:34:21.0932 3676  C:\PROGRA~1\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\Ism.dll - ok
18:34:21.0947 3676  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
18:34:21.0947 3676  C:\WINDOWS\system32\hidphone.tsp - ok
18:34:21.0947 3676  [ ADC90EBBE2823C23A0406ACD3D6E9312 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
18:34:21.0947 3676  C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL - ok
18:34:21.0947 3676  [ 7741F775060E84319198A7A67F1FE664 ] C:\PROGRA~1\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\Tcm.dll
18:34:21.0947 3676  C:\PROGRA~1\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\Tcm.dll - ok
18:34:21.0963 3676  [ 749949494676218FFA99501F4AA22ECC ] C:\Program Files\OpenOffice.org 3\program\soffice.exe
18:34:21.0963 3676  C:\Program Files\OpenOffice.org 3\program\soffice.exe - ok
18:34:21.0963 3676  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
18:34:21.0963 3676  C:\WINDOWS\system32\rasppp.dll - ok
18:34:21.0963 3676  [ D3F8A00D598090BFB18E70E02C12E38E ] C:\PROGRA~1\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\Satwain.dll
18:34:21.0963 3676  C:\PROGRA~1\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\Satwain.dll - ok
18:34:21.0963 3676  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
18:34:21.0963 3676  C:\WINDOWS\system32\ntlsapi.dll - ok
18:34:21.0979 3676  [ BAF7BDD5A1EB63ACD6EEA20D4F731CB0 ] C:\PROGRA~1\EPSONS~1\EVENTM~1\EPNSM.dll
18:34:21.0979 3676  C:\PROGRA~1\EPSONS~1\EVENTM~1\EPNSM.dll - ok
18:34:21.0979 3676  [ 637124CDBFF5819CB8A8478838A33048 ] C:\PROGRA~1\EPSONS~1\EVENTM~1\ESPSUTL.dll
18:34:21.0979 3676  C:\PROGRA~1\EPSONS~1\EVENTM~1\ESPSUTL.dll - ok
18:34:21.0979 3676  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
18:34:21.0979 3676  C:\WINDOWS\system32\rasqec.dll - ok
18:34:21.0994 3676  [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll
18:34:21.0994 3676  C:\WINDOWS\system32\mmcshext.dll - ok
18:34:21.0994 3676  [ 7CD335427AA11F8B60DAD7811F653787 ] C:\Program Files\Creative\Sync Manager Unicode\CTSyncRs.crl
18:34:21.0994 3676  C:\Program Files\Creative\Sync Manager Unicode\CTSyncRs.crl - ok
18:34:21.0994 3676  [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll
18:34:21.0994 3676  C:\WINDOWS\system32\hhsetup.dll - ok
18:34:21.0994 3676  [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
18:34:21.0994 3676  C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
18:34:22.0010 3676  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
18:34:22.0010 3676  C:\WINDOWS\system32\rasdlg.dll - ok
18:34:22.0010 3676  [ 4EE367B8B1964160A1F1B80095183D3A ] C:\Program Files\OpenOffice.org 3\program\soffice.bin
18:34:22.0010 3676  C:\Program Files\OpenOffice.org 3\program\soffice.bin - ok
18:34:22.0010 3676  [ CF99AD7C2B69E98A4179519FE48FDC6A ] C:\Program Files\Adobe\Elements 9 Organizer\SyncPrefLib.dll
18:34:22.0010 3676  C:\Program Files\Adobe\Elements 9 Organizer\SyncPrefLib.dll - ok
18:34:22.0026 3676  [ 068031ECB876D6B0910D0FD088B6525E ] C:\Program Files\QuickTime\QTSystem\QuickTime.qts
18:34:22.0026 3676  C:\Program Files\QuickTime\QTSystem\QuickTime.qts - ok
18:34:22.0026 3676  [ 0607CBC6FA20114CB491EFE4B2F9EFAD ] C:\WINDOWS\system32\d3d9.dll
18:34:22.0026 3676  C:\WINDOWS\system32\d3d9.dll - ok
18:34:22.0026 3676  [ 454FF4B1FD1701EBBADAD742F7536B89 ] C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll
18:34:22.0026 3676  C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll - ok
18:34:22.0026 3676  [ 31B067C412FA1A9BAD3CA2A63D7DA440 ] C:\WINDOWS\system32\d3d8thk.dll
18:34:22.0026 3676  C:\WINDOWS\system32\d3d8thk.dll - ok
18:34:22.0041 3676  [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
18:34:22.0041 3676  C:\WINDOWS\system32\olepro32.dll - ok
18:34:22.0041 3676  [ F942E3847931C4F215F3102BE34A4F3F ] C:\Program Files\QuickTime\QTSystem\QTCF.dll
18:34:22.0041 3676  C:\Program Files\QuickTime\QTSystem\QTCF.dll - ok
18:34:22.0041 3676  [ E81BBE78A8EF85ACD490B3E64EF63A7C ] C:\WINDOWS\system32\mapi32.dll
18:34:22.0041 3676  C:\WINDOWS\system32\mapi32.dll - ok
18:34:22.0041 3676  [ 45F12B413D72D96BBBBA95904AA6ACF0 ] C:\Program Files\OpenOffice.org 3\URE\bin\uwinapi.dll
18:34:22.0041 3676  C:\Program Files\OpenOffice.org 3\URE\bin\uwinapi.dll - ok
18:34:22.0057 3676  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
18:34:22.0057 3676  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
18:34:22.0057 3676  [ CECB1D03451D448587E75F123477D131 ] C:\Program Files\OpenOffice.org 3\program\sofficeapp.dll
18:34:22.0057 3676  C:\Program Files\OpenOffice.org 3\program\sofficeapp.dll - ok
18:34:22.0057 3676  [ FF7EF7322E8B2F9E990A0082EC5D83C0 ] C:\Program Files\Adobe\Elements 9 Organizer\sync_util.dll
18:34:22.0057 3676  C:\Program Files\Adobe\Elements 9 Organizer\sync_util.dll - ok
18:34:22.0072 3676  [ 8EA19EBF12665AA21EF4B668BA53D909 ] C:\Program Files\OpenOffice.org 3\program\comphelpMSC.dll
18:34:22.0072 3676  C:\Program Files\OpenOffice.org 3\program\comphelpMSC.dll - ok
18:34:22.0072 3676  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
18:34:22.0072 3676  C:\WINDOWS\system32\security.dll - ok
18:34:22.0072 3676  [ 5C2C8A3BAE406B162F5B18B5F36296F2 ] C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
18:34:22.0072 3676  C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll - ok
18:34:22.0072 3676  [ 28E32B3EF25E791809CC51F47503D5BF ] C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
18:34:22.0072 3676  C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll - ok
18:34:22.0088 3676  [ 5B0F561EA8189D2D30E309842A7A0F34 ] C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll
18:34:22.0088 3676  C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll - ok
18:34:22.0088 3676  [ A340CD71EB535A3DD751B5F28723E50C ] C:\WINDOWS\system32\ddraw.dll
18:34:22.0088 3676  C:\WINDOWS\system32\ddraw.dll - ok
18:34:22.0088 3676  [ FFF90A5B11F43DA44A985FAC275CB227 ] C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
18:34:22.0088 3676  C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll - ok
18:34:22.0104 3676  [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
18:34:22.0104 3676  C:\WINDOWS\system32\drprov.dll - ok
18:34:22.0104 3676  [ D8B91D94ECB123862B390FDE3250D3BB ] C:\WINDOWS\system32\dciman32.dll
18:34:22.0104 3676  C:\WINDOWS\system32\dciman32.dll - ok
18:34:22.0104 3676  [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
18:34:22.0104 3676  C:\WINDOWS\system32\ntlanman.dll - ok
18:34:22.0104 3676  [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
18:34:22.0104 3676  C:\WINDOWS\system32\netui0.dll - ok
18:34:22.0119 3676  [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
18:34:22.0119 3676  C:\WINDOWS\system32\netui1.dll - ok
18:34:22.0119 3676  [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
18:34:22.0119 3676  C:\WINDOWS\system32\davclnt.dll - ok
18:34:22.0119 3676  [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
18:34:22.0119 3676  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
18:34:22.0119 3676  [ 37C827DD232A0E9887F12FB713FCADD4 ] C:\Program Files\OpenOffice.org 3\program\ucbhelper4MSC.dll
18:34:22.0119 3676  C:\Program Files\OpenOffice.org 3\program\ucbhelper4MSC.dll - ok
18:34:22.0135 3676  [ 2922FD5D9916994E47441BB4116BCD41 ] C:\Program Files\OpenOffice.org 3\program\vos3MSC.dll
18:34:22.0135 3676  C:\Program Files\OpenOffice.org 3\program\vos3MSC.dll - ok
18:34:22.0135 3676  [ 982A4D055F0BF0FE49818A9609B92666 ] C:\Program Files\OpenOffice.org 3\program\deploymentmisc.dll
18:34:22.0135 3676  C:\Program Files\OpenOffice.org 3\program\deploymentmisc.dll - ok
18:34:22.0135 3676  [ 4A3B1CAD5511B37A2049B7BBB31E597E ] C:\Program Files\Adobe\Elements 9 Organizer\adobe_caps.dll
18:34:22.0135 3676  C:\Program Files\Adobe\Elements 9 Organizer\adobe_caps.dll - ok
18:34:22.0151 3676  [ 87857CFFC8D86734525B02583B93555E ] C:\Program Files\OpenOffice.org 3\program\tl.dll
18:34:22.0151 3676  C:\Program Files\OpenOffice.org 3\program\tl.dll - ok
18:34:22.0151 3676  [ C88C65DF1ED4DFD34CFBD11CDFE519A3 ] C:\WINDOWS\system32\wucltui.dll
18:34:22.0151 3676  C:\WINDOWS\system32\wucltui.dll - ok
18:34:22.0151 3676  [ CF5A323ED62DF1288AB3847FCFF1D822 ] C:\Program Files\OpenOffice.org 3\program\basegfx.dll
18:34:22.0151 3676  C:\Program Files\OpenOffice.org 3\program\basegfx.dll - ok
18:34:22.0151 3676  [ C31DD4CEC06D2908AE5F212A0B13805B ] C:\WINDOWS\system32\wuaucpl.cpl
18:34:22.0151 3676  C:\WINDOWS\system32\wuaucpl.cpl - ok
18:34:22.0166 3676  [ BBDFDBEAD1B7A1CFD44BFFFD177FB627 ] C:\WINDOWS\system32\mucltui.dll
18:34:22.0166 3676  C:\WINDOWS\system32\mucltui.dll - ok
18:34:22.0166 3676  [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll
18:34:22.0166 3676  C:\WINDOWS\system32\advpack.dll - ok
18:34:22.0166 3676  [ 9EEFE69139FDBB4A3C327630F8EB993A ] C:\WINDOWS\system32\wlanapi.dll
18:34:22.0166 3676  C:\WINDOWS\system32\wlanapi.dll - ok
18:34:22.0182 3676  [ BE92B4249F38FA18BD5747054930E5A7 ] C:\Program Files\OpenOffice.org 3\program\i18nisolang1MSC.dll
18:34:22.0182 3676  C:\Program Files\OpenOffice.org 3\program\i18nisolang1MSC.dll - ok
18:34:22.0182 3676  [ 31F70BBD7BB117092435448425001E4E ] C:\Program Files\OpenOffice.org 3\program\utl.dll
18:34:22.0182 3676  C:\Program Files\OpenOffice.org 3\program\utl.dll - ok
18:34:22.0182 3676  [ 51571D9C48E1C50C0588149144265AE1 ] C:\Program Files\OpenOffice.org 3\program\xcr.dll
18:34:22.0182 3676  C:\Program Files\OpenOffice.org 3\program\xcr.dll - ok
18:34:22.0182 3676  [ EC90D64B8D98B6D4E5005572F80A109D ] C:\WINDOWS\system32\Wintab32.dll
18:34:22.0182 3676  C:\WINDOWS\system32\Wintab32.dll - ok
18:34:22.0197 3676  [ EBD800DFDAF73514E856E3000627C2CF ] C:\Program Files\OpenOffice.org 3\program\sfx.dll
18:34:22.0197 3676  C:\Program Files\OpenOffice.org 3\program\sfx.dll - ok
18:34:22.0197 3676  [ 12B1129B7C6C12954F7D782A5ED04E12 ] C:\Program Files\Adobe\Elements 9 Organizer\QtPlugins\imageformats\qjpeg4.dll
18:34:22.0197 3676  C:\Program Files\Adobe\Elements 9 Organizer\QtPlugins\imageformats\qjpeg4.dll - ok
18:34:22.0197 3676  [ 51CC35C5362D9709D3105BFF92084DDC ] C:\Program Files\OpenOffice.org 3\program\fwe.dll
18:34:22.0197 3676  C:\Program Files\OpenOffice.org 3\program\fwe.dll - ok
18:34:22.0213 3676  [ 8EBE0B36DB606D3F25CD1E53F888226A ] C:\Program Files\Adobe\Elements 9 Organizer\ems.dll
18:34:22.0213 3676  C:\Program Files\Adobe\Elements 9 Organizer\ems.dll - ok
