Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search re-directs


  • Please log in to reply
9 replies to this topic

#1 kephyr

kephyr

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:04:01 PM

Posted 29 March 2013 - 10:33 AM

I have a client's machine. It is getting re-directed on Google searches in Internet Explorer 8 and Firefox (19 -- up-to-date). Chrome seems to be OK.

 

The machine has Norton 360 (up-to-date) and had Lavasoft Ad-Aware on it. I tried to update Ad-Aware and it said there was a conflict with another program (which I assumed to be Norton) so I removed it. The Lavasoft SecureSearch is still in Internet Explorer and Chrome. I removed it from Firefox when I cleaned out some extensions and add-ons,

 

I have run:

 

TDSSKiller -- no objects detected

AdwCleaner -- cleared a few things

MalwareBytes AntiMalware -- nothing detected

MalwareBytes Anti-Rootkit -- nothing detected

Spybot S&D -- the usual suspects

 

The machine is a Dell Optiplex running Windows XP3. when it boots up, there is some delay between showing the desktop background and starting to load the tray and displaying the desktop icons, which made me suspect a rootkit, but so far I've drawn blanks.

 

Help!  Please!

 

Thanks

 



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:01 PM

Posted 29 March 2013 - 10:35 AM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules and Detect TDLFS file system. Do not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run
  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg
  • Click Reboot computer
  • Please post the contents of TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply
  • Due to forum upgrade you may face issues posting the TDSSkiller log.Just last few lines of log is sufficient

===================================================

RKILL
  • Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another.) and save it to your desktop:
  • Link 1
  • Link 2

  • In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.

===================================================

ESET Online Scanner

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    esetsmartinstaller_enu.png

    • Click on to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology

  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. Note: If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button

===================================================

Junkware Removal Tool by thisisu
  • Please download Junkware Removal Tool
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply.

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • TDSSKiller log
  • RKILL log
  • ESET log
  • Junkware removal tool log

 



#3 kephyr

kephyr
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:04:01 PM

Posted 29 March 2013 - 12:42 PM

Thanks for your help.

 

Here are teh logs:

 

TDSSKiller:

 

