Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Persistent TR/Atraps.Gen2 Infection - Unsure how to Remove


  • This topic is locked This topic is locked
35 replies to this topic

#1 CarrotCakes

CarrotCakes

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:47 PM

Posted 05 September 2014 - 12:33 AM

Hi! So I first noticed this trojan while doing my routine cleanup - I used RKill first, and then proceeded with TDSSKiller. TDSSKiller only seems to detect this trojan if I select "TDLFS files" in the parameters section. Afterwards, I sent the trojan to quarantine in Avira, and then scanned with both Malwarebytes and Avira. Both showed no signs of infection.

 

Some days later, I scanned again with TDSSKiller... and the trojan showed up again. Yet again I put it in quarantine. This time I went and deleted the entire quarantine folder, and scanned once more with TDSSKiller. It showed up again. Nothing else seems able to detect it. The trojan is originating from "Harddisk.0/DR0", but I didn't want to mess with it since there were other components and I'm no computer expert. Help much appreciated!

This is the log:

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.67.2
Run by HP_Administrator at 22:14:14 on 2014-09-04
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1015.158 [GMT -7:00]
.
AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ================
.
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\KeyScrambler\keyscrambler.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\ALCWZRD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Sandboxie\SandboxieCrypto.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
mRun: [PCDrProfiler] <no file>
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\9972322\program\Updates from HP.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 192.168.1.254 75.153.176.9
TCP: Interfaces\{B91353D3-0EBE-442F-AC69-0FB2DD3CD876} : DHCPNameServer = 192.168.1.254 75.153.176.9
Notify: igfxcui - igfxdev.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\37.0.2062.103\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2014-8-26 37352]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2014-8-26 430160]
R2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2014-8-26 430160]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2014-8-26 97648]
R2 Avira.OE.ServiceHost;Avira Service Host;c:\program files\avira\my avira\Avira.OE.ServiceHost.exe [2014-8-14 158000]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-8-26 1809720]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-8-26 860472]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2014-8-28 209016]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-8-26 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-8-26 110296]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2014-5-29 160264]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
.
=============== Created Last 30 ================
.
2014-08-29 00:07:42 -------- d-----w- c:\documents and settings\hp_administrator\application data\QFX Software
2014-08-29 00:07:42 -------- d-----w- c:\documents and settings\all users\application data\QFX Software
2014-08-29 00:03:11 209016 ----a-w- c:\windows\system32\drivers\keyscrambler.sys
2014-08-29 00:03:09 -------- d-----w- c:\program files\KeyScrambler
2014-08-28 23:32:06 -------- d-----w- c:\documents and settings\hp_administrator\application data\HpUpdate
2014-08-28 23:30:19 -------- d-----w- c:\windows\Hewlett-Packard
2014-08-28 23:29:20 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\Sun
2014-08-27 08:54:01 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-08-27 08:53:46 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-08-27 08:44:08 -------- d-sh--w- c:\documents and settings\hp_administrator\IETldCache
2014-08-27 08:12:42 522240 ------w- c:\windows\system32\dllcache\jsdbgui.dll
2014-08-27 08:12:33 6144 ------w- c:\windows\system32\dllcache\iecompat.dll
2014-08-27 08:12:06 -------- d-----w- c:\windows\ie8updates
2014-08-27 08:11:52 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2014-08-27 08:11:50 630272 ------w- c:\windows\system32\dllcache\msfeeds.dll
2014-08-27 08:11:50 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2014-08-27 08:11:50 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2014-08-27 08:11:50 2006016 ------w- c:\windows\system32\dllcache\iertutil.dll
2014-08-27 08:11:50 11113472 ------w- c:\windows\system32\dllcache\ieframe.dll
2014-08-27 08:11:49 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2014-08-27 08:10:25 -------- dc-h--w- c:\windows\ie8
2014-08-27 08:01:14 -------- d-----w- c:\windows\system32\MRT
2014-08-27 07:04:44 -------- d-----w- c:\program files\MSXML 4.0
2014-08-27 06:54:58 -------- d-----w- c:\program files\VideoLAN
2014-08-27 06:41:55 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2014-08-27 06:41:39 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2014-08-27 06:40:24 13312 ------w- c:\windows\system32\xp_eos.exe
2014-08-27 06:40:24 13312 ------w- c:\windows\system32\dllcache\xp_eos.exe
2014-08-27 06:40:03 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2014-08-27 06:39:31 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2014-08-27 06:39:19 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2014-08-27 06:38:29 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2014-08-27 06:37:38 25088 ------w- c:\windows\system32\dllcache\hidparse.sys
2014-08-27 06:37:38 14976 ------w- c:\windows\system32\dllcache\usbscan.sys