18:34:22.0213 3676  [ CF5E683BE98D3A1B5F1F92A1397DA573 ] C:\Program Files\OpenOffice.org 3\program\fwi.dll
18:34:22.0213 3676  C:\Program Files\OpenOffice.org 3\program\fwi.dll - ok
18:34:22.0213 3676  [ B6D96D9F64D9DD6F4AAFFFC967CA6E6E ] C:\Program Files\OpenOffice.org 3\program\svl.dll
18:34:22.0213 3676  C:\Program Files\OpenOffice.org 3\program\svl.dll - ok
18:34:22.0213 3676  [ C5149972AA66B8DB140597177266CA1E ] C:\Program Files\OpenOffice.org 3\program\sot.dll
18:34:22.0213 3676  C:\Program Files\OpenOffice.org 3\program\sot.dll - ok
18:34:22.0229 3676  [ 3ECDC01640BA9FE501008C752BE06040 ] C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx
18:34:22.0229 3676  C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx - ok
18:34:22.0229 3676  [ FDD9CFD8FCF575E4EA7915405131F815 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreVideo.dll
18:34:22.0229 3676  C:\Program Files\Common Files\Apple\Apple Application Support\CoreVideo.dll - ok
18:34:22.0229 3676  [ 3D20D308BCEE6432A2B432F2BEEF4292 ] C:\Program Files\OpenOffice.org 3\program\svt.dll
18:34:22.0229 3676  C:\Program Files\OpenOffice.org 3\program\svt.dll - ok
18:34:22.0244 3676  [ A26E62BF4CA87B26940373C8EF48DF22 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreGraphics.dll
18:34:22.0244 3676  C:\Program Files\Common Files\Apple\Apple Application Support\CoreGraphics.dll - ok
18:34:22.0244 3676  [ 64FBE0EE974BA4049C3FEE0B2716C18F ] C:\Program Files\OpenOffice.org 3\program\i18nutilMSC.dll
18:34:22.0244 3676  C:\Program Files\OpenOffice.org 3\program\i18nutilMSC.dll - ok
18:34:22.0244 3676  [ 0F0B73A3594621D38CC7B122DE0746A7 ] C:\Program Files\OpenOffice.org 3\program\icuuc40.dll
18:34:22.0244 3676  C:\Program Files\OpenOffice.org 3\program\icuuc40.dll - ok
18:34:22.0244 3676  [ CE3E28370F01992188D1C2864CFCAB02 ] C:\Program Files\OpenOffice.org 3\program\icudt40.dll
18:34:22.0244 3676  C:\Program Files\OpenOffice.org 3\program\icudt40.dll - ok
18:34:22.0260 3676  [ B52B199C1BA9489D35B96B2D51A3D22C ] C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx
18:34:22.0260 3676  C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx - ok
18:34:22.0260 3676  [ 5FAAFEF7AFB42BD4EFACD1759EBBC2D4 ] C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx
18:34:22.0260 3676  C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx - ok
18:34:22.0260 3676  [ E4E17FEEE982813BE19547CB36D6DBC9 ] C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx
18:34:22.0260 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx - ok
18:34:22.0276 3676  [ C39DA0B6CA362965B2B513F721B17188 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreAudioToolbox.dll
18:34:22.0276 3676  C:\Program Files\Common Files\Apple\Apple Application Support\CoreAudioToolbox.dll - ok
18:34:22.0276 3676  [ 2CFDDF54074F03097C743FC9909CB59F ] C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll
18:34:22.0276 3676  C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll - ok
18:34:22.0276 3676  [ 0DFA4D5E8205614EDA53394E637812E4 ] C:\WINDOWS\system32\vdmdbg.dll
18:34:22.0276 3676  C:\WINDOWS\system32\vdmdbg.dll - ok
18:34:22.0276 3676  [ 27803FE35C76C9C4761CA0383A8CA8FD ] C:\Program Files\OpenOffice.org 3\program\libxml2.dll
18:34:22.0276 3676  C:\Program Files\OpenOffice.org 3\program\libxml2.dll - ok
18:34:22.0291 3676  [ 54A38717ECDA7637AED84FB3AE0DA303 ] C:\Program Files\OpenOffice.org 3\program\tk.dll
18:34:22.0291 3676  C:\Program Files\OpenOffice.org 3\program\tk.dll - ok
18:34:22.0291 3676  [ BF2F2717C13A4BD4FD73F2788534E86B ] C:\Program Files\Mozilla Firefox\firefox.exe
18:34:22.0291 3676  C:\Program Files\Mozilla Firefox\firefox.exe - ok
18:34:22.0291 3676  [ 0A98F5D9F6552FDF3682240714E33F9F ] C:\Program Files\Mozilla Firefox\mozglue.dll
18:34:22.0291 3676  C:\Program Files\Mozilla Firefox\mozglue.dll - ok
18:34:22.0307 3676  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
18:34:22.0307 3676  C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
18:34:22.0307 3676  [ ABBC87352226A6AFFFE5D6B9DBE40F7F ] C:\Program Files\Mozilla Firefox\nspr4.dll
18:34:22.0307 3676  C:\Program Files\Mozilla Firefox\nspr4.dll - ok
18:34:22.0307 3676  [ 8C23D9AB3A680DEF91A35E655C4FCFF3 ] C:\Program Files\Mozilla Firefox\mozjs.dll
18:34:22.0307 3676  C:\Program Files\Mozilla Firefox\mozjs.dll - ok
18:34:22.0307 3676  [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Mozilla Firefox\msvcp100.dll
18:34:22.0307 3676  C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
18:34:22.0322 3676  [ F88D7D766D9AD0DE73407B7052B0BBBD ] C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx
18:34:22.0322 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx - ok
18:34:22.0322 3676  [ BD79E872C8CD7098E8D4C7613D01437C ] C:\Program Files\Mozilla Firefox\plc4.dll
18:34:22.0322 3676  C:\Program Files\Mozilla Firefox\plc4.dll - ok
18:34:22.0322 3676  [ 048081D7089297474681385B8E7CADDA ] C:\Program Files\Mozilla Firefox\nssutil3.dll
18:34:22.0322 3676  C:\Program Files\Mozilla Firefox\nssutil3.dll - ok
18:34:22.0338 3676  [ E4F52AB15A3A077B2A3AD96EC892568A ] C:\Program Files\Mozilla Firefox\plds4.dll
18:34:22.0338 3676  C:\Program Files\Mozilla Firefox\plds4.dll - ok
18:34:22.0338 3676  [ 4AD8996AB41B575E2B3AF80972AAB989 ] C:\Program Files\Mozilla Firefox\nss3.dll
18:34:22.0338 3676  C:\Program Files\Mozilla Firefox\nss3.dll - ok
18:34:22.0338 3676  [ A7BE481FE1396AD5658044BAAD6A5824 ] C:\Program Files\Mozilla Firefox\smime3.dll
18:34:22.0338 3676  C:\Program Files\Mozilla Firefox\smime3.dll - ok
18:34:22.0338 3676  [ DE2AF12F6DD62F9C25F00F72CD7776C8 ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll
18:34:22.0338 3676  C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok
18:34:22.0354 3676  [ 0A002104133543F74C83ABB455D86E85 ] C:\Program Files\Mozilla Firefox\ssl3.dll
18:34:22.0354 3676  C:\Program Files\Mozilla Firefox\ssl3.dll - ok
18:34:22.0354 3676  [ A52B00FE2D73AF3A85DEFA306FAC4D12 ] C:\Program Files\OpenOffice.org 3\program\vcl.dll
18:34:22.0354 3676  C:\Program Files\OpenOffice.org 3\program\vcl.dll - ok
18:34:22.0354 3676  [ 56620DDFF8B1277CE12F198637B2AF93 ] C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx
18:34:22.0354 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx - ok
18:34:22.0369 3676  [ 82FE1FF2FC6675AE8A307709595679F0 ] C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx
18:34:22.0369 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx - ok
18:34:22.0369 3676  [ A7E1F254D94C4568ADE17E6A727ED649 ] C:\Program Files\Mozilla Firefox\mozalloc.dll
18:34:22.0369 3676  C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
18:34:22.0369 3676  [ 03932120E012BF53FF588EC0410A601E ] C:\Program Files\Mozilla Firefox\gkmedias.dll
18:34:22.0369 3676  C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
18:34:22.0369 3676  [ 82B5C24861BC388CFECDBD9485C317F9 ] C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx
18:34:22.0369 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx - ok
18:34:22.0385 3676  [ 8283FBFF9B415F707D2F75CA893B7C8C ] C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx
18:34:22.0385 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx - ok
18:34:22.0385 3676  [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
18:34:22.0385 3676  C:\WINDOWS\system32\usp10.dll - ok
18:34:22.0385 3676  [ DE1E47D7616BC8CD015078969891ECAE ] C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx
18:34:22.0385 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx - ok
18:34:22.0385 3676  [ C1872B4311202BCC6B8F912E1A35894B ] C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx
18:34:22.0385 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx - ok
18:34:22.0401 3676  [ 895AEFA46B13E71FA28ABF2116AE20B9 ] C:\Program Files\OpenOffice.org 3\program\i18npaper.dll
18:34:22.0401 3676  C:\Program Files\OpenOffice.org 3\program\i18npaper.dll - ok
18:34:22.0401 3676  [ E15F2930FEE9DF369B8E63DF9D778EE1 ] C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx
18:34:22.0401 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx - ok
18:34:22.0401 3676  [ 2DE11124B1BF0DDA3E6A186998191788 ] C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx
18:34:22.0401 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx - ok
18:34:22.0416 3676  [ 69853B6DE4D7F67BA3243DAB49F141DB ] C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx
18:34:22.0416 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx - ok
18:34:22.0416 3676  [ 14D017562E8F6B945157471FD64CCD9B ] C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx
18:34:22.0416 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx - ok
18:34:22.0416 3676  [ C32F5E86BC7B67E343CB49F2027B6366 ] C:\Program Files\OpenOffice.org 3\program\sax.dll
18:34:22.0416 3676  C:\Program Files\OpenOffice.org 3\program\sax.dll - ok
18:34:22.0416 3676  [ 7156D93D8A38DCCD9CCA090BD7DF931D ] C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx
18:34:22.0416 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx - ok
18:34:22.0432 3676  [ 7CF1EAB77567D3FDADF823EE08A3171B ] C:\Program Files\OpenOffice.org 3\program\sb.dll
18:34:22.0432 3676  C:\Program Files\OpenOffice.org 3\program\sb.dll - ok
18:34:22.0432 3676  [ C87F4930CE27C044416428C463EBD90A ] C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx
18:34:22.0432 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx - ok
18:34:22.0432 3676  [ E2987ADD4FD8CD66A1C21D46770C4B3E ] C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx
18:34:22.0432 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx - ok
18:34:22.0447 3676  [ E33106D7FFB0CBE106EED817E9F0AC42 ] C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx
18:34:22.0447 3676  C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx - ok
18:34:22.0447 3676  [ 8E0DF9E6E53652C7189D8D690088B244 ] C:\Program Files\Creative\Sync Manager Unicode\CTTEMgru.cte
18:34:22.0447 3676  C:\Program Files\Creative\Sync Manager Unicode\CTTEMgru.cte - ok
18:34:22.0447 3676  [ 9FA46E0424CDAB6EE85C92271D02FAA1 ] C:\Program Files\Mozilla Firefox\xul.dll
18:34:22.0447 3676  C:\Program Files\Mozilla Firefox\xul.dll - ok
18:34:22.0447 3676  [ 98444732FC4305A0804D0D32522223E7 ] C:\Program Files\Creative\Sync Manager Unicode\CTPCMLu.cte
18:34:22.0447 3676  C:\Program Files\Creative\Sync Manager Unicode\CTPCMLu.cte - ok