12:06:43.0093 0176  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:06:45.0093 0176  ============================================================
12:06:45.0093 0176  Current date / time: 2013/03/29 12:06:45.0093
12:06:45.0093 0176  SystemInfo:
12:06:45.0093 0176  
12:06:45.0093 0176  OS Version: 5.1.2600 ServicePack: 3.0
12:06:45.0093 0176  Product type: Workstation
12:06:45.0093 0176  ComputerName: E92920843E074B4
12:06:45.0093 0176  UserName: Owner
12:06:45.0093 0176  Windows directory: C:\WINDOWS
12:06:45.0093 0176  System windows directory: C:\WINDOWS
12:06:45.0093 0176  Processor architecture: Intel x86
12:06:45.0093 0176  Number of processors: 2
12:06:45.0093 0176  Page size: 0x1000
12:06:45.0093 0176  Boot type: Normal boot
12:06:45.0093 0176  ============================================================
12:06:47.0703 0176  BG loaded
12:06:48.0156 0176  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:06:48.0187 0176  ============================================================
12:06:48.0187 0176  \Device\Harddisk0\DR0:
12:06:48.0187 0176  MBR partitions:
12:06:48.0187 0176  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
12:06:48.0187 0176  ============================================================
12:06:48.0281 0176  C: <-> \Device\Harddisk0\DR0\Partition1
12:06:48.0281 0176  ============================================================
12:06:48.0281 0176  Initialize success
12:06:48.0281 0176  ============================================================
12:07:40.0515 3960  ============================================================
12:07:40.0515 3960  Scan started
12:07:40.0515 3960  Mode: Manual; TDLFS;
12:07:40.0515 3960  ============================================================
12:07:41.0234 3960  ================ Scan system memory ========================
12:07:41.0234 3960  System memory - ok
12:07:41.0234 3960  ================ Scan services =============================
12:07:41.0296 3960  Abiosdsk - ok
12:07:41.0312 3960  abp480n5 - ok
12:07:41.0359 3960  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:07:41.0359 3960  ACPI - ok
12:07:41.0406 3960  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
12:07:41.0406 3960  ACPIEC - ok
12:07:41.0437 3960  [ F959F333A01F5C109E9D644C3BD8301C ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
12:07:41.0437 3960  ADIHdAudAddService - ok
12:07:41.0531 3960  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:07:41.0531 3960  AdobeFlashPlayerUpdateSvc - ok
12:07:41.0546 3960  adpu160m - ok
12:07:41.0578 3960  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
12:07:41.0578 3960  aec - ok
12:07:41.0625 3960  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
12:07:41.0640 3960  AFD - ok
12:07:41.0640 3960  Aha154x - ok
12:07:41.0640 3960  aic78u2 - ok
12:07:41.0656 3960  aic78xx - ok
12:07:41.0687 3960  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
12:07:41.0687 3960  Alerter - ok
12:07:41.0718 3960  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
12:07:41.0718 3960  ALG - ok
12:07:41.0718 3960  AliIde - ok
12:07:41.0734 3960  amsint - ok
12:07:41.0828 3960  [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:07:41.0828 3960  Apple Mobile Device - ok
12:07:41.0890 3960  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
12:07:41.0890 3960  AppMgmt - ok
12:07:41.0890 3960  asc - ok
12:07:41.0890 3960  asc3350p - ok
12:07:41.0906 3960  asc3550 - ok
12:07:41.0937 3960  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:07:41.0953 3960  aspnet_state - ok
12:07:41.0984 3960  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:07:41.0984 3960  AsyncMac - ok
12:07:42.0000 3960  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
12:07:42.0000 3960  atapi - ok
12:07:42.0000 3960  Atdisk - ok
12:07:42.0031 3960  [ 65B2AF103A6BF703D9BA6873C4725553 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
12:07:42.0031 3960  Ati HotKey Poller - ok
12:07:42.0062 3960  [ CEC65FA2556ADE70544B32D65FC76D07 ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe
12:07:42.0078 3960  ATI Smart - ok
12:07:42.0156 3960  [ 3B88B6466896CC1A3A7E3287D72ACA85 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:07:42.0187 3960  ati2mtag - ok
12:07:42.0218 3960  [ 1842B56B3D3F195C36F62708D266B95E ] atiide          C:\WINDOWS\system32\DRIVERS\atiide.sys
12:07:42.0218 3960  atiide - ok
12:07:42.0250 3960  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:07:42.0250 3960  Atmarpc - ok
12:07:42.0281 3960  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
12:07:42.0281 3960  AudioSrv - ok
12:07:42.0328 3960  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
12:07:42.0328 3960  audstub - ok
12:07:42.0343 3960  [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp        C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
12:07:42.0343 3960  bcm4sbxp - ok
12:07:42.0375 3960  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:07:42.0375 3960  Beep - ok
12:07:42.0484 3960  [ 76154FA6A742C613B44BB636B1A7C057 ] BHDrvx86        C:\WINDOWS\System32\Drivers\N360\0308030.006\BHDrvx86.sys
12:07:42.0484 3960  BHDrvx86 - ok
12:07:42.0546 3960  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
12:07:42.0578 3960  BITS - ok
12:07:42.0687 3960  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:07:42.0687 3960  Bonjour Service - ok
12:07:42.0734 3960  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
12:07:42.0734 3960  Browser - ok
12:07:42.0796 3960  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
12:07:42.0828 3960  cbidf2k - ok
12:07:42.0875 3960  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:07:42.0921 3960  CCDECODE - ok
12:07:43.0000 3960  [ 3182B846490DC4D71FABD4A8CB6B73EA ] ccHP            C:\WINDOWS\System32\Drivers\N360\0308030.006\ccHPx86.sys
12:07:43.0015 3960  ccHP - ok
12:07:43.0015 3960  cd20xrnt - ok
12:07:43.0046 3960  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
12:07:43.0062 3960  Cdaudio - ok
12:07:43.0093 3960  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
12:07:43.0093 3960  Cdfs - ok
12:07:43.0109 3960  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:07:43.0109 3960  Cdrom - ok
12:07:43.0109 3960  Changer - ok
12:07:43.0156 3960  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
12:07:43.0187 3960  CiSvc - ok
12:07:43.0218 3960  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
12:07:43.0250 3960  ClipSrv - ok
12:07:43.0296 3960  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:07:43.0296 3960  clr_optimization_v2.0.50727_32 - ok
12:07:43.0296 3960  CmdIde - ok
12:07:43.0312 3960  COMSysApp - ok
12:07:43.0312 3960  Cpqarray - ok
12:07:43.0359 3960  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
12:07:43.0359 3960  CryptSvc - ok
12:07:43.0375 3960  dac2w2k - ok
12:07:43.0375 3960  dac960nt - ok
12:07:43.0390 3960  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:07:43.0406 3960  DcomLaunch - ok
12:07:43.0421 3960  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
12:07:43.0421 3960  Dhcp - ok
12:07:43.0421 3960  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
12:07:43.0421 3960  Disk - ok
12:07:43.0453 3960  [ A0500678A33802D8954153839301D539 ] DLABMFSM        C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
12:07:43.0453 3960  DLABMFSM - ok
12:07:43.0484 3960  [ B8D2F68CAC54D46281399F9092644794 ] DLABOIOM        C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
12:07:43.0484 3960  DLABOIOM - ok
12:07:43.0500 3960  [ 0EE93AB799D1CB4EC90B36F3612FE907 ] DLACDBHM        C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
12:07:43.0562 3960  DLACDBHM - ok
12:07:43.0593 3960  [ 87413B94AE1FABC117C4E8AE6725134E ] DLADResM        C:\WINDOWS\system32\Drivers\DLADResM.SYS
12:07:43.0593 3960  DLADResM - ok
12:07:43.0609 3960  [ 766A148235BE1C0039C974446E4C0EDC ] DLAIFS_M        C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
12:07:43.0609 3960  DLAIFS_M - ok
12:07:43.0625 3960  [ 38267CCA177354F1C64450A43A4F7627 ] DLAOPIOM        C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
12:07:43.0625 3960  DLAOPIOM - ok
12:07:43.0640 3960  [ FD363369FD313B46B5AEAB1A688B52E9 ] DLAPoolM        C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
12:07:43.0640 3960  DLAPoolM - ok
12:07:43.0656 3960  [ 336AE18F0912EF4FBE5518849E004D74 ] DLARTL_M        C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
12:07:43.0656 3960  DLARTL_M - ok
12:07:43.0671 3960  [ FD85F682C1CC2A7CA878C7A448E6D87E ] DLAUDFAM        C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
12:07:43.0671 3960  DLAUDFAM - ok
12:07:43.0671 3960  [ AF389CE587B6BF5BBDCD6F6ABE5EABC0 ] DLAUDF_M        C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
12:07:43.0671 3960  DLAUDF_M - ok
12:07:43.0687 3960  dmadmin - ok
12:07:43.0718 3960  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
12:07:43.0718 3960  dmboot - ok
12:07:43.0750 3960  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
12:07:43.0750 3960  dmio - ok
12:07:43.0765 3960  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
12:07:43.0765 3960  dmload - ok
12:07:43.0796 3960  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
12:07:43.0796 3960  dmserver - ok
12:07:43.0828 3960  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
12:07:43.0828 3960  DMusic - ok
12:07:43.0859 3960  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:07:43.0859 3960  Dnscache - ok
12:07:43.0921 3960  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
12:07:43.0921 3960  Dot3svc - ok
12:07:43.0921 3960  dpti2o - ok
12:07:43.0937 3960  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
12:07:43.0937 3960  drmkaud - ok
12:07:43.0953 3960  [ 5D3B71BB2BB0009D65D290E2EF374BD3 ] DRVMCDB         C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
12:07:43.0953 3960  DRVMCDB - ok
12:07:43.0953 3960  [ C591BA9F96F40A1FD6494DAFDCD17185 ] DRVNDDM         C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
12:07:43.0953 3960  DRVNDDM - ok
12:07:43.0968 3960  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
12:07:43.0968 3960  EapHost - ok
12:07:44.0031 3960  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:07:44.0031 3960  eeCtrl - ok
12:07:44.0062 3960  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:07:44.0062 3960  EraserUtilRebootDrv - ok
12:07:44.0078 3960  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
12:07:44.0078 3960  ERSvc - ok
12:07:44.0109 3960  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
12:07:44.0109 3960  Eventlog - ok
12:07:44.0140 3960  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
12:07:44.0140 3960  EventSystem - ok
12:07:44.0171 3960  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
12:07:44.0171 3960  Fastfat - ok
12:07:44.0234 3960  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:07:44.0234 3960  FastUserSwitchingCompatibility - ok
12:07:44.0250 3960  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
12:07:44.0250 3960  Fdc - ok
12:07:44.0296 3960  [ A75DDC492D2D1D6558AD8003A4ADB73A ] FilterService   C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
12:07:44.0296 3960  FilterService - ok
12:07:44.0296 3960  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
12:07:44.0296 3960  Fips - ok
12:07:44.0406 3960  [ 072E7FE333BB59ACE1BD7CB9C93FC5D9 ] FlipShare Service C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
12:07:44.0421 3960  FlipShare Service - ok
12:07:44.0421 3960  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
12:07:44.0421 3960  Flpydisk - ok
12:07:44.0453 3960  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
12:07:44.0453 3960  FltMgr - ok
12:07:44.0500 3960  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:07:44.0500 3960  FontCache3.0.0.0 - ok
12:07:44.0515 3960  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:07:44.0515 3960  Fs_Rec - ok
12:07:44.0515 3960  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:07:44.0531 3960  Ftdisk - ok
12:07:44.0562 3960  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:07:44.0562 3960  GEARAspiWDM - ok
12:07:44.0593 3960  [ 483924F92E55A5F9423201EC635E2CED ] gfibto          C:\WINDOWS\system32\drivers\gfibto.sys
12:07:44.0593 3960  gfibto - ok
12:07:44.0625 3960  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:07:44.0625 3960  Gpc - ok
12:07:44.0687 3960  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
12:07:44.0687 3960  gupdate - ok
12:07:44.0687 3960  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
12:07:44.0703 3960  gupdatem - ok
12:07:44.0703 3960  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:07:44.0703 3960  HDAudBus - ok
12:07:44.0796 3960  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:07:44.0796 3960  helpsvc - ok
12:07:44.0812 3960  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
12:07:44.0812 3960  HidServ - ok
12:07:44.0859 3960  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:07:44.0859 3960  hidusb - ok
12:07:44.0890 3960  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
12:07:44.0906 3960  hkmsvc - ok
12:07:44.0906 3960  hpn - ok
12:07:44.0968 3960  [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:07:44.0968 3960  HPZid412 - ok
12:07:45.0000 3960  [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:07:45.0000 3960  HPZipr12 - ok
12:07:45.0000 3960  [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:07:45.0000 3960  HPZius12 - ok
12:07:45.0062 3960  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
12:07:45.0078 3960  HTTP - ok
12:07:45.0109 3960  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
12:07:45.0109 3960  HTTPFilter - ok
12:07:45.0109 3960  i2omgmt - ok
12:07:45.0125 3960  i2omp - ok
12:07:45.0250 3960  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:07:45.0265 3960  IDriverT - ok
12:07:45.0343 3960  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:07:45.0359 3960  idsvc - ok
12:07:45.0546 3960  [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20130328.001\IDSxpx86.sys
12:07:45.0546 3960  IDSxpx86 - ok
12:07:45.0593 3960  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
12:07:45.0593 3960  Imapi - ok
12:07:45.0609 3960  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
12:07:45.0609 3960  ImapiService - ok
12:07:45.0625 3960  ini910u - ok
12:07:45.0640 3960  IntelIde - ok
12:07:45.0687 3960  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:07:45.0687 3960  intelppm - ok
12:07:45.0703 3960  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
12:07:45.0703 3960  Ip6Fw - ok
12:07:45.0734 3960  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:07:45.0734 3960  IpFilterDriver - ok
12:07:45.0750 3960  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:07:45.0750 3960  IpInIp - ok
12:07:45.0781 3960  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:07:45.0781 3960  IpNat - ok
12:07:45.0843 3960  [ CA1972397B845B2F53F5DC63C22FD98A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:07:45.0859 3960  iPod Service - ok
12:07:45.0906 3960  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:07:45.0906 3960  IPSec - ok
12:07:45.0953 3960  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
12:07:45.0953 3960  IRENUM - ok
12:07:45.0984 3960  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:07:45.0984 3960  isapnp - ok
12:07:46.0078 3960  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
12:07:46.0078 3960  JavaQuickStarterService - ok
12:07:46.0109 3960  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:07:46.0109 3960  Kbdclass - ok
12:07:46.0156 3960  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:07:46.0156 3960  kbdhid - ok
12:07:46.0171 3960  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
12:07:46.0171 3960  kmixer - ok
12:07:46.0203 3960  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
12:07:46.0203 3960  KSecDD - ok
12:07:46.0250 3960  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
12:07:46.0250 3960  lanmanserver - ok
12:07:46.0312 3960  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:07:46.0312 3960  lanmanworkstation - ok
12:07:46.0343 3960  [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd             C:\WINDOWS\system32\DRIVERS\Lbd.sys
12:07:46.0343 3960  Lbd - ok
12:07:46.0359 3960  lbrtfdc - ok
12:07:46.0421 3960  [ A0F7DC0080E4F97DC97DE08B699E231B ] LBTServ         C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
12:07:46.0421 3960  LBTServ - ok
12:07:46.0468 3960  [ 24E0DDB99AECCF86BB37702611761459 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
12:07:46.0468 3960  LHidFilt - ok
12:07:46.0515 3960  [ 87E9742C445B88DE00D2421F1B1F06EA ] LHidKe          C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
12:07:46.0515 3960  LHidKe - ok
12:07:46.0546 3960  [ 6D3730E50F5DC7AE22843A0FA6176D41 ] LHidUsbK        C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
12:07:46.0546 3960  LHidUsbK - ok
12:07:46.0578 3960  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
12:07:46.0578 3960  LmHosts - ok
12:07:46.0578 3960  [ D58B330D318361A66A9FE60D7C9B4951 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
12:07:46.0593 3960  LMouFilt - ok
12:07:46.0609 3960  [ 749FDF0FD33071CBF0658CC2B94D4DF5 ] LMouKE          C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
12:07:46.0609 3960  LMouKE - ok
12:07:46.0656 3960  [ 144011D14BD35F4E36136AE057B1AADD ] LUsbFilt        C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
12:07:46.0656 3960  LUsbFilt - ok
12:07:46.0703 3960  [ C57C48FB9AE3EFB9848AF594E3123A63 ] LVPr2Mon        C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
12:07:46.0703 3960  LVPr2Mon - ok
12:07:46.0828 3960  [ 5C7B88695CE461D8BDA4FE0C0E57E71D ] LVPrcSrv        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
12:07:46.0828 3960  LVPrcSrv - ok
12:07:46.0890 3960  [ 87ECCE893D8AEC5A9337B917742D339C ] LVRS            C:\WINDOWS\system32\DRIVERS\lvrs.sys
12:07:46.0890 3960  LVRS - ok
12:07:47.0125 3960  [ 291F69B3DDA0F033D2490C5BA5179F7C ] LVUVC           C:\WINDOWS\system32\DRIVERS\lvuvc.sys
12:07:47.0234 3960  LVUVC - ok
12:07:47.0250 3960  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
12:07:47.0265 3960  Messenger - ok
12:07:47.0296 3960  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
12:07:47.0296 3960  mnmdd - ok
12:07:47.0328 3960  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
12:07:47.0328 3960  mnmsrvc - ok
12:07:47.0343 3960  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
12:07:47.0343 3960  Modem - ok
12:07:47.0375 3960  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:07:47.0375 3960  Mouclass - ok
12:07:47.0406 3960  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:07:47.0406 3960  mouhid - ok
12:07:47.0421 3960  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
12:07:47.0421 3960  MountMgr - ok
12:07:47.0468 3960  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:07:47.0468 3960  MozillaMaintenance - ok
12:07:47.0468 3960  mraid35x - ok
12:07:47.0546 3960  [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50         C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
12:07:47.0546 3960  MREMP50 - ok
12:07:47.0562 3960  MREMPR5 - ok
12:07:47.0562 3960  MRENDIS5 - ok
12:07:47.0578 3960  [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50         C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
12:07:47.0578 3960  MRESP50 - ok
12:07:47.0578 3960  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:07:47.0578 3960  MRxDAV - ok
12:07:47.0640 3960  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:07:47.0640 3960  MRxSmb - ok
12:07:47.0671 3960  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
12:07:47.0671 3960  MSDTC - ok
12:07:47.0671 3960  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:07:47.0687 3960  Msfs - ok
12:07:47.0687 3960  MSIServer - ok
12:07:47.0703 3960  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:07:47.0703 3960  MSKSSRV - ok
12:07:47.0718 3960  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:07:47.0718 3960  MSPCLOCK - ok
12:07:47.0734 3960  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
12:07:47.0734 3960  MSPQM - ok
12:07:47.0750 3960  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:07:47.0750 3960  mssmbios - ok
12:07:47.0781 3960  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
12:07:47.0781 3960  MSTEE - ok
12:07:47.0796 3960  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
12:07:47.0796 3960  Mup - ok
12:07:47.0875 3960  [ 64C89DB40949FD0E7C8FF303676A91F1 ] N360            C:\Program Files\Norton 360\Engine\3.8.3.6\ccSvcHst.exe
12:07:47.0875 3960  N360 - ok
12:07:47.0921 3960  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:07:47.0921 3960  NABTSFEC - ok
12:07:47.0953 3960  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
12:07:47.0953 3960  napagent - ok
12:07:48.0046 3960  [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG          C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130329.004\NAVENG.SYS
12:07:48.0046 3960  NAVENG - ok
12:07:48.0203 3960  [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15         C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130329.004\NAVEX15.SYS
12:07:48.0218 3960  NAVEX15 - ok
12:07:48.0265 3960  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
12:07:48.0265 3960  NDIS - ok
12:07:48.0312 3960  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:07:48.0312 3960  NdisIP - ok
12:07:48.0359 3960  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:07:48.0359 3960  NdisTapi - ok
12:07:48.0375 3960  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:07:48.0375 3960  Ndisuio - ok
12:07:48.0390 3960  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:07:48.0390 3960  NdisWan - ok
12:07:48.0437 3960  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
12:07:48.0437 3960  NDProxy - ok
12:07:48.0453 3960  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
12:07:48.0453 3960  NetBIOS - ok
12:07:48.0468 3960  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:07:48.0468 3960  NetBT - ok
12:07:48.0500 3960  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
12:07:48.0500 3960  NetDDE - ok
12:07:48.0515 3960  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
12:07:48.0515 3960  NetDDEdsdm - ok
12:07:48.0546 3960  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:07:48.0546 3960  Netlogon - ok
12:07:48.0593 3960  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
12:07:48.0609 3960  Netman - ok
12:07:48.0640 3960  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:07:48.0640 3960  NetTcpPortSharing - ok
12:07:48.0671 3960  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
12:07:48.0671 3960  Nla - ok
12:07:48.0687 3960  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:07:48.0687 3960  Npfs - ok
12:07:48.0718 3960  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
12:07:48.0718 3960  Ntfs - ok
12:07:48.0734 3960  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
12:07:48.0734 3960  NtLmSsp - ok
12:07:48.0781 3960  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
12:07:48.0781 3960  NtmsSvc - ok
12:07:48.0796 3960  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:07:48.0796 3960  Null - ok
12:07:48.0812 3960  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:07:48.0812 3960  NwlnkFlt - ok
12:07:48.0843 3960  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:07:48.0843 3960  NwlnkFwd - ok
12:07:48.0906 3960  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:07:48.0906 3960  ose - ok
12:07:48.0953 3960  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
12:07:48.0953 3960  Parport - ok
12:07:48.0968 3960  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
12:07:48.0968 3960  PartMgr - ok
12:07:49.0031 3960  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
12:07:49.0031 3960  ParVdm - ok
12:07:49.0078 3960  [ BAE04007A679893E975A2B75E9E001E9 ] pcCMService     C:\Program Files\Common Files\Motive\pcCMService.exe
12:07:49.0078 3960  pcCMService - ok
12:07:49.0093 3960  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
12:07:49.0093 3960  PCI - ok
12:07:49.0109 3960  PCIDump - ok
12:07:49.0109 3960  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
12:07:49.0109 3960  PCIIde - ok
12:07:49.0140 3960  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
12:07:49.0156 3960  Pcmcia - ok
12:07:49.0156 3960  PDCOMP - ok
12:07:49.0156 3960  PDFRAME - ok
12:07:49.0171 3960  PDRELI - ok
12:07:49.0171 3960  PDRFRAME - ok
12:07:49.0187 3960  perc2 - ok
12:07:49.0187 3960  perc2hib - ok
12:07:49.0234 3960  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
12:07:49.0234 3960  PlugPlay - ok
12:07:49.0265 3960  [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
12:07:49.0265 3960  Pml Driver HPZ12 - ok
12:07:49.0281 3960  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
12:07:49.0281 3960  PolicyAgent - ok
12:07:49.0296 3960  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:07:49.0296 3960  PptpMiniport - ok
12:07:49.0312 3960  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:07:49.0312 3960  ProtectedStorage - ok
12:07:49.0328 3960  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
12:07:49.0328 3960  PSched - ok
12:07:49.0359 3960  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:07:49.0359 3960  Ptilink - ok
12:07:49.0359 3960  [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:07:49.0359 3960  PxHelp20 - ok
12:07:49.0390 3960  [ 35DD92AF8B4EC79162A6A013884797AF ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
12:07:49.0390 3960  QBCFMonitorService - ok
12:07:49.0421 3960  [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService     C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
12:07:49.0421 3960  QBFCService - ok
12:07:49.0421 3960  ql1080 - ok
12:07:49.0437 3960  Ql10wnt - ok
12:07:49.0437 3960  ql12160 - ok
12:07:49.0453 3960  ql1240 - ok
12:07:49.0453 3960  ql1280 - ok
12:07:49.0453 3960  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:07:49.0468 3960  RasAcd - ok
12:07:49.0484 3960  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:07:49.0484 3960  RasAuto - ok
12:07:49.0484 3960  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:07:49.0500 3960  Rasl2tp - ok
12:07:49.0515 3960  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:07:49.0515 3960  RasMan - ok
12:07:49.0546 3960  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:07:49.0546 3960  RasPppoe - ok
12:07:49.0562 3960  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
12:07:49.0562 3960  Raspti - ok
12:07:49.0578 3960  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:07:49.0578 3960  Rdbss - ok
12:07:49.0578 3960  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:07:49.0578 3960  RDPCDD - ok
12:07:49.0593 3960  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:07:49.0593 3960  rdpdr - ok
12:07:49.0640 3960  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
12:07:49.0640 3960  RDPWD - ok
12:07:49.0656 3960  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
12:07:49.0656 3960  RDSessMgr - ok
12:07:49.0687 3960  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
12:07:49.0687 3960  redbook - ok
12:07:49.0718 3960  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:07:49.0718 3960  RemoteAccess - ok
12:07:49.0750 3960  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
12:07:49.0750 3960  RemoteRegistry - ok
12:07:49.0796 3960  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:07:49.0796 3960  RpcLocator - ok
12:07:49.0828 3960  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
12:07:49.0828 3960  RpcSs - ok
12:07:49.0875 3960  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
12:07:49.0875 3960  RSVP - ok
12:07:49.0906 3960  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
12:07:49.0906 3960  SamSs - ok
12:07:49.0937 3960  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
12:07:49.0937 3960  SCardSvr - ok
12:07:49.0968 3960  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:07:49.0984 3960  Schedule - ok
12:07:50.0031 3960  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:07:50.0031 3960  Secdrv - ok
12:07:50.0031 3960  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
12:07:50.0031 3960  seclogon - ok
12:07:50.0046 3960  [ B6A6B409FDA9D9EBD3AADB838D3D7173 ] SenFiltService  C:\WINDOWS\system32\drivers\Senfilt.sys
12:07:50.0046 3960  SenFiltService - ok
12:07:50.0093 3960  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
12:07:50.0093 3960  SENS - ok
12:07:50.0093 3960  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
12:07:50.0093 3960  serenum - ok
12:07:50.0109 3960  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
12:07:50.0109 3960  Serial - ok
12:07:50.0125 3960  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
12:07:50.0140 3960  Sfloppy - ok
12:07:50.0156 3960  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:07:50.0156 3960  SharedAccess - ok
12:07:50.0171 3960  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:07:50.0187 3960  ShellHWDetection - ok
12:07:50.0187 3960  Simbad - ok
12:07:50.0234 3960  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
12:07:50.0234 3960  SkypeUpdate - ok
12:07:50.0250 3960  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:07:50.0265 3960  SLIP - ok
12:07:50.0265 3960  Sparrow - ok
12:07:50.0296 3960  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
12:07:50.0296 3960  splitter - ok
12:07:50.0328 3960  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
12:07:50.0328 3960  Spooler - ok
12:07:50.0343 3960  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
12:07:50.0359 3960  sr - ok
12:07:50.0406 3960  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
12:07:50.0406 3960  srservice - ok
12:07:50.0453 3960  [ E81F6CAEAB9AD5732E94C07C97866AA2 ] SRTSP           C:\WINDOWS\System32\Drivers\N360\0308030.006\SRTSP.SYS
12:07:50.0453 3960  SRTSP - ok
12:07:50.0468 3960  [ E28DE499D942B08058BFFAC69D4122B6 ] SRTSPX          C:\WINDOWS\system32\drivers\N360\0308030.006\SRTSPX.SYS
12:07:50.0468 3960  SRTSPX - ok
12:07:50.0546 3960  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:07:50.0546 3960  Srv - ok
12:07:50.0578 3960  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:07:50.0593 3960  SSDPSRV - ok
12:07:50.0609 3960  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
12:07:50.0609 3960  stisvc - ok
12:07:50.0703 3960  [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