2014-08-27 06:37:09 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2014-08-27 06:37:09 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2014-08-27 06:36:49 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2014-08-27 06:36:49 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2014-08-27 06:36:48 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2014-08-27 06:36:48 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2014-08-27 06:36:48 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2014-08-27 06:36:48 110592 ------w- c:\windows\system32\dllcache\services.exe
2014-08-27 06:36:47 617472 ------w- c:\windows\system32\dllcache\advapi32.dll
2014-08-27 06:36:18 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2014-08-27 06:34:30 105472 ------w- c:\windows\system32\dllcache\mup.sys
2014-08-27 06:34:21 6022144 ------w- c:\windows\system32\dllcache\mshtml.dll
2014-08-27 06:34:12 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2014-08-27 06:33:48 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys
2014-08-27 06:33:48 12928 ------w- c:\windows\system32\dllcache\usb8023.sys
2014-08-27 06:33:42 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2014-08-27 06:33:40 60160 ------w- c:\windows\system32\dllcache\usbaudio.sys
2014-08-27 06:33:40 46848 ------w- c:\windows\system32\dllcache\irbus.sys
2014-08-27 06:33:40 123008 ------w- c:\windows\system32\dllcache\usbvideo.sys
2014-08-27 06:30:37 536576 ------w- c:\windows\system32\dllcache\msado15.dll
2014-08-27 06:29:56 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2014-08-27 06:29:51 139784 ------w- c:\windows\system32\dllcache\rdpwd.sys
2014-08-27 06:28:51 5376 ------w- c:\windows\system32\dllcache\usbd.sys
2014-08-27 06:28:51 32384 ------w- c:\windows\system32\dllcache\usbccgp.sys
2014-08-27 06:28:51 30336 ------w- c:\windows\system32\dllcache\usbehci.sys
2014-08-27 06:28:51 144128 ------w- c:\windows\system32\dllcache\usbport.sys
2014-08-27 06:28:17 -------- d-----r- C:\Sandbox
2014-08-27 06:27:17 718336 ------w- c:\windows\system32\dllcache\ntdll.dll
2014-08-27 06:27:15 2193536 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2014-08-27 06:27:15 2149888 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2014-08-27 06:27:14 2070144 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2014-08-27 06:27:14 2028544 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2014-08-27 06:27:11 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2014-08-27 06:27:09 218112 ------w- c:\windows\system32\dllcache\wordpad.exe
2014-08-27 06:26:57 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2014-08-27 06:26:49 3072 ------w- c:\windows\system32\iacenc.dll
2014-08-27 06:26:49 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
2014-08-27 06:26:45 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2014-08-27 06:26:01 45568 ------w- c:\windows\system32\dllcache\wab.exe
2014-08-27 06:11:50 -------- d-----w- c:\windows\system32\PreInstall
2014-08-27 03:53:13 -------- d-----w- c:\program files\CCleaner
2014-08-27 03:52:32 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-27 03:52:12 53208 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-27 03:52:12 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-27 03:52:12 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-08-27 03:52:12 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2014-08-27 03:46:34 -------- d-----w- c:\windows\system32\SoftwareDistribution
2014-08-26 23:18:41 -------- d-----w- c:\windows\system32\NtmsData
2014-08-26 23:18:02 -------- d-----w- C:\TDSSKiller_Quarantine
2014-08-26 23:05:36 -------- d-----w- c:\program files\Sandboxie
2014-08-26 23:01:45 -------- d-----w- c:\documents and settings\hp_administrator\application data\Avira
2014-08-26 22:54:59 97648 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-08-26 22:54:59 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-08-26 22:52:51 -------- d-----w- c:\program files\Avira
2014-08-26 22:52:49 -------- d-----w- c:\documents and settings\all users\application data\Avira
2014-08-26 22:45:21 -------- d-----w- c:\windows\system32\appmgmt
2014-08-26 22:28:34 -------- d-----w- c:\documents and settings\all users\application data\Package Cache
2014-08-26 22:17:49 -------- d-----w- c:\windows\ServicePackFiles
2014-08-26 21:18:11 -------- d-sh--w- c:\documents and settings\hp_administrator\UserData
2014-08-26 21:09:05 -------- d-sh--r- C:\cmdcons
2014-08-26 21:09:03 -------- d-----w- c:\windows\setup.pss
2014-08-26 11:17:13 -------- d-----w- c:\program files\Microsoft
2014-08-26 11:11:11 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2014-08-26 11:11:06 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2014-08-26 11:07:31 -------- d-----w- c:\windows\I386
2014-08-26 11:00:27 -------- d-----r- c:\documents and settings\all users\Documents
2014-08-26 10:59:24 -------- d-----r- c:\windows\Offline Web Pages
2014-08-26 10:58:11 -------- d-sh--r- c:\windows\system32\dllcache
.
==================== Find3M  ====================
.
2014-08-26 22:21:51 45056 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\uninstallui\eHelpSetup.exe
2014-08-26 22:21:50 61440 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemutil.dll
2014-08-26 22:21:50 44032 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\scripts\devcon.exe
2014-08-26 22:21:50 40960 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\ScDmi.dll
2014-08-26 22:21:50 32768 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\uploadHSC.dll
2014-08-26 22:21:50 32768 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\Scom.dll
2014-08-26 22:21:50 287310 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\HPBasicDetection.dll
2014-08-26 22:21:50 163840 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemcheck.dll
.
============= FINISH: 22:15:14.57 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:47 PM