18:34:22.0463 3676  [ 557130389B84C0CB764726C3397570B6 ] C:\Program Files\Creative\Sync Manager Unicode\MFInfou.dll
18:34:22.0463 3676  C:\Program Files\Creative\Sync Manager Unicode\MFInfou.dll - ok
18:34:22.0463 3676  [ 19A35AFBB550650CCF29F6A511FF30AD ] C:\Program Files\Creative\Sync Manager Unicode\CTDBEngu.dll
18:34:22.0463 3676  C:\Program Files\Creative\Sync Manager Unicode\CTDBEngu.dll - ok
18:34:22.0463 3676  [ EF0C126A210731FBD993A260AB77DC8D ] C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll
18:34:22.0463 3676  C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll - ok
18:34:22.0479 3676  [ A598AB5A54C5F62D7BA0850DE238B5D2 ] C:\Program Files\Common Files\System\ado\msjro.dll
18:34:22.0479 3676  C:\Program Files\Common Files\System\ado\msjro.dll - ok
18:34:22.0479 3676  [ 6B88F7A1F97E58434E74228DBD744078 ] C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
18:34:22.0479 3676  C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll - ok
18:34:22.0479 3676  [ 01F0CBEB457CAE7EF0CA52C7CCA5B0E8 ] C:\WINDOWS\system32\msdart.dll
18:34:22.0479 3676  C:\WINDOWS\system32\msdart.dll - ok
18:34:22.0479 3676  [ 2133B82CD52F1B62CDEA633769819A60 ] C:\Program Files\Common Files\System\ado\msado15.dll
18:34:22.0479 3676  C:\Program Files\Common Files\System\ado\msado15.dll - ok
18:34:22.0494 3676  [ 139D955EBB9DDE5E258D87DF96B7C6D0 ] C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll
18:34:22.0494 3676  C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll - ok
18:34:22.0494 3676  [ A1AE3BFAD4E2EAF216CB57CE83D1FC4C ] C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll
18:34:22.0494 3676  C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll - ok
18:34:22.0494 3676  [ 44E6A0DA7FCE069A3B1B419428BC3623 ] C:\Program Files\OpenOffice.org 3\URE\bin\xmlreader.dll
18:34:22.0494 3676  C:\Program Files\OpenOffice.org 3\URE\bin\xmlreader.dll - ok
18:34:22.0510 3676  [ DC095DB6D468CB5B653E05F865487E57 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
18:34:22.0510 3676  C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok
18:34:22.0510 3676  [ F86A2C7C279C746D5C5E06941ED4C337 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll
18:34:22.0510 3676  C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok
18:34:22.0510 3676  [ 077F067C69073D1EBC84984E7FE5BA44 ] C:\WINDOWS\system32\msjetoledb40.dll
18:34:22.0510 3676  C:\WINDOWS\system32\msjetoledb40.dll - ok
18:34:22.0510 3676  [ 9E70016C950B1F8FDEAA6F067E2E25A8 ] C:\WINDOWS\system32\msjet40.dll
18:34:22.0510 3676  C:\WINDOWS\system32\msjet40.dll - ok
18:34:22.0526 3676  [ AFDC647D16B285B9AE6140335B3B3255 ] C:\WINDOWS\system32\mswstr10.dll
18:34:22.0526 3676  C:\WINDOWS\system32\mswstr10.dll - ok
18:34:22.0526 3676  [ 0D14F07B29FBF0D750AA2495DD72B968 ] C:\WINDOWS\system32\msjter40.dll
18:34:22.0526 3676  C:\WINDOWS\system32\msjter40.dll - ok
18:34:22.0526 3676  [ 7E2B58CE8C4013287371667880B1080D ] C:\WINDOWS\system32\msjint40.dll
18:34:22.0526 3676  C:\WINDOWS\system32\msjint40.dll - ok
18:34:22.0541 3676  [ 178A34E5554DCE485E1262DDF027960C ] C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
18:34:22.0541 3676  C:\Documents and Settings\Owner\Desktop\tdsskiller.exe - ok
18:34:22.0541 3676  [ 4CE20D8590698120CEC2012B752DDB6F ] C:\Program Files\Common Files\System\ado\msadox.dll
18:34:22.0541 3676  C:\Program Files\Common Files\System\ado\msadox.dll - ok
18:34:22.0541 3676  [ 31ACFC16CB9ED1CE1B4E7BD85C835281 ] C:\Program Files\Common Files\System\ado\msadrh15.dll
18:34:22.0541 3676  C:\Program Files\Common Files\System\ado\msadrh15.dll - ok
18:34:22.0541 3676  [ E5DE87DDDB8CBE4687EADF296E58452A ] C:\WINDOWS\system32\msjtes40.dll
18:34:22.0541 3676  C:\WINDOWS\system32\msjtes40.dll - ok
18:34:22.0557 3676  [ CAFBD14F56A68E6C1A55C0EAC7E487FA ] C:\WINDOWS\system32\vbajet32.dll
18:34:22.0557 3676  C:\WINDOWS\system32\vbajet32.dll - ok
18:34:22.0557 3676  [ BE87245CE60329B31C94F1B4236E5832 ] C:\WINDOWS\system32\expsrv.dll
18:34:22.0557 3676  C:\WINDOWS\system32\expsrv.dll - ok
18:34:22.0557 3676  [ 71E47BF3CB19D1FB49D194133AFE19B0 ] C:\Program Files\OpenOffice.org 3\program\configmgr.uno.dll
18:34:22.0557 3676  C:\Program Files\OpenOffice.org 3\program\configmgr.uno.dll - ok
18:34:22.0572 3676  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\02555162.sys
18:34:22.0572 3676  C:\WINDOWS\system32\drivers\02555162.sys - ok
18:34:22.0572 3676  [ 9792755CCD4011C85356F4F417E45ED2 ] C:\Program Files\Creative\Sync Manager Unicode\CTZenu.cte
18:34:22.0572 3676  C:\Program Files\Creative\Sync Manager Unicode\CTZenu.cte - ok
18:34:22.0572 3676  [ C5006FB31EC813418DAC4C60803E1139 ] C:\Program Files\Creative\Sync Manager Unicode\CTMyComu.cte
18:34:22.0572 3676  C:\Program Files\Creative\Sync Manager Unicode\CTMyComu.cte - ok
18:34:22.0572 3676  [ 1B96E5EC91BAA3AB68ECC47174CFFBE4 ] C:\Program Files\Mozilla Firefox\xpcom.dll
18:34:22.0572 3676  C:\Program Files\Mozilla Firefox\xpcom.dll - ok
18:34:22.0588 3676  [ 4D141B15651F8F0147C6D6DCFC1FB11D ] C:\Program Files\Creative\Sync Manager Unicode\CTMTPu.cte
18:34:22.0588 3676  C:\Program Files\Creative\Sync Manager Unicode\CTMTPu.cte - ok
18:34:22.0588 3676  [ 979D3E75D455D5C7C3F1B85BABBAA956 ] C:\Program Files\Creative\Shared Files\MtpManU.dll
18:34:22.0588 3676  C:\Program Files\Creative\Shared Files\MtpManU.dll - ok
18:34:22.0588 3676  [ 8329BC62E7B741A7A44B600C7AE2E56C ] C:\WINDOWS\system32\mswmdm.dll
18:34:22.0588 3676  C:\WINDOWS\system32\mswmdm.dll - ok
18:34:22.0588 3676  [ 47841291844818781ACF852A53827668 ] C:\Program Files\Mozilla Firefox\components\browsercomps.dll
18:34:22.0604 3676  C:\Program Files\Mozilla Firefox\components\browsercomps.dll - ok
18:34:22.0604 3676  [ C265CD47284EE39780396F7529F8AE42 ] C:\Program Files\OpenOffice.org 3\program\localebe1.uno.dll
18:34:22.0604 3676  C:\Program Files\OpenOffice.org 3\program\localebe1.uno.dll - ok
18:34:22.0604 3676  [ 78AD3669F099C2238EBFBA07F15DE5A8 ] C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll
18:34:22.0604 3676  C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll - ok
18:34:22.0604 3676  [ EF84ED40B288C4576A32D76E60317D6B ] C:\WINDOWS\system32\wmdmps.dll
18:34:22.0604 3676  C:\WINDOWS\system32\wmdmps.dll - ok
18:34:22.0619 3676  [ 499C090CEFA6FDA770D214EF67A18F5A ] C:\WINDOWS\system32\mspmsp.dll
18:34:22.0619 3676  C:\WINDOWS\system32\mspmsp.dll - ok
18:34:22.0619 3676  [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
18:34:22.0619 3676  C:\WINDOWS\system32\faultrep.dll - ok
18:34:22.0619 3676  [ EA2FDC98DAD9F748A4016B9E424B826A ] C:\Program Files\OpenOffice.org 3\program\ucb1.dll
18:34:22.0619 3676  C:\Program Files\OpenOffice.org 3\program\ucb1.dll - ok
18:34:22.0619 3676  [ 402C9D2691AE7B2A8EFDDED9124203B7 ] C:\WINDOWS\system32\cewmdm.dll
18:34:22.0619 3676  C:\WINDOWS\system32\cewmdm.dll - ok
18:34:22.0635 3676  [ F116C1A656B61663E9650ABE7378D6D1 ] C:\Program Files\OpenOffice.org 3\program\fwk.dll
18:34:22.0635 3676  C:\Program Files\OpenOffice.org 3\program\fwk.dll - ok
18:34:22.0635 3676  [ C840E1094955A52CDF542EB32F8FC90E ] C:\Program Files\OpenOffice.org 3\program\ucpfile1.dll
18:34:22.0635 3676  C:\Program Files\OpenOffice.org 3\program\ucpfile1.dll - ok
18:34:22.0635 3676  [ F392C9D0C0B0B7E665349DAFC9640023 ] C:\Program Files\OpenOffice.org 3\program\i18npool.uno.dll
18:34:22.0635 3676  C:\Program Files\OpenOffice.org 3\program\i18npool.uno.dll - ok
18:34:22.0635 3676  [ 44EDEA9FE518796CCE9219B8D60E72FC ] C:\Program Files\OpenOffice.org 3\program\icuin40.dll
18:34:22.0635 3676  C:\Program Files\OpenOffice.org 3\program\icuin40.dll - ok
18:34:22.0651 3676  [ 303A63F4B913AA5D8998161CB77A8CE7 ] C:\WINDOWS\system32\feclient.dll
18:34:22.0651 3676  C:\WINDOWS\system32\feclient.dll - ok
18:34:22.0651 3676  [ 219495EB8CEB806B96CE258F4EB285B0 ] C:\Program Files\OpenOffice.org 3\program\oleautobridge.uno.dll
18:34:22.0651 3676  C:\Program Files\OpenOffice.org 3\program\oleautobridge.uno.dll - ok
18:34:22.0651 3676  [ D0049860B63DD87A73A5D165C829C65F ] C:\WINDOWS\system32\t2embed.dll
18:34:22.0651 3676  C:\WINDOWS\system32\t2embed.dll - ok
18:34:22.0666 3676  [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll
18:34:22.0666 3676  C:\WINDOWS\system32\lz32.dll - ok
18:34:22.0666 3676  [ 872314A9C32035B0DCC65970225E0178 ] C:\Program Files\OpenOffice.org 3\program\emser.dll
18:34:22.0666 3676  C:\Program Files\OpenOffice.org 3\program\emser.dll - ok
18:34:22.0666 3676  [ 6F89C374CC912745AFEDDD4B88CBDBA5 ] C:\Program Files\Mozilla Firefox\softokn3.dll
18:34:22.0666 3676  C:\Program Files\Mozilla Firefox\softokn3.dll - ok
18:34:22.0666 3676  [ BE89DC812651D88552A9587F70F63DD3 ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
18:34:22.0666 3676  C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
18:34:22.0682 3676  [ D308812A7E0CA64E03F1C2C13339F984 ] C:\Program Files\Mozilla Firefox\freebl3.dll
18:34:22.0682 3676  C:\Program Files\Mozilla Firefox\freebl3.dll - ok
18:34:22.0682 3676  [ 04A40046F2F711C830D915DC33EC2A7D ] C:\Program Files\Mozilla Firefox\nssckbi.dll
18:34:22.0682 3676  C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
18:34:22.0682 3676  ============================================================
18:34:22.0682 3676  Scan finished
18:34:22.0682 3676  ============================================================
18:34:22.0697 3296  Detected object count: 1
18:34:22.0697 3296  Actual detected object count: 1
18:35:54.0086 3296  \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
18:35:54.0164 3296  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:35:54.0368 3296  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:35:54.0430 3296  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
18:35:56.0024 3296  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
18:35:56.0118 3296  \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
18:35:56.0133 3296  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
18:35:56.0149 3296  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
18:35:56.0461 3296  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
18:35:56.0508 3296  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
18:35:56.0524 3296  \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
18:35:56.0539 3296  \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
18:35:56.0539 3296  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine
18:36:31.0257 1176  Deinitialize success