12:07:50.0734 3960  stllssvr - ok
12:07:50.0781 3960  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:07:50.0796 3960  streamip - ok
12:07:50.0859 3960  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
12:07:50.0859 3960  swenum - ok
12:07:50.0890 3960  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
12:07:50.0890 3960  swmidi - ok
12:07:50.0890 3960  SwPrv - ok
12:07:50.0906 3960  symc810 - ok
12:07:50.0906 3960  symc8xx - ok
12:07:51.0078 3960  [ D0885F6E24259A6C65E68D6AD749910A ] SymEFA          C:\WINDOWS\system32\drivers\N360\0308030.006\SYMEFA.SYS
12:07:51.0140 3960  SymEFA - ok
12:07:51.0234 3960  [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
12:07:51.0234 3960  SymEvent - ok
12:07:51.0312 3960  [ A8C45C36309EE066F9191E511F88ED76 ] SYMFW           C:\WINDOWS\System32\Drivers\N360\0308030.006\SYMFW.SYS
12:07:51.0312 3960  SYMFW - ok
12:07:51.0390 3960  [ F4DB00BC0C25BE3E05D4BBB8637CC3A3 ] SYMIDS          C:\WINDOWS\System32\Drivers\N360\0308030.006\SYMIDS.SYS
12:07:51.0390 3960  SYMIDS - ok
12:07:51.0468 3960  [ C6DB9F873B09C63F5CB1DE10C08BF6F9 ] SymIM           C:\WINDOWS\system32\DRIVERS\SymIM.sys
12:07:51.0468 3960  SymIM - ok
12:07:51.0468 3960  [ C6DB9F873B09C63F5CB1DE10C08BF6F9 ] SymIMMP         C:\WINDOWS\system32\DRIVERS\SymIM.sys
12:07:51.0468 3960  SymIMMP - ok
12:07:51.0484 3960  [ 06A8ECFC68D61A26A67F0E96FF1CA9CC ] SYMNDIS         C:\WINDOWS\System32\Drivers\N360\0308030.006\SYMNDIS.SYS
12:07:51.0484 3960  SYMNDIS - ok
12:07:51.0562 3960  [ 26BC80EC79D7BA478249C266CBDF17B4 ] SYMTDI          C:\WINDOWS\System32\Drivers\N360\0308030.006\SYMTDI.SYS
12:07:51.0578 3960  SYMTDI - ok
12:07:51.0578 3960  sym_hi - ok
12:07:51.0578 3960  sym_u3 - ok
12:07:51.0625 3960  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
12:07:51.0625 3960  sysaudio - ok
12:07:51.0671 3960  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
12:07:51.0718 3960  SysmonLog - ok
12:07:51.0765 3960  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:07:51.0843 3960  TapiSrv - ok
12:07:51.0906 3960  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:07:51.0906 3960  Tcpip - ok
12:07:51.0937 3960  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
12:07:51.0953 3960  TDPIPE - ok
12:07:51.0984 3960  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
12:07:52.0015 3960  TDTCP - ok
12:07:52.0062 3960  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
12:07:52.0062 3960  TermDD - ok
12:07:52.0109 3960  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
12:07:52.0109 3960  TermService - ok
12:07:52.0156 3960  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
12:07:52.0156 3960  Themes - ok
12:07:52.0203 3960  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
12:07:52.0218 3960  TlntSvr - ok
12:07:52.0312 3960  [ 3199A477F0F06EEDE41BD55179F8EB05 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
12:07:52.0312 3960  TomTomHOMEService - ok
12:07:52.0312 3960  TosIde - ok
12:07:52.0359 3960  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
12:07:52.0359 3960  TrkWks - ok
12:07:52.0390 3960  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
12:07:52.0390 3960  Udfs - ok
12:07:52.0406 3960  ultra - ok
12:07:52.0484 3960  [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
12:07:52.0484 3960  UMWdf - ok
12:07:52.0546 3960  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
12:07:52.0562 3960  Update - ok
12:07:52.0640 3960  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:07:52.0703 3960  upnphost - ok
12:07:52.0750 3960  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
12:07:52.0765 3960  UPS - ok
12:07:52.0796 3960  [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
12:07:52.0796 3960  USBAAPL - ok
12:07:52.0828 3960  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
12:07:52.0843 3960  usbaudio - ok
12:07:52.0906 3960  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:07:52.0906 3960  usbccgp - ok
12:07:52.0953 3960  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:07:52.0953 3960  usbehci - ok
12:07:53.0000 3960  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:07:53.0000 3960  usbhub - ok
12:07:53.0031 3960  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
12:07:53.0046 3960  usbohci - ok
12:07:53.0093 3960  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:07:53.0093 3960  usbprint - ok
12:07:53.0171 3960  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:07:53.0171 3960  usbscan - ok
12:07:53.0218 3960  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:07:53.0218 3960  USBSTOR - ok
12:07:53.0265 3960  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
12:07:53.0265 3960  usbvideo - ok
12:07:53.0265 3960  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
12:07:53.0281 3960  VgaSave - ok
12:07:53.0281 3960  ViaIde - ok
12:07:53.0312 3960  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
12:07:53.0312 3960  VolSnap - ok
12:07:53.0359 3960  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
12:07:53.0375 3960  VSS - ok
12:07:53.0468 3960  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
12:07:53.0468 3960  W32Time - ok
12:07:53.0500 3960  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:07:53.0500 3960  Wanarp - ok
12:07:53.0765 3960  [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:07:54.0015 3960  Wdf01000 - ok
12:07:54.0031 3960  WDICA - ok
12:07:54.0125 3960  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
12:07:54.0125 3960  wdmaud - ok
12:07:54.0187 3960  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:07:54.0187 3960  WebClient - ok
12:07:54.0375 3960  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:07:54.0375 3960  winmgmt - ok
12:07:54.0421 3960  [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
12:07:54.0421 3960  WmdmPmSN - ok
12:07:54.0531 3960  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
12:07:54.0531 3960  Wmi - ok
12:07:54.0562 3960  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:07:54.0578 3960  WmiApSrv - ok
12:07:54.0609 3960  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
12:07:54.0609 3960  wscsvc - ok
12:07:54.0671 3960  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:07:54.0671 3960  WSTCODEC - ok
12:07:54.0718 3960  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
12:07:54.0718 3960  wuauserv - ok
12:07:54.0859 3960  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
12:07:54.0859 3960  WZCSVC - ok
12:07:54.0921 3960  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
12:07:54.0953 3960  xmlprov - ok
12:07:55.0015 3960  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:07:55.0015 3960  YahooAUService - ok
12:07:55.0015 3960  ================ Scan global ===============================
12:07:55.0109 3960  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
12:07:55.0140 3960  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:07:55.0156 3960  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:07:55.0234 3960  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
12:07:55.0234 3960  [Global] - ok
12:07:55.0234 3960  ================ Scan MBR ==================================
12:07:55.0265 3960  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
12:07:57.0625 3960  \Device\Harddisk0\DR0 - ok
12:07:57.0625 3960  ================ Scan VBR ==================================
12:07:57.0640 3960  [ 13EF8D15EC229AB3A501EC762073EB3E ] \Device\Harddisk0\DR0\Partition1
12:07:57.0656 3960  \Device\Harddisk0\DR0\Partition1 - ok
12:07:57.0656 3960  ================ Scan active images ========================
12:07:57.0656 3960  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
12:07:57.0656 3960  C:\WINDOWS\system32\drivers\intelppm.sys - ok
12:07:57.0671 3960  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
12:07:57.0671 3960  C:\WINDOWS\system32\drivers\videoprt.sys - ok
12:07:57.0671 3960  [ 3B88B6466896CC1A3A7E3287D72ACA85 ] C:\WINDOWS\system32\drivers\ati2mtag.sys
12:07:57.0671 3960  C:\WINDOWS\system32\drivers\ati2mtag.sys - ok
12:07:57.0671 3960  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
12:07:57.0671 3960  C:\WINDOWS\system32\drivers\cdrom.sys - ok
12:07:57.0671 3960  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
12:07:57.0671 3960  C:\WINDOWS\system32\drivers\imapi.sys - ok
12:07:57.0687 3960  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
12:07:57.0687 3960  C:\WINDOWS\system32\drivers\ks.sys - ok
12:07:57.0687 3960  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
12:07:57.0687 3960  C:\WINDOWS\system32\drivers\redbook.sys - ok
12:07:57.0703 3960  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
12:07:57.0703 3960  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
12:07:57.0703 3960  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
12:07:57.0703 3960  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
12:07:57.0703 3960  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
12:07:57.0703 3960  C:\WINDOWS\system32\drivers\parport.sys - ok
12:07:57.0718 3960  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
12:07:57.0718 3960  C:\WINDOWS\system32\drivers\usbehci.sys - ok
12:07:57.0718 3960  [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys
12:07:57.0718 3960  C:\WINDOWS\system32\drivers\usbohci.sys - ok
12:07:57.0718 3960  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
12:07:57.0718 3960  C:\WINDOWS\system32\drivers\usbport.sys - ok
12:07:57.0734 3960  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
12:07:57.0734 3960  C:\WINDOWS\system32\drivers\audstub.sys - ok
12:07:57.0734 3960  [ CD4646067CC7DCBA1907FA0ACF7E3966 ] C:\WINDOWS\system32\drivers\bcm4sbxp.sys
12:07:57.0734 3960  C:\WINDOWS\system32\drivers\bcm4sbxp.sys - ok
12:07:57.0734 3960  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
12:07:57.0734 3960  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
12:07:57.0750 3960  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
12:07:57.0750 3960  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
12:07:57.0750 3960  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
12:07:57.0750 3960  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
12:07:57.0765 3960  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
12:07:57.0765 3960  C:\WINDOWS\system32\drivers\serenum.sys - ok
12:07:57.0765 3960  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
12:07:57.0765 3960  C:\WINDOWS\system32\drivers\serial.sys - ok
12:07:57.0781 3960  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
12:07:57.0781 3960  C:\WINDOWS\system32\drivers\msgpc.sys - ok
12:07:57.0781 3960  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
12:07:57.0781 3960  C:\WINDOWS\system32\drivers\psched.sys - ok
12:07:57.0781 3960  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
12:07:57.0781 3960  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
12:07:57.0781 3960  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
12:07:57.0781 3960  C:\WINDOWS\system32\drivers\raspptp.sys - ok
12:07:57.0796 3960  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
12:07:57.0796 3960  C:\WINDOWS\system32\drivers\tdi.sys - ok
12:07:57.0796 3960  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
12:07:57.0796 3960  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
12:07:57.0796 3960  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
12:07:57.0796 3960  C:\WINDOWS\system32\drivers\ptilink.sys - ok
12:07:57.0812 3960  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
12:07:57.0812 3960  C:\WINDOWS\system32\drivers\raspti.sys - ok
12:07:57.0812 3960  [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
12:07:57.0812 3960  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
12:07:57.0828 3960  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
12:07:57.0828 3960  C:\WINDOWS\system32\drivers\termdd.sys - ok
12:07:57.0828 3960  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
12:07:57.0828 3960  C:\WINDOWS\system32\drivers\mouclass.sys - ok
12:07:57.0828 3960  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
12:07:57.0828 3960  C:\WINDOWS\system32\drivers\swenum.sys - ok
12:07:57.0843 3960  [ C6DB9F873B09C63F5CB1DE10C08BF6F9 ] C:\WINDOWS\system32\drivers\SymIM.sys
12:07:57.0843 3960  C:\WINDOWS\system32\drivers\SymIM.sys - ok
12:07:57.0843 3960  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
12:07:57.0843 3960  C:\WINDOWS\system32\drivers\update.sys - ok
12:07:57.0843 3960  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
12:07:57.0843 3960  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
12:07:57.0859 3960  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
12:07:57.0859 3960  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
12:07:57.0859 3960  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
12:07:57.0859 3960  C:\WINDOWS\system32\drivers\usbd.sys - ok
12:07:57.0859 3960  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
12:07:57.0859 3960  C:\WINDOWS\system32\drivers\usbhub.sys - ok
12:07:57.0875 3960  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
12:07:57.0875 3960  C:\WINDOWS\system32\drivers\drmk.sys - ok
12:07:57.0875 3960  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
12:07:57.0875 3960  C:\WINDOWS\system32\drivers\portcls.sys - ok
12:07:57.0875 3960  [ F959F333A01F5C109E9D644C3BD8301C ] C:\WINDOWS\system32\drivers\ADIHdAud.sys
12:07:57.0875 3960  C:\WINDOWS\system32\drivers\ADIHdAud.sys - ok
12:07:57.0890 3960  [ B6A6B409FDA9D9EBD3AADB838D3D7173 ] C:\WINDOWS\system32\drivers\senfilt.sys
12:07:57.0890 3960  C:\WINDOWS\system32\drivers\senfilt.sys - ok
12:07:57.0890 3960  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
12:07:57.0890 3960  C:\WINDOWS\system32\drivers\fdc.sys - ok
12:07:57.0890 3960  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
12:07:57.0890 3960  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
12:07:57.0906 3960  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
12:07:57.0906 3960  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
12:07:57.0906 3960  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
12:07:57.0906 3960  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
12:07:57.0906 3960  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
12:07:57.0906 3960  C:\WINDOWS\system32\drivers\beep.sys - ok
12:07:57.0921 3960  [ 336AE18F0912EF4FBE5518849E004D74 ] C:\WINDOWS\system32\drivers\DLARTL_M.SYS
12:07:57.0921 3960  C:\WINDOWS\system32\drivers\DLARTL_M.SYS - ok
12:07:57.0921 3960  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
12:07:57.0921 3960  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
12:07:57.0921 3960  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
12:07:57.0921 3960  C:\WINDOWS\system32\drivers\hidparse.sys - ok
12:07:57.0937 3960  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
12:07:57.0937 3960  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
12:07:57.0937 3960  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
12:07:57.0937 3960  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
12:07:57.0937 3960  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
12:07:57.0937 3960  C:\WINDOWS\system32\drivers\null.sys - ok
12:07:57.0953 3960  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
12:07:57.0953 3960  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
12:07:57.0953 3960  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
12:07:57.0953 3960  C:\WINDOWS\system32\drivers\vga.sys - ok
12:07:57.0953 3960  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
12:07:57.0953 3960  C:\WINDOWS\system32\drivers\msfs.sys - ok
12:07:57.0968 3960  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
12:07:57.0968 3960  C:\WINDOWS\system32\drivers\ipsec.sys - ok
12:07:57.0968 3960  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
12:07:57.0968 3960  C:\WINDOWS\system32\drivers\npfs.sys - ok
12:07:57.0968 3960  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
12:07:57.0968 3960  C:\WINDOWS\system32\drivers\rasacd.sys - ok
12:07:57.0984 3960  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
12:07:57.0984 3960  C:\WINDOWS\system32\drivers\ipnat.sys - ok
12:07:57.0984 3960  [ 26BC80EC79D7BA478249C266CBDF17B4 ] C:\WINDOWS\system32\drivers\N360\0308030.006\symtdi.sys
12:07:57.0984 3960  C:\WINDOWS\system32\drivers\N360\0308030.006\symtdi.sys - ok
12:07:57.0984 3960  [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] C:\WINDOWS\system32\drivers\SYMEVENT.SYS
12:07:57.0984 3960  C:\WINDOWS\system32\drivers\SYMEVENT.SYS - ok
12:07:58.0000 3960  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
12:07:58.0000 3960  C:\WINDOWS\system32\drivers\tcpip.sys - ok
12:07:58.0000 3960  [ A8C45C36309EE066F9191E511F88ED76 ] C:\WINDOWS\system32\drivers\N360\0308030.006\symfw.sys
12:07:58.0000 3960  C:\WINDOWS\system32\drivers\N360\0308030.006\symfw.sys - ok
12:07:58.0015 3960  [ 06A8ECFC68D61A26A67F0E96FF1CA9CC ] C:\WINDOWS\system32\drivers\N360\0308030.006\symndis.sys
12:07:58.0015 3960  C:\WINDOWS\system32\drivers\N360\0308030.006\symndis.sys - ok
12:07:58.0015 3960  [ C19BF2A07BE972A110220DF6B1E89D14 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20130328.001\IDSXpx86.sys
12:07:58.0015 3960  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20130328.001\IDSXpx86.sys - ok
12:07:58.0031 3960  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
12:07:58.0031 3960  C:\WINDOWS\system32\drivers\afd.sys - ok
12:07:58.0031 3960  [ F4DB00BC0C25BE3E05D4BBB8637CC3A3 ] C:\WINDOWS\system32\drivers\N360\0308030.006\symids.sys
12:07:58.0031 3960  C:\WINDOWS\system32\drivers\N360\0308030.006\symids.sys - ok
12:07:58.0031 3960  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
12:07:58.0031 3960  C:\WINDOWS\system32\drivers\netbt.sys - ok
12:07:58.0046 3960  [ E28DE499D942B08058BFFAC69D4122B6 ] C:\WINDOWS\system32\drivers\N360\0308030.006\srtspx.sys
12:07:58.0046 3960  C:\WINDOWS\system32\drivers\N360\0308030.006\srtspx.sys - ok
12:07:58.0062 3960  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
12:07:58.0062 3960  C:\WINDOWS\system32\drivers\netbios.sys - ok
12:07:58.0062 3960  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
12:07:58.0062 3960  C:\WINDOWS\system32\drivers\rdbss.sys - ok
12:07:58.0062 3960  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
12:07:58.0062 3960  C:\WINDOWS\system32\drivers\fips.sys - ok
12:07:58.0078 3960  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
12:07:58.0078 3960  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
12:07:58.0078 3960  [ 85B8B4032A895A746D46A288A9B30DED ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:07:58.0078 3960  C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok
12:07:58.0093 3960  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:07:58.0093 3960  C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
12:07:58.0093 3960  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
12:07:58.0093 3960  C:\WINDOWS\system32\drivers\wanarp.sys - ok
12:07:58.0109 3960  [ 76154FA6A742C613B44BB636B1A7C057 ] C:\WINDOWS\system32\drivers\N360\0308030.006\BHDrvx86.sys
12:07:58.0109 3960  C:\WINDOWS\system32\drivers\N360\0308030.006\BHDrvx86.sys - ok
12:07:58.0109 3960  [ 3182B846490DC4D71FABD4A8CB6B73EA ] C:\WINDOWS\system32\drivers\N360\0308030.006\cchpx86.sys
12:07:58.0109 3960  C:\WINDOWS\system32\drivers\N360\0308030.006\cchpx86.sys - ok
12:07:58.0109 3960  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
12:07:58.0109 3960  C:\WINDOWS\system32\ntdll.dll - ok
12:07:58.0125 3960  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
12:07:58.0125 3960  C:\WINDOWS\system32\smss.exe - ok
12:07:58.0125 3960  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
12:07:58.0125 3960  C:\WINDOWS\system32\autochk.exe - ok
12:07:58.0125 3960  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
12:07:58.0125 3960  C:\WINDOWS\system32\sfcfiles.dll - ok
12:07:58.0140 3960  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
12:07:58.0140 3960  C:\WINDOWS\system32\drivers\hidclass.sys - ok
12:07:58.0140 3960  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
12:07:58.0140 3960  C:\WINDOWS\system32\drivers\hidusb.sys - ok
12:07:58.0140 3960  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
12:07:58.0140 3960  C:\WINDOWS\system32\drivers\mouhid.sys - ok
12:07:58.0156 3960  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
12:07:58.0156 3960  C:\WINDOWS\system32\drivers\cdfs.sys - ok
12:07:58.0156 3960  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
12:07:58.0156 3960  C:\WINDOWS\system32\drivers\wmilib.sys - ok
12:07:58.0171 3960  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
12:07:58.0171 3960  C:\WINDOWS\system32\drivers\atapi.sys - ok
12:07:58.0171 3960  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
12:07:58.0171 3960  C:\WINDOWS\system32\drivers\dxapi.sys - ok
12:07:58.0171 3960  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
12:07:58.0171 3960  C:\WINDOWS\system32\watchdog.sys - ok
12:07:58.0171 3960  [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
12:07:58.0171 3960  C:\WINDOWS\system32\win32k.sys - ok
12:07:58.0187 3960  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
12:07:58.0187 3960  C:\WINDOWS\system32\basesrv.dll - ok
12:07:58.0187 3960  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
12:07:58.0187 3960  C:\WINDOWS\system32\csrsrv.dll - ok
12:07:58.0187 3960  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
12:07:58.0187 3960  C:\WINDOWS\system32\csrss.exe - ok
12:07:58.0203 3960  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:07:58.0203 3960  C:\WINDOWS\system32\winsrv.dll - ok
12:07:58.0203 3960  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
12:07:58.0203 3960  C:\WINDOWS\system32\gdi32.dll - ok
12:07:58.0203 3960  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
12:07:58.0203 3960  C:\WINDOWS\system32\kernel32.dll - ok
12:07:58.0218 3960  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
12:07:58.0218 3960  C:\WINDOWS\system32\user32.dll - ok
12:07:58.0218 3960  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
12:07:58.0218 3960  C:\WINDOWS\system32\drivers\dxg.sys - ok
12:07:58.0218 3960  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
12:07:58.0218 3960  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
12:07:58.0234 3960  [ 11D970BC95E893E2E12230B1322AF177 ] C:\WINDOWS\system32\ati2dvag.dll
12:07:58.0234 3960  C:\WINDOWS\system32\ati2dvag.dll - ok
12:07:58.0234 3960  [ 145BAC9F4B4878FA7F990DCEE5F967B0 ] C:\WINDOWS\system32\ati2cqag.dll
12:07:58.0234 3960  C:\WINDOWS\system32\ati2cqag.dll - ok
12:07:58.0234 3960  [ 6121E1AB35E74D1053CF83067ECCDB32 ] C:\WINDOWS\system32\atikvmag.dll
12:07:58.0234 3960  C:\WINDOWS\system32\atikvmag.dll - ok
12:07:58.0250 3960  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
12:07:58.0250 3960  C:\WINDOWS\system32\vga.dll - ok
12:07:58.0250 3960  [ 52B8AA845ACA9A76920963FBC21A1710 ] C:\WINDOWS\system32\atiok3x2.dll
12:07:58.0250 3960  C:\WINDOWS\system32\atiok3x2.dll - ok
12:07:58.0250 3960  [ 98D7A0F50DB530D858AF656B5953542B ] C:\WINDOWS\system32\ati3duag.dll
12:07:58.0250 3960  C:\WINDOWS\system32\ati3duag.dll - ok
12:07:58.0265 3960  [ C77225FEE0F0CC678552FB6D9409CCD7 ] C:\WINDOWS\system32\ativvaxx.dll
12:07:58.0265 3960  C:\WINDOWS\system32\ativvaxx.dll - ok
12:07:58.0265 3960  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
12:07:58.0265 3960  C:\WINDOWS\system32\winlogon.exe - ok
12:07:58.0281 3960  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
12:07:58.0281 3960  C:\WINDOWS\system32\advapi32.dll - ok
12:07:58.0281 3960  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
12:07:58.0281 3960  C:\WINDOWS\system32\rpcrt4.dll - ok
12:07:58.0281 3960  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
12:07:58.0281 3960  C:\WINDOWS\system32\authz.dll - ok
12:07:58.0296 3960  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
12:07:58.0296 3960  C:\WINDOWS\system32\crypt32.dll - ok
12:07:58.0296 3960  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
12:07:58.0296 3960  C:\WINDOWS\system32\msvcrt.dll - ok
12:07:58.0296 3960  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
12:07:58.0296 3960  C:\WINDOWS\system32\secur32.dll - ok
12:07:58.0312 3960  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
12:07:58.0312 3960  C:\WINDOWS\system32\msasn1.dll - ok
12:07:58.0312 3960  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
12:07:58.0312 3960  C:\WINDOWS\system32\nddeapi.dll - ok
12:07:58.0312 3960  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
12:07:58.0312 3960  C:\WINDOWS\system32\netapi32.dll - ok
12:07:58.0312 3960  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
12:07:58.0312 3960  C:\WINDOWS\system32\profmap.dll - ok
12:07:58.0328 3960  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
12:07:58.0328 3960  C:\WINDOWS\system32\userenv.dll - ok
12:07:58.0328 3960  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
12:07:58.0328 3960  C:\WINDOWS\system32\psapi.dll - ok
12:07:58.0328 3960  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
12:07:58.0328 3960  C:\WINDOWS\system32\regapi.dll - ok
12:07:58.0343 3960  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
12:07:58.0343 3960  C:\WINDOWS\system32\setupapi.dll - ok
12:07:58.0343 3960  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
12:07:58.0343 3960  C:\WINDOWS\system32\imagehlp.dll - ok
12:07:58.0343 3960  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
12:07:58.0343 3960  C:\WINDOWS\system32\version.dll - ok
12:07:58.0359 3960  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
12:07:58.0359 3960  C:\WINDOWS\system32\winsta.dll - ok
12:07:58.0359 3960  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
12:07:58.0359 3960  C:\WINDOWS\system32\wintrust.dll - ok
12:07:58.0359 3960  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
12:07:58.0359 3960  C:\WINDOWS\system32\imm32.dll - ok
12:07:58.0375 3960  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
12:07:58.0375 3960  C:\WINDOWS\system32\ws2help.dll - ok
12:07:58.0375 3960  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
12:07:58.0375 3960  C:\WINDOWS\system32\ws2_32.dll - ok
12:07:58.0375 3960  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
12:07:58.0375 3960  C:\WINDOWS\system32\kbdus.dll - ok
12:07:58.0390 3960  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
12:07:58.0390 3960  C:\WINDOWS\system32\msgina.dll - ok
12:07:58.0390 3960  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
12:07:58.0390 3960  C:\WINDOWS\system32\comctl32.dll - ok
12:07:58.0390 3960  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
12:07:58.0390 3960  C:\WINDOWS\system32\odbc32.dll - ok
12:07:58.0406 3960  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
12:07:58.0406 3960  C:\WINDOWS\system32\comdlg32.dll - ok
12:07:58.0406 3960  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
12:07:58.0406 3960  C:\WINDOWS\system32\shell32.dll - ok
12:07:58.0406 3960  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
12:07:58.0406 3960  C:\WINDOWS\system32\shlwapi.dll - ok
12:07:58.0421 3960  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
12:07:58.0421 3960  C:\WINDOWS\system32\sxs.dll - ok
12:07:58.0421 3960  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
12:07:58.0421 3960  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
12:07:58.0421 3960  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
12:07:58.0421 3960  C:\WINDOWS\system32\odbcint.dll - ok
12:07:58.0437 3960  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
12:07:58.0437 3960  C:\WINDOWS\system32\ole32.dll - ok
12:07:58.0453 3960  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
12:07:58.0453 3960  C:\WINDOWS\system32\sfc.dll - ok
12:07:58.0453 3960  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
12:07:58.0453 3960  C:\WINDOWS\system32\sfc_os.dll - ok
12:07:58.0468 3960  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
12:07:58.0468 3960  C:\WINDOWS\system32\shsvcs.dll - ok
12:07:58.0468 3960  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
12:07:58.0468 3960  C:\WINDOWS\system32\apphelp.dll - ok
12:07:58.0468 3960  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
12:07:58.0468 3960  C:\WINDOWS\system32\lsass.exe - ok
12:07:58.0484 3960  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
12:07:58.0484 3960  C:\WINDOWS\system32\services.exe - ok
12:07:58.0484 3960  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
12:07:58.0484 3960  C:\WINDOWS\system32\lsasrv.dll - ok
12:07:58.0484 3960  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
12:07:58.0484 3960  C:\WINDOWS\system32\msvcp60.dll - ok
12:07:58.0484 3960  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
12:07:58.0484 3960  C:\WINDOWS\system32\ncobjapi.dll - ok
12:07:58.0500 3960  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
12:07:58.0500 3960  C:\WINDOWS\system32\mpr.dll - ok
12:07:58.0500 3960  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
12:07:58.0500 3960  C:\WINDOWS\system32\scesrv.dll - ok
12:07:58.0500 3960  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
12:07:58.0500 3960  C:\WINDOWS\system32\dnsapi.dll - ok
12:07:58.0515 3960  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
12:07:58.0515 3960  C:\WINDOWS\system32\ntdsapi.dll - ok
12:07:58.0515 3960  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
12:07:58.0515 3960  C:\WINDOWS\system32\shimeng.dll - ok
12:07:58.0515 3960  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
12:07:58.0515 3960  C:\WINDOWS\system32\umpnpmgr.dll - ok
12:07:58.0531 3960  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
12:07:58.0531 3960  C:\WINDOWS\system32\wldap32.dll - ok
12:07:58.0531 3960  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
12:07:58.0531 3960  C:\WINDOWS\AppPatch\acadproc.dll - ok
12:07:58.0531 3960  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
12:07:58.0531 3960  C:\WINDOWS\system32\samlib.dll - ok
12:07:58.0546 3960  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
12:07:58.0546 3960  C:\WINDOWS\system32\samsrv.dll - ok
12:07:58.0546 3960  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
12:07:58.0546 3960  C:\WINDOWS\AppPatch\acgenral.dll - ok
12:07:58.0546 3960  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