Posted 10 September 2014 - 12:35 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/546949 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:47 PM

Posted 10 September 2014 - 04:42 AM

Yes, I still need help. :) Most of the details are already in my post above, but some symptoms I believe of this trojan include slower speed and random shut downs - as in the computer shuts down as a black screen as opposed to the normal shutdown routine. I know it's not overheating at the least; I have checked. I have not taken any action since posting my first reply.

Here are the new logs:  
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.67.2
Run by HP_Administrator at 2:14:51 on 2014-09-10
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1015.210 [GMT -7:00]
.
AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ================
.
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\KeyScrambler\keyscrambler.exe
C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Sandboxie\SandboxieCrypto.exe
C:\Program Files\Sandboxie\SbieSvc.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Avira\AntiVir Desktop\avscan.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
mRun: [PCDrProfiler] <no file>
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\9972322\program\Updates from HP.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 192.168.1.254 75.153.176.9
TCP: Interfaces\{B91353D3-0EBE-442F-AC69-0FB2DD3CD876} : DHCPNameServer = 192.168.1.254 75.153.176.9
Notify: igfxcui - igfxdev.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\37.0.2062.103\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2014-8-26 37352]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2014-8-26 430160]
R2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2014-8-26 430160]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2014-8-26 97648]
R2 Avira.OE.ServiceHost;Avira Service Host;c:\program files\avira\my avira\Avira.OE.ServiceHost.exe [2014-8-27 160048]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-8-26 1809720]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2014-8-28 209016]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-8-26 23256]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2014-5-29 160264]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-8-26 860472]
.
=============== Created Last 30 ================
.
2014-08-29 00:07:42 -------- d-----w- c:\documents and settings\hp_administrator\application data\QFX Software
2014-08-29 00:07:42 -------- d-----w- c:\documents and settings\all users\application data\QFX Software
2014-08-29 00:03:11 209016 ----a-w- c:\windows\system32\drivers\keyscrambler.sys
2014-08-29 00:03:09 -------- d-----w- c:\program files\KeyScrambler
2014-08-28 23:32:06 -------- d-----w- c:\documents and settings\hp_administrator\application data\HpUpdate
2014-08-28 23:30:19 -------- d-----w- c:\windows\Hewlett-Packard
2014-08-28 23:29:20 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\Sun
2014-08-27 08:54:01 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-08-27 08:53:46 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-08-27 08:44:08 -------- d-sh--w- c:\documents and settings\hp_administrator\IETldCache
2014-08-27 08:12:42 522240 ------w- c:\windows\system32\dllcache\jsdbgui.dll
2014-08-27 08:12:33 6144 ------w- c:\windows\system32\dllcache\iecompat.dll
2014-08-27 08:12:06 -------- d-----w- c:\windows\ie8updates
2014-08-27 08:11:52 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2014-08-27 08:11:50 630272 ------w- c:\windows\system32\dllcache\msfeeds.dll
2014-08-27 08:11:50 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2014-08-27 08:11:50 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2014-08-27 08:11:50 2006016 ------w- c:\windows\system32\dllcache\iertutil.dll
2014-08-27 08:11:50 11113472 ------w- c:\windows\system32\dllcache\ieframe.dll
2014-08-27 08:11:49 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2014-08-27 08:10:25 -------- dc-h--w- c:\windows\ie8
2014-08-27 08:01:14 -------- d-----w- c:\windows\system32\MRT
2014-08-27 07:04:44 -------- d-----w- c:\program files\MSXML 4.0
2014-08-27 06:54:58 -------- d-----w- c:\program files\VideoLAN
2014-08-27 06:41:55 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2014-08-27 06:41:39 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2014-08-27 06:40:24 13312 ------w- c:\windows\system32\xp_eos.exe
2014-08-27 06:40:24 13312 ------w- c:\windows\system32\dllcache\xp_eos.exe
2014-08-27 06:40:03 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2014-08-27 06:39:31 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2014-08-27 06:39:19 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2014-08-27 06:38:29 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2014-08-27 06:37:38 25088 ------w- c:\windows\system32\dllcache\hidparse.sys
2014-08-27 06:37:38 14976 ------w- c:\windows\system32\dllcache\usbscan.sys
2014-08-27 06:37:09 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2014-08-27 06:37:09 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2014-08-27 06:36:49 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2014-08-27 06:36:49 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2014-08-27 06:36:48 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2014-08-27 06:36:48 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2014-08-27 06:36:48 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2014-08-27 06:36:48 110592 ------w- c:\windows\system32\dllcache\services.exe