 



#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:42 AM

Posted 19 March 2013 - 11:29 AM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.
 

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------



  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply

===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.
 

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

===================================================


AdwCleaner by Xplode - Search for Adware

-------------------
 

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well

===================================================


Junkware Removal Tooll by thisisu

-------------------
 

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply

===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:
 

  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.

===================================================


Autoruns

--------------------
 

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
 

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 

 



#13 gerstley

gerstley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 19 March 2013 - 04:17 PM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.19.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: DESKTOP1 [administrator]

3/19/2013 2:01:15 PM
mbam-log-2013-03-19 (14-01-15).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 237010
Time elapsed: 6 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Owner (administrator) on 19-03-2013 at 16:18:02
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : desktop1

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : domain.invalid



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . : domain.invalid

        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

        Physical Address. . . . . . . . . : 00-1C-25-E0-E2-E7

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.254.4

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.254.254

        DHCP Server . . . . . . . . . . . : 192.168.254.254

        DNS Servers . . . . . . . . . . . : 192.168.254.254

                                            192.168.254.254

        Lease Obtained. . . . . . . . . . : Tuesday, March 19, 2013 8:15:29 AM

        Lease Expires . . . . . . . . . . : Monday, January 18, 2038 11:14:07 PM

Server:  UnKnown
Address:  192.168.254.254

Name:    google.com
Addresses:  74.125.228.4, 74.125.228.5, 74.125.228.6, 74.125.228.7
      74.125.228.8, 74.125.228.9, 74.125.228.14, 74.125.228.0, 74.125.228.1
      74.125.228.2, 74.125.228.3



Pinging google.com [74.125.228.5] with 32 bytes of data:



Reply from 74.125.228.5: bytes=32 time=22ms TTL=54

Reply from 74.125.228.5: bytes=32 time=21ms TTL=54



Ping statistics for 74.125.228.5:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 21ms, Maximum = 22ms, Average = 21ms

Server:  UnKnown
Address:  192.168.254.254

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=332ms TTL=45

Reply from 206.190.36.45: bytes=32 time=119ms TTL=45



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 119ms, Maximum = 332ms, Average = 225ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1c 25 e0 e2 e7 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.254   192.168.254.4      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0    192.168.254.4   192.168.254.4      20
    192.168.254.0    255.255.255.0    192.168.254.4   192.168.254.4      20
    192.168.254.4  255.255.255.255        127.0.0.1       127.0.0.1      20
  192.168.254.255  255.255.255.255    192.168.254.4   192.168.254.4      20
        224.0.0.0        240.0.0.0    192.168.254.4   192.168.254.4      20
  255.255.255.255  255.255.255.255    192.168.254.4   192.168.254.4      1
Default Gateway:   192.168.254.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/19/2013 09:24:28 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.2.223.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (03/19/2013 08:16:22 AM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver

Error: (03/18/2013 11:14:12 PM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver

Error: (03/18/2013 06:29:59 PM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver

Error: (03/18/2013 06:17:14 PM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver

Error: (03/18/2013 04:08:39 PM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver

Error: (03/18/2013 03:32:46 PM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver

Error: (03/18/2013 03:01:30 PM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver

Error: (03/18/2013 02:34:41 PM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver

Error: (03/18/2013 02:26:21 PM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver


System errors:
=============
Error: (03/19/2013 09:35:03 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort1

Error: (03/19/2013 08:15:56 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (03/19/2013 08:15:51 AM) (Source: Service Control Manager) (User: )
Description: The Digital Blue DMC2 Video Device service failed to start due to the following error:
%%1058

Error: (03/19/2013 08:15:28 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.254.4 for the Network Card with network address 001C25E0E2E7 has been
denied by the DHCP server 192.168.254.254 (The DHCP Server sent a DHCPNACK message).

Error: (03/18/2013 06:29:39 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (03/18/2013 06:29:37 PM) (Source: Service Control Manager) (User: )
Description: The Digital Blue DMC2 Video Device service failed to start due to the following error:
%%1058

Error: (03/18/2013 06:29:33 PM) (Source: Print) (User: NT AUTHORITY)
Description: Sharing printer failed + 1722, Printer Microsoft XPS Document Writer share name Printer.

Error: (03/18/2013 06:16:39 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (03/18/2013 06:16:36 PM) (Source: Service Control Manager) (User: )
Description: The Digital Blue DMC2 Video Device service failed to start due to the following error:
%%1058

Error: (03/18/2013 04:08:11 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE


Microsoft Office Sessions:
=========================
Error: (03/19/2013 09:24:28 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.2.223.0unspecifiedunspecifiedunspecifiedNILNILNIL

Error: (03/19/2013 08:16:22 AM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (03/18/2013 11:14:12 PM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (03/18/2013 06:29:59 PM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (03/18/2013 06:17:14 PM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (03/18/2013 04:08:39 PM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (03/18/2013 03:32:46 PM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (03/18/2013 03:01:30 PM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (03/18/2013 02:34:41 PM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (03/18/2013 02:26:21 PM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver


=========================== Installed Programs ============================

3D Groove Playback Engine
7-Zip 4.65
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Ad-Aware Browsing Protection (Version: 1.0.0.5)
Adobe AIR (Version: 3.5.0.1060)
Adobe Download Assistant (Version: 1.2.3)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Help Manager (Version: 4.0.244)
Adobe Illustrator CS6 (Version: 16.0)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.07)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Adobe Shockwave Player 11.6 (Version: 11.6.0.626)
Amazon MP3 Downloader 1.0.3
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ArcSoft VideoImpression 2
ATI - Software Uninstall Utility (Version: 6.14.10.1016)
ATI Display Driver (Version: 8.421-070928a-053250C-ATI)
AudibleManager (Version: 2147344384.2147340288.1343664.1244472)
Autodesk SketchBook Express 2011 sp2 (Version: 5.20.0000)
Bonjour (Version: 3.0.0.2)
Bullzip PDF Printer 9.3.0.1516 (Version: 9.3.0.1516)
CCleaner (Version: 3.24)
Color Efex Pro 3.0 Wacom Edition 6 (Version: 3.1.1.1)
Comic Life (Version: 1.3.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ContentSAFER for Wizmax
ConvertHelper 2.2
Corel Painter Sketch Pad
Corel SketchPad - ICA (Version: 1.0)
CPUID CPU-Z 1.58
Creative MediaSource 5 (Version: 5.00)
Creative Removable Disk Manager
Creative System Information
Creative ZEN V Series (R2) (Version: 1.0)
Critical Update for Windows Media Player 11 (KB959772)
Digital Blue™ PC Digital Movie Creator 2.0
DVD Suite
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
EmoDio (Version: 1.0)
Epson CreativeZone
Epson Event Manager (Version: 2.30.00)
EPSON NX510 Series Printer Uninstall
EPSON Printer Software
EPSON Scan
ESET Online Scanner v3
EuroTalk Talk Now! (Version: 2.2.5.1)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
German Grammar Made Easy (Version: 1.0.0)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
Google Updater (Version: 2.4.2432.1652)
Haali Media Splitter
IconHandler 32 bit (Version: 1.0)
Indeo® Software
IPM (Version: 1.1)
iTunes (Version: 10.4.0.80)
IZArc 4.1.2 (Version: 4.1.2)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
Machinarium (Version: 23.10.09)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Corporation (Version: 9.0.0.0)
Microsoft IntelliPoint 7.0 (Version: 7.0.260.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft LifeCam (Version: 2.7.569.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual J# .NET Redistributable Package 1.1 (Version: 1.1.4322)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.4.0)
Move Media Player
Mozilla Firefox 19.0.2 (x86 en-US) (Version: 19.0.2)
Mozilla Maintenance Service (Version: 19.0.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4 Parser (Version: 1.0.0)
MyFreeCodec
Nero 7 Essentials (Version: 7.02.5702)
Netflix Movie Viewer (Version: 1.2.211)
Octoshape add-in for Adobe Flash Player
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Painter Sketch Pad (Version: 1.1)
PaintTool SAI Ver.1
PDF Settings CS6 (Version: 11.0)
PowerDVD (Version: 7.0.2414.0)
PowerProducer
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.11.0000)
Realtek High Definition Audio Driver (Version: 5.10.0.5464)
RealUpgrade 1.1 (Version: 1.1.0)
Registration (Version: 01)
Revo Uninstaller 1.94 (Version: 1.94)
Segoe UI (Version: 14.0.4327.805)
Sid Meier's Civilization 4 Complete (Version: 1.74)
Sid Meier's Civilization IV Colonization (Version: 1.00)
Skype Toolbars (Version: 1.0.4051)
SpongeBob SquarePants Typing
SUPERAntiSpyware (Version: 4.55.1000)
swMSM (Version: 12.0.0.1)
The Rosetta Stone
The Sims Medieval (Version: 1.0.0)
Unity Web Player (Version: 2.5.0f5_21627)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB971180) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951618-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Vivitar Experience Image Manager
Wacom Tablet (Version: 6.3.4-3)
WebFldrs XP (Version: 9.50.7523)
WebTablet FB Plugin 32 bit (Version: 2.1.0.2)
WebTablet IE Plugin (Version: 1.1.0.4)
WebTablet Netscape Plugin (Version: 1.1.0.3)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix - KB895316
Windows PowerShell™ 1.0 (Version: 2)
WinPatrol (Version: 25.6.2012.1)
ZENcast Organizer
Zoo Tycoon 2 - Zookeeper Collection (Version: 1.00.0000)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 1983.23 MB
Available physical RAM: 1235.13 MB
Total Pagefile: 3876.63 MB
Available Pagefile: 3431.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.57 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.88 GB) (Free:168.39 GB) NTFS

========================= Users: ========================================

User accounts for \\DESKTOP1

Administrator            ASPNET                   Guest                    
HelpAssistant            Owner                    SUPPORT_388945a0         


**** End of log ****
 

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

Farbar Service Scanner Version: 03-03-2013
Ran by Owner (administrator) on 19-03-2013 at 16:23:53
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice service is OK.

sr Service is not running. Checking service configuration:
The start type of sr service is set to Disabled. The default start type is Boot.
The ImagePath of sr: "\SystemRoot\system32\DRIVERS\sr.sys".


System Restore Disabled Policy:
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=DWORD:1


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2008-08-15 04:05] - [2008-04-14 05:42] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2008-04-14 05:42] - [2009-02-06 07:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0B000000050000000100000002000000030000000400000009000000080000000B0000000C0000000600000007000000
IpSec Tag value is correct.

**** End of log ****

 

 

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

# AdwCleaner v2.115 - Logfile created 03/19/2013 at 16:29:57
# Updated 17/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - DESKTOP1
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner(1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\DOCUME~1\Owner\LOCALS~1\Temp\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\InstallMate

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\1r2hnq9r.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\p5mz6gi1.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zpsrhiw.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [5421 octets] - [16/11/2012 15:14:59]
AdwCleaner[S2].txt - [1607 octets] - [19/03/2013 16:29:57]

########## EOF - C:\AdwCleaner[S2].txt - [1667 octets] ##########
 

 

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.2 (03.15.2013:1)
OS: Microsoft Windows XP x86
Ran by Owner on Tue 03/19/2013 at 16:38:35.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\billp studios\detected\startup