12:07:58.0546 3960  C:\WINDOWS\system32\cryptdll.dll - ok
12:07:58.0562 3960  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
12:07:58.0562 3960  C:\WINDOWS\system32\winmm.dll - ok
12:07:58.0562 3960  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
12:07:58.0562 3960  C:\WINDOWS\system32\oleaut32.dll - ok
12:07:58.0562 3960  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
12:07:58.0562 3960  C:\WINDOWS\system32\msacm32.dll - ok
12:07:58.0578 3960  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
12:07:58.0578 3960  C:\WINDOWS\system32\uxtheme.dll - ok
12:07:58.0578 3960  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
12:07:58.0578 3960  C:\WINDOWS\system32\msapsspc.dll - ok
12:07:58.0578 3960  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
12:07:58.0578 3960  C:\WINDOWS\system32\msvcrt40.dll - ok
12:07:58.0593 3960  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
12:07:58.0593 3960  C:\WINDOWS\system32\schannel.dll - ok
12:07:58.0593 3960  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
12:07:58.0593 3960  C:\WINDOWS\system32\digest.dll - ok
12:07:58.0593 3960  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
12:07:58.0593 3960  C:\WINDOWS\system32\msctfime.ime - ok
12:07:58.0609 3960  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
12:07:58.0609 3960  C:\WINDOWS\system32\msnsspc.dll - ok
12:07:58.0609 3960  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
12:07:58.0609 3960  C:\WINDOWS\system32\msprivs.dll - ok
12:07:58.0609 3960  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
12:07:58.0609 3960  C:\WINDOWS\system32\kerberos.dll - ok
12:07:58.0625 3960  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
12:07:58.0625 3960  C:\WINDOWS\system32\atmfd.dll - ok
12:07:58.0625 3960  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
12:07:58.0625 3960  C:\WINDOWS\system32\msv1_0.dll - ok
12:07:58.0625 3960  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
12:07:58.0625 3960  C:\WINDOWS\system32\iphlpapi.dll - ok
12:07:58.0640 3960  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
12:07:58.0640 3960  C:\WINDOWS\system32\netlogon.dll - ok
12:07:58.0640 3960  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
12:07:58.0640 3960  C:\WINDOWS\system32\w32time.dll - ok
12:07:58.0640 3960  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
12:07:58.0640 3960  C:\WINDOWS\system32\wdigest.dll - ok
12:07:58.0656 3960  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
12:07:58.0656 3960  C:\WINDOWS\system32\rsaenh.dll - ok
12:07:58.0656 3960  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
12:07:58.0656 3960  C:\WINDOWS\system32\winscard.dll - ok
12:07:58.0671 3960  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
12:07:58.0671 3960  C:\WINDOWS\system32\wtsapi32.dll - ok
12:07:58.0671 3960  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
12:07:58.0671 3960  C:\WINDOWS\system32\scecli.dll - ok
12:07:58.0671 3960  [ C591BA9F96F40A1FD6494DAFDCD17185 ] C:\WINDOWS\system32\drivers\DRVNDDM.SYS
12:07:58.0671 3960  C:\WINDOWS\system32\drivers\DRVNDDM.SYS - ok
12:07:58.0687 3960  [ A0500678A33802D8954153839301D539 ] C:\WINDOWS\system32\drivers\DLABMFSM.SYS
12:07:58.0687 3960  C:\WINDOWS\system32\drivers\DLABMFSM.SYS - ok
12:07:58.0687 3960  [ B8D2F68CAC54D46281399F9092644794 ] C:\WINDOWS\system32\drivers\DLABOIOM.SYS
12:07:58.0687 3960  C:\WINDOWS\system32\drivers\DLABOIOM.SYS - ok
12:07:58.0687 3960  [ 87413B94AE1FABC117C4E8AE6725134E ] C:\WINDOWS\system32\drivers\DLADResM.SYS
12:07:58.0687 3960  C:\WINDOWS\system32\drivers\DLADResM.SYS - ok
12:07:58.0703 3960  [ 766A148235BE1C0039C974446E4C0EDC ] C:\WINDOWS\system32\drivers\DLAIFS_M.SYS
12:07:58.0703 3960  C:\WINDOWS\system32\drivers\DLAIFS_M.SYS - ok
12:07:58.0703 3960  [ 38267CCA177354F1C64450A43A4F7627 ] C:\WINDOWS\system32\drivers\DLAOPIOM.SYS
12:07:58.0703 3960  C:\WINDOWS\system32\drivers\DLAOPIOM.SYS - ok
12:07:58.0703 3960  [ FD363369FD313B46B5AEAB1A688B52E9 ] C:\WINDOWS\system32\drivers\DLAPoolM.SYS
12:07:58.0703 3960  C:\WINDOWS\system32\drivers\DLAPoolM.SYS - ok
12:07:58.0718 3960  [ FD85F682C1CC2A7CA878C7A448E6D87E ] C:\WINDOWS\system32\drivers\DLAUDFAM.SYS
12:07:58.0718 3960  C:\WINDOWS\system32\drivers\DLAUDFAM.SYS - ok
12:07:58.0718 3960  [ AF389CE587B6BF5BBDCD6F6ABE5EABC0 ] C:\WINDOWS\system32\drivers\DLAUDF_M.SYS
12:07:58.0718 3960  C:\WINDOWS\system32\drivers\DLAUDF_M.SYS - ok
12:07:58.0718 3960  [ 65B2AF103A6BF703D9BA6873C4725553 ] C:\WINDOWS\system32\ati2evxx.exe
12:07:58.0718 3960  C:\WINDOWS\system32\ati2evxx.exe - ok
12:07:58.0734 3960  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
12:07:58.0734 3960  C:\WINDOWS\system32\powrprof.dll - ok
12:07:58.0734 3960  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
12:07:58.0734 3960  C:\WINDOWS\system32\cfgmgr32.dll - ok
12:07:58.0734 3960  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
12:07:58.0734 3960  C:\WINDOWS\system32\svchost.exe - ok
12:07:58.0750 3960  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
12:07:58.0750 3960  C:\WINDOWS\system32\ntmarta.dll - ok
12:07:58.0750 3960  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
12:07:58.0750 3960  C:\WINDOWS\system32\rpcss.dll - ok
12:07:58.0750 3960  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
12:07:58.0750 3960  C:\WINDOWS\system32\xpsp2res.dll - ok
12:07:58.0765 3960  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
12:07:58.0765 3960  C:\WINDOWS\system32\eventlog.dll - ok
12:07:58.0765 3960  [ DEA2F8B8A0781BD893044412C2420636 ] C:\WINDOWS\system32\ati2edxx.dll
12:07:58.0765 3960  C:\WINDOWS\system32\ati2edxx.dll - ok
12:07:58.0765 3960  [ 1F16C1D344A8AB01E71EAC9C24D3B613 ] C:\WINDOWS\system32\atipdlxx.dll
12:07:58.0765 3960  C:\WINDOWS\system32\atipdlxx.dll - ok
12:07:58.0781 3960  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
12:07:58.0781 3960  C:\WINDOWS\system32\mswsock.dll - ok
12:07:58.0781 3960  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
12:07:58.0781 3960  C:\WINDOWS\system32\hnetcfg.dll - ok
12:07:58.0781 3960  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
12:07:58.0781 3960  C:\WINDOWS\system32\wshtcpip.dll - ok
12:07:58.0796 3960  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
12:07:58.0796 3960  C:\Program Files\Bonjour\mdnsNSP.dll - ok
12:07:58.0796 3960  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
12:07:58.0796 3960  C:\WINDOWS\system32\winrnr.dll - ok
12:07:58.0796 3960  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
12:07:58.0796 3960  C:\WINDOWS\system32\rasadhlp.dll - ok
12:07:58.0812 3960  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
12:07:58.0812 3960  C:\WINDOWS\system32\dhcpcsvc.dll - ok
12:07:58.0812 3960  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
12:07:58.0812 3960  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
12:07:58.0812 3960  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
12:07:58.0812 3960  C:\WINDOWS\system32\dnsrslvr.dll - ok
12:07:58.0828 3960  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
12:07:58.0828 3960  C:\WINDOWS\system32\atl.dll - ok
12:07:58.0828 3960  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
12:07:58.0828 3960  C:\WINDOWS\system32\eapolqec.dll - ok
12:07:58.0828 3960  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
12:07:58.0828 3960  C:\WINDOWS\system32\qutil.dll - ok
12:07:58.0843 3960  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
12:07:58.0843 3960  C:\WINDOWS\system32\rtutils.dll - ok
12:07:58.0843 3960  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
12:07:58.0843 3960  C:\WINDOWS\system32\wmi.dll - ok
12:07:58.0843 3960  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
12:07:58.0843 3960  C:\WINDOWS\system32\wzcsvc.dll - ok
12:07:58.0859 3960  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
12:07:58.0859 3960  C:\WINDOWS\system32\dot3api.dll - ok
12:07:58.0859 3960  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
12:07:58.0859 3960  C:\WINDOWS\system32\esent.dll - ok
12:07:58.0875 3960  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
12:07:58.0875 3960  C:\WINDOWS\system32\clbcatq.dll - ok
12:07:58.0875 3960  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
12:07:58.0875 3960  C:\WINDOWS\system32\comres.dll - ok
12:07:58.0875 3960  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
12:07:58.0875 3960  C:\WINDOWS\system32\rastls.dll - ok
12:07:58.0890 3960  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
12:07:58.0890 3960  C:\WINDOWS\system32\cryptui.dll - ok
12:07:58.0890 3960  [ 5AACF4B4DEE1972B7952E8A747122232 ] C:\WINDOWS\system32\wininet.dll
12:07:58.0890 3960  C:\WINDOWS\system32\wininet.dll - ok
12:07:58.0890 3960  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
12:07:58.0890 3960  C:\WINDOWS\system32\normaliz.dll - ok
12:07:58.0906 3960  [ C332870084DB9164F465D6F1B7472728 ] C:\WINDOWS\system32\urlmon.dll
12:07:58.0906 3960  C:\WINDOWS\system32\urlmon.dll - ok
12:07:58.0906 3960  [ 47464CA4943F82E1B8FCB2C57DA15F83 ] C:\WINDOWS\system32\iertutil.dll
12:07:58.0906 3960  C:\WINDOWS\system32\iertutil.dll - ok
12:07:58.0906 3960  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
12:07:58.0906 3960  C:\WINDOWS\system32\activeds.dll - ok
12:07:58.0921 3960  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
12:07:58.0921 3960  C:\WINDOWS\system32\adsldpc.dll - ok
12:07:58.0921 3960  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
12:07:58.0921 3960  C:\WINDOWS\system32\mprapi.dll - ok
12:07:58.0921 3960  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
12:07:58.0921 3960  C:\WINDOWS\system32\rasapi32.dll - ok
12:07:58.0937 3960  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
12:07:58.0937 3960  C:\WINDOWS\system32\rasman.dll - ok
12:07:58.0937 3960  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
12:07:58.0937 3960  C:\WINDOWS\system32\tapi32.dll - ok
12:07:58.0953 3960  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
12:07:58.0953 3960  C:\WINDOWS\system32\riched20.dll - ok
12:07:58.0953 3960  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
12:07:58.0953 3960  C:\WINDOWS\system32\raschap.dll - ok
12:07:58.0968 3960  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
12:07:58.0968 3960  C:\WINDOWS\system32\schedsvc.dll - ok
12:07:58.0968 3960  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
12:07:58.0968 3960  C:\WINDOWS\system32\msidle.dll - ok
12:07:58.0968 3960  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
12:07:58.0968 3960  C:\WINDOWS\system32\logonui.exe - ok
12:07:58.0984 3960  [ B1A88C751D0E3FC66D101656B2E8E3A2 ] C:\WINDOWS\system32\ati2evxx.dll
12:07:58.0984 3960  C:\WINDOWS\system32\ati2evxx.dll - ok
12:07:58.0984 3960  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
12:07:58.0984 3960  C:\WINDOWS\system32\cscdll.dll - ok
12:07:58.0984 3960  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
12:07:58.0984 3960  C:\WINDOWS\system32\spoolsv.exe - ok
12:07:59.0000 3960  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
12:07:59.0000 3960  C:\WINDOWS\system32\dimsntfy.dll - ok
12:07:59.0000 3960  [ 2ACBFEF9984F0FE9849DA857206CCECC ] C:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
12:07:59.0000 3960  C:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll - ok
12:07:59.0000 3960  [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
12:07:59.0000 3960  C:\WINDOWS\system32\rundll32.exe - ok
12:07:59.0015 3960  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
12:07:59.0015 3960  C:\WINDOWS\system32\wlnotify.dll - ok
12:07:59.0015 3960  [ CF480A158502332BE8AFA589963BB0E1 ] C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.dll
12:07:59.0015 3960  C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.dll - ok
12:07:59.0015 3960  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
12:07:59.0015 3960  C:\WINDOWS\system32\audiosrv.dll - ok
12:07:59.0015 3960  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
12:07:59.0015 3960  C:\WINDOWS\system32\duser.dll - ok
12:07:59.0031 3960  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
12:07:59.0031 3960  C:\WINDOWS\system32\winspool.drv - ok
12:07:59.0031 3960  [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
12:07:59.0031 3960  C:\WINDOWS\system32\WgaLogon.dll - ok
12:07:59.0031 3960  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
12:07:59.0031 3960  C:\WINDOWS\system32\msimg32.dll - ok
12:07:59.0046 3960  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
12:07:59.0046 3960  C:\WINDOWS\system32\msxml3.dll - ok
12:07:59.0046 3960  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
12:07:59.0046 3960  C:\WINDOWS\system32\oleacc.dll - ok
12:07:59.0046 3960  [ 7D8AE986AB4E29F0C42ED87E44D1B165 ] C:\WINDOWS\system32\untfsu.dll
12:07:59.0046 3960  C:\WINDOWS\system32\untfsu.dll - ok
12:07:59.0062 3960  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
12:07:59.0062 3960  C:\WINDOWS\system32\wkssvc.dll - ok
12:07:59.0062 3960  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
12:07:59.0062 3960  C:\WINDOWS\system32\shgina.dll - ok
12:07:59.0062 3960  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
12:07:59.0062 3960  C:\WINDOWS\system32\spoolss.dll - ok
12:07:59.0078 3960  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
12:07:59.0078 3960  C:\WINDOWS\system32\localspl.dll - ok
12:07:59.0078 3960  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
12:07:59.0078 3960  C:\WINDOWS\system32\cnbjmon.dll - ok
12:07:59.0078 3960  [ E0B83ADFB16D794A0D207FE119D03182 ] C:\WINDOWS\system32\HPTcpMon.dll
12:07:59.0078 3960  C:\WINDOWS\system32\HPTcpMon.dll - ok
12:07:59.0093 3960  [ 16FC2C309998C6D55C182652D6A1C5B1 ] C:\WINDOWS\system32\hpzjrd01.dll
12:07:59.0093 3960  C:\WINDOWS\system32\hpzjrd01.dll - ok
12:07:59.0093 3960  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
12:07:59.0093 3960  C:\WINDOWS\system32\clusapi.dll - ok
12:07:59.0093 3960  [ 5CC3838902A9257B79BD43F56D8B7275 ] C:\WINDOWS\system32\HPTcpMUI.dll
12:07:59.0093 3960  C:\WINDOWS\system32\HPTcpMUI.dll - ok
12:07:59.0109 3960  [ 36247C6D5E1FE03A56EE81BB99D7E68C ] C:\WINDOWS\system32\HPTcpMib.dll
12:07:59.0109 3960  C:\WINDOWS\system32\HPTcpMib.dll - ok
12:07:59.0109 3960  [ 1E744353BD534405187A404667DA3DC3 ] C:\WINDOWS\system32\mgmtapi.dll
12:07:59.0109 3960  C:\WINDOWS\system32\mgmtapi.dll - ok
12:07:59.0109 3960  [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
12:07:59.0109 3960  C:\WINDOWS\system32\snmpapi.dll - ok
12:07:59.0125 3960  [ A2973A14FD05F6A5BD61F3528DFAE922 ] C:\WINDOWS\system32\hpzsnt12.dll
12:07:59.0125 3960  C:\WINDOWS\system32\hpzsnt12.dll - ok
12:07:59.0125 3960  [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll
12:07:59.0125 3960  C:\WINDOWS\system32\wsnmp32.dll - ok
12:07:59.0140 3960  [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\WINDOWS\system32\mdimon.dll
12:07:59.0140 3960  C:\WINDOWS\system32\mdimon.dll - ok
12:07:59.0140 3960  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
12:07:59.0140 3960  C:\WINDOWS\system32\msi.dll - ok
12:07:59.0140 3960  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
12:07:59.0140 3960  C:\WINDOWS\system32\pjlmon.dll - ok
12:07:59.0156 3960  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
12:07:59.0156 3960  C:\WINDOWS\system32\tcpmon.dll - ok
12:07:59.0156 3960  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
12:07:59.0156 3960  C:\WINDOWS\system32\usbmon.dll - ok
12:07:59.0156 3960  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
12:07:59.0156 3960  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
12:07:59.0171 3960  [ EA8647A21BCB56C5F15712D4B7407501 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
12:07:59.0171 3960  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
12:07:59.0171 3960  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
12:07:59.0171 3960  C:\WINDOWS\system32\netrap.dll - ok
12:07:59.0187 3960  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
12:07:59.0187 3960  C:\WINDOWS\system32\win32spl.dll - ok
12:07:59.0187 3960  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
12:07:59.0187 3960  C:\WINDOWS\system32\inetpp.dll - ok
12:07:59.0187 3960  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
12:07:59.0187 3960  C:\WINDOWS\system32\cscui.dll - ok
12:07:59.0203 3960  [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
12:07:59.0203 3960  C:\WINDOWS\system32\dpcdll.dll - ok
12:07:59.0203 3960  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
12:07:59.0203 3960  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
12:07:59.0218 3960  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
12:07:59.0218 3960  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
12:07:59.0218 3960  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
12:07:59.0218 3960  C:\WINDOWS\system32\wdmaud.drv - ok
12:07:59.0234 3960  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
12:07:59.0234 3960  C:\WINDOWS\system32\drivers\aec.sys - ok
12:07:59.0234 3960  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
12:07:59.0234 3960  C:\WINDOWS\system32\drivers\splitter.sys - ok
12:07:59.0250 3960  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\DMusic.sys
12:07:59.0250 3960  C:\WINDOWS\system32\drivers\DMusic.sys - ok
12:07:59.0250 3960  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
12:07:59.0250 3960  C:\WINDOWS\system32\drivers\kmixer.sys - ok
12:07:59.0250 3960  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
12:07:59.0250 3960  C:\WINDOWS\system32\drivers\swmidi.sys - ok
12:07:59.0265 3960  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
12:07:59.0265 3960  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
12:07:59.0265 3960  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
12:07:59.0265 3960  C:\WINDOWS\system32\userinit.exe - ok
12:07:59.0281 3960  [ EC9B420801D3D7F82388267D13D0F89B ] C:\WINDOWS\system32\OGAEXEC.exe
12:07:59.0281 3960  C:\WINDOWS\system32\OGAEXEC.exe - ok
12:07:59.0281 3960  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
12:07:59.0281 3960  C:\WINDOWS\system32\msacm32.drv - ok
12:07:59.0281 3960  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
12:07:59.0281 3960  C:\WINDOWS\system32\midimap.dll - ok
12:07:59.0296 3960  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
12:07:59.0296 3960  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
12:07:59.0296 3960  [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
12:07:59.0296 3960  C:\WINDOWS\system32\WgaTray.exe - ok
12:07:59.0296 3960  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
12:07:59.0296 3960  C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
12:07:59.0312 3960  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
12:07:59.0312 3960  C:\WINDOWS\explorer.exe - ok
12:07:59.0312 3960  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
12:07:59.0312 3960  C:\WINDOWS\system32\browseui.dll - ok
12:07:59.0312 3960  [ A75BD227929CBE5097DD0B7C53ECF6F7 ] C:\WINDOWS\system32\shdocvw.dll
12:07:59.0312 3960  C:\WINDOWS\system32\shdocvw.dll - ok
12:07:59.0312 3960  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
12:07:59.0312 3960  C:\WINDOWS\system32\dbghelp.dll - ok
12:07:59.0328 3960  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
12:07:59.0328 3960  C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
12:07:59.0328 3960  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
12:07:59.0328 3960  C:\WINDOWS\system32\mstask.dll - ok
12:07:59.0328 3960  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
12:07:59.0328 3960  C:\WINDOWS\system32\cryptnet.dll - ok
12:07:59.0343 3960  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
12:07:59.0343 3960  C:\WINDOWS\system32\sensapi.dll - ok
12:07:59.0343 3960  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
12:07:59.0343 3960  C:\WINDOWS\system32\winhttp.dll - ok
12:07:59.0343 3960  [ ECBC82FE091109C2BD90B068FAF99216 ] C:\Program Files\Norton 360\Engine\3.8.3.6\buShell.dll
12:07:59.0343 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\buShell.dll - ok
12:07:59.0359 3960  [ CC26451A90025F6C55F64146C333DEA5 ] C:\WINDOWS\system32\LegitCheckControl.dll
12:07:59.0359 3960  C:\WINDOWS\system32\LegitCheckControl.dll - ok
12:07:59.0359 3960  [ 10C03F5479E6BD73C9CB3DFDE9FA4C2E ] C:\WINDOWS\system32\OGACheckControl.dll
12:07:59.0359 3960  C:\WINDOWS\system32\OGACheckControl.dll - ok
12:07:59.0375 3960  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
12:07:59.0375 3960  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
12:07:59.0375 3960  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
12:07:59.0375 3960  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
12:07:59.0375 3960  [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
12:07:59.0375 3960  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
12:07:59.0390 3960  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
12:07:59.0390 3960  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
12:07:59.0390 3960  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
12:07:59.0390 3960  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
12:07:59.0390 3960  [ 9E95363FFD92C19BFD5DFAD317BF2589 ] C:\Program Files\Norton 360\Engine\3.8.3.6\ccL80U.dll
12:07:59.0390 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ccL80U.dll - ok
12:07:59.0390 3960  [ D3FA6D7F2A1AD28AF9B2D2F02D8AF67A ] C:\Program Files\Norton 360\Engine\3.8.3.6\EFACli.dll
12:07:59.0390 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\EFACli.dll - ok
12:07:59.0406 3960  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
12:07:59.0406 3960  C:\WINDOWS\system32\desk.cpl - ok
12:07:59.0406 3960  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
12:07:59.0406 3960  C:\WINDOWS\system32\themeui.dll - ok
12:07:59.0406 3960  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
12:07:59.0406 3960  C:\WINDOWS\system32\cmd.exe - ok
12:07:59.0421 3960  [ 59570CA554C9D75E72241AC3252E84BD ] C:\WINDOWS\system32\ieframe.dll
12:07:59.0421 3960  C:\WINDOWS\system32\ieframe.dll - ok
12:07:59.0421 3960  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Owner\LOCALS~1\Temp\EE8D7507-77DE-4D12-AD53-1E8DCE71693D.exe
12:07:59.0421 3960  C:\DOCUME~1\Owner\LOCALS~1\Temp\EE8D7507-77DE-4D12-AD53-1E8DCE71693D.exe - ok
12:07:59.0437 3960  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
12:07:59.0437 3960  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
12:07:59.0437 3960  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
12:07:59.0437 3960  C:\WINDOWS\system32\webclnt.dll - ok
12:07:59.0437 3960  [ 3DEBBECF665DCDDE3A95D9B902010817 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:07:59.0437 3960  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
12:07:59.0453 3960  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
12:07:59.0453 3960  C:\WINDOWS\system32\drivers\parvdm.sys - ok
12:07:59.0453 3960  [ 605C6370240FC79CADBCD34960A741D2 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
12:07:59.0453 3960  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
12:07:59.0453 3960  [ 8B22CF51B907E3A221267CF1E502993A ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
12:07:59.0453 3960  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
12:07:59.0468 3960  [ 054B87C872292A960B9B8A834B34DFA7 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
12:07:59.0468 3960  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
12:07:59.0484 3960  [ 0EEE814627F4384291687671F76419F6 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
12:07:59.0484 3960  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
12:07:59.0484 3960  [ 250BF888DDBE88D61EB19A9D4957C794 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
12:07:59.0484 3960  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
12:07:59.0484 3960  [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
12:07:59.0484 3960  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
12:07:59.0500 3960  [ 794950DB77AA590C2964ECA0A5874A09 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
12:07:59.0500 3960  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
12:07:59.0500 3960  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
12:07:59.0500 3960  C:\WINDOWS\system32\wsock32.dll - ok
12:07:59.0500 3960  [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
12:07:59.0500 3960  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
12:07:59.0515 3960  [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
12:07:59.0515 3960  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
12:07:59.0515 3960  [ 37CF2461CB5E40C4CFAB82C8FC79A2BC ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
12:07:59.0515 3960  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
12:07:59.0531 3960  [ 1224BC6DE919F8CD8C1C945280E63852 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
12:07:59.0531 3960  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
12:07:59.0531 3960  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\system32\dnssd.dll
12:07:59.0531 3960  C:\WINDOWS\system32\dnssd.dll - ok
12:07:59.0531 3960  [ CEC65FA2556ADE70544B32D65FC76D07 ] C:\WINDOWS\system32\ati2sgag.exe
12:07:59.0531 3960  C:\WINDOWS\system32\ati2sgag.exe - ok
12:07:59.0546 3960  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\29503080.sys
12:07:59.0546 3960  C:\WINDOWS\system32\drivers\29503080.sys - ok
12:07:59.0546 3960  [ 905B5BF5BE0A86E8412801BF20357195 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
12:07:59.0546 3960  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
12:07:59.0546 3960  [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
12:07:59.0546 3960  C:\WINDOWS\system32\qmgr.dll - ok
12:07:59.0562 3960  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
12:07:59.0562 3960  C:\Program Files\Bonjour\mDNSResponder.exe - ok
12:07:59.0562 3960  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
12:07:59.0562 3960  C:\WINDOWS\system32\shfolder.dll - ok
12:07:59.0562 3960  [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
12:07:59.0562 3960  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
12:07:59.0578 3960  [ FC33CBBB9CADCEC307DA010FE763D04C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
12:07:59.0578 3960  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
12:07:59.0578 3960  [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
12:07:59.0578 3960  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
12:07:59.0593 3960  [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
12:07:59.0593 3960  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
12:07:59.0593 3960  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
12:07:59.0593 3960  C:\WINDOWS\system32\certcli.dll - ok
12:07:59.0609 3960  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
12:07:59.0609 3960  C:\WINDOWS\system32\cryptsvc.dll - ok
12:07:59.0609 3960  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
12:07:59.0609 3960  C:\WINDOWS\system32\netman.dll - ok
12:07:59.0625 3960  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
12:07:59.0625 3960  C:\WINDOWS\system32\netshell.dll - ok
12:07:59.0625 3960  [ 072E7FE333BB59ACE1BD7CB9C93FC5D9 ] C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
12:07:59.0625 3960  C:\Program Files\Flip Video\FlipShare\FlipShareService.exe - ok
12:07:59.0625 3960  [ CE9ED72784CCB29AD745EB7651BF7B54 ] C:\Program Files\Flip Video\FlipShare\QtCore4.dll
12:07:59.0625 3960  C:\Program Files\Flip Video\FlipShare\QtCore4.dll - ok
12:07:59.0640 3960  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
12:07:59.0640 3960  C:\WINDOWS\system32\credui.dll - ok
12:07:59.0640 3960  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
12:07:59.0640 3960  C:\WINDOWS\system32\dot3dlg.dll - ok
12:07:59.0656 3960  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
12:07:59.0656 3960  C:\WINDOWS\system32\eappcfg.dll - ok
12:07:59.0656 3960  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
12:07:59.0656 3960  C:\WINDOWS\system32\onex.dll - ok
12:07:59.0671 3960  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
12:07:59.0671 3960  C:\WINDOWS\system32\eappprxy.dll - ok
12:07:59.0671 3960  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
12:07:59.0671 3960  C:\WINDOWS\system32\wzcsapi.dll - ok
12:07:59.0687 3960  [ 7FEB1788A6855C5EFC55FC4500B345B4 ] C:\Program Files\Flip Video\FlipShare\Core.dll
12:07:59.0687 3960  C:\Program Files\Flip Video\FlipShare\Core.dll - ok
12:07:59.0687 3960  [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
12:07:59.0687 3960  C:\WINDOWS\system32\dmserver.dll - ok
12:07:59.0703 3960  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
12:07:59.0703 3960  C:\WINDOWS\system32\ersvc.dll - ok
12:07:59.0703 3960  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
12:07:59.0703 3960  C:\WINDOWS\system32\es.dll - ok
12:07:59.0703 3960  [ 4A35AFCC8F8F30BD1EB5DAE95B42560E ] C:\Program Files\Flip Video\FlipShare\qca2.dll
12:07:59.0703 3960  C:\Program Files\Flip Video\FlipShare\qca2.dll - ok
12:07:59.0718 3960  [ E0873594C5A39E3EE21C89A620CFEB6D ] C:\Program Files\Flip Video\FlipShare\QtGui4.dll
12:07:59.0718 3960  C:\Program Files\Flip Video\FlipShare\QtGui4.dll - ok
12:07:59.0718 3960  [ 569EFB7717DD8F935990853427752A77 ] C:\Program Files\Flip Video\FlipShare\QtNetwork4.dll
12:07:59.0718 3960  C:\Program Files\Flip Video\FlipShare\QtNetwork4.dll - ok
12:07:59.0734 3960  [ 7652FF8A01F263B9E012FC6E286823A3 ] C:\Program Files\Flip Video\FlipShare\QtSql4.dll
12:07:59.0734 3960  C:\Program Files\Flip Video\FlipShare\QtSql4.dll - ok
12:07:59.0734 3960  [ 32147B7D865525319420046A789128F3 ] C:\Program Files\Flip Video\FlipShare\QtXml4.dll
12:07:59.0734 3960  C:\Program Files\Flip Video\FlipShare\QtXml4.dll - ok
12:07:59.0750 3960  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
12:07:59.0750 3960  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
12:07:59.0750 3960  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
12:07:59.0750 3960  C:\WINDOWS\system32\hid.dll - ok
12:07:59.0765 3960  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
12:07:59.0765 3960  C:\WINDOWS\system32\hidserv.dll - ok
12:07:59.0765 3960  [ 999DB5F88C8E145CCA9D471E33227143 ] C:\Program Files\Java\jre7\bin\jqs.exe
12:07:59.0765 3960  C:\Program Files\Java\jre7\bin\jqs.exe - ok
12:07:59.0781 3960  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