2014-08-27 06:36:47 617472 ------w- c:\windows\system32\dllcache\advapi32.dll
2014-08-27 06:36:18 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2014-08-27 06:34:30 105472 ------w- c:\windows\system32\dllcache\mup.sys
2014-08-27 06:34:21 6022144 ------w- c:\windows\system32\dllcache\mshtml.dll
2014-08-27 06:34:12 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2014-08-27 06:33:48 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys
2014-08-27 06:33:48 12928 ------w- c:\windows\system32\dllcache\usb8023.sys
2014-08-27 06:33:42 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2014-08-27 06:33:40 60160 ------w- c:\windows\system32\dllcache\usbaudio.sys
2014-08-27 06:33:40 46848 ------w- c:\windows\system32\dllcache\irbus.sys
2014-08-27 06:33:40 123008 ------w- c:\windows\system32\dllcache\usbvideo.sys
2014-08-27 06:30:37 536576 ------w- c:\windows\system32\dllcache\msado15.dll
2014-08-27 06:29:56 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2014-08-27 06:29:51 139784 ------w- c:\windows\system32\dllcache\rdpwd.sys
2014-08-27 06:28:51 5376 ------w- c:\windows\system32\dllcache\usbd.sys
2014-08-27 06:28:51 32384 ------w- c:\windows\system32\dllcache\usbccgp.sys
2014-08-27 06:28:51 30336 ------w- c:\windows\system32\dllcache\usbehci.sys
2014-08-27 06:28:51 144128 ------w- c:\windows\system32\dllcache\usbport.sys
2014-08-27 06:28:17 -------- d-----r- C:\Sandbox
2014-08-27 06:27:17 718336 ------w- c:\windows\system32\dllcache\ntdll.dll
2014-08-27 06:27:15 2193536 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2014-08-27 06:27:15 2149888 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2014-08-27 06:27:14 2070144 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2014-08-27 06:27:14 2028544 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2014-08-27 06:27:11 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2014-08-27 06:27:09 218112 ------w- c:\windows\system32\dllcache\wordpad.exe
2014-08-27 06:26:57 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2014-08-27 06:26:49 3072 ------w- c:\windows\system32\iacenc.dll
2014-08-27 06:26:49 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
2014-08-27 06:26:45 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2014-08-27 06:26:01 45568 ------w- c:\windows\system32\dllcache\wab.exe
2014-08-27 06:11:50 -------- d-----w- c:\windows\system32\PreInstall
2014-08-27 03:53:13 -------- d-----w- c:\program files\CCleaner
2014-08-27 03:52:32 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-27 03:52:12 53208 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-27 03:52:12 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-27 03:52:12 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-08-27 03:52:12 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2014-08-27 03:46:34 -------- d-----w- c:\windows\system32\SoftwareDistribution
2014-08-26 23:18:41 -------- d-----w- c:\windows\system32\NtmsData
2014-08-26 23:18:02 -------- d-----w- C:\TDSSKiller_Quarantine
2014-08-26 23:05:36 -------- d-----w- c:\program files\Sandboxie
2014-08-26 23:01:45 -------- d-----w- c:\documents and settings\hp_administrator\application data\Avira
2014-08-26 22:54:59 97648 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-08-26 22:54:59 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-08-26 22:52:51 -------- d-----w- c:\program files\Avira
2014-08-26 22:52:49 -------- d-----w- c:\documents and settings\all users\application data\Avira
2014-08-26 22:45:21 -------- d-----w- c:\windows\system32\appmgmt
2014-08-26 22:28:34 -------- d-----w- c:\documents and settings\all users\application data\Package Cache
2014-08-26 22:17:49 -------- d-----w- c:\windows\ServicePackFiles
2014-08-26 21:18:11 -------- d-sh--w- c:\documents and settings\hp_administrator\UserData
2014-08-26 21:09:05 -------- d-sh--r- C:\cmdcons
2014-08-26 21:09:03 -------- d-----w- c:\windows\setup.pss
2014-08-26 11:17:13 -------- d-----w- c:\program files\Microsoft
2014-08-26 11:11:11 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2014-08-26 11:11:06 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2014-08-26 11:07:31 -------- d-----w- c:\windows\I386
2014-08-26 11:00:27 -------- d-----r- c:\documents and settings\all users\Documents
2014-08-26 10:59:24 -------- d-----r- c:\windows\Offline Web Pages
2014-08-26 10:58:11 -------- d-sh--r- c:\windows\system32\dllcache
.
==================== Find3M  ====================
.
2014-08-26 22:21:51 45056 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\uninstallui\eHelpSetup.exe
2014-08-26 22:21:50 61440 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemutil.dll
2014-08-26 22:21:50 44032 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\scripts\devcon.exe
2014-08-26 22:21:50 40960 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\ScDmi.dll
2014-08-26 22:21:50 32768 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\uploadHSC.dll
2014-08-26 22:21:50 32768 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\Scom.dll
2014-08-26 22:21:50 287310 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\HPBasicDetection.dll
2014-08-26 22:21:50 163840 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemcheck.dll
.
============= FINISH:  2:16:32.34 ===============