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Owner\Local Settings\Application Data\adawarebp"



~~~ FireFox

Successfully deleted: [Folder] C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\p5mz6gi1.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
Successfully deleted the following from C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\p5mz6gi1.default\prefs.js

user_pref("stumble.10116749.recently_seen_publicids", "2CoH3A.2ppIZW.2rgPYZ.1RGvD6.2q7LJO.2LoJDx.23LEPf.2KYQux.A7IiUC.1LhSQi.31BPdq.1O23tr.210vFs.205lon.2G0XO0.312Uas.2IthKm.2





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 03/19/2013 at 16:43:13.48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/19/2013 04:50:50 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\WINDOWS\system32\CTsvcCDA.exe (PID: 1084) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * System Restore Disabled

   [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
   "DisableSR" = dword:00000001

Checking Windows Service Integrity:

 * System Restore Service (srservice) is not Running.
   Startup Type set to: Automatic

 * System Restore Filter Driver (sr) is not Running.
   Startup Type set to: Disabled

 * RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]

Searching for Missing Digital Signatures:

 * C:\WINDOWS\System32\sfcfiles.dll [NoSig]

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 03/19/2013 04:51:50 PM
Execution time: 0 hours(s), 1 minute(s), and 0 seconds(s)
 

 

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AppSetup"    ""    ""    ""
"HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup"    ""    ""    ""
"HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon"    ""    ""    ""
"HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet"    ""    ""    ""
"HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown"    ""    ""    ""
"HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff"    ""    ""    ""
"HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logoff"    ""    ""    ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Startup"    ""    ""    ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Shutdown"    ""    ""    ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell"    ""    ""    ""
"HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell"    ""    ""    ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell"    ""    ""    ""
"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AlternateShell"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
"HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\InitialProgram"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "AdobeAAMUpdater-1.0"    "Adobe Updater Startup Utility"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "AdobeCS6ServiceManager"    "Adobe CS6 Service Manager"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\cs6servicemanager\cs6servicemanager.exe"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files\quicktime\qttask.exe"
+ "RTHDCPL"    "Realtek HD Audio Control Panel"    "Realtek Semiconductor Corp."    "c:\windows\rthdcpl.exe"
+ "SwitchBoard"    "SwitchBoard Server (32 bit)"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\switchboard\switchboard.exe"
+ "WinPatrol"    "WinPatrol System Monitor"    "BillP Studios"    "c:\program files\billp studios\winpatrol\winpatrol.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"    ""    ""    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce"    ""    ""    ""
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup"    ""    ""    ""
"C:\Documents and Settings\Owner\Start Menu\Programs\Startup"    ""    ""    ""
+ "OpenOffice.org 3.4.1.lnk"    ""    ""    "c:\program files\openoffice.org 3\program\quickstart.exe"
"HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load"    ""    ""    ""
"HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\IconServiceLib"    ""    ""    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run"    ""    ""    ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "PhotoshopElements8SyncAgent"    "Elements Organizer SyncAgent9.0"    "Adobe Systems Incorporated"    "c:\program files\adobe\elements 9 organizer\elementsorganizersyncagent.exe"
+ "swg"    "GoogleToolbarNotifier"    "Google Inc."    "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce"    ""    ""    ""
"HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce"    ""    ""    ""
"HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows CE Services\AutoStartOnConnect"    ""    ""    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services\AutoStartOnConnect"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows CE Services\AutoStartOnDisconnect"    ""    ""    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services\AutoStartOnDisconnect"    ""    ""    ""
"HKCU\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""
"HKCU\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
+ "skype4com"    "Skype for COM API"    "Skype Technologies"    "c:\program files\common files\skype\skype4com.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"    ""    ""    ""
+ "0"    ""    ""    "File not found: About:Home"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler"    ""    ""    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"    ""    ""    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"    ""    ""    ""
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"    ""    ""    ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""
+ "SABShellExecuteHook Class"    "ShellExecuteHook"    "SuperAdBlocker.com"    "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"
+ "CTMTPMediaExplorer"    "CME ContextMenu Shell Extension"    "Creative Technology Ltd"    "c:\program files\creative\shared files\ctcmectx.dll"
+ "IZArcCM"    ""    ""    "c:\program files\izarc\izarccm.dll"
+ "NBShellHook Class"    "Nero BackItUp"    "Nero AG"    "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
"HKCU\Software\Classes\*\ShellEx\PropertySheetHandlers"    ""    ""    ""
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers"    ""    ""    ""
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\PropertySheetHandlers"    ""    ""    ""
"HKCU\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
"HKCU\Software\Classes\AllFileSystemObjects\ShellEx\DragDropHandlers"    ""    ""    ""
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\DragDropHandlers"    ""    ""    ""
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\DragDropHandlers"    ""    ""    ""
"HKCU\Software\Classes\AllFileSystemObjects\ShellEx\PropertySheetHandlers"    ""    ""    ""
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\PropertySheetHandlers"    ""    ""    ""
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\PropertySheetHandlers"    ""    ""    ""
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"
+ "IZArcCM"    ""    ""    "c:\program files\izarc\izarccm.dll"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
"HKCU\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"
+ "IZArcCM"    ""    ""    "c:\program files\izarc\izarccm.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
"HKCU\Software\Classes\Directory\Shellex\PropertySheetHandlers"    ""    ""    ""
"HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers"    ""    ""    ""
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\PropertySheetHandlers"    ""    ""    ""
"HKCU\Software\Classes\Directory\Shellex\CopyHookHandlers"    ""    ""    ""
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers"    ""    ""    ""
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers"    ""    ""    ""
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
"HKCU\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "Haali Column Provider"    ""    ""    "c:\program files\haali\matroskasplitter\mmfinfo.dll"
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"    ""    "Apache Software Foundation"    "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
"HKCU\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "CTMTPMediaExplorer"    "CME ContextMenu Shell Extension"    "Creative Technology Ltd"    "c:\program files\creative\shared files\ctcmectx.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "NBShellHook Class"    "Nero BackItUp"    "Nero AG"    "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
"HKCU\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "IZArcCM"    ""    ""    "c:\program files\izarc\izarccm.dll"
+ "NBShellHook"    "Nero BackItUp"    "Nero AG"    "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
"HKCU\Software\Classes\Folder\ShellEx\ExtShellFolderViews"    ""    ""    ""
"HKLM\Software\Classes\Folder\ShellEx\ExtShellFolderViews"    ""    ""    ""
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ExtShellFolderViews"    ""    ""    ""
"HKCU\Software\Classes\Folder\ShellEx\PropertySheetHandlers"    ""    ""    ""
"HKLM\Software\Classes\Folder\ShellEx\PropertySheetHandlers"    ""    ""    ""
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\PropertySheetHandlers"    ""    ""    ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
"HKCU\Software\Microsoft\Ctf\LangBarAddin"    ""    ""    ""
"HKLM\Software\Microsoft\Ctf\LangBarAddin"    ""    ""    ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper"    "Google Toolbar"    "Google Inc."    "c:\program files\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks"    ""    ""    ""
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "Google Toolbar"    "Google Toolbar"    "Google Inc."    "c:\program files\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
"HKCU\Software\Microsoft\Internet Explorer\Explorer Bars"    ""    ""    ""
"HKLM\Software\Microsoft\Internet Explorer\Explorer Bars"    ""    ""    ""
"HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\Explorer Bars"    ""    ""    ""
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Explorer Bars"    ""    ""    ""
"HKCU\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
"HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
"Task Scheduler"    ""    ""    ""
+ "Adobe Flash Player Updater.job"    "Adobe® Flash® Player Update Service 11.6 r602"    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
X "AppleSoftwareUpdate.job"    "Apple Software Update"    "Apple Inc."    "c:\program files\apple software update\softwareupdate.exe"
+ "Google Software Updater.job"    "gusvc"    "Google"    "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "GoogleUpdateTaskMachineCore.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "RealUpgradeLogonTaskS-1-5-21-1957994488-790525478-1417001333-1003.job"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\real\realupgrade\realupgrade.exe"
+ "RealUpgradeScheduledTaskS-1-5-21-1957994488-790525478-1417001333-1003.job"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\real\realupgrade\realupgrade.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "!SASCORE"    "SUPERAntiSpyware Core Service"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sascore.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
"HKCU\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.iac2"    "Indeo® Audio Software"    "Ligos Corporation"    "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch"    "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"
+ "VIDC.FFDS"    ""    ""    "c:\windows\system32\ff_vfw.dll"
+ "vidc.iv31"    "Ligos Indeo® Video 3.2"    "Ligos Corporation"    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32"    "Ligos Indeo® Video 3.2"    "Ligos Corporation"    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41"    "Ligos Indeo® Video 4.5"    "Ligos Corporation"    "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50"    "Ligos Indeo® Video 5.11"    "Ligos Corporation"    "c:\windows\system32\ir50_32.dll"
+ "vidc.VP60"    "VP6 VIDEO FOR WINDOWS CODEC "    "On2.com"    "c:\windows\system32\vp6vfw.dll"
+ "vidc.VP61"    "VP6 VIDEO FOR WINDOWS CODEC "    "On2.com"    "c:\windows\system32\vp6vfw.dll"
"HKCU\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
"HKCU\Software\Classes\Filter"    ""    ""    ""
"HKLM\Software\Classes\Filter"    ""    ""    ""
+ "Indeo® Video 4.5 Compression Filter"    "Ligos Indeo® Video 4.5"    "Ligos Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® Video 4.5 Compression Filter"    "Ligos Indeo® Video 4.5"    "Ligos Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® Video 4.5 Decompression Filter"    "Ligos Indeo® Video 4.5"    "Ligos Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® Video 4.5 Decompression Filter"    "Ligos Indeo® Video 4.5"    "Ligos Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Intel® Play™ Sample Rate Converter"    "Intel® Play™ Sample Rate Convert Filter"    "Intel® Corporation"    "c:\windows\system32\ipsmplrt.ax"
+ "Intel® Play™ Sample Rate Converter"    "Intel® Play™ Sample Rate Convert Filter"    "Intel® Corporation"    "c:\windows\system32\ipsmplrt.ax"
+ "MainConcept MPEG Demultiplexer"    "MPEG-1/2 Demultiplexer"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Demultiplexer"    "MPEG-1/2 Demultiplexer"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer"    "MPEG Push Demultiplexer"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer"    "MPEG Push Demultiplexer"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept VC-1 Decoder"    "VC-1 Decoder DirectShow Filter"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
+ "MainConcept VC-1 Decoder"    "VC-1 Decoder DirectShow Filter"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
"HKCU\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
"HKCU\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
"HKCU\Software\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance"    ""    ""    ""
"HKCU\Software\Wow6432Node\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance"    ""    ""    ""
"HKCU\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance"    ""    ""    ""
"HKCU\Software\Wow6432Node\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance"    ""    ""    ""
"HKCU\Software\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance"    ""    ""    ""