12:07:59.0781 3960  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
12:07:59.0781 3960  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
12:07:59.0781 3960  C:\WINDOWS\system32\pdh.dll - ok
12:07:59.0796 3960  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
12:07:59.0796 3960  C:\WINDOWS\system32\odbcbcp.dll - ok
12:07:59.0796 3960  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
12:07:59.0796 3960  C:\WINDOWS\system32\srvsvc.dll - ok
12:07:59.0812 3960  [ 5C7B88695CE461D8BDA4FE0C0E57E71D ] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
12:07:59.0812 3960  C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe - ok
12:07:59.0812 3960  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
12:07:59.0812 3960  C:\WINDOWS\system32\drivers\srv.sys - ok
12:07:59.0828 3960  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
12:07:59.0828 3960  C:\WINDOWS\system32\netmsg.dll - ok
12:07:59.0828 3960  [ 64C89DB40949FD0E7C8FF303676A91F1 ] C:\Program Files\Norton 360\Engine\3.8.3.6\ccSvcHst.exe
12:07:59.0828 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ccSvcHst.exe - ok
12:07:59.0828 3960  [ 8664C9A3B0CBF8E45ABFA48BB7DFE0E3 ] C:\Program Files\Norton 360\Engine\3.8.3.6\ccVrTrst.dll
12:07:59.0828 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ccVrTrst.dll - ok
12:07:59.0828 3960  [ B667E7643D459234C8A5D87DC80462C1 ] C:\Program Files\Norton 360\Engine\3.8.3.6\SymNeti.dll
12:07:59.0843 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\SymNeti.dll - ok
12:07:59.0843 3960  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
12:07:59.0843 3960  C:\WINDOWS\system32\perfdisk.dll - ok
12:07:59.0843 3960  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
12:07:59.0843 3960  C:\WINDOWS\system32\perfos.dll - ok
12:07:59.0843 3960  [ BAE04007A679893E975A2B75E9E001E9 ] C:\Program Files\Common Files\Motive\pcCMService.exe
12:07:59.0843 3960  C:\Program Files\Common Files\Motive\pcCMService.exe - ok
12:07:59.0859 3960  [ FA7CCBBC0D643818DCBE8D2C10D64A33 ] C:\Program Files\Norton 360\Engine\3.8.3.6\ccSvc.dll
12:07:59.0859 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ccSvc.dll - ok
12:07:59.0859 3960  [ 10EE7B8092FCAD11BEBDB10D602BA05B ] C:\Program Files\Norton 360\Engine\3.8.3.6\Srtsp32.dll
12:07:59.0859 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\Srtsp32.dll - ok
12:07:59.0875 3960  [ 9B15623C57D07D3C3024BEB7C1447527 ] C:\Program Files\Norton 360\Engine\3.8.3.6\ccIPC.dll
12:07:59.0875 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ccIPC.dll - ok
12:07:59.0875 3960  [ 2775CF7A0D1ABEBCBF2296A2D95AF793 ] C:\Program Files\Java\jre7\bin\awt.dll
12:07:59.0875 3960  C:\Program Files\Java\jre7\bin\awt.dll - ok
12:07:59.0890 3960  [ B6B56EEA6FFE7D5DDD8756E68F2DF8F4 ] C:\Program Files\Norton 360\Engine\3.8.3.6\diMaster.dll
12:07:59.0890 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\diMaster.dll - ok
12:07:59.0890 3960  [ 8182208C50D7256DF8A03CFB6A488DBB ] C:\Program Files\Norton 360\Engine\3.8.3.6\ccSet.dll
12:07:59.0890 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ccSet.dll - ok
12:07:59.0906 3960  [ 9D84376931440F3679BEEF2A414FA493 ] C:\WINDOWS\system32\HPZipm12.exe
12:07:59.0906 3960  C:\WINDOWS\system32\HPZipm12.exe - ok
12:07:59.0906 3960  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
12:07:59.0906 3960  C:\WINDOWS\system32\ipsecsvc.dll - ok
12:07:59.0921 3960  [ E8C28635AC4E946DD5653D77132BD7D1 ] C:\Program Files\Norton 360\Engine\3.8.3.6\IPSPlug.dll
12:07:59.0921 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\IPSPlug.dll - ok
12:07:59.0921 3960  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
12:07:59.0921 3960  C:\WINDOWS\system32\oakley.dll - ok
12:07:59.0937 3960  [ E6C4B85AD1C562DA0C7D0D931AFD672D ] C:\Program Files\Norton 360\Engine\3.8.3.6\QSPlugin.dll
12:07:59.0937 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\QSPlugin.dll - ok
12:07:59.0937 3960  [ 422D691C7795AB22ECAD8600B724F2A3 ] C:\Program Files\Norton 360\Engine\3.8.3.6\uiPerfsv.dll
12:07:59.0937 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\uiPerfsv.dll - ok
12:07:59.0953 3960  [ FA4B19EF00299ABA267658ABBBA9EA7E ] C:\Program Files\Norton 360\Engine\3.8.3.6\ccJobMgr.dll
12:07:59.0953 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ccJobMgr.dll - ok
12:07:59.0953 3960  [ 4322B31072F2481292ACEE06A23A9AA0 ] C:\Program Files\Norton 360\Engine\3.8.3.6\IPSFFPl.dll
12:07:59.0953 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\IPSFFPl.dll - ok
12:07:59.0968 3960  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
12:07:59.0968 3960  C:\WINDOWS\system32\psbase.dll - ok
12:07:59.0968 3960  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
12:07:59.0968 3960  C:\WINDOWS\system32\pstorsvc.dll - ok
12:07:59.0984 3960  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
12:07:59.0984 3960  C:\WINDOWS\system32\winipsec.dll - ok
12:07:59.0984 3960  [ 8839C69D4E9468A1E5BDF4B9F4BCC5FE ] C:\Program Files\Java\jre7\bin\client\jvm.dll
12:07:59.0984 3960  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
12:08:00.0000 3960  [ 35DD92AF8B4EC79162A6A013884797AF ] C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
12:08:00.0000 3960  C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe - ok
12:08:00.0000 3960  [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
12:08:00.0000 3960  C:\WINDOWS\system32\mscoree.dll - ok
12:08:00.0015 3960  [ 14D289F63D9538306CB560C4CD12172F ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20130328.001\IDSxpx86.dll
12:08:00.0015 3960  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20130328.001\IDSxpx86.dll - ok
12:08:00.0015 3960  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
12:08:00.0015 3960  C:\WINDOWS\system32\dssenh.dll - ok
12:08:00.0031 3960  [ FB53A700132D9A97D1E10E9F80BD6174 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
12:08:00.0031 3960  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
12:08:00.0031 3960  [ D3F9C2CD46A4D5E49AD3E22F6923869C ] C:\Program Files\Norton 360\Engine\3.8.3.6\FWCore.dll
12:08:00.0031 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\FWCore.dll - ok
12:08:00.0031 3960  [ 93659F3B85CFED41825F609161CBF7FB ] C:\Program Files\Norton 360\Engine\3.8.3.6\htec.dll
12:08:00.0031 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\htec.dll - ok
12:08:00.0046 3960  [ 70DE615623555A16EE8FA63F96C6B9E6 ] C:\Program Files\Norton 360\Engine\3.8.3.6\ccGEvt.dll
12:08:00.0046 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ccGEvt.dll - ok
12:08:00.0046 3960  [ 5CC40498D6EA2D2E82D7617D06FE77EB ] C:\Program Files\Norton 360\Engine\3.8.3.6\ncwTrust.dll
12:08:00.0046 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ncwTrust.dll - ok
12:08:00.0046 3960  [ EEDDEF1A7623619FBED118E6A3A27DED ] C:\Program Files\Norton 360\Engine\3.8.3.6\ccSubEng.dll
12:08:00.0046 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ccSubEng.dll - ok
12:08:00.0062 3960  [ C371BD0997CE47CA32301D82BDCBF8DB ] C:\Program Files\Norton 360\Engine\3.8.3.6\AVPSVC32.dll
12:08:00.0062 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\AVPSVC32.dll - ok
12:08:00.0062 3960  [ 60C2752036FAC5DA6E5F72CB9AB60747 ] C:\Program Files\Java\jre7\bin\dcpr.dll
12:08:00.0062 3960  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
12:08:00.0062 3960  [ 50F76323253CE77DE6664AAAFAB02985 ] C:\Program Files\Norton 360\Engine\3.8.3.6\BHSvcPlg.dll
12:08:00.0062 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\BHSvcPlg.dll - ok
12:08:00.0078 3960  [ F38B92211F961CF9D48B2192BC7B00D6 ] C:\Program Files\Java\jre7\bin\deploy.dll
12:08:00.0078 3960  C:\Program Files\Java\jre7\bin\deploy.dll - ok
12:08:00.0078 3960  [ 24265143B1F4D8C57695630FBF6494CD ] C:\Program Files\Java\jre7\bin\fontmanager.dll
12:08:00.0078 3960  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
12:08:00.0078 3960  [ 8A53582955841F6FFC62D7FD2E913773 ] C:\Program Files\Java\jre7\bin\java.dll
12:08:00.0078 3960  C:\Program Files\Java\jre7\bin\java.dll - ok
12:08:00.0093 3960  [ 0B56B878192DBA95D66A3162D38911F2 ] C:\Program Files\Java\jre7\bin\javaw.exe
12:08:00.0093 3960  C:\Program Files\Java\jre7\bin\javaw.exe - ok
12:08:00.0093 3960  [ C053C0F4F941A74EE163A601AEFE7AC3 ] C:\Program Files\Java\jre7\bin\jp2native.dll
12:08:00.0093 3960  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
12:08:00.0109 3960  [ 016E71D45E5421483CB262419E71DFD3 ] C:\Program Files\Norton 360\Engine\3.8.3.6\ccGLog.dll
12:08:00.0109 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ccGLog.dll - ok
12:08:00.0109 3960  [ 467B0D0BC47D0B9CFA3837DA0A498C7F ] C:\Program Files\Java\jre7\bin\jpeg.dll
12:08:00.0109 3960  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
12:08:00.0125 3960  [ 09523AFBC5937D7CC786FC9C74D2D516 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
12:08:00.0125 3960  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll - ok
12:08:00.0125 3960  [ 3BC6F51501B1F96AB4B03AA2B5D032E5 ] C:\Program Files\Norton 360\Engine\3.8.3.6\SNDSvc.dll
12:08:00.0125 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\SNDSvc.dll - ok
12:08:00.0140 3960  [ 0A45A39E9A1D3D33A49D1BAF292659E3 ] C:\Program Files\Java\jre7\bin\net.dll
12:08:00.0140 3960  C:\Program Files\Java\jre7\bin\net.dll - ok
12:08:00.0140 3960  [ F897D8369C0523D32A5DD169DF545BCD ] C:\Program Files\Java\jre7\bin\nio.dll
12:08:00.0140 3960  C:\Program Files\Java\jre7\bin\nio.dll - ok
12:08:00.0156 3960  [ 76F27FAB5BA22E336E5D42626702E744 ] C:\Program Files\Java\jre7\bin\verify.dll
12:08:00.0156 3960  C:\Program Files\Java\jre7\bin\verify.dll - ok
12:08:00.0156 3960  [ 95A841BE3CF27181D7E9033DD66BC5CF ] C:\Program Files\Java\jre7\bin\zip.dll
12:08:00.0156 3960  C:\Program Files\Java\jre7\bin\zip.dll - ok
12:08:00.0156 3960  [ BBF9D987A16A9CDA18DAF8CAA070A1D0 ] C:\Program Files\Norton 360\Engine\3.8.3.6\coSvcPlg.dll
12:08:00.0156 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\coSvcPlg.dll - ok
12:08:00.0171 3960  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
12:08:00.0171 3960  C:\WINDOWS\system32\cabinet.dll - ok
12:08:00.0171 3960  [ 91AD0140701CF93DE6FF520F32AF8078 ] C:\Program Files\Norton 360\Engine\3.8.3.6\isDataPr.dll
12:08:00.0171 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\isDataPr.dll - ok
12:08:00.0187 3960  [ 262C6C64BE5BC4B1E97A9675A562DBC4 ] C:\Program Files\Norton 360\Engine\3.8.3.6\cltLMC.dll
12:08:00.0187 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\cltLMC.dll - ok
12:08:00.0187 3960  [ 731F30A150DCDFA3C43DDDC3A639EC0F ] C:\Program Files\Norton 360\Engine\3.8.3.6\ISDataSv.dll
12:08:00.0187 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ISDataSv.dll - ok
12:08:00.0203 3960  [ 73C2FB42BD4040A90B683569AB633044 ] C:\Program Files\Norton 360\Engine\3.8.3.6\CLTLMS.DLL
12:08:00.0203 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\CLTLMS.DLL - ok
12:08:00.0203 3960  [ 9EB748E241AF1759C98F85FEAF15FBB7 ] C:\Program Files\Norton 360\Engine\3.8.3.6\FWGenPlg.dll
12:08:00.0203 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\FWGenPlg.dll - ok
12:08:00.0203 3960  [ C87D9706F120CFFC006D00556BF6C4BA ] C:\Program Files\Norton 360\Engine\3.8.3.6\buSvc.dll
12:08:00.0203 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\buSvc.dll - ok
12:08:00.0218 3960  [ D4E8EA37511E8600AB147F97D3AA7786 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll
12:08:00.0218 3960  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll - ok
12:08:00.0218 3960  [ 5F817AE99EAF9525C8A1A011B56063C5 ] C:\Program Files\Norton 360\Engine\3.8.3.6\buComm.dll
12:08:00.0218 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\buComm.dll - ok
12:08:00.0234 3960  [ 786877C4AC6D9B64ADAFACBCD640F2E9 ] C:\Program Files\Norton 360\Engine\3.8.3.6\BuEng.dll
12:08:00.0234 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\BuEng.dll - ok
12:08:00.0234 3960  [ 03685E9EED7DC017F4986930ECE84BBB ] C:\Program Files\Norton 360\Engine\3.8.3.6\SymRdrSv.dll
12:08:00.0234 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\SymRdrSv.dll - ok
12:08:00.0250 3960  [ 024E5504E33B31A6FC09612AEBF6A778 ] C:\Program Files\Norton 360\Engine\3.8.3.6\tuDataPr.dll
12:08:00.0250 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\tuDataPr.dll - ok
12:08:00.0250 3960  [ E6A9C015DCB58D66E4E71FD74A008FF6 ] C:\Program Files\Norton 360\Engine\3.8.3.6\FWSetup.dll
12:08:00.0250 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\FWSetup.dll - ok
12:08:00.0265 3960  [ 8C7D907F45B9799DB815600EDE58E7C7 ] C:\Program Files\Norton 360\Engine\3.8.3.6\FWHelper.dll
12:08:00.0265 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\FWHelper.dll - ok
12:08:00.0265 3960  [ 077F067C69073D1EBC84984E7FE5BA44 ] C:\WINDOWS\system32\msjetoledb40.dll
12:08:00.0265 3960  C:\WINDOWS\system32\msjetoledb40.dll - ok
12:08:00.0281 3960  [ 9E70016C950B1F8FDEAA6F067E2E25A8 ] C:\WINDOWS\system32\msjet40.dll
12:08:00.0281 3960  C:\WINDOWS\system32\msjet40.dll - ok
12:08:00.0281 3960  [ AFDC647D16B285B9AE6140335B3B3255 ] C:\WINDOWS\system32\mswstr10.dll
12:08:00.0281 3960  C:\WINDOWS\system32\mswstr10.dll - ok
12:08:00.0296 3960  [ 4B3685AA700084E4ED6635FC1EFD9CC2 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
12:08:00.0296 3960  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll - ok
12:08:00.0296 3960  [ 8B59FBBCE13B9A0BCFDCFAFAC962F621 ] C:\Program Files\Norton 360\Engine\3.8.3.6\AppMgr32.dll
12:08:00.0296 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\AppMgr32.dll - ok
12:08:00.0312 3960  [ 7E2B58CE8C4013287371667880B1080D ] C:\WINDOWS\system32\msjint40.dll
12:08:00.0312 3960  C:\WINDOWS\system32\msjint40.dll - ok
12:08:00.0312 3960  [ 0D14F07B29FBF0D750AA2495DD72B968 ] C:\WINDOWS\system32\msjter40.dll
12:08:00.0312 3960  C:\WINDOWS\system32\msjter40.dll - ok
12:08:00.0328 3960  [ 6F413C1D9581FFBC27DFBAF8D1E358B5 ] C:\Program Files\Norton 360\Engine\3.8.3.6\cltLMJ.dll
12:08:00.0328 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\cltLMJ.dll - ok
12:08:00.0328 3960  [ DC095DB6D468CB5B653E05F865487E57 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
12:08:00.0328 3960  C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok
12:08:00.0343 3960  [ 01F0CBEB457CAE7EF0CA52C7CCA5B0E8 ] C:\WINDOWS\system32\msdart.dll
12:08:00.0343 3960  C:\WINDOWS\system32\msdart.dll - ok
12:08:00.0343 3960  [ F86A2C7C279C746D5C5E06941ED4C337 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll
12:08:00.0343 3960  C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok
12:08:00.0359 3960  [ A1E45589FAC353D48CF8C342BFCBDDA3 ] C:\Program Files\Norton 360\Engine\3.8.3.6\hncore.dll
12:08:00.0359 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\hncore.dll - ok
12:08:00.0359 3960  [ E5DE87DDDB8CBE4687EADF296E58452A ] C:\WINDOWS\system32\msjtes40.dll
12:08:00.0359 3960  C:\WINDOWS\system32\msjtes40.dll - ok
12:08:00.0375 3960  [ CAFBD14F56A68E6C1A55C0EAC7E487FA ] C:\WINDOWS\system32\vbajet32.dll
12:08:00.0375 3960  C:\WINDOWS\system32\vbajet32.dll - ok
12:08:00.0375 3960  [ BE87245CE60329B31C94F1B4236E5832 ] C:\WINDOWS\system32\expsrv.dll
12:08:00.0375 3960  C:\WINDOWS\system32\expsrv.dll - ok
12:08:00.0375 3960  [ EA1EA603902B1F5E30C2EEBCC974E799 ] C:\Program Files\Norton 360\Engine\3.8.3.6\AVModule.dll
12:08:00.0375 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\AVModule.dll - ok
12:08:00.0390 3960  [ AA5607632A1A84ABD82EAA5929800F62 ] C:\Program Files\Norton 360\Engine\3.8.3.6\DefUtDCD.dll
12:08:00.0390 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\DefUtDCD.dll - ok
12:08:00.0406 3960  [ 8EE84D6B8CCB808834D7E41713520A9D ] C:\Program Files\Norton 360\Engine\3.8.3.6\ducclib.dll
12:08:00.0406 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ducclib.dll - ok
12:08:00.0406 3960  [ C1649188479440AA5834EDA555445CDC ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll
12:08:00.0406 3960  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll - ok
12:08:00.0421 3960  [ 723528449ED0D1B0AD98AF3EDF23101D ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
12:08:00.0421 3960  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
12:08:00.0421 3960  [ 23DC7C3D5C991720CC0F0CA4FD77F77F ] C:\Program Files\Norton 360\Engine\3.8.3.6\AVifc.dll
12:08:00.0421 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\AVifc.dll - ok
12:08:00.0437 3960  [ DEF6AD32456693465FDB24C18170C7A2 ] C:\Program Files\Common Files\Intuit\QuickBooks\CFScan.dll
12:08:00.0437 3960  C:\Program Files\Common Files\Intuit\QuickBooks\CFScan.dll - ok
12:08:00.0437 3960  [ D102AD7C62914BAB318C57D4080A0F8B ] C:\Program Files\Norton 360\Engine\3.8.3.6\uiHost.dll
12:08:00.0437 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\uiHost.dll - ok
12:08:00.0453 3960  [ 23140083733D22EDC560ACCAC8065749 ] C:\Program Files\Common Files\Intuit\QuickBooks\QBDBPortFinder.DLL
12:08:00.0453 3960  C:\Program Files\Common Files\Intuit\QuickBooks\QBDBPortFinder.DLL - ok
12:08:00.0453 3960  [ 2C2BE6006C058AD0D5031B0D1867959F ] C:\Program Files\Norton 360\Engine\3.8.3.6\BHClient.dll
12:08:00.0453 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\BHClient.dll - ok
12:08:00.0468 3960  [ 9B36E3D7EC78BA7512C54D9FE725B11B ] C:\Program Files\Norton 360\Engine\3.8.3.6\NPCTray.dll
12:08:00.0468 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\NPCTray.dll - ok
12:08:00.0468 3960  [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
12:08:00.0468 3960  C:\WINDOWS\system32\regsvc.dll - ok
12:08:00.0468 3960  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
12:08:00.0468 3960  C:\WINDOWS\system32\seclogon.dll - ok
12:08:00.0468 3960  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
12:08:00.0468 3960  C:\WINDOWS\system32\sens.dll - ok
12:08:00.0484 3960  [ FC2741A70B84D7E7BA5F51A352669EE8 ] C:\Program Files\Common Files\Intuit\QuickBooks\stlport_r50.dll
12:08:00.0484 3960  C:\Program Files\Common Files\Intuit\QuickBooks\stlport_r50.dll - ok
12:08:00.0500 3960  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] C:\Program Files\Skype\Updater\Updater.exe
12:08:00.0500 3960  C:\Program Files\Skype\Updater\Updater.exe - ok
12:08:00.0515 3960  [ 81D072F09D6243824F7DE6C4A430CFDE ] C:\Program Files\Norton 360\Engine\3.8.3.6\AVPAPP32.dll
12:08:00.0515 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\AVPAPP32.dll - ok
12:08:00.0515 3960  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
12:08:00.0515 3960  C:\WINDOWS\system32\linkinfo.dll - ok
12:08:00.0531 3960  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
12:08:00.0531 3960  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
12:08:00.0531 3960  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
12:08:00.0531 3960  C:\WINDOWS\system32\srsvc.dll - ok
12:08:00.0546 3960  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
12:08:00.0546 3960  C:\WINDOWS\system32\ntshrui.dll - ok
12:08:00.0546 3960  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
12:08:00.0546 3960  C:\WINDOWS\system32\wiaservc.dll - ok
12:08:00.0546 3960  [ 3199A477F0F06EEDE41BD55179F8EB05 ] C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
12:08:00.0546 3960  C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe - ok
12:08:00.0562 3960  [ 1CC20EC001AF2B896DF4E8601F20C3BE ] C:\Program Files\Norton 360\Engine\3.8.3.6\buUIPlg.dll
12:08:00.0562 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\buUIPlg.dll - ok
12:08:00.0562 3960  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
12:08:00.0562 3960  C:\WINDOWS\system32\trkwks.dll - ok
12:08:00.0578 3960  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
12:08:00.0578 3960  C:\WINDOWS\system32\mscms.dll - ok
12:08:00.0578 3960  [ AB0A7CA90D9E3D6A193905DC1715DED0 ] C:\WINDOWS\system32\wdfmgr.exe
12:08:00.0578 3960  C:\WINDOWS\system32\wdfmgr.exe - ok
12:08:00.0578 3960  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
12:08:00.0578 3960  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
12:08:00.0593 3960  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
12:08:00.0593 3960  C:\WINDOWS\system32\actxprxy.dll - ok
12:08:00.0593 3960  [ DFCFD79107AAF8676C93B828D1767067 ] C:\Program Files\Norton 360\Engine\3.8.3.6\coDataPr.dll
12:08:00.0593 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\coDataPr.dll - ok
12:08:00.0609 3960  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:08:00.0609 3960  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe - ok
12:08:00.0609 3960  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
12:08:00.0609 3960  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
12:08:00.0625 3960  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
12:08:00.0625 3960  C:\WINDOWS\system32\vssapi.dll - ok
12:08:00.0625 3960  [ DE515A126F211B054413C0BDD034B55D ] C:\Program Files\Norton 360\Engine\3.8.3.6\asOEHook.dll
12:08:00.0625 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\asOEHook.dll - ok
12:08:00.0640 3960  [ FE06336D43CEB0267D6A4C602736DE73 ] C:\Program Files\Norton 360\Engine\3.8.3.6\ccEmlPxy.dll
12:08:00.0640 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\ccEmlPxy.dll - ok
12:08:00.0640 3960  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
12:08:00.0640 3960  C:\WINDOWS\system32\wuauserv.dll - ok
12:08:00.0656 3960  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
12:08:00.0656 3960  C:\WINDOWS\system32\wuaueng.dll - ok
12:08:00.0656 3960  [ 00C143D93BDD790EFF4677BD6D7C0927 ] C:\Program Files\Norton 360\Engine\3.8.3.6\cltAlDis.dll
12:08:00.0656 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\cltAlDis.dll - ok
12:08:00.0656 3960  [ 860FAD57B4668A9F5F350A9D5444AE89 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
12:08:00.0656 3960  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
12:08:00.0671 3960  [ 3FBCF53FB4E70C2BAB7E22CF252A6019 ] C:\Program Files\Norton 360\MUI\3.8.0.41\09\01\cltRes.loc
12:08:00.0671 3960  C:\Program Files\Norton 360\MUI\3.8.0.41\09\01\cltRes.loc - ok
12:08:00.0687 3960  [ 643A8A3F3A94E7E6D0B41E9932D1013A ] C:\Program Files\Norton 360\Engine\3.8.3.6\SymRedir.dll
12:08:00.0687 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\SymRedir.dll - ok
12:08:00.0687 3960  [ 594FE8289EA3D62A27DE73D3F4FE23B1 ] C:\Program Files\Norton 360\Engine\3.8.3.6\FWSesAl.dll
12:08:00.0687 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\FWSesAl.dll - ok
12:08:00.0703 3960  [ E3EFA68B668A1DFE445E25A12CE985B4 ] C:\Program Files\Norton 360\Engine\3.8.3.6\buDataCl.dll
12:08:00.0703 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\buDataCl.dll - ok
12:08:00.0703 3960  [ B31A568075685F11B0883890DC541A2B ] C:\Program Files\Norton 360\Engine\3.8.3.6\AcctMgr.dll
12:08:00.0703 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\AcctMgr.dll - ok
12:08:00.0718 3960  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
12:08:00.0718 3960  C:\WINDOWS\system32\mspatcha.dll - ok
12:08:00.0718 3960  [ 3D70D8A2E84AF2E25C09954D0194389E ] C:\Program Files\Norton 360\Engine\3.8.3.6\buProv.dll
12:08:00.0718 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\buProv.dll - ok
12:08:00.0734 3960  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
12:08:00.0734 3960  C:\WINDOWS\system32\browser.dll - ok
12:08:00.0734 3960  [ BC87DB4759083525F96A159861670C5E ] C:\WINDOWS\system32\dinput.dll
12:08:00.0734 3960  C:\WINDOWS\system32\dinput.dll - ok
12:08:00.0750 3960  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
12:08:00.0750 3960  C:\WINDOWS\system32\ipnathlp.dll - ok
12:08:00.0750 3960  [ AD968A4F84266A45218F9EEE13ACA6C6 ] C:\Program Files\Norton 360\Engine\3.8.3.6\gwrks32.dll
12:08:00.0750 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\gwrks32.dll - ok
12:08:00.0765 3960  [ 23B5E7F5C4C71D7143A50DDF67071D7A ] C:\Program Files\Norton 360\Engine\3.8.3.6\SDKCmn.dll
12:08:00.0765 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\SDKCmn.dll - ok
12:08:00.0765 3960  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
12:08:00.0765 3960  C:\WINDOWS\system32\comsvcs.dll - ok
12:08:00.0781 3960  [ 6D16B419539602E71DC3078B6B906633 ] C:\Program Files\Norton 360\Engine\3.8.3.6\uiAlert.dll
12:08:00.0781 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\uiAlert.dll - ok
12:08:00.0781 3960  [ 818B229E35867F8A3762C904132F591F ] C:\Program Files\Norton 360\Engine\3.8.3.6\gearaw32.dll
12:08:00.0781 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\gearaw32.dll - ok
12:08:00.0781 3960  [ 1AFBDE72E62E51B30C0B0F47946CE0DB ] C:\Program Files\Norton 360\Engine\3.8.3.6\asFilter.dll
12:08:00.0781 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\asFilter.dll - ok
12:08:00.0796 3960  [ 471D9B5EA8F341A9D0ADD802C2D6B026 ] C:\Program Files\Norton 360\Engine\3.8.3.6\asUniPlg.dll
12:08:00.0796 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\asUniPlg.dll - ok
12:08:00.0796 3960  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
12:08:00.0796 3960  C:\WINDOWS\system32\colbact.dll - ok
12:08:00.0812 3960  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
12:08:00.0812 3960  C:\WINDOWS\system32\mtxclu.dll - ok
12:08:00.0812 3960  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
12:08:00.0812 3960  C:\WINDOWS\system32\resutils.dll - ok
12:08:00.0828 3960  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
12:08:00.0828 3960  C:\WINDOWS\system32\wups.dll - ok
12:08:00.0828 3960  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
12:08:00.0828 3960  C:\WINDOWS\system32\wups2.dll - ok
12:08:00.0843 3960  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
12:08:00.0843 3960  C:\WINDOWS\system32\wuauclt.exe - ok
12:08:00.0843 3960  [ EAC42C5C98AC7E90313065C195655161 ] C:\Program Files\Norton 360\Engine\3.8.3.6\AVMail.dll
12:08:00.0843 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\AVMail.dll - ok
12:08:00.0843 3960  [ C212BCCB07AD16B8C8D7ACD33CB2B761 ] C:\Program Files\Norton 360\Engine\3.8.3.6\NPC360ui.dll
12:08:00.0843 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\NPC360ui.dll - ok
12:08:00.0859 3960  [ 7C7DAC44271CC9BC18A35922DEED4559 ] C:\Program Files\Norton 360\Engine\3.8.3.6\cltui.dll
12:08:00.0859 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\cltui.dll - ok
12:08:00.0859 3960  [ 710F40CF88AA7A1FE5A15BA09EDB8DD7 ] C:\Program Files\Norton 360\Engine\3.8.3.6\SymHTML.dll
12:08:00.0859 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\SymHTML.dll - ok
12:08:00.0859 3960  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
12:08:00.0859 3960  C:\WINDOWS\system32\termsrv.dll - ok
12:08:00.0875 3960  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
12:08:00.0875 3960  C:\WINDOWS\system32\icaapi.dll - ok
12:08:00.0875 3960  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
12:08:00.0875 3960  C:\WINDOWS\system32\mstlsapi.dll - ok
12:08:00.0890 3960  [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
12:08:00.0890 3960  C:\WINDOWS\system32\usp10.dll - ok
12:08:00.0890 3960  [ C57C48FB9AE3EFB9848AF594E3123A63 ] C:\WINDOWS\system32\drivers\LVPr2Mon.sys
12:08:00.0890 3960  C:\WINDOWS\system32\drivers\LVPr2Mon.sys - ok
12:08:00.0890 3960  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
12:08:00.0890 3960  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
12:08:00.0906 3960  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
12:08:00.0906 3960  C:\WINDOWS\system32\wbem\esscli.dll - ok
12:08:00.0906 3960  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
12:08:00.0906 3960  C:\WINDOWS\system32\wbem\fastprox.dll - ok
12:08:00.0921 3960  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
12:08:00.0921 3960  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
12:08:00.0921 3960  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
12:08:00.0921 3960  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
12:08:00.0937 3960  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
12:08:00.0937 3960  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
12:08:00.0937 3960  [ BA527972762A3FD975CA2D7BCB467B76 ] C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll
12:08:00.0937 3960  C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll - ok
12:08:00.0953 3960  [ 6B184BDCECB71A4EB7081CF3C9196587 ] C:\Program Files\Norton 360\Engine\3.8.3.6\isPwd.dll
12:08:00.0953 3960  C:\Program Files\Norton 360\Engine\3.8.3.6\isPwd.dll - ok
12:08:00.0953 3960  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
12:08:00.0953 3960  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
12:08:00.0968 3960  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
12:08:00.0968 3960  C:\WINDOWS\system32\wbem\wbemess.dll - ok
12:08:00.0968 3960  [ C7000F2DB2A5515C64C257478769A481 ] C:\WINDOWS\system32\wbem\unsecapp.exe
12:08:00.0968 3960  C:\WINDOWS\system32\wbem\unsecapp.exe - ok
12:08:00.0984 3960  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
12:08:00.0984 3960  C:\WINDOWS\system32\alg.exe - ok
12:08:00.0984 3960  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
12:08:00.0984 3960  C:\WINDOWS\system32\netcfgx.dll - ok
12:08:01.0000 3960  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
12:08:01.0000 3960  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
12:08:01.0000 3960  [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
12:08:01.0000 3960  C:\WINDOWS\system32\licwmi.dll - ok
12:08:01.0015 3960  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
12:08:01.0015 3960  C:\WINDOWS\system32\wbem\framedyn.dll - ok
12:08:01.0015 3960  [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
12:08:01.0015 3960  C:\WINDOWS\system32\licdll.dll - ok
12:08:01.0031 3960  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
12:08:01.0031 3960  C:\WINDOWS\system32\wbem\ncprov.dll - ok
12:08:01.0031 3960  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
12:08:01.0031 3960  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
12:08:01.0046 3960  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
12:08:01.0046 3960  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
12:08:01.0046 3960  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
12:08:01.0046 3960  C:\WINDOWS\system32\msxml6.dll - ok
12:08:01.0046 3960  ============================================================
12:08:01.0046 3960  Scan finished
12:08:01.0046 3960  ============================================================
12:08:01.0078 3952  Detected object count: 0
12:08:01.0078 3952  Actual detected object count: 0
12:09:00.0828 0132  Deinitialize success
 