I do not believe I have the original Windows CD/DVD. Thanks for all the help!

Attached Files



#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:47 PM

Posted 15 September 2014 - 12:35 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

#5 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:47 AM

Posted 17 September 2014 - 12:40 AM

This topic has been re-opened at the request of the person who originally posted.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#6 Bud_91

Bud_91

  • Malware Response Team
  • 438 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:47 PM

Posted 17 September 2014 - 08:41 AM

Hello and welcome to Bleeping Computer. I am sorry that you are having troubles with your computer and will try my best to help you. I know that being infected is very frustrating, but I will be here to help you through the whole process of cleaning. Removing malware can be difficult and complicated and will most likely take many steps, so please stick with me until I have declared your computer clean. I always recommend printing my instructions before following them in case you cannot keep this webpage open. Please be sure to alway follow all steps exactly as they are written and let me know what happens each time. Stop and ask if something unexpected happens or if you are unsure of how to proceed.
 
Please respect my volunteered time and stay with me until I declare your computer clean. If you are going to be delayed for a while, please let me know.
 
Could you please run a fresh TDSSKiller scan for me, then run FRST. Don't take any action with TDSSKiller until I see the log.
 

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
 
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download Farbar Recovery Scan Tool and save it to your desktop.
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
 

Edited by Bud_91, 17 September 2014 - 08:42 AM.

If I have not responded to your log in 36 hours, feel free to send me a PM.

If you would like to make a thank-you donation, please click here: btn_donate_SM.png

 

A.K.A. Buddierdl @ GeeksToGo.com


#7 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:47 PM

Posted 18 September 2014 - 08:18 PM

Hello! Thanks for the assist. So here's the TDSS log:

 