"HKCU\Software\Wow6432Node\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance"    ""    ""    ""
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\system32\acelpdec.ax"
+ "Arcsoft DV Transition"    "DV Transition Buffer"    "Arcsoft"    "c:\program files\common files\arcsoft\mpeg engine\dvtransition.ax"
+ "ArcSoft MPEG Audio Decoder"    "ArcSoft Audio Decoder"    "ArcSoft Inc."    "c:\program files\common files\arcsoft\mpeg engine\mpgaudio.ax"
+ "ArcSoft Mpeg Encoder Filter"    ""    "ArcSoft"    "c:\program files\common files\arcsoft\mpeg engine\arcmpegcodec.ax"
+ "ArcSoft Mpeg Mplex Filter"    "MplexFilter"    "ArcSoft Inc."    "c:\program files\common files\arcsoft\mpeg engine\arcmplexfilter.ax"
+ "ArcSoft MPEG Splitter"    "MPGSplitter Filter"    "ArcSoft, Inc."    "c:\program files\common files\arcsoft\mpeg engine\arcspl.ax"
+ "ArcSoft MPEG Video Decoder"    "ArcSoft Mpeg Video Decoder Filter"    "ArcSoft Inc."    "c:\program files\common files\arcsoft\mpeg engine\mpgvideo.ax"
+ "Arcsoft Mpeg2Audio Encoder"    "Mpeg2AudioEncoder"    "ArcSoft Inc."    "c:\program files\common files\arcsoft\mpeg engine\mpeg2audioencoder.ax"
+ "ArcSoft Realtime Capture Encoder Filter"    "Arc Real time Capture Encoder Filter"    "Arcsoft"    "c:\program files\common files\arcsoft\mpeg engine\arccaptureencoder.ax"
+ "Audible Words Codec"    "Audible Media Player Filter"    "Audible, Inc."    "c:\windows\system32\awrdscdc.ax"
+ "BPM Metadata"    "Creative BPM Metadata Filter"    "Creative Technology Ltd."    "c:\program files\creative\shared files\metabpmu.ax"
+ "Creative AC3 Source Filter"    "Creative AC3 Source Filter"    "Creative Technology Ltd"    "c:\program files\creative\shared files\ac3srcu.ax"
+ "Creative Audio Gain Filter"    "Audio Gain Filter"    "Creative Technology Ltd"    "c:\program files\creative\shared files\audgain.ax"
+ "Creative CDDA Source Filter"    "CDDA Filter"    "Creative Technology Ltd"    "c:\program files\creative\shared files\cdda.ax"
+ "Creative File Reader Filter"    "Creative File Reader Filter"    "Creative Technology Ltd"    "c:\program files\creative\shared files\fileread.ax"
+ "Creative File Reader Filter"    "Creative File Reader Filter"    "Creative Technology Ltd"    "c:\program files\creative\shared files\filreadu.ax"
+ "Creative Flac Source Filter"    "Creative FLAC Source Filter"    "Creative Technology Ltd"    "c:\program files\creative\shared files\flacsrcu.ax"
+ "Creative Frame Rate Converter"    "Creative Frame Rate Converter"    "Creative Technology Ltd"    "c:\program files\creative\shared files\ctfrconv.ax"
+ "Creative Internet Source Filter"    "Creative Internet Source Filter"    "Creative Technology Ltd"    "c:\program files\creative\shared files\inetsrcu.ax"
+ "Creative LiveRecording Filter_SxS"    "Live Recording Filter"    "Creative Technology Ltd"    "c:\program files\creative\shared files\liverecu.ax"
+ "Creative Media Select"    ""    "Creative Technology Ltd."    "c:\program files\creative\shared files\mediasel.ax"
+ "Creative MLP Source Filter"    "Creative MLP Source Filter"    "Creative Technology Ltd"    "c:\program files\creative\shared files\mlpsrcu.ax"
+ "Creative Null Audio"    ""    "Creative Technology Ltd."    "c:\program files\creative\shared files\nullaud.ax"
+ "Creative NVF Filter"    "Creative Nomad Voice File Source Filter"    "Creative Technology Ltd"    "c:\program files\creative\shared files\nvfsrcu.ax"
+ "Creative Ogg Source Filter"    "Creative Ogg Source Filter"    "Creative Technology Ltd"    "c:\program files\creative\shared files\oggsrcu.ax"
+ "Creative PCM Raw Writer"    "Creative Raw Writer"    "Creative Technology Ltd"    "c:\program files\creative\shared files\rawwritu.ax"
+ "Creative QT Source Filter"    "Creative QT Source Filter"    "Creative Technology Ltd."    "c:\program files\creative\shared files\ctqtsf.ax"
+ "Creative Video Processing Filter"    "Creative Video Processing Filter"    "Creative Technology Ltd."    "c:\program files\creative\shared files\vidprocu.ax"
+ "Creative Wave Writer"    "Wave Writer"    "Creative Technology Ltd"    "c:\program files\creative\shared files\wavwrite.ax"
+ "Creative WMA Source Filter"    "Creative WMA Source Filter"    "Creative Technology Ltd"    "c:\program files\creative\shared files\wmasrc.ax"
+ "Creative WMA Writer"    "WMA Writer"    "Creative Technology Ltd"    "c:\program files\creative\shared files\wmawrite.ax"
+ "CT CMSS3 filter"    "Sample"    "Creative Technology Ltd"    "c:\program files\creative\shared files\cmss3.ax"
+ "CT HPVirtualizer filter"    "Creative Headphone Virtualizer Filter"    "Creative Technology, Ltd."    "c:\program files\creative\shared files\virtual.ax"
+ "CT Karaoke filter"    "Creative Karaoke Filter"    "Creative Technology Ltd."    "c:\program files\creative\shared files\karaoke.ax"
+ "CT PDP filter"    "Creative Crystalizer Filter"    "Creative Technology, Ltd."    "c:\program files\creative\shared files\pdp.ax"
+ "CT SmartVolumeManagement filter"    "Creative Compressor Plugin"    "Creative Technology Ltd."    "c:\program files\creative\shared files\dscompr.ax"
+ "CT Time-Scaling filter"    "Sample"    "Creative Technology Ltd."    "c:\program files\creative\shared files\timescal.ax"
+ "CT Upsampler filter"    "Sample"    "Creative Technology Ltd"    "c:\program files\creative\shared files\upsample.ax"
+ "CyberLink Audio Commercial Cut Analyzer"    "CLAudCM"    "Cyberlink Corp."    "c:\program files\cyberlink\powerproducer\claudcm.ax"
+ "CyberLink Audio Decoder (PDVD7 UPnP)"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\upnp\claud.ax"
+ "CyberLink Audio Decoder (PDVD7)"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD7)"    "CyberLink Audio Effect Filter"    "CyberLink Corporation"    "c:\program files\cyberlink\powerdvd\audiofilter\claudfx.ax"
+ "CyberLink Audio Resampler"    "CLAuRsmpl.ax"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\ppaursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer (PDVD7)"    "CLAudSpa.ax"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\audiofilter\claudspa.ax"
+ "CyberLink AudioCD Filter (PDVD7)"    "CyberLink AudioCD Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\audiofilter\claudiocd.ax"
+ "CyberLink Demultiplexer"    "MPEG-2 Dempltiplexer"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\ppdemuxer.ax"
+ "CyberLink Demux (PDVD7 UPnP)"    "MPEG-2 Dempltiplexer"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\upnp\cldemuxer.ax"
+ "CyberLink Demux (PDVD7)"    "MPEG-2 Dempltiplexer"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\navfilter\cldemuxer.ax"
+ "CyberLink DV Buffer"    "DV dump Filter"    "CyberLink Corporation"    "c:\program files\cyberlink\powerproducer\ppdvdump.ax"
+ "CyberLink DVD Navigator (PDVD7)"    "CyberLink DVD Navigation Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\navfilter\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)"    "CES Kernel"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\cledtkrn.dll"
+ "CyberLink Frame Parser"    "CLFParser"    "CyberLink"    "c:\program files\cyberlink\powerproducer\clfparser.ax"
+ "CyberLink Line21 Decoder (PDVD7)"    "CyberLink Line21 Decoder Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\videofilter\clline21.ax"
+ "CyberLink Load Image Filter"    "CLImage"    "CyberLink"    "c:\program files\cyberlink\shared files\climage.ax"
+ "CyberLink MPEG Splitter(Scramble)"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\upnp\clsplter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD7)"    "CyberLink MPEG-4 Splitter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\navfilter\clm4splt.ax"
+ "CyberLink Push-Mode CLStream (PDVD7)"    "CLStream"    "CyberLink"    "c:\program files\cyberlink\powerdvd\upnp\clstream(pushmode).ax"
+ "CyberLink SAC Video Decoder(PDVD7 HomeNetwork)"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\upnp\clvsd.ax"
+ "Cyberlink Scene Detect Filter"    "CLScnDt"    "CyberLink"    "c:\program files\cyberlink\powerproducer\ppscndt.ax"
+ "CyberLink Streamming Filter (PDVD7)"    "Cyberlink Streaming Source Filter(Scramble)"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\upnp\clstream.ax"
+ "Cyberlink Sub-Picture Filter"    "Cyberlink Sub-Picture Filter"    "Cyberlink"    "c:\program files\cyberlink\powerproducer\clsubpic.ax"
+ "Cyberlink SubTitle Importor (PDVD7)"    "CLSubTitle.ax"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD7)"    "CLAuTS.ax"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\audiofilter\clauts.ax"
+ "Cyberlink TS Information"    "CLTSInfo"    "Cyberlink"    "c:\program files\cyberlink\powerproducer\pptsinfo.ax"
+ "CyberLink Video/SP Decoder (PDVD7)"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\videofilter\clvsd.ax"
+ "Digital Blue™ AV Synch Filter"    "AVSynchD2"    "Digital Blue"    "c:\windows\system32\avsynchd2.ax"
+ "Dump"    "SelfMusicVideo Dump Filter (DShow)"    "ENJsoft Corporation"    "c:\windows\system32\tg_dump.dll"
+ "ffdshow Audio Decoder"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\ffdshow\ffdshow.ax"
+ "Haali Matroska Muxer"    "Haali Media Splitter"    ""    "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Media Splitter"    "Haali Media Splitter"    ""    "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Media Splitter (AR)"    "Haali Media Splitter"    ""    "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Simple Media Splitter"    "Haali Media Splitter"    ""    "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Video Renderer"    ""    ""    "c:\program files\haali\matroskasplitter\dxr.dll"
+ "Haali Video Sink"    "Haali Media Splitter"    ""    "c:\program files\haali\matroskasplitter\splitter.ax"
+ "HighMAT and MPV Navigator Filter"    "MPV Playback Filter"    ""    "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "HighMAT/MPV Navigation Client Filter"    "MPV Playback Filter"    ""    "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "Image Scaling"    "Image Scaling Filter"    "Digital Blue"    "c:\windows\system32\ipsimaged2.ax"
+ "Indeo Video ® 5.11 Progressive Download Source"    "Ligos Indeo® Video IVF Source Filter 5.11"    "Ligos Corporation"    "c:\windows\system32\ivfsrc.ax"
+ "Indeo® Audio Software"    "Indeo® Audio Software"    "Ligos Corporation"    "c:\windows\system32\iac25_32.ax"
+ "Indeo® Video 5.11 Compression Filter"    "Ligos Indeo® Video 5.11"    "Ligos Corporation"    "c:\windows\system32\ir50_32.dll"
+ "Indeo® Video 5.11 Decompression Filter"    "Ligos Indeo® Video 5.11"    "Ligos Corporation"    "c:\windows\system32\ir50_32.dll"
+ "MACSReaderMP3 Filter"    "MACSReaderMP3 Filter"    ""    "c:\program files\samsung\emodio\macsreaderavi.ax"
+ "MainConcept (Broadcast) AVC/H.264 Video Decoder"    "AVC/H.264 Decoder DirectShow Filter"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_bc_dec_avc_ds.ax"
+ "MainConcept AAC Decoder"    "AAC audio decoder filter"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_dec_aac_ds.ax"
+ "MainConcept AVC/H.264 Video Decoder"    "AVC/H.264 Decoder DirectShow Filter"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_dec_avc_ds.ax"
+ "MainConcept DV Dif Parser"    "DV Dif Parser DS Filter"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_parser_dv_ds.ax"
+ "MainConcept DV Video Decoder"    "DirectShow DVCPro Video Decoder"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_dec_dv_ds.ax"
+ "MainConcept DV-Demultiplexer"    "DV-Splitter DS Filter"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_demux_dv_ds.ax"
+ "MainConcept DVCPro 50 Video Decoder"    "DirectShow DVCPro50 Video Decoder"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_dec_dv50_ds.ax"
+ "MainConcept DVCPro HD Video Decoder"    "DirectShow DVCProHD Video Decoder"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_dec_dv100_ds.ax"
+ "MainConcept MPEG Demultiplexer"    "MPEG-1/2 Demultiplexer"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer"    "MPEG Push Demultiplexer"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept Stream Parser"    "MPEG-1/2 Demultiplexer"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept VC-1 Decoder"    "VC-1 Decoder DirectShow Filter"    "MainConcept GmbH"    "c:\program files\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
+ "Mp3Dump"    ""    "Creative Technology Ltd."    "c:\program files\creative\shared files\mp3dump.ax"
+ "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecx.ax"
+ "MusicCity MPEG Splitter"    "PCube MPEG Splitter Filter"    "© MusicCity"    "c:\windows\system32\muzmpgsp.ax"
+ "MusicCity OGG Splitter"    "OGG Splitter"    "© PeeringPortal"    "c:\windows\system32\muzoggsp.ax"
+ "NeAudio2"    "Nero Audio Decoder 2"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neaudio2.ax"
+ "NEDFilter4Samsung Filter"    "MACSReaderMP3 Filter"    "L544™ Technology"    "c:\program files\samsung\emodio\nedfilter4samsung.ax"
+ "Nero Audible Decoder"    "Nero Audible Decoder"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neaudible.ax"
+ "Nero Audio CD Filter"    "Nero Audio CD Source Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio CD Navigator"    "Nero Audio CD Source Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio Processor"    "Nero Audio Processor"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neaudioconv.ax"
+ "Nero Audio Source"    "Nero Library"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer"    "Nero Library"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer"    "Nero Library"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero AV Synchronizer"    "Audio/Video Synchronizer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neavsync.ax"
+ "Nero Deinterlace"    "Deinterlacing Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nedeinterlace.ax"
+ "Nero Digital AVC Audio Encoder"    "AAC LC/HE Audio Encoder"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendaud.ax"
+ "Nero Digital AVC File Writer"    "NeroDigital File Format Muxer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Muxer"    "NeroDigital File Format Muxer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Null Renderer"    "NeroDigital File Format Muxer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Subpicture Enc"    "NeroDigital File Format Muxer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Video Enc"    "MPEG4 and H.264 (AVC) Video Encoder"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendvid.ax"