 

RKILL:

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/29/2013 12:12:02 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\WINDOWS\system32\Ati2evxx.exe (PID: 1192) [WD-HEUR]
 * C:\WINDOWS\system32\Ati2evxx.exe (PID: 1800) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * System Restore Disabled

   [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
   "DisableSR" = dword:00000001

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

 * System Restore Service (srservice) is not Running.
   Startup Type set to: Automatic

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Disabled

 * System Restore Filter Driver (sr) is not Running.
   Startup Type set to: Disabled

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1       localhost
  127.0.0.1    www.007guard.com
  127.0.0.1    007guard.com
  127.0.0.1    008i.com
  127.0.0.1    www.008k.com
  127.0.0.1    008k.com
  127.0.0.1    www.00hq.com
  127.0.0.1    00hq.com
  127.0.0.1    010402.com
  127.0.0.1    www.032439.com
  127.0.0.1    032439.com
  127.0.0.1    www.0scan.com
  127.0.0.1    0scan.com
  127.0.0.1    www.1000gratisproben.com
  127.0.0.1    1000gratisproben.com
  127.0.0.1    1001namen.com
  127.0.0.1    www.1001namen.com
  127.0.0.1    100888290cs.com
  127.0.0.1    www.100888290cs.com
  127.0.0.1    www.100sexlinks.com

  20 out of 15348 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 03/29/2013 12:12:31 PM
Execution time: 0 hours(s), 0 minute(s), and 29 seconds(s)
 

 

ESET:

 

Operating memory    probably a variant of Win32/Ponmocup.AA trojan
 

 

JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.3 (03.23.2013:1)
OS: Microsoft Windows XP x86
Ran by Owner on Fri 03/29/2013 at 13:26:51.59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\searchprotection
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{3bd44f0e-0596-4008-aee0-45d47e3a8f0e}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afbcb7e0-f91a-4951-9f31-58fee57a25c4}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afbcb7e0-f91a-4951-9f31-58fee57a25c4}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\search protection"
Successfully deleted: [Folder] "C:\Documents and Settings\Owner\Application Data\registry mechanic"
Successfully deleted: [Folder] "C:\Documents and Settings\Owner\Local Settings\Application Data\adawarebp"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 03/29/2013 at 13:34:51.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:01 PM

Posted 29 March 2013 - 02:03 PM

Malwarebytes

Please download Malwarebytes Anti-Malware and save it to your desktop. If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

===================================================

Farbar's MiniToolBox


  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply

===================================================

Farbar's Service Scanner

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

===================================================

AdwCleaner by Xplode - Search for Adware

  • Please download AdwCleaner by Xplode onto your desktop.
  • Security softwares may flag it as malicious.This is a false positive and can be ignored.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • Click YES if you receive a warning for reboot
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well

===================================================

Autoruns
 

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply



  • Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Autoruns log


#5 kephyr

kephyr
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:04:01 PM

Posted 29 March 2013 - 03:11 PM

Here are the logs:

 

MalwareBytes:

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.29.13

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: E92920843E074B4 [administrator]

3/29/2013 3:39:45 PM
mbam-log-2013-03-29 (15-39-45).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 226018
Time elapsed: 2 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 

MiniToolBox:

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Owner (administrator) on 29-03-2013 at 15:47:39
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 4

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com

There are 15328 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : e92920843e074b4

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

        Physical Address. . . . . . . . . : 00-1A-A0-34-55-E7

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 10.1.10.24

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 10.1.10.1

        DHCP Server . . . . . . . . . . . : 10.1.10.1

        DNS Servers . . . . . . . . . . . : 10.1.10.1

        Lease Obtained. . . . . . . . . . : Friday, March 29, 2013 12:06:36 PM

        Lease Expires . . . . . . . . . . : Friday, April 05, 2013 12:06:36 PM

Server:  UnKnown
Address:  10.1.10.1

Name:    google.com
Addresses:  74.125.226.232, 74.125.226.233, 74.125.226.238, 74.125.226.226
      74.125.226.227, 74.125.226.229, 74.125.226.224, 74.125.226.231, 74.125.226.225
      74.125.226.230, 74.125.226.228



Pinging google.com [74.125.226.228] with 32 bytes of data:



Reply from 74.125.226.228: bytes=32 time=20ms TTL=54

Reply from 74.125.226.228: bytes=32 time=22ms TTL=54



Ping statistics for 74.125.226.228:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 20ms, Maximum = 22ms, Average = 21ms

Server:  UnKnown
Address:  10.1.10.1

Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 206.190.36.45



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=693ms TTL=48

Reply from 206.190.36.45: bytes=32 time=784ms TTL=48



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 693ms, Maximum = 784ms, Average = 738ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1a a0 34 55 e7 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0        10.1.10.1      10.1.10.24      20
        10.1.10.0    255.255.255.0       10.1.10.24      10.1.10.24      20
       10.1.10.24  255.255.255.255        127.0.0.1       127.0.0.1      20
   10.255.255.255  255.255.255.255       10.1.10.24      10.1.10.24      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0       10.1.10.24      10.1.10.24      20
        224.0.0.0        240.0.0.0       10.1.10.24      10.1.10.24      20
  255.255.255.255  255.255.255.255       10.1.10.24      10.1.10.24      1
Default Gateway:         10.1.10.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/29/2013 09:31:51 AM) (Source: MsiInstaller) (User: E92920843E074B4)
Description: Product: Ad-Aware -- Error 1706. An installation package for the product Ad-Aware cannot be found. Try the installation again using a valid copy of the installation package 'Ad-AwareInstallation.msi'.

Error: (03/28/2013 08:02:44 PM) (Source: MsiInstaller) (User: E92920843E074B4)
Description: The installation of C:\NHCS Downloads\HiJackThis\HiJackThis.msi is not permitted due to an error in software restriction policy processing. The object cannot be trusted.

Error: (03/28/2013 08:02:21 PM) (Source: MsiInstaller) (User: E92920843E074B4)
Description: The installation of C:\NHCS Downloads\HiJackThis\HiJackThis.msi is not permitted due to an error in software restriction policy processing. The object cannot be trusted.

Error: (03/28/2013 07:17:07 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot set the background refresh timer for Group Policy. WaitForMultipleObjects (Access is denied. ). Group Policy processing aborted.

Error: (03/18/2013 03:55:49 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x033bfd98.
Processing media-specific event for [iexplore.exe!ws!]

Error: (02/27/2013 08:09:51 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 19.0.0.4794, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/27/2013 08:09:15 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 19.0.0.4794, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/20/2013 06:42:33 PM) (Source: Application Hang) (User: )
Description: Hanging application Skype.exe, version 6.0.0.126, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/20/2013 06:42:19 PM) (Source: Application Hang) (User: )
Description: Hanging application Skype.exe, version 6.0.0.126, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/06/2013 11:44:05 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18110


System errors:
=============
Error: (03/29/2013 00:12:04 PM) (Source: Service Control Manager) (User: )
Description: The Ati HotKey Poller service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/28/2013 08:08:39 PM) (Source: Service Control Manager) (User: )
Description: The Ati HotKey Poller service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/28/2013 08:05:18 PM) (Source: Service Control Manager) (User: )
Description: The Application Layer Gateway Service service failed to start due to the following error:
%%1053

Error: (03/28/2013 08:05:18 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.

Error: (03/28/2013 08:03:04 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/28/2013 08:02:37 PM) (Source: DCOM) (User: E92920843E074B4)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/28/2013 06:54:15 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (03/28/2013 06:54:11 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (03/28/2013 05:55:48 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2

Error: (03/28/2013 05:55:24 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2


Microsoft Office Sessions:
=========================
Error: (03/29/2013 09:31:51 AM) (Source: MsiInstaller)(User: E92920843E074B4)
Description: Product: Ad-Aware -- Error 1706. An installation package for the product Ad-Aware cannot be found. Try the installation again using a valid copy of the installation package 'Ad-AwareInstallation.msi'.(NULL)(NULL)(NULL)

Error: (03/28/2013 08:02:44 PM) (Source: MsiInstaller)(User: E92920843E074B4)
Description: C:\NHCS Downloads\HiJackThis\HiJackThis.msi(NULL)(NULL)(NULL)

Error: (03/28/2013 08:02:21 PM) (Source: MsiInstaller)(User: E92920843E074B4)
Description: C:\NHCS Downloads\HiJackThis\HiJackThis.msi(NULL)(NULL)(NULL)

Error: (03/28/2013 07:17:07 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: WaitForMultipleObjectsAccess is denied.

Error: (03/18/2013 03:55:49 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.0033bfd98

Error: (02/27/2013 08:09:51 PM) (Source: Application Hang)(User: )
Description: firefox.exe19.0.0.4794hungapp0.0.0.000000000

Error: (02/27/2013 08:09:15 PM) (Source: Application Hang)(User: )
Description: firefox.exe19.0.0.4794hungapp0.0.0.000000000

Error: (01/20/2013 06:42:33 PM) (Source: Application Hang)(User: )
Description: Skype.exe6.0.0.126hungapp0.0.0.000000000

Error: (01/20/2013 06:42:19 PM) (Source: Application Hang)(User: )
Description: Skype.exe6.0.0.126hungapp0.0.0.000000000

Error: (01/06/2013 11:44:05 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18110


=========================== Installed Programs ============================

5600 (Version: 50.0.206.000)
5600_Help (Version: 50.0.206.000)
5600Trb (Version: 50.0.206.000)
Ad-Aware Browsing Protection (Version: 1.0.1.94)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Panorama Maker 4
ATI - Software Uninstall Utility (Version: 6.14.10.1017)
ATI Display Driver (Version: 8.401-070815m-052428C-Dell)
att.net Internet Mail
att.net Toolbar
Bonjour (Version: 3.0.0.10)
Broadcom 440x 10/100 Integrated Controller (Version: 10.04.01)
BufferChm (Version: 53.0.13.000)
CDDRV_Installer (Version: 4.60)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
Destinations (Version: 53.0.13.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 5.2.0.0)
EasyBits GO
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 50.0.206.000)
File Uploader (Version: 1.2.1)
FlipShare (Version: 5.8.11.0)
Google Chrome (Version: 25.0.1364.172)
Google Update Helper (Version: 1.3.21.135)
HP Image Zone Express (Version: 1.5.1.29)
HP Imaging Device Functions 5.3 (Version: 5.3)
HP PSC & OfficeJet 5.3.B
HP Software Update (Version: 3.0.5.001)
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HPProductAssistant (Version: 53.0.13.000)
iLinc Client
iTunes (Version: 10.5.1.42)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
KhalInstallWrapper (Version: 4.60.122)
Logitech Desktop Messenger (Version: 2.01.02)
Logitech Harmony Remote Software 7 (Version: 7.6.0.8)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Logitech SetPoint (Version: 4.60)
Logitech Vid (Version: 1.00.1062)
Logitech Webcam Software (Version: 12.00.1280)
Logitech Webcam Software Driver Package (Version: 12.0.1278)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 19.0.2 (x86 en-US) (Version: 19.0.2)
Mozilla Maintenance Service (Version: 19.0.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
NewCopy (Version: 50.0.206.000)
Nikon Message Center (Version: 0.92.000)
Nikon Transfer (Version: 1.5.0)
Norton 360 (Version: 3.8.3.6)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Photodex Presenter
Picture Control Utility (Version: 1.1.6)
ProductContext (Version: 50.0.206.000)
QuickBooks (Version: 20.0.4001.807)
QuickBooks Pro 2010 (Version: 20.0.4001.807)
Quicken 2010 (Version: 19.1.1.27)
QuickTime (Version: 7.71.80.42)
Readme (Version: 50.0.206.000)
Remote Control USB Driver (Version: 2.3.2.317)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.5.0)
Roxio Creator Copy (Version: 3.5.0)
Roxio Creator Data (Version: 3.5.0)
Roxio Creator DE (Version: 3.5.0)
Roxio Creator Tools (Version: 3.5.0)
Roxio Drag-to-Disc (Version: 9.1)
Roxio Express Labeler 3 (Version: 3.2.1)
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
Skype Click to Call (Version: 5.6.8442)
Skype™ 6.1 (Version: 6.1.129)
SolutionCenter (Version: 50.0.152.000)
Sonic CinePlayer Decoder Pack (Version: 4.2.0)
Sonic Update Manager (Version: 2.9)
SoundMAX (Version: 5.10.01.4541)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 53.0.13.000)
swMSM (Version: 12.0.0.1)
TomTom HOME 2.8.3.2499 (Version: 2.8.3.2499)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
TrayApp (Version: 53.0.13.000)
Unload (Version: 5.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
ViewNX (Version: 1.4.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
Windows XP Service Pack 3 (Version: 20080414.031525)
Yahoo! Software Update

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 2013.9 MB
Available physical RAM: 1285.89 MB
Total Pagefile: 3906.58 MB
Available Pagefile: 3444.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.62 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:434.03 GB) NTFS
4 Drive f: (TRAVELDRIVE) (Removable) (Total:0.23 GB) (Free:0.22 GB) FAT32

========================= Users: ========================================

User accounts for \\E92920843E074B4

Administrator            Guest                    HelpAssistant            
Owner                    SUPPORT_388945a0         


**** End of log ****
 

 

 

FSS:

 

Farbar Service Scanner Version: 03-03-2013
Ran by Owner (administrator) on 29-03-2013 at 15:53:08
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice: "C:\WINDOWS\system32\srsvc.dll".

sr Service is not running. Checking service configuration:
The start type of sr service is set to Disabled. The default start type is Boot.
The ImagePath of sr: "\SystemRoot\system32\DRIVERS\sr.sys".


System Restore Disabled Policy:
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=DWORD:1


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2010-01-15 01:55] - [2008-04-14 06:42] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2004-08-12 09:28] - [2009-02-06 07:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SYMTDI(8) Tcpip(4)
0x080000000500000001000000020000000300000004000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****

 

 

AdwCleaner:

 

# AdwCleaner v2.115 - Logfile created 03/29/2013 at 15:59:53
# Updated 17/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - E92920843E074B4
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xk9pl1g7.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v25.0.1364.172

File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.29] : search_url = "hxxp://lavasoft.blekko.com/ws/?source=f439e2c0&tbp=rbox&toolbarid=adawaretb&u=9[...]

*************************

AdwCleaner[R2].txt - [1613 octets] - [29/03/2013 15:58:24]
AdwCleaner[R3].txt - [1673 octets] - [29/03/2013 15:59:42]
AdwCleaner[S2].txt - [1453 octets] - [29/03/2013 15:59:53]

########## EOF - C:\AdwCleaner[S2].txt - [1513 octets] ##########
 

 

 

Autoruns:

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "3/29/2013 12:03 PM"
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\arm\1.0\adobearm.exe"    "12/3/2012 3:34 AM"
+ "HP Software Update"    "Hewlett-Packard Product Assistant"    "Hewlett-Packard Co."    "c:\program files\hp\hp software update\hpwuschd2.exe"    "5/12/2005 2:12 AM"
+ "Intuit SyncManager"    "IntuitSyncManager"    "Intuit Inc. All rights reserved."    "c:\program files\common files\intuit\sync\intuitsyncmanager.exe"    "8/31/2009 2:32 AM"
+ "Kernel and Hardware Abstraction Layer"    "Logitech KHAL Main Process"    "Logitech, Inc."    "c:\windows\khalmnpr.exe"    "2/29/2008 6:00 AM"
+ "LogitechQuickCamRibbon"    "Camera Software"    "Logitech Inc."    "c:\program files\logitech\logitech webcam software\lws.exe"    "5/8/2009 1:31 PM"
+ "SoundMAXPnP"    "SMax4PNP"    "Analog Devices, Inc."    "c:\program files\analog devices\core\smax4pnp.exe"    "5/1/2006 12:07 PM"
+ "SunJavaUpdateSched"    "Java™ Update Scheduler"    "Sun Microsystems, Inc."    "c:\program files\common files\java\java update\jusched.exe"    "7/3/2012 12:04 PM"
+ "UpdateManager"    "Sonic Update Manager"    "Sonic Solutions"    "c:\program files\common files\sonic\update manager\sgtray.exe"    "8/19/2003 3:25 PM"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup"    ""    ""    ""    "11/3/2010 9:46 AM"
+ "HP Digital Imaging Monitor.lnk"    "HP Digital Imaging Monitor"    "Hewlett-Packard Co."    "c:\program files\hp\digital imaging\bin\hpqtra08.exe"    "5/12/2005 2:23 AM"
+ "Logitech SetPoint.lnk"    "Logitech SetPoint Event Manager (UNICODE)"    "Logitech, Inc."    "c:\program files\logitech\setpoint\setpoint.exe"    "5/2/2008 4:43 AM"
+ "QuickBooks Update Agent.lnk"    "QuickBooks Automatic Update"    "Intuit Inc."    "c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe"    "9/3/2009 3:39 AM"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "3/29/2012 3:06 AM"
+ "Address Book 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"    "4/13/2008 2:30 PM"
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files\google\chrome\application\25.0.1364.172\installer\chrmstp.exe"    "3/10/2013 6:19 PM"
+ "Microsoft Outlook Express 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"    "4/13/2008 2:30 PM"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "11/18/2011 2:57 PM"
+ "ISUSPM"    "Macrovision Software Manager"    "Macrovision Corporation"    "c:\program files\common files\installshield\updateservice\isuspm.exe"    "9/11/2006 5:39 AM"
+ "Skype"    "Skype "    "Skype Technologies S.A."    "c:\program files\skype\phone\skype.exe"    "1/8/2013 8:55 AM"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""    "1/15/2010 1:56 AM"
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office11\msoxmlmf.dll"    "4/13/2007 6:22 PM"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""    "1/15/2010 1:56 AM"
+ "bw+0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw+0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw-0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw-0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw00"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw00s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw10"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw10s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw20"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw20s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw30"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw30s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw40"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw40s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw50"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw50s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw60"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw60s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw70"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw70s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw80"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw80s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw90"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw90s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwa0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwa0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwb0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwb0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwc0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwc0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwd0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwd0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwe0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwe0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwf0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwf0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwfile-8876480"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\gaplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwg0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwg0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwh0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwh0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwi0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwi0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwj0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwj0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwk0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwk0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwl0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwl0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwm0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwm0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwn0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwn0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwo0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwo0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwp0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwp0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwq0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwq0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwr0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwr0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bws0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bws0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwt0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwt0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwu0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwu0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwv0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwv0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bww0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bww0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwx0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwx0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwy0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwy0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwz0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwz0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "intu-help-qb3"    "QuickBooks Assistance Library"    "Intuit, Inc."    "c:\program files\intuit\quickbooks 2010\helpasyncpluggableprotocol.dll"    "9/3/2009 4:12 AM"
+ "mso-offdap"    "Microsoft Office XP Web Components"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\web components\10\owc10.dll"    "5/14/2009 10:43 PM"
+ "mso-offdap11"    "Microsoft Office Web Components 2003"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\web components\11\owc11.dll"    "3/24/2009 8:45 PM"
+ "offline-8876480"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "skype-ie-addon-data"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"    "10/10/2011 5:52 AM"
+ "skype4com"    "Skype for COM API"    "Skype Technologies"    "c:\program files\common files\skype\skype4com.dll"    "11/3/2011 6:19 AM"
+ "symres"    "coIEPlugIn"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\coieplg.dll"    "4/12/2010 12:58 PM"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"    ""    ""    ""    "3/24/2013 8:04 PM"
+ "0"    ""    ""    "File not found: About:Home"    ""
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/14/2010 8:40 PM"
+ "BUContextMenu"    "Backup Shell"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\bushell.dll"    "12/14/2009 4:32 PM"
+ "LavasoftShellExt"    ""    ""    "File not found: C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"    ""
+ "Symantec.Norton.Antivirus.IEContextMenu"    "Symantec Shared Component Shell Extension Module"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\navshext.dll"    "9/21/2011 7:32 PM"
+ "Yahoo! Mail"    "Yahoo! Mail"    "Yahoo! Inc."    "c:\program files\yahoo!\common\ymmapi.dll"    "6/25/2007 5:00 PM"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers"    ""    ""    ""    "1/14/2010 8:40 PM"
+ "BuPropertySheet"    "Backup Shell"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\bushell.dll"    "12/14/2009 4:32 PM"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/15/2010 1:56 AM"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"    "12/14/2012 4:52 PM"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""    "2/20/2010 10:22 AM"
+ "Roxio DragToDisc Shell Extension"    "DirectCD Shell Extention DLL"    "Roxio"    "c:\program files\roxio\drag-to-disc\shellex.dll"    "7/27/2007 6:46 PM"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers"    ""    ""    ""    "2/20/2010 10:22 AM"
+ "Roxio DragToDisc Shell Extension"    "DirectCD Shell Extention DLL"    "Roxio"    "c:\program files\roxio\drag-to-disc\shellex.dll"    "7/27/2007 6:46 PM"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""    "1/15/2010 1:56 AM"
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"    "12/18/2012 2:06 PM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/15/2010 1:56 AM"
+ "BUContextMenu"    "Backup Shell"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\bushell.dll"    "12/14/2009 4:32 PM"
+ "LavasoftShellExt"    ""    ""    "File not found: C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"    "12/14/2012 4:52 PM"
+ "Symantec.Norton.Antivirus.IEContextMenu"    "Symantec Shared Component Shell Extension Module"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\navshext.dll"    "9/21/2011 7:32 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""    "3/28/2013 11:52 AM"
+ "OverlayExcluded"    "Backup Shell"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\bushell.dll"    "12/14/2009 4:32 PM"
+ "OverlayPending"    "Backup Shell"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\bushell.dll"    "12/14/2009 4:32 PM"
+ "OverlayProtected"    "Backup Shell"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\bushell.dll"    "12/14/2009 4:32 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""    "3/28/2013 11:52 AM"
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"    "9/23/2012 10:24 PM"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jp2ssv.dll"    "3/1/2013 9:51 AM"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\ssv.dll"    "3/1/2013 9:50 AM"
+ "SingleInstance Class"    "Yahoo! Single Instance for Mail"    "Yahoo! Inc"    "c:\program files\yahoo!\companion\installs\cpn\ytsingleinstance.dll"    "9/24/2011 10:35 PM"
+ "Skype Browser Helper"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"    "10/10/2011 5:52 AM"
+ "Symantec Intrusion Prevention"    "IPS Browser Helper DLL"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\ipsbho.dll"    "7/8/2009 8:57 PM"
+ "Symantec NCO BHO"    "coIEPlugIn"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\coieplg.dll"    "4/12/2010 12:58 PM"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""    "3/28/2013 11:52 AM"
+ "Norton Toolbar"    "coIEPlugIn"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\coieplg.dll"    "4/12/2010 12:58 PM"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""    "3/28/2013 11:52 AM"
+ "Skype Click to Call"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"    "10/10/2011 5:52 AM"
"Task Scheduler"    ""    ""    ""    ""
+ "Ad-Aware Update (Weekly).job"    ""    ""    "File not found: C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent"    ""
+ "Adobe Flash Player Updater.job"    "Adobe® Flash® Player Update Service 11.6 r602"    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"    "2/28/2013 10:40 PM"
+ "AppleSoftwareUpdate.job"    "Apple Software Update"    "Apple Inc."    "c:\program files\apple software update\softwareupdate.exe"    "6/1/2011 8:46 PM"
+ "BVID.job"    ""    ""    "c:\windows\system32\untfsu.dll"    ""
+ "GoogleUpdateTaskMachineCore.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "3/9/2010 2:10 AM"
+ "GoogleUpdateTaskMachineUA.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "3/9/2010 2:10 AM"
+ "OGALogon.job"    ""    ""    "c:\windows\system32\ogaexec.exe"    "8/3/2009 5:54 PM"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "3/29/2013 4:05 PM"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"    "2/28/2013 10:40 PM"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"    "9/6/2011 9:55 PM"
+ "Ati HotKey Poller"    "ATI External Event Utility EXE Module"    "ATI Technologies Inc."    "c:\windows\system32\ati2evxx.exe"    "7/27/2007 11:21 PM"
+ "ATI Smart"    "ATI Smart"    ""    "c:\windows\system32\ati2sgag.exe"    "7/27/2007 11:20 PM"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"    "8/31/2011 1:40 AM"
+ "FlipShare Service"    "FlipShare Service"    ""    "c:\program files\flip video\flipshare\flipshareservice.exe"    "9/18/2010 12:14 AM"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "3/9/2010 2:10 AM"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "3/9/2010 2:10 AM"
+ "IDriverT"    "Provides support for the Running Object Table for InstallShield Drivers"    "Macrovision Corporation"    "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe"    "4/4/2005 1:41 AM"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"    "11/13/2011 3:47 AM"
+ "JavaQuickStarterService"    "Prefetches JRE files for faster startup of Java applets and applications"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jqs.exe"    "3/1/2013 9:45 AM"
+ "LBTServ"    "Logitech Bluetooth Service"    "Logitech, Inc."    "c:\program files\common files\logitech\bluetooth\lbtserv.exe"    "5/2/2008 5:18 AM"
+ "LVPrcSrv"    "Injector service"    "Logitech Inc."    "c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe"    "4/30/2009 6:42 PM"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files\mozilla maintenance service\maintenanceservice.exe"    "3/7/2013 8:32 AM"
+ "N360"    "Norton 360"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\ccsvchst.exe"    "8/10/2011 11:21 PM"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\source engine\ose.exe"    "7/27/2003 12:52 PM"
+ "pcCMService"    "mcci+McciCMService"    "Alcatel-Lucent"    "c:\program files\common files\motive\pccmservice.exe"    "6/17/2011 3:31 PM"
+ "Pml Driver HPZ12"    "PML Driver"    "HP"    "c:\windows\system32\hpzipm12.exe"    "9/29/2004 2:44 AM"
+ "QBCFMonitorService"    "QuickBooks Company File Monitoring Service"    "Intuit"    "c:\program files\common files\intuit\quickbooks\qbcfmonitorservice.exe"    "9/3/2009 4:07 AM"
+ "QBFCService"    "QuickBooks FCS module"    "Intuit Inc."    "c:\program files\common files\intuit\quickbooks\fcs\intuit.quickbooks.fcs.exe"    "7/24/2009 12:10 AM"
+ "SkypeUpdate"    "Enables the detection, download and installation of updates for Skype."    "Skype Technologies"    "c:\program files\skype\updater\updater.exe"    "1/8/2013 8:55 AM"
+ "stllssvr"    "SureThing Labelflash Disc Printer Service Module"    "MicroVision Development, Inc."    "c:\program files\common files\surething shared\stllssvr.exe"    "4/20/2007 4:00 PM"
+ "TomTomHOMEService"    "TomTom Home Service for ejecting devices"    "TomTom"    "c:\program files\tomtom home 2\tomtomhomeservice.exe"    "1/23/2012 12:37 AM"
+ "YahooAUService"    "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements."    "Yahoo! Inc."    "c:\program files\yahoo!\softwareupdate\yahooauservice.exe"    "11/9/2008 4:47 PM"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "3/29/2013 4:05 PM"
+ "ADIHdAudAddService"    "High Definition Audio Function Driver"    "Analog Devices, Inc."    "c:\windows\system32\drivers\adihdaud.sys"    "5/22/2006 4:40 PM"
+ "ati2mtag"    "ATI Radeon WindowsNT Miniport Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\ati2mtag.sys"    "7/27/2007 11:30 PM"
+ "atiide"    "ATI SATA(IDE Mode) Controller Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\atiide.sys"    "9/7/2006 4:37 PM"
+ "bcm4sbxp"    "Broadcom Corporation NDIS 5.1 ethernet driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcm4sbxp.sys"    "11/21/2006 8:25 AM"
+ "BHDrvx86"    "BASH Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\bhdrvx86.sys"    "7/29/2009 8:44 PM"
+ "ccHP"    "Common Client Hash Provider Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\cchpx86.sys"    "7/20/2011 12:06 AM"
+ "Changer"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"    ""
+ "DLABMFSM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlabmfsm.sys"    "7/23/2007 6:02 PM"
+ "DLABOIOM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlaboiom.sys"    "7/23/2007 6:02 PM"
+ "DLACDBHM"    "Shared Driver Component"    "Roxio"    "c:\windows\system32\drivers\dlacdbhm.sys"    "7/23/2007 5:49 PM"
+ "DLADResM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dladresm.sys"    "7/23/2007 6:04 PM"
+ "DLAIFS_M"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlaifs_m.sys"    "7/23/2007 6:01 PM"
+ "DLAOPIOM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlaopiom.sys"    "7/23/2007 6:03 PM"
+ "DLAPoolM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlapoolm.sys"    "7/23/2007 6:01 PM"
+ "DLARTL_M"    "Shared Driver Component"    "Roxio"    "c:\windows\system32\drivers\dlartl_m.sys"    "7/23/2007 5:48 PM"
+ "DLAUDF_M"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlaudf_m.sys"    "7/23/2007 6:01 PM"
+ "DLAUDFAM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlaudfam.sys"    "7/23/2007 6:02 PM"
+ "DRVMCDB"    "Device Driver"    "Sonic Solutions"    "c:\windows\system32\drivers\drvmcdb.sys"    "7/23/2007 5:53 PM"
+ "DRVNDDM"    "Device Driver Manager"    "Roxio"    "c:\windows\system32\drivers\drvnddm.sys"    "7/23/2007 5:42 PM"
+ "eeCtrl"    "Symantec Eraser Control Driver"    "Symantec Corporation"    "c:\program files\common files\symantec shared\eengine\eectrl.sys"    "7/31/2012 7:33 PM"
+ "EraserUtilRebootDrv"    "Symantec Eraser Utility Driver"    "Symantec Corporation"    "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys"    "7/31/2012 7:33 PM"
+ "FilterService"    "Logitech USB Video Class Filter Driver"    "Logitech Inc."    "c:\windows\system32\drivers\lvuvcflt.sys"    "4/30/2009 6:41 PM"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"    "5/18/2009 8:16 AM"
+ "gfibto"    "GFI Boot Time Operations Driver"    "GFI Software"    "c:\windows\system32\drivers\gfibto.sys"    "9/1/2011 9:29 PM"
+ "HDAudBus"    "High Definition Audio Bus Driver v1.0a"    "Windows ® Server 2003 DDK provider"    "c:\windows\system32\drivers\hdaudbus.sys"    "5/26/2005 11:46 AM"
+ "HPZid412"    "IEEE-1284.4-1999 Driver (Windows 2000)"    "HP"    "c:\windows\system32\drivers\hpzid412.sys"    "9/29/2004 2:41 AM"
+ "HPZipr12"    "IEEE-1284.4-1999 Print Class Driver"    "HP"    "c:\windows\system32\drivers\hpzipr12.sys"    "9/29/2004 2:41 AM"
+ "HPZius12"    "1284.4<->Usb Datalink Driver (Windows 2000)"    "HP"    "c:\windows\system32\drivers\hpzius12.sys"    "9/29/2004 2:40 AM"
+ "i2omgmt"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"    ""
+ "IDSxpx86"    "Symantec Intrusion Prevention Driver"    "Symantec Corporation"    "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20130328.001\idsxpx86.sys"    "8/28/2012 10:48 PM"
+ "Lbd"    "Ad-Aware mini-filter driver"    "Lavasoft AB"    "c:\windows\system32\drivers\lbd.sys"    "5/25/2010 3:45 AM"
+ "lbrtfdc"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"    ""
+ "LHidFilt"    "Logitech HID Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lhidfilt.sys"    "2/29/2008 6:08 AM"
+ "LHidKe"    "Logitech HID Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lhidke.sys"    "1/20/2006 10:03 PM"
+ "LHidUsbK"    "Logitech SetPoint USB Receiver"    "Logitech, Inc."    "c:\windows\system32\drivers\lhidusbk.sys"    "1/20/2006 10:02 PM"
+ "LMouFilt"    "Logitech Mouse Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lmoufilt.sys"    "2/29/2008 6:08 AM"
+ "LMouKE"    "Logitech Filter Driver for Mouse Class."    "Logitech, Inc."    "c:\windows\system32\drivers\lmouke.sys"    "1/20/2006 10:03 PM"
+ "LUsbFilt"    "Logitech USB Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lusbfilt.sys"    "2/29/2008 6:08 AM"
+ "LVPr2Mon"    "Logitech ProcMon Driver"    "Logitech Inc."    "c:\windows\system32\drivers\lvpr2mon.sys"    "4/30/2009 6:42 PM"
+ "LVRS"    "Logitech Kernel Audio Improvement Filter Driver"    "Logitech Inc."    "c:\windows\system32\drivers\lvrs.sys"    "4/30/2009 6:43 PM"
+ "LVUVC"    "Logitech USB Video Class Driver"    "Logitech Inc."    "c:\windows\system32\drivers\lvuvc.sys"    "4/30/2009 6:43 PM"
+ "MREMP50"    "PCAUSA NDIS 5.0 MPR Protocol Driver"    "Printing Communications Assoc., Inc. (PCAUSA)"    "c:\program files\common files\motive\mremp50.sys"    "11/19/2005 4:13 AM"
+ "MREMPR5"    ""    ""    "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS"    ""
+ "MRENDIS5"    ""    ""    "File not found: C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS"    ""
+ "MRESP50"    "PCAUSA NDIS 5.0 SPR Protocol Driver"    "Printing Communications Assoc., Inc. (PCAUSA)"    "c:\program files\common files\motive\mresp50.sys"    "11/19/2005 4:13 AM"
+ "NAVENG"    "AV Engine"    "Symantec Corporation"    "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20130329.004\naveng.sys"    "12/20/2012 4:39 AM"
+ "NAVEX15"    "AV Engine"    "Symantec Corporation"    "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20130329.004\navex15.sys"    "12/20/2012 4:37 AM"
+ "PCIDump"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"    ""
+ "PDCOMP"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"    ""
+ "PDFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"    ""
+ "PDRELI"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"    ""
+ "PDRFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"    ""
+ "Ptilink"    "Direct Parallel Link Driver"    "Parallel Technologies, Inc."    "c:\windows\system32\drivers\ptilink.sys"    "8/17/2001 4:49 PM"
+ "PxHelp20"    "Px Engine Device Driver for Windows 2000/XP"    "Sonic Solutions"    "c:\windows\system32\drivers\pxhelp20.sys"    "3/12/2008 9:57 PM"
+ "Secdrv"    "SafeDisc driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"    "9/13/2006 9:18 AM"
+ "SenFiltService"    "Sensaura WDM 3D Audio Driver"    "Sensaura"    "c:\windows\system32\drivers\senfilt.sys"    "3/13/2006 12:40 PM"
+ "SRTSP"    "Symantec AutoProtect"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\srtsp.sys"    "6/22/2009 10:12 PM"
+ "SRTSPX"    "Symantec AutoProtect"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\srtspx.sys"    "6/22/2009 10:15 PM"
+ "SymEFA"    "Symantec Extended File Attributes"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\symefa.sys"    "6/23/2009 5:50 PM"
+ "SymEvent"    "Symantec Event Library"    "Symantec Corporation"    "c:\windows\system32\drivers\symevent.sys"    "6/24/2009 4:14 PM"
+ "SYMFW"    "Firewall Filter Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\symfw.sys"    "6/20/2011 8:57 PM"
+ "SYMIDS"    "IDS Filter Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\symids.sys"    "6/20/2011 8:57 PM"
+ "SymIM"    "NDIS Intermediate Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\symim.sys"    "6/22/2009 7:01 PM"
+ "SymIMMP"    "NDIS Intermediate Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\symim.sys"    "6/22/2009 7:01 PM"
+ "SYMNDIS"    "NDIS Filter Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\symndis.sys"    "6/20/2011 8:56 PM"
+ "SYMTDI"    "Network Dispatch Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\symtdi.sys"    "6/20/2011 8:56 PM"
+ "USBAAPL"    "Apple Mobile Device USB Driver"    "Apple, Inc."    "c:\windows\system32\drivers\usbaapl.sys"    "4/28/2011 2:25 PM"
+ "WDICA"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"    ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "3/29/2013 3:59 PM"
+ "msacm.iac2"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"    "4/13/2008 8:09 PM"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"    "1/29/2010 10:43 AM"
+ "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\system32\sl_anet.acm"    "4/13/2008 8:11 PM"
+ "msacm.trspch"    "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\system32\tssoft32.acm"    "8/18/2001 1:35 AM"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"    "6/17/2010 10:03 AM"
+ "VIDC.I420"    "Video Codec"    "Logitech Inc."    "c:\windows\system32\lvcodec2.dll"    "4/30/2009 6:43 PM"
+ "vidc.iv31"    ""    ""    "c:\windows\system32\ir32_32.dll"    "8/18/2001 1:33 AM"
+ "vidc.iv32"    ""    ""    "c:\windows\system32\ir32_32.dll"    "8/18/2001 1:33 AM"
+ "vidc.iv41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 8:10 PM"
+ "vidc.iv50"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "4/13/2008 8:10 PM"
"HKLM\Software\Classes\Filter"    ""    ""    ""    "3/29/2013 3:38 PM"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 8:10 PM"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 8:10 PM"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 8:10 PM"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 8:10 PM"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "1/15/2010 3:15 AM"
+ "9x8Resize"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\system32\acelpdec.ax"    "8/18/2001 1:35 AM"
+ "Allocator Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "Bitmap"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "Flip Video Decoder"    "FlipDSVideoDecoder"    "MyCompanyName"    "c:\program files\flip video\flipshare\flipdsvideodecoder.ax"    "8/27/2010 7:03 PM"
+ "Flip Video Decoder Mpeg4"    "FlipDSVideoDecoder"    "MyCompanyName"    "c:\program files\flip video\flipshare\flipdsmpeg4decoder.ax"    "8/27/2010 7:02 PM"
+ "Frame Eater"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "Indeo® audio software"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"    "4/13/2008 8:09 PM"
+ "Indeo® video 5.10 Compression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "4/13/2008 8:10 PM"
+ "Indeo® video 5.10 Decompression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "4/13/2008 8:10 PM"
+ "MainConcept (Nikon) MPEG Audio Decoder"    "MPEG Video and Audio Decoder"    "MainConcept AG (Nikon)"    "c:\program files\common files\nikon\mpeg\nikondsmpeg.ax"    "10/11/2005 6:34 AM"
+ "MainConcept (Nikon) MPEG Encoder"    "MPEG Encoder and Muxer"    "MainConcept AG (Nikon)"    "c:\program files\common files\nikon\mpeg\nikonesmpeg.ax"    "10/11/2005 6:34 AM"
+ "MainConcept (Nikon) MPEG Video Decoder"    "MPEG Video and Audio Decoder"    "MainConcept AG (Nikon)"    "c:\program files\common files\nikon\mpeg\nikondsmpeg.ax"    "10/11/2005 6:34 AM"
+ "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecx.ax"    "6/15/2010 12:17 PM"
+ "muvee Music Analyser"    "Music Analyser Filter for muvee autoProducer"    "muvee Technologies Pte Ltd"    "c:\program files\common files\muvee technologies\030625\mvmanalyse.ax"    "9/15/2006 1:48 AM"
+ "muvee WAV Encoder"    "mvWavEncoder Filter (Sample)"    "Microsoft Corporation"    "c:\program files\common files\muvee technologies\030625\mvwavenc.ax"    "10/18/2006 3:37 AM"
+ "PDFrameGrabFilter"    "FrameGrabFilter"    ""    "c:\program files\flip video\flipshare\framegrabfilter.ax"    "8/27/2010 7:01 PM"
+ "PDT IPP AAC Encoder"    ""    ""    "c:\program files\flip video\flipshare\ipp6_0_aacencoder.ax"    "8/27/2010 7:01 PM"
+ "PDT IPP H264 Encoder"    "IPPH264Encoder"    ""    "c:\program files\flip video\flipshare\ipph264encoder.ax"    "8/27/2010 7:03 PM"
+ "PDT IPP MP4 Muxer"    "IPPMP4Muxer"    ""    "c:\program files\flip video\flipshare\ippmp4muxer.ax"    "8/27/2010 7:01 PM"
+ "PDT IPP MP4 Splitter"    "IPPMp4Splitter"    ""    "c:\program files\flip video\flipshare\ippmp4splitter.ax"    "8/27/2010 7:01 PM"
+ "PDT IPP MPEG Audio Decoder"    "IPPMPEGAudioDecoder"    ""    "c:\program files\flip video\flipshare\ippmpegaudiodecoder.ax"    "8/27/2010 7:02 PM"
+ "PDT Resize and Letterbox Filter"    "PurpleComposite"    ""    "c:\program files\flip video\flipshare\purplecomposite.ax"    "8/27/2010 7:00 PM"
+ "QuickTime Source Filter"    "QuickTimeSource Module"    ""    "c:\program files\common files\muvee technologies\030625\quicktimesource.dll"    "10/18/2006 3:33 AM"
+ "Record Queue"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "ShotDetect"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "Sonic Cinemaster® Audio Decoder 4.2 (No Dolby)"    "SonicHDAudio"    "Sonic Solutions"    "c:\program files\common files\sonic shared\cinemasteraudiond.dll"    "6/27/2008 2:39 PM"
+ "Sonic Cinemaster® VideoDecoder 4.2"    "CinemasterVideo"    "Sonic Solutions"    "c:\program files\common files\sonic shared\cinemastervideo.dll"    "6/27/2008 5:42 AM"
+ "Sonic HD Demuxer"    "Sonic HD Demuxer"    ""    "c:\program files\common files\sonic shared\sonichddemuxer.dll"    "6/27/2008 5:25 AM"
+ "Sonic HD Nav"    "SonicHDNav"    ""    "c:\program files\common files\sonic shared\sonichdnav.dll"    "7/31/2007 5:25 AM"
+ "Stetch"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\system32\wiasf.ax"    "8/18/2001 1:35 AM"
+ "WM VIH2 Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Audio Analyzer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Black Frame Generator"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT DirectX Transform Wrapper"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT DV Extract Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT FormatConversion"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Import Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Interlacer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Log Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT MuxDeMux Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Sample Info Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Screen capture Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Switch Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Virtual Renderer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Virtual Source"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Volume"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""    "3/29/2013 3:59 PM"
+ "AtiExtEvent"    "ATI External Event Utility DLL Module"    "ATI Technologies Inc."    "c:\windows\system32\ati2evxx.dll"    "7/27/2007 11:22 PM"
+ "LBTWlgn"    "Logitech Bluetooth Service"    "Logitech, Inc."    "c:\program files\common files\logitech\bluetooth\lbtwlgn.dll"    "5/2/2008 5:18 AM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""    "11/18/2011 2:57 PM"
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"    "8/31/2011 1:44 AM"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""    "3/29/2013 3:59 PM"
+ "HP Standard TCP/IP Port"    "Standard TCP/IP Port Monitor DLL"    "Hewlett Packard"    "c:\windows\system32\hptcpmon.dll"    "2/17/2005 11:41 AM"
+ "hpzsnt12"    ""    "HP"    "c:\windows\system32\hpzsnt12.dll"    "2/28/2005 1:17 PM"
 



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:01 PM

Posted 29 March 2013 - 05:16 PM

.


Edited by narenxp, 29 March 2013 - 08:44 PM.


#7 kephyr

kephyr
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:04:01 PM

Posted 29 March 2013 - 08:37 PM

Here is the Autoruns log:

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "3/29/2013 12:03 PM"
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\arm\1.0\adobearm.exe"    "12/3/2012 3:34 AM"
+ "HP Software Update"    "Hewlett-Packard Product Assistant"    "Hewlett-Packard Co."    "c:\program files\hp\hp software update\hpwuschd2.exe"    "5/12/2005 2:12 AM"
+ "Intuit SyncManager"    "IntuitSyncManager"    "Intuit Inc. All rights reserved."    "c:\program files\common files\intuit\sync\intuitsyncmanager.exe"    "8/31/2009 2:32 AM"
+ "Kernel and Hardware Abstraction Layer"    "Logitech KHAL Main Process"    "Logitech, Inc."    "c:\windows\khalmnpr.exe"    "2/29/2008 6:00 AM"
+ "LogitechQuickCamRibbon"    "Camera Software"    "Logitech Inc."    "c:\program files\logitech\logitech webcam software\lws.exe"    "5/8/2009 1:31 PM"
+ "SoundMAXPnP"    "SMax4PNP"    "Analog Devices, Inc."    "c:\program files\analog devices\core\smax4pnp.exe"    "5/1/2006 12:07 PM"
+ "SunJavaUpdateSched"    "Java™ Update Scheduler"    "Sun Microsystems, Inc."    "c:\program files\common files\java\java update\jusched.exe"    "7/3/2012 12:04 PM"
+ "UpdateManager"    "Sonic Update Manager"    "Sonic Solutions"    "c:\program files\common files\sonic\update manager\sgtray.exe"    "8/19/2003 3:25 PM"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup"    ""    ""    ""    "11/3/2010 9:46 AM"
+ "HP Digital Imaging Monitor.lnk"    "HP Digital Imaging Monitor"    "Hewlett-Packard Co."    "c:\program files\hp\digital imaging\bin\hpqtra08.exe"    "5/12/2005 2:23 AM"
+ "Logitech SetPoint.lnk"    "Logitech SetPoint Event Manager (UNICODE)"    "Logitech, Inc."    "c:\program files\logitech\setpoint\setpoint.exe"    "5/2/2008 4:43 AM"
+ "QuickBooks Update Agent.lnk"    "QuickBooks Automatic Update"    "Intuit Inc."    "c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe"    "9/3/2009 3:39 AM"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "3/29/2012 3:06 AM"
+ "Address Book 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"    "4/13/2008 2:30 PM"
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files\google\chrome\application\26.0.1410.43\installer\chrmstp.exe"    "3/21/2013 4:35 PM"
+ "Microsoft Outlook Express 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"    "4/13/2008 2:30 PM"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "11/18/2011 2:57 PM"
+ "ISUSPM"    "Macrovision Software Manager"    "Macrovision Corporation"    "c:\program files\common files\installshield\updateservice\isuspm.exe"    "9/11/2006 5:39 AM"
+ "Skype"    "Skype "    "Skype Technologies S.A."    "c:\program files\skype\phone\skype.exe"    "1/8/2013 8:55 AM"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""    "1/15/2010 1:56 AM"
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office11\msoxmlmf.dll"    "4/13/2007 6:22 PM"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""    "1/15/2010 1:56 AM"
+ "bw+0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw+0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw-0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw-0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw00"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw00s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw10"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw10s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw20"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw20s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw30"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw30s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw40"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw40s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw50"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw50s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw60"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw60s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw70"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw70s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw80"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw80s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw90"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bw90s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwa0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwa0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwb0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwb0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwc0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwc0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwd0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwd0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwe0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwe0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwf0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwf0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwfile-8876480"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\gaplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwg0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwg0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwh0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwh0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwi0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwi0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwj0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwj0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwk0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwk0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwl0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwl0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwm0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwm0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwn0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwn0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwo0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwo0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwp0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwp0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwq0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwq0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwr0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwr0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bws0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bws0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwt0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwt0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwu0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwu0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwv0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwv0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bww0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bww0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwx0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwx0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwy0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwy0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwz0"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "bwz0s"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "intu-help-qb3"    "QuickBooks Assistance Library"    "Intuit, Inc."    "c:\program files\intuit\quickbooks 2010\helpasyncpluggableprotocol.dll"    "9/3/2009 4:12 AM"
+ "mso-offdap"    "Microsoft Office XP Web Components"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\web components\10\owc10.dll"    "5/14/2009 10:43 PM"
+ "mso-offdap11"    "Microsoft Office Web Components 2003"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\web components\11\owc11.dll"    "3/24/2009 8:45 PM"
+ "offline-8876480"    "BackWeb Runner Application                   "    "BackWeb Technologies Inc.                         "    "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"    "10/12/2004 9:35 AM"
+ "skype-ie-addon-data"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"    "10/10/2011 5:52 AM"
+ "skype4com"    "Skype for COM API"    "Skype Technologies"    "c:\program files\common files\skype\skype4com.dll"    "11/3/2011 6:19 AM"
+ "symres"    "coIEPlugIn"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\coieplg.dll"    "4/12/2010 12:58 PM"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"    ""    ""    ""    "3/24/2013 8:04 PM"
+ "0"    ""    ""    "File not found: About:Home"    ""
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/14/2010 8:40 PM"
+ "BUContextMenu"    "Backup Shell"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\bushell.dll"    "12/14/2009 4:32 PM"
+ "LavasoftShellExt"    ""    ""    "File not found: C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"    ""
+ "Symantec.Norton.Antivirus.IEContextMenu"    "Symantec Shared Component Shell Extension Module"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\navshext.dll"    "9/21/2011 7:32 PM"
+ "Yahoo! Mail"    "Yahoo! Mail"    "Yahoo! Inc."    "c:\program files\yahoo!\common\ymmapi.dll"    "6/25/2007 5:00 PM"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers"    ""    ""    ""    "1/14/2010 8:40 PM"
+ "BuPropertySheet"    "Backup Shell"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\bushell.dll"    "12/14/2009 4:32 PM"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/15/2010 1:56 AM"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"    "12/14/2012 4:52 PM"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""    "2/20/2010 10:22 AM"
+ "Roxio DragToDisc Shell Extension"    "DirectCD Shell Extention DLL"    "Roxio"    "c:\program files\roxio\drag-to-disc\shellex.dll"    "7/27/2007 6:46 PM"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers"    ""    ""    ""    "2/20/2010 10:22 AM"
+ "Roxio DragToDisc Shell Extension"    "DirectCD Shell Extention DLL"    "Roxio"    "c:\program files\roxio\drag-to-disc\shellex.dll"    "7/27/2007 6:46 PM"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""    "1/15/2010 1:56 AM"
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"    "12/18/2012 2:06 PM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/15/2010 1:56 AM"
+ "BUContextMenu"    "Backup Shell"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\bushell.dll"    "12/14/2009 4:32 PM"
+ "LavasoftShellExt"    ""    ""    "File not found: C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"    "12/14/2012 4:52 PM"
+ "Symantec.Norton.Antivirus.IEContextMenu"    "Symantec Shared Component Shell Extension Module"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\navshext.dll"    "9/21/2011 7:32 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""    "3/28/2013 11:52 AM"
+ "OverlayExcluded"    "Backup Shell"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\bushell.dll"    "12/14/2009 4:32 PM"
+ "OverlayPending"    "Backup Shell"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\bushell.dll"    "12/14/2009 4:32 PM"
+ "OverlayProtected"    "Backup Shell"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\bushell.dll"    "12/14/2009 4:32 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""    "3/28/2013 11:52 AM"
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"    "9/23/2012 10:24 PM"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jp2ssv.dll"    "3/1/2013 9:51 AM"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\ssv.dll"    "3/1/2013 9:50 AM"
+ "SingleInstance Class"    "Yahoo! Single Instance for Mail"    "Yahoo! Inc"    "c:\program files\yahoo!\companion\installs\cpn\ytsingleinstance.dll"    "9/24/2011 10:35 PM"
+ "Skype Browser Helper"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"    "10/10/2011 5:52 AM"
+ "Symantec Intrusion Prevention"    "IPS Browser Helper DLL"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\ipsbho.dll"    "7/8/2009 8:57 PM"
+ "Symantec NCO BHO"    "coIEPlugIn"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\coieplg.dll"    "4/12/2010 12:58 PM"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""    "3/28/2013 11:52 AM"
+ "Norton Toolbar"    "coIEPlugIn"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\coieplg.dll"    "4/12/2010 12:58 PM"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""    "3/28/2013 11:52 AM"
+ "Skype Click to Call"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"    "10/10/2011 5:52 AM"
"Task Scheduler"    ""    ""    ""    ""
+ "Ad-Aware Update (Weekly).job"    ""    ""    "File not found: C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent"    ""
+ "Adobe Flash Player Updater.job"    "Adobe® Flash® Player Update Service 11.6 r602"    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"    "2/28/2013 10:40 PM"
+ "AppleSoftwareUpdate.job"    "Apple Software Update"    "Apple Inc."    "c:\program files\apple software update\softwareupdate.exe"    "6/1/2011 8:46 PM"
+ "GoogleUpdateTaskMachineCore.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "3/9/2010 2:10 AM"
+ "GoogleUpdateTaskMachineUA.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "3/9/2010 2:10 AM"
+ "OGALogon.job"    ""    ""    "c:\windows\system32\ogaexec.exe"    "8/3/2009 5:54 PM"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "3/29/2013 9:31 PM"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"    "2/28/2013 10:40 PM"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"    "9/6/2011 9:55 PM"
+ "Ati HotKey Poller"    "ATI External Event Utility EXE Module"    "ATI Technologies Inc."    "c:\windows\system32\ati2evxx.exe"    "7/27/2007 11:21 PM"
+ "ATI Smart"    "ATI Smart"    ""    "c:\windows\system32\ati2sgag.exe"    "7/27/2007 11:20 PM"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"    "8/31/2011 1:40 AM"
+ "FlipShare Service"    "FlipShare Service"    ""    "c:\program files\flip video\flipshare\flipshareservice.exe"    "9/18/2010 12:14 AM"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "3/9/2010 2:10 AM"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "3/9/2010 2:10 AM"
+ "IDriverT"    "Provides support for the Running Object Table for InstallShield Drivers"    "Macrovision Corporation"    "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe"    "4/4/2005 1:41 AM"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"    "11/13/2011 3:47 AM"
+ "JavaQuickStarterService"    "Prefetches JRE files for faster startup of Java applets and applications"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jqs.exe"    "3/1/2013 9:45 AM"
+ "LBTServ"    "Logitech Bluetooth Service"    "Logitech, Inc."    "c:\program files\common files\logitech\bluetooth\lbtserv.exe"    "5/2/2008 5:18 AM"
+ "LVPrcSrv"    "Injector service"    "Logitech Inc."    "c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe"    "4/30/2009 6:42 PM"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files\mozilla maintenance service\maintenanceservice.exe"    "3/7/2013 8:32 AM"
+ "N360"    "Norton 360"    "Symantec Corporation"    "c:\program files\norton 360\engine\3.8.3.6\ccsvchst.exe"    "8/10/2011 11:21 PM"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\source engine\ose.exe"    "7/27/2003 12:52 PM"
+ "pcCMService"    "mcci+McciCMService"    "Alcatel-Lucent"    "c:\program files\common files\motive\pccmservice.exe"    "6/17/2011 3:31 PM"
+ "Pml Driver HPZ12"    "PML Driver"    "HP"    "c:\windows\system32\hpzipm12.exe"    "9/29/2004 2:44 AM"
+ "QBCFMonitorService"    "QuickBooks Company File Monitoring Service"    "Intuit"    "c:\program files\common files\intuit\quickbooks\qbcfmonitorservice.exe"    "9/3/2009 4:07 AM"
+ "QBFCService"    "QuickBooks FCS module"    "Intuit Inc."    "c:\program files\common files\intuit\quickbooks\fcs\intuit.quickbooks.fcs.exe"    "7/24/2009 12:10 AM"
+ "SkypeUpdate"    "Enables the detection, download and installation of updates for Skype."    "Skype Technologies"    "c:\program files\skype\updater\updater.exe"    "1/8/2013 8:55 AM"
+ "stllssvr"    "SureThing Labelflash Disc Printer Service Module"    "MicroVision Development, Inc."    "c:\program files\common files\surething shared\stllssvr.exe"    "4/20/2007 4:00 PM"
+ "TomTomHOMEService"    "TomTom Home Service for ejecting devices"    "TomTom"    "c:\program files\tomtom home 2\tomtomhomeservice.exe"    "1/23/2012 12:37 AM"
+ "YahooAUService"    "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements."    "Yahoo! Inc."    "c:\program files\yahoo!\softwareupdate\yahooauservice.exe"    "11/9/2008 4:47 PM"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "3/29/2013 9:31 PM"
+ "ADIHdAudAddService"    "High Definition Audio Function Driver"    "Analog Devices, Inc."    "c:\windows\system32\drivers\adihdaud.sys"    "5/22/2006 4:40 PM"
+ "ati2mtag"    "ATI Radeon WindowsNT Miniport Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\ati2mtag.sys"    "7/27/2007 11:30 PM"
+ "atiide"    "ATI SATA(IDE Mode) Controller Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\atiide.sys"    "9/7/2006 4:37 PM"
+ "bcm4sbxp"    "Broadcom Corporation NDIS 5.1 ethernet driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcm4sbxp.sys"    "11/21/2006 8:25 AM"
+ "BHDrvx86"    "BASH Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\bhdrvx86.sys"    "7/29/2009 8:44 PM"
+ "ccHP"    "Common Client Hash Provider Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\cchpx86.sys"    "7/20/2011 12:06 AM"
+ "Changer"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"    ""
+ "DLABMFSM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlabmfsm.sys"    "7/23/2007 6:02 PM"
+ "DLABOIOM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlaboiom.sys"    "7/23/2007 6:02 PM"
+ "DLACDBHM"    "Shared Driver Component"    "Roxio"    "c:\windows\system32\drivers\dlacdbhm.sys"    "7/23/2007 5:49 PM"
+ "DLADResM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dladresm.sys"    "7/23/2007 6:04 PM"
+ "DLAIFS_M"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlaifs_m.sys"    "7/23/2007 6:01 PM"
+ "DLAOPIOM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlaopiom.sys"    "7/23/2007 6:03 PM"
+ "DLAPoolM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlapoolm.sys"    "7/23/2007 6:01 PM"
+ "DLARTL_M"    "Shared Driver Component"    "Roxio"    "c:\windows\system32\drivers\dlartl_m.sys"    "7/23/2007 5:48 PM"
+ "DLAUDF_M"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlaudf_m.sys"    "7/23/2007 6:01 PM"
+ "DLAUDFAM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\drivers\dlaudfam.sys"    "7/23/2007 6:02 PM"
+ "DRVMCDB"    "Device Driver"    "Sonic Solutions"    "c:\windows\system32\drivers\drvmcdb.sys"    "7/23/2007 5:53 PM"
+ "DRVNDDM"    "Device Driver Manager"    "Roxio"    "c:\windows\system32\drivers\drvnddm.sys"    "7/23/2007 5:42 PM"
+ "eeCtrl"    "Symantec Eraser Control Driver"    "Symantec Corporation"    "c:\program files\common files\symantec shared\eengine\eectrl.sys"    "7/31/2012 7:33 PM"
+ "EraserUtilRebootDrv"    "Symantec Eraser Utility Driver"    "Symantec Corporation"    "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys"    "7/31/2012 7:33 PM"
+ "FilterService"    "Logitech USB Video Class Filter Driver"    "Logitech Inc."    "c:\windows\system32\drivers\lvuvcflt.sys"    "4/30/2009 6:41 PM"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"    "5/18/2009 8:16 AM"
+ "gfibto"    "GFI Boot Time Operations Driver"    "GFI Software"    "c:\windows\system32\drivers\gfibto.sys"    "9/1/2011 9:29 PM"
+ "HDAudBus"    "High Definition Audio Bus Driver v1.0a"    "Windows ® Server 2003 DDK provider"    "c:\windows\system32\drivers\hdaudbus.sys"    "5/26/2005 11:46 AM"
+ "HPZid412"    "IEEE-1284.4-1999 Driver (Windows 2000)"    "HP"    "c:\windows\system32\drivers\hpzid412.sys"    "9/29/2004 2:41 AM"
+ "HPZipr12"    "IEEE-1284.4-1999 Print Class Driver"    "HP"    "c:\windows\system32\drivers\hpzipr12.sys"    "9/29/2004 2:41 AM"
+ "HPZius12"    "1284.4<->Usb Datalink Driver (Windows 2000)"    "HP"    "c:\windows\system32\drivers\hpzius12.sys"    "9/29/2004 2:40 AM"
+ "i2omgmt"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"    ""
+ "IDSxpx86"    "Symantec Intrusion Prevention Driver"    "Symantec Corporation"    "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20130329.001\idsxpx86.sys"    "8/28/2012 10:48 PM"
+ "Lbd"    "Ad-Aware mini-filter driver"    "Lavasoft AB"    "c:\windows\system32\drivers\lbd.sys"    "5/25/2010 3:45 AM"
+ "lbrtfdc"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"    ""
+ "LHidFilt"    "Logitech HID Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lhidfilt.sys"    "2/29/2008 6:08 AM"
+ "LHidKe"    "Logitech HID Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lhidke.sys"    "1/20/2006 10:03 PM"
+ "LHidUsbK"    "Logitech SetPoint USB Receiver"    "Logitech, Inc."    "c:\windows\system32\drivers\lhidusbk.sys"    "1/20/2006 10:02 PM"
+ "LMouFilt"    "Logitech Mouse Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lmoufilt.sys"    "2/29/2008 6:08 AM"
+ "LMouKE"    "Logitech Filter Driver for Mouse Class."    "Logitech, Inc."    "c:\windows\system32\drivers\lmouke.sys"    "1/20/2006 10:03 PM"
+ "LUsbFilt"    "Logitech USB Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lusbfilt.sys"    "2/29/2008 6:08 AM"
+ "LVPr2Mon"    "Logitech ProcMon Driver"    "Logitech Inc."    "c:\windows\system32\drivers\lvpr2mon.sys"    "4/30/2009 6:42 PM"
+ "LVRS"    "Logitech Kernel Audio Improvement Filter Driver"    "Logitech Inc."    "c:\windows\system32\drivers\lvrs.sys"    "4/30/2009 6:43 PM"
+ "LVUVC"    "Logitech USB Video Class Driver"    "Logitech Inc."    "c:\windows\system32\drivers\lvuvc.sys"    "4/30/2009 6:43 PM"
+ "MREMP50"    "PCAUSA NDIS 5.0 MPR Protocol Driver"    "Printing Communications Assoc., Inc. (PCAUSA)"    "c:\program files\common files\motive\mremp50.sys"    "11/19/2005 4:13 AM"
+ "MREMPR5"    ""    ""    "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS"    ""
+ "MRENDIS5"    ""    ""    "File not found: C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS"    ""
+ "MRESP50"    "PCAUSA NDIS 5.0 SPR Protocol Driver"    "Printing Communications Assoc., Inc. (PCAUSA)"    "c:\program files\common files\motive\mresp50.sys"    "11/19/2005 4:13 AM"
+ "NAVENG"    "AV Engine"    "Symantec Corporation"    "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20130329.016\naveng.sys"    "12/20/2012 4:39 AM"
+ "NAVEX15"    "AV Engine"    "Symantec Corporation"    "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20130329.016\navex15.sys"    "12/20/2012 4:37 AM"
+ "PCIDump"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"    ""
+ "PDCOMP"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"    ""
+ "PDFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"    ""
+ "PDRELI"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"    ""
+ "PDRFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"    ""
+ "Ptilink"    "Direct Parallel Link Driver"    "Parallel Technologies, Inc."    "c:\windows\system32\drivers\ptilink.sys"    "8/17/2001 4:49 PM"
+ "PxHelp20"    "Px Engine Device Driver for Windows 2000/XP"    "Sonic Solutions"    "c:\windows\system32\drivers\pxhelp20.sys"    "3/12/2008 9:57 PM"
+ "Secdrv"    "SafeDisc driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"    "9/13/2006 9:18 AM"
+ "SenFiltService"    "Sensaura WDM 3D Audio Driver"    "Sensaura"    "c:\windows\system32\drivers\senfilt.sys"    "3/13/2006 12:40 PM"
+ "SRTSP"    "Symantec AutoProtect"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\srtsp.sys"    "6/22/2009 10:12 PM"
+ "SRTSPX"    "Symantec AutoProtect"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\srtspx.sys"    "6/22/2009 10:15 PM"
+ "SymEFA"    "Symantec Extended File Attributes"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\symefa.sys"    "6/23/2009 5:50 PM"
+ "SymEvent"    "Symantec Event Library"    "Symantec Corporation"    "c:\windows\system32\drivers\symevent.sys"    "6/24/2009 4:14 PM"
+ "SYMFW"    "Firewall Filter Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\symfw.sys"    "6/20/2011 8:57 PM"
+ "SYMIDS"    "IDS Filter Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\symids.sys"    "6/20/2011 8:57 PM"
+ "SymIM"    "NDIS Intermediate Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\symim.sys"    "6/22/2009 7:01 PM"
+ "SymIMMP"    "NDIS Intermediate Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\symim.sys"    "6/22/2009 7:01 PM"
+ "SYMNDIS"    "NDIS Filter Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\symndis.sys"    "6/20/2011 8:56 PM"
+ "SYMTDI"    "Network Dispatch Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\n360\0308030.006\symtdi.sys"    "6/20/2011 8:56 PM"
+ "USBAAPL"    "Apple Mobile Device USB Driver"    "Apple, Inc."    "c:\windows\system32\drivers\usbaapl.sys"    "4/28/2011 2:25 PM"
+ "WDICA"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"    ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "3/29/2013 9:31 PM"
+ "msacm.iac2"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"    "4/13/2008 8:09 PM"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"    "1/29/2010 10:43 AM"
+ "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\system32\sl_anet.acm"    "4/13/2008 8:11 PM"
+ "msacm.trspch"    "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\system32\tssoft32.acm"    "8/18/2001 1:35 AM"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"    "6/17/2010 10:03 AM"
+ "VIDC.I420"    "Video Codec"    "Logitech Inc."    "c:\windows\system32\lvcodec2.dll"    "4/30/2009 6:43 PM"
+ "vidc.iv31"    ""    ""    "c:\windows\system32\ir32_32.dll"    "8/18/2001 1:33 AM"
+ "vidc.iv32"    ""    ""    "c:\windows\system32\ir32_32.dll"    "8/18/2001 1:33 AM"
+ "vidc.iv41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 8:10 PM"
+ "vidc.iv50"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "4/13/2008 8:10 PM"
"HKLM\Software\Classes\Filter"    ""    ""    ""    "3/29/2013 3:38 PM"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 8:10 PM"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 8:10 PM"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 8:10 PM"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 8:10 PM"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "1/15/2010 3:15 AM"
+ "9x8Resize"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\system32\acelpdec.ax"    "8/18/2001 1:35 AM"
+ "Allocator Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "Bitmap"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "Flip Video Decoder"    "FlipDSVideoDecoder"    "MyCompanyName"    "c:\program files\flip video\flipshare\flipdsvideodecoder.ax"    "8/27/2010 7:03 PM"
+ "Flip Video Decoder Mpeg4"    "FlipDSVideoDecoder"    "MyCompanyName"    "c:\program files\flip video\flipshare\flipdsmpeg4decoder.ax"    "8/27/2010 7:02 PM"
+ "Frame Eater"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "Indeo® audio software"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"    "4/13/2008 8:09 PM"
+ "Indeo® video 5.10 Compression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "4/13/2008 8:10 PM"
+ "Indeo® video 5.10 Decompression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "4/13/2008 8:10 PM"
+ "MainConcept (Nikon) MPEG Audio Decoder"    "MPEG Video and Audio Decoder"    "MainConcept AG (Nikon)"    "c:\program files\common files\nikon\mpeg\nikondsmpeg.ax"    "10/11/2005 6:34 AM"
+ "MainConcept (Nikon) MPEG Encoder"    "MPEG Encoder and Muxer"    "MainConcept AG (Nikon)"    "c:\program files\common files\nikon\mpeg\nikonesmpeg.ax"    "10/11/2005 6:34 AM"
+ "MainConcept (Nikon) MPEG Video Decoder"    "MPEG Video and Audio Decoder"    "MainConcept AG (Nikon)"    "c:\program files\common files\nikon\mpeg\nikondsmpeg.ax"    "10/11/2005 6:34 AM"
+ "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecx.ax"    "6/15/2010 12:17 PM"
+ "muvee Music Analyser"    "Music Analyser Filter for muvee autoProducer"    "muvee Technologies Pte Ltd"    "c:\program files\common files\muvee technologies\030625\mvmanalyse.ax"    "9/15/2006 1:48 AM"
+ "muvee WAV Encoder"    "mvWavEncoder Filter (Sample)"    "Microsoft Corporation"    "c:\program files\common files\muvee technologies\030625\mvwavenc.ax"    "10/18/2006 3:37 AM"
+ "PDFrameGrabFilter"    "FrameGrabFilter"    ""    "c:\program files\flip video\flipshare\framegrabfilter.ax"    "8/27/2010 7:01 PM"
+ "PDT IPP AAC Encoder"    ""    ""    "c:\program files\flip video\flipshare\ipp6_0_aacencoder.ax"    "8/27/2010 7:01 PM"
+ "PDT IPP H264 Encoder"    "IPPH264Encoder"    ""    "c:\program files\flip video\flipshare\ipph264encoder.ax"    "8/27/2010 7:03 PM"
+ "PDT IPP MP4 Muxer"    "IPPMP4Muxer"    ""    "c:\program files\flip video\flipshare\ippmp4muxer.ax"    "8/27/2010 7:01 PM"
+ "PDT IPP MP4 Splitter"    "IPPMp4Splitter"    ""    "c:\program files\flip video\flipshare\ippmp4splitter.ax"    "8/27/2010 7:01 PM"
+ "PDT IPP MPEG Audio Decoder"    "IPPMPEGAudioDecoder"    ""    "c:\program files\flip video\flipshare\ippmpegaudiodecoder.ax"    "8/27/2010 7:02 PM"
+ "PDT Resize and Letterbox Filter"    "PurpleComposite"    ""    "c:\program files\flip video\flipshare\purplecomposite.ax"    "8/27/2010 7:00 PM"
+ "QuickTime Source Filter"    "QuickTimeSource Module"    ""    "c:\program files\common files\muvee technologies\030625\quicktimesource.dll"    "10/18/2006 3:33 AM"
+ "Record Queue"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "ShotDetect"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "Sonic Cinemaster® Audio Decoder 4.2 (No Dolby)"    "SonicHDAudio"    "Sonic Solutions"    "c:\program files\common files\sonic shared\cinemasteraudiond.dll"    "6/27/2008 2:39 PM"
+ "Sonic Cinemaster® VideoDecoder 4.2"    "CinemasterVideo"    "Sonic Solutions"    "c:\program files\common files\sonic shared\cinemastervideo.dll"    "6/27/2008 5:42 AM"
+ "Sonic HD Demuxer"    "Sonic HD Demuxer"    ""    "c:\program files\common files\sonic shared\sonichddemuxer.dll"    "6/27/2008 5:25 AM"
+ "Sonic HD Nav"    "SonicHDNav"    ""    "c:\program files\common files\sonic shared\sonichdnav.dll"    "7/31/2007 5:25 AM"
+ "Stetch"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\system32\wiasf.ax"    "8/18/2001 1:35 AM"
+ "WM VIH2 Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Audio Analyzer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Black Frame Generator"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT DirectX Transform Wrapper"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT DV Extract Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT FormatConversion"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Import Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Interlacer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Log Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT MuxDeMux Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Sample Info Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Screen capture Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Switch Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Virtual Renderer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Virtual Source"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
+ "WMT Volume"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 8:11 PM"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""    "3/29/2013 9:31 PM"
+ "AtiExtEvent"    "ATI External Event Utility DLL Module"    "ATI Technologies Inc."    "c:\windows\system32\ati2evxx.dll"    "7/27/2007 11:22 PM"
+ "LBTWlgn"    "Logitech Bluetooth Service"    "Logitech, Inc."    "c:\program files\common files\logitech\bluetooth\lbtwlgn.dll"    "5/2/2008 5:18 AM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""    "11/18/2011 2:57 PM"
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"    "8/31/2011 1:44 AM"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""    "3/29/2013 9:31 PM"
+ "HP Standard TCP/IP Port"    "Standard TCP/IP Port Monitor DLL"    "Hewlett Packard"    "c:\windows\system32\hptcpmon.dll"    "2/17/2005 11:41 AM"
+ "hpzsnt12"    ""    "HP"    "c:\windows\system32\hpzsnt12.dll"    "2/28/2005 1:17 PM"
 



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:01 PM

Posted 29 March 2013 - 08:45 PM

Press Windows+R key and type
 
services.msc and click ok.Right click on security center-properties.Change startup type to automatic and start it
 
Remove temporary and junk files

Download Temp file cleaner from HERE.Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode
 

Create a new restore point

Follow this guide to turn off and turn on your restore points

Windows XP

Vista & windows 7

Windows 8

Turn off your system restore-It deletes old infected restore points.Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old versions of java and flash player from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/ & http://www.adobe.com/support/flashplayer/downloads.html

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

Best Practices for Safe Computing - Prevention of Malware Infection

Simple and easy ways to keep your computer safe and secure on the Internet


Safe surfing :)



#9 kephyr

kephyr
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:04:01 PM

Posted 29 March 2013 - 08:59 PM

Thanks very much for your help



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:01 PM

Posted 29 March 2013 - 09:01 PM

:welcome:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users