21:27:39.0218 0x0890  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
21:27:39.0796 0x0890  ============================================================
21:27:39.0796 0x0890  Current date / time: 2014/09/17 21:27:39.0796
21:27:39.0796 0x0890  SystemInfo:
21:27:39.0796 0x0890  
21:27:39.0796 0x0890  OS Version: 5.1.2600 ServicePack: 3.0
21:27:39.0796 0x0890  Product type: Workstation
21:27:39.0796 0x0890  ComputerName: ABC
21:27:39.0796 0x0890  UserName: HP_Administrator
21:27:39.0796 0x0890  Windows directory: C:\WINDOWS
21:27:39.0796 0x0890  System windows directory: C:\WINDOWS
21:27:39.0796 0x0890  Processor architecture: Intel x86
21:27:39.0796 0x0890  Number of processors: 2
21:27:39.0796 0x0890  Page size: 0x1000
21:27:39.0796 0x0890  Boot type: Normal boot
21:27:39.0796 0x0890  ============================================================
21:27:39.0796 0x0890  BG loaded
21:27:40.0156 0x0890  System UUID: {AA5402C4-0AA1-D088-FCDE-3AB726B12B33}
21:27:44.0828 0x0890  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000044
21:27:53.0093 0x0890  ============================================================
21:27:53.0093 0x0890  \Device\Harddisk0\DR0:
21:27:53.0296 0x0890  MBR partitions:
21:27:53.0296 0x0890  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1005231
21:27:53.0296 0x0890  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1005270, BlocksNum 0x1C1BB450
21:27:53.0296 0x0890  ============================================================
21:27:53.0531 0x0890  C: <-> \Device\Harddisk0\DR0\Partition2
21:27:53.0531 0x0890  D: <-> \Device\Harddisk0\DR0\Partition1
21:27:53.0531 0x0890  ============================================================
21:27:53.0531 0x0890  Initialize success
21:27:53.0531 0x0890  ============================================================
21:28:04.0421 0x0bc4  ============================================================
21:28:04.0421 0x0bc4  Scan started
21:28:04.0421 0x0bc4  Mode: Manual; SigCheck; TDLFS; 
21:28:04.0421 0x0bc4  ============================================================
21:28:04.0421 0x0bc4  KSN ping started
21:28:07.0140 0x0bc4  KSN ping finished: true
21:28:15.0437 0x0bc4  ================ Scan system memory ========================
21:28:15.0453 0x0bc4  System memory - ok
21:28:15.0453 0x0bc4  ================ Scan services =============================
21:28:33.0656 0x0bc4  Abiosdsk - ok
21:28:33.0671 0x0bc4  abp480n5 - ok
21:28:33.0750 0x0bc4  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:29:38.0593 0x0bc4  ACPI - ok
21:29:39.0218 0x0bc4  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
21:29:39.0515 0x0bc4  ACPIEC - ok
21:29:39.0531 0x0bc4  adpu160m - ok
21:29:39.0578 0x0bc4  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
21:29:39.0921 0x0bc4  aec - ok
21:29:39.0984 0x0bc4  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
21:29:40.0203 0x0bc4  AFD - ok
21:29:40.0312 0x0bc4  [ 34F27C7D71F1C49C7D3857F28B42F544, C307405BC92E174BF696F9A5EC844A95AD983AE2C4223C89F445D89A3361A232 ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
21:29:40.0859 0x0bc4  AgereSoftModem - ok
21:29:40.0875 0x0bc4  Aha154x - ok
21:29:40.0875 0x0bc4  aic78u2 - ok
21:29:40.0890 0x0bc4  aic78xx - ok
21:29:41.0000 0x0bc4  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
21:29:41.0312 0x0bc4  Alerter - ok
21:29:41.0468 0x0bc4  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
21:29:41.0734 0x0bc4  ALG - ok
21:29:41.0750 0x0bc4  AliIde - ok
21:29:41.0750 0x0bc4  amsint - ok
21:29:42.0531 0x0bc4  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
21:29:42.0890 0x0bc4  AntiVirSchedulerService - ok
21:29:42.0968 0x0bc4  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
21:29:43.0031 0x0bc4  AntiVirService - ok
21:29:43.0093 0x0bc4  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
21:29:43.0437 0x0bc4  AppMgmt - ok
21:29:43.0453 0x0bc4  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:29:43.0812 0x0bc4  Arp1394 - ok
21:29:43.0812 0x0bc4  asc - ok
21:29:43.0828 0x0bc4  asc3350p - ok
21:29:43.0828 0x0bc4  asc3550 - ok
21:29:44.0187 0x0bc4  [ E1A1206A4FB19B675E947B29CCD25FBA, A9855FAB141E327DBC05B845939304749175B78F883B7FEC24552D96DA15609F ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
21:29:44.0328 0x0bc4  aspnet_state - detected UnsignedFile.Multi.Generic ( 1 )
21:29:47.0015 0x0bc4  Detect skipped due to KSN trusted
21:29:47.0015 0x0bc4  aspnet_state - ok