+ "Nero Digital Parser"    "NeroDigital / mp4 / avi / mov parser"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero DV Splitter"    "DV Splitter Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nedvsplitter.ax"
+ "Nero DVD Decoder"    "MPEG-1/2/4 & AVC video decoder w/ DxVA"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero DVD Navigator"    "DVD Navigator Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nedvd.ax"
+ "Nero ES Video Reader"    "NeroDigital / mp4 / avi / mov parser"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero File Source"    "Nero SVCD source filter"    "Nero AG "    "c:\program files\common files\ahead\dsfilter\nefilesrc.ax"
+ "Nero File Source (Async.)"    "Nero Home"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nefilesourceasync.ax"
+ "Nero File Source / Splitter"    "Push Mode VOB Source Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nefsource.ax"
+ "Nero Format Converter"    "Frame rate / Color space converter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neroformatconv.ax"
+ "Nero Frame Capture"    "Direct Show frame grabber filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\necapture.ax"
+ "Nero InteractiveGraphics Decoder"    "Graphics Decoder Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero MP4 Splitter"    "MP4 Splitter Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nemp4splitter.ax"
+ "Nero Mpeg2 Encoder"    "MPEG 1/2 encoder filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevcr.ax"
+ "Nero Ogg Splitter"    "Ogg Splitter Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neoggsplitter.ax"
+ "Nero Overlay Mixer"    "Overlay Mixer Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neoverlaymixer.ax"
+ "Nero Photo Source"    "Nero Home"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nephotosource.ax"
+ "Nero PresentationGraphics Decoder"    "Graphics Decoder Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero PS Muxer"    ""    ""    "c:\program files\common files\ahead\dsfilter\nepsmuxer.ax"
+ "Nero QuickTime™ Audio Decoder"    "QuickTime™ Decoder Wrapper"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder"    "QuickTime™ Decoder Wrapper"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero Resize"    "Resizing Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neresize.ax"
+ "Nero Scene Change Detector"    "Scene Change Detector"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Scene Change Detector"    "Scene Change Detector"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Sound Processor"    "Nero Sound Processor"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesoundproc.ax"
+ "Nero Splitter"    "Splitter Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesplitter.ax"
+ "Nero Stream Buffer Sink"    "Nero Stream Buffer Engine"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Buffer Source"    "Nero Stream Buffer Engine"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Subpicture Decoder"    "Nero Subpicture Decoder"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesubpicture.ax"
+ "Nero Subtitle"    "Subtitle Mixer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesubtitle.ax"
+ "Nero Thumbnail Decoder"    "Thumbnail Decoder Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nebdthumbnail.ax"
+ "Nero Vcd Navigator"    "Nero Vcd Navigator Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevcd.ax"
+ "Nero Video Analyzer"    "Nero Video Analyzer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevideoanalyzer.ax"
+ "Nero Video Decoder"    "MPEG-1/2/4 & AVC video decoder w/ DxVA"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero Video Decoder HD"    "Nero HD Video Decoder"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevideohd.ax"
+ "Nero Video Processor"    "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerovideoproc.ax"
+ "Nero Video Renderer"    "Nero Video Renderer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevideorenderer.ax"
+ "Nero Video Source"    "Nero Library"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "NeSoundSwitch"    "Nero Sound Switcher"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesoundswitch.ax"
+ "Noise Reduction"    "Creative Noise Reduction Filter"    "Creative Technology Ltd."    "c:\program files\creative\shared files\noisredu.ax"
+ "Ogg Multiplexer"    "Ogg DirectShow™ Filter Collection"    ""    "c:\windows\system32\oggds.dll"
+ "Ogg Splitter"    "Ogg DirectShow™ Filter Collection"    ""    "c:\windows\system32\oggds.dll"
+ "P3Audio"    "PCube Audio Decoder Filter"    "© MusicCity"    "c:\windows\system32\muzdecode.ax"
+ "P3AudioEffect"    "P3AudioEffect Filter"    "© MUSICCITY"    "c:\windows\system32\muzeffect.ax"
+ "P3MP4Splitter"    "P3MP4Splitter Filter"    "© MusicCity"    "c:\windows\system32\muzmp4sp.ax"
+ "P3Sourcer"    "AOD Sourcer Filter"    "Musiccity Co.Ltd."    "c:\windows\system32\muzaf1.dll"
+ "P3WMTSplitter"    "P3WMTSplitter Filter"    " © MusicCity"    "c:\windows\system32\muzwmts.dll"
+ "PowerProducer Double Tee"    "Cyberlink Double Tee Filter"    "CtberLink Corporation"    "c:\program files\cyberlink\powerproducer\ppdoubletee.ax"
+ "PP Audio Decoder"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\claud.ax"
+ "PP Audio Effect"    "CyberLink Audio Effect Filter"    "CyberLink Corporation"    "c:\program files\cyberlink\powerproducer\claudfx.ax"
+ "PP Audio Encoder"    "CyberLink Audio Encoder Filter"    "Cyberlink Corp."    "c:\program files\cyberlink\powerproducer\ppaudenc.ax"
+ "PP Audio Noise Reduction (CES)"    "CLAuNR"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\claunrwrapper.ax"
+ "PP Byte Counter"    "PP Byte Counter"    "CyberLink Corporation"    "c:\program files\cyberlink\powerproducer\ppbytecounter.ax"
+ "PP DDR"    "PP DDR"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\pprender.ax"
+ "PP Dump Dispatch Filter"    "Cyberlink File Dump Dispatch Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\ppdumpdispatch.ax"
+ "PP Dump Filter"    "Cyberlink File Dump Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\ppdump.ax"
+ "PP DV Buffer"    "CLDVBuffer Filter"    "CyberLink"    "c:\program files\cyberlink\powerproducer\ppdvbuffer.ax"
+ "PP DV Dump Filter"    "DV dump Filter"    "CyberLink Corporation"    "c:\program files\cyberlink\powerproducer\ppdvdump.ax"
+ "PP DV Reader Filter"    "DVMultReader Filter"    "CyberLink"    "c:\program files\cyberlink\powerproducer\ppdvmrd.ax"
+ "PP DV TCR"    "DVTCR"    "CyberLink"    "c:\program files\cyberlink\powerproducer\ppdvtcr.ax"
+ "PP File Reader (Async.)"    "Cyberlink MPEG File Reader"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\ppreader.ax"
+ "PP Gate Filter"    "CLGate"    "CyberLink"    "c:\program files\cyberlink\powerproducer\ppgate.ax"
+ "PP IDM"    "idmf"    "Cyberlink"    "c:\program files\cyberlink\powerproducer\ppidmf.ax"
+ "PP M2V Writer"    "CLM2VWriter"    "CyberLink"    "c:\program files\cyberlink\powerproducer\ppm2vwriter.ax"
+ "PP MPEG Muxer"    "MpgMux"    "CyberLink"    "c:\program files\cyberlink\powerproducer\ppmpgmux.ax"
+ "PP MPEG Video Encoder"    "CyberLink MPEG Video Encoder                               "    "CyberLink Corp.                                            "    "c:\program files\cyberlink\powerproducer\ppvidenc.ax"
+ "PP MPEG-1 Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\ppm1splter.ax"
+ "PP MPEG-2 Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\ppm2splter.ax"
+ "PP PCM Wrapper"    "PP PCM Wrapper"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\pppcmenc.ax"
+ "PP Snapshot Filter"    "CLSnapShot Filter"    "CyberLink"    "c:\program files\cyberlink\powerproducer\ppsnapshot.ax"
+ "PP SnapShotTIP Filter"    "CLSShot"    "CyberLink"    "c:\program files\cyberlink\powerproducer\ppsshot.ax"
+ "PP TimeStretch Filter (CES)"    "CLAuTS.ax"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\clauts.ax"
+ "PP TL MPEG Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\pptlmsplter.ax"
+ "PP Video Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\ppgenericvsd.ax"
+ "PP Video Effect"    "CLVidFx"    "CyberLink"    "c:\program files\cyberlink\powerproducer\ppvidfx.ax"
+ "PP Video Regulator"    "CyberLink Video Regulator"    "CyberLink"    "c:\program files\cyberlink\powerproducer\ppresample.ax"
+ "PP Video Regulator"    "CLRGL"    "Cyberlink"    "c:\program files\cyberlink\powerproducer\clrgl.ax"
+ "PP Video Stabilizer"    "CLVideoDeShaking"    "CyberLink"    "c:\program files\cyberlink\powerproducer\clvideostabilizer.ax"
+ "PP WAV Dest"    "CLWavDest"    "CyberLink"    "c:\program files\cyberlink\powerproducer\ppwavdest.ax"
+ "PP YUY2 Deinterlace"    "DitlYuY2"    "CyberLink"    "c:\program files\cyberlink\powerproducer\ppditlyuy2.ax"
+ "PP YUY2 Sub-Sampling"    "SubYUY2 Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\ppsubyuy2.ax"
+ "RambunctiousDS Wave Dest2"    "Intel® Play™ Digital Movie Creator™"    "Image Builder Software"    "c:\windows\system32\dmwavedestd2.ax"
+ "RealPlayer Audio Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"
+ "SEDG Video Decoder"    ""    ""    "c:\program files\myfree codec\09c beta\samsung\mcs_dec2.ax"
+ "SelfMusicVideo Dump Filter"    "SelfMusicVideo Dump Filter (DShow)"    "ENJsoft Corporation"    "c:\windows\system32\tg_dump0708.dll"
+ "SpatialStereo Filter"    ""    ""    "c:\program files\samsung\emodio\3daudio.ax"
+ "STL Disco Lite"    "DiscoPerm"    "Intel® Corporation"    "c:\windows\system32\discoperm.ax"
+ "SVM Metadata"    "Creative SVM Metadata Filter"    "Creative Technology Ltd."    "c:\program files\creative\shared files\metasvmu.ax"
+ "Time Regulator"    "TimeRegulator"    "cyberlink"    "c:\program files\cyberlink\powerproducer\avi_audtr.ax"
+ "Track1Filter"    "Adobe Photoshop Elements 9.0 (component)"    "Adobe Systems Incorporated"    "c:\program files\adobe\elements 9 organizer\track1filter.dll"
+ "Track2Filter"    "Adobe Photoshop Elements 9.0 (component)"    "Adobe Systems Incorporated"    "c:\program files\adobe\elements 9 organizer\track2filter.dll"
+ "Vorbis Decoder"    "Ogg DirectShow™ Filter Collection"    ""    "c:\windows\system32\oggds.dll"
+ "Vorbis Encoder"    "Ogg DirectShow™ Filter Collection"    ""    "c:\windows\system32\oggds.dll"
+ "WavTrans"    ""    "Creative Technology Ltd."    "c:\program files\creative\shared files\wavtrans.ax"
+ "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\system32\wiasf.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
"HKLM\Software\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance"    ""    ""    ""
"HKLM\Software\Wow6432Node\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance"    ""    ""    ""
"HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance"    ""    ""    ""
"HKLM\Software\Wow6432Node\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance"    ""    ""    ""
"HKLM\Software\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance"    ""    ""    ""
"HKLM\Software\Wow6432Node\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance"    ""    ""    ""
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute"    ""    ""    ""
"HKLM\System\CurrentControlSet\Control\Session Manager\SetupExecute"    ""    ""    ""
"HKLM\System\CurrentControlSet\Control\Session Manager\Execute"    ""    ""    ""
"HKLM\System\CurrentControlSet\Control\Session Manager\S0InitialCommand"    ""    ""    ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options"    ""    ""    ""
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options"    ""    ""    ""
"HKLM\Software\Microsoft\Command Processor\Autorun"    ""    ""    ""
"HKLM\Software\Wow6432Node\Microsoft\Command Processor\Autorun"    ""    ""    ""
"HKCU\Software\Microsoft\Command Processor\Autorun"    ""    ""    ""
"HKCU\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)"    ""    ""    ""
"HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)"    ""    ""    ""
"HKLM\Software\Classes\.exe"    ""    ""    ""
"HKCU\Software\Classes\.exe"    ""    ""    ""
"HKLM\Software\Classes\.cmd"    ""    ""    ""
"HKCU\Software\Classes\.cmd"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls"    ""    ""    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls"    ""    ""    ""
"HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls"    ""    ""    ""
"HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ServiceControllerStart"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LsaStart"    ""    ""    ""
"HKLM\SYSTEM\Setup\CmdLine"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System"    ""    ""    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""
+ "AtiExtEvent"    "ATI External Event Utility DLL Module"    "ATI Technologies Inc."    "c:\windows\system32\ati2evxx.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SaveDumpStart"    ""    ""    ""
"HKCU\SOFTWARE\Policies\Microsoft\Windows\Control Panel\Desktop\Scrnsave.exe"    ""    ""    ""
"HKCU\Control Panel\Desktop\Scrnsave.exe"    ""    ""    ""
"HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImagePath"    ""    ""    ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries"    ""    ""    ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64"    ""    ""    ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""
"HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders"    ""    ""    ""
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages"    ""    ""    ""
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages"    ""    ""    ""
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages"    ""    ""    ""
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order"    ""    ""    ""
 



#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:42 AM

Posted 19 March 2013 - 04:33 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

 



#15 gerstley

gerstley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 19 March 2013 - 06:42 PM

Everythings great.  Thanks for your help.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users