21:29:47.0062 0x0bc4  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:29:47.0234 0x0bc4  AsyncMac - ok
21:29:47.0265 0x0bc4  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
21:29:47.0468 0x0bc4  atapi - ok
21:29:47.0468 0x0bc4  Atdisk - ok
21:29:47.0625 0x0bc4  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:29:47.0875 0x0bc4  Atmarpc - ok
21:29:48.0000 0x0bc4  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
21:29:48.0218 0x0bc4  AudioSrv - ok
21:29:48.0265 0x0bc4  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
21:29:48.0484 0x0bc4  audstub - ok
21:29:48.0515 0x0bc4  [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:29:49.0046 0x0bc4  avgntflt - ok
21:29:49.0109 0x0bc4  [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:29:49.0171 0x0bc4  avipbb - ok
21:29:49.0343 0x0bc4  [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
21:29:49.0406 0x0bc4  Avira.OE.ServiceHost - ok
21:29:49.0453 0x0bc4  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
21:29:49.0500 0x0bc4  avkmgr - ok
21:29:49.0515 0x0bc4  [ 7270D070173B20AC9487EA16BB08B45F, 4097AFCF91F1B3DCEFF388009605145ED2B319695BCEB85FF62ADA07087191D9 ] bb-run          C:\WINDOWS\system32\DRIVERS\bb-run.sys
21:29:49.0625 0x0bc4  bb-run - ok
21:29:49.0640 0x0bc4  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:29:49.0859 0x0bc4  Beep - ok
21:29:49.0953 0x0bc4  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
21:29:50.0187 0x0bc4  BITS - ok
21:29:50.0234 0x0bc4  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
21:29:50.0343 0x0bc4  Browser - ok
21:29:50.0390 0x0bc4  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
21:29:50.0593 0x0bc4  cbidf2k - ok
21:29:50.0593 0x0bc4  cd20xrnt - ok
21:29:50.0609 0x0bc4  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
21:29:50.0781 0x0bc4  Cdaudio - ok
21:29:50.0828 0x0bc4  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
21:29:51.0062 0x0bc4  Cdfs - ok
21:29:51.0078 0x0bc4  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:29:51.0281 0x0bc4  Cdrom - ok
21:29:51.0296 0x0bc4  Changer - ok
21:29:51.0343 0x0bc4  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
21:29:51.0546 0x0bc4  CiSvc - ok
21:29:51.0640 0x0bc4  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
21:29:51.0843 0x0bc4  ClipSrv - ok
21:29:52.0031 0x0bc4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:29:52.0078 0x0bc4  clr_optimization_v4.0.30319_32 - ok
21:29:52.0078 0x0bc4  CmdIde - ok
21:29:52.0093 0x0bc4  COMSysApp - ok
21:29:52.0109 0x0bc4  Cpqarray - ok
21:29:52.0140 0x0bc4  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
21:29:52.0390 0x0bc4  CryptSvc - ok
21:29:52.0390 0x0bc4  dac2w2k - ok
21:29:52.0390 0x0bc4  dac960nt - ok
21:29:52.0468 0x0bc4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:29:52.0609 0x0bc4  DcomLaunch - ok
21:29:52.0671 0x0bc4  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
21:29:52.0906 0x0bc4  Dhcp - ok
21:29:52.0921 0x0bc4  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
21:29:53.0140 0x0bc4  Disk - ok
21:29:53.0140 0x0bc4  dmadmin - ok
21:29:53.0328 0x0bc4  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
21:29:53.0640 0x0bc4  dmboot - ok
21:29:53.0718 0x0bc4  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
21:29:53.0921 0x0bc4  dmio - ok
21:29:53.0968 0x0bc4  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
21:29:54.0156 0x0bc4  dmload - ok
21:29:54.0187 0x0bc4  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
21:29:54.0343 0x0bc4  dmserver - ok
21:29:54.0375 0x0bc4  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
21:29:54.0593 0x0bc4  DMusic - ok
21:29:54.0640 0x0bc4  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:29:54.0718 0x0bc4  Dnscache - ok
21:29:54.0796 0x0bc4  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:29:54.0984 0x0bc4  Dot3svc - ok
21:29:54.0984 0x0bc4  dpti2o - ok
21:29:55.0250 0x0bc4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
21:29:55.0484 0x0bc4  drmkaud - ok
21:29:55.0515 0x0bc4  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
21:29:55.0718 0x0bc4  EapHost - ok
21:29:55.0812 0x0bc4  [ 63F371F0248E3732A4821F86E6D0E370, 35838070CF9AADF30FD465234DB27BCD8F471513698DC7E738DDB1762DAC3CE4 ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe
21:29:55.0937 0x0bc4  ehRecvr - ok
21:29:55.0953 0x0bc4  [ 16910F8B482919BB6035ED053B691692, 457B65A1831B5F42F9AFF6C9E810B76D421FE57137768B97A965D5E76142A94E ] ehSched         C:\WINDOWS\eHome\ehSched.exe
21:29:56.0078 0x0bc4  ehSched - ok
21:29:56.0125 0x0bc4  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
21:29:56.0437 0x0bc4  ERSvc - ok
21:29:56.0468 0x0bc4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
21:29:56.0578 0x0bc4  Eventlog - ok
21:29:56.0640 0x0bc4  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
21:29:56.0750 0x0bc4  EventSystem - ok
21:29:56.0796 0x0bc4  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
21:29:57.0000 0x0bc4  Fastfat - ok
21:29:57.0156 0x0bc4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:29:57.0343 0x0bc4  FastUserSwitchingCompatibility - ok
21:29:57.0687 0x0bc4  [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe
21:29:58.0000 0x0bc4  Fax - ok
21:29:58.0031 0x0bc4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
21:29:58.0203 0x0bc4  Fdc - ok
21:29:58.0421 0x0bc4  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
21:29:58.0671 0x0bc4  Fips - ok
21:29:58.0734 0x0bc4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:29:58.0875 0x0bc4  Flpydisk - ok
21:29:58.0968 0x0bc4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
21:29:59.0125 0x0bc4  FltMgr - ok
21:29:59.0171 0x0bc4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:29:59.0375 0x0bc4  Fs_Rec - ok
21:29:59.0375 0x0bc4  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:29:59.0531 0x0bc4  Ftdisk - ok
21:29:59.0531 0x0bc4  [ 92E8443C7BF5C0137671CDE080655DFC, 759032856687B1684073106D187608225A211C0058A43A17B42B699745F06546 ] ftsata2         C:\WINDOWS\system32\DRIVERS\ftsata2.sys
21:29:59.0593 0x0bc4  ftsata2 - ok
21:29:59.0609 0x0bc4  [ 6F55305289A0765BD8AE8E8D32F17117, E9AE6270C03CA8C876234723FB087F63A04E1B07028B578EE8D75886736ACD35 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:29:59.0640 0x0bc4  GEARAspiWDM - ok
21:29:59.0656 0x0bc4  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:29:59.0843 0x0bc4  Gpc - ok
21:29:59.0937 0x0bc4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
21:29:59.0968 0x0bc4  gupdate - ok
21:29:59.0984 0x0bc4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:30:00.0000 0x0bc4  gupdatem - ok
21:30:00.0046 0x0bc4  [ 2A013E7530BEAB6E569FAA83F517E836, 481390EE00AF49BB54B8C885801FCAC0F87F4EF3D935ABBBA42B7C063EFDDB8F ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
21:30:00.0187 0x0bc4  HdAudAddService - ok
21:30:00.0250 0x0bc4  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:30:00.0453 0x0bc4  HDAudBus - ok
21:30:00.0546 0x0bc4  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:30:00.0734 0x0bc4  helpsvc - ok
21:30:00.0734 0x0bc4  HidServ - ok
21:30:00.0750 0x0bc4  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:30:00.0906 0x0bc4  HidUsb - ok
21:30:00.0968 0x0bc4  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
21:30:01.0171 0x0bc4  hkmsvc - ok
21:30:01.0171 0x0bc4  hpn - ok
21:30:01.0250 0x0bc4  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
21:30:01.0296 0x0bc4  HTTP - ok
21:30:01.0359 0x0bc4  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
21:30:01.0546 0x0bc4  HTTPFilter - ok
21:30:01.0546 0x0bc4  i2omgmt - ok
21:30:01.0562 0x0bc4  i2omp - ok
21:30:01.0625 0x0bc4  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:30:01.0781 0x0bc4  i8042prt - ok
21:30:01.0984 0x0bc4  [ 4007984827E19E6A5B6FAF8532EAEFBA, 7D0A4B5C88C46C68F52D3293CB18077EB582131E2BF28BF4ACE700949B7188CB ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
21:30:02.0250 0x0bc4  ialm - ok
21:30:02.0406 0x0bc4  [ 79AE2A97C120F282845D854D0F070EA9, 5569785B034777D8A227377E0DC735DEEA6277A31FD60CA6E62AF01F49B3B8FF ] iaStor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
21:30:02.0718 0x0bc4  iaStor - ok
21:30:02.0859 0x0bc4  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:30:02.0906 0x0bc4  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:30:05.0375 0x0bc4  Detect skipped due to KSN trusted
21:30:05.0375 0x0bc4  IDriverT - ok
21:30:05.0390 0x0bc4  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
21:30:05.0546 0x0bc4  Imapi - ok
21:30:05.0593 0x0bc4  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
21:30:05.0812 0x0bc4  ImapiService - ok
21:30:05.0828 0x0bc4  ini910u - ok
21:30:06.0015 0x0bc4  [ D87FFA95D630EC8D1482CA25C454846A, 7CA5C18A7A74040F921C0985882102709629EFDFB2107931EBB5D4A478EA6B5F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:30:06.0359 0x0bc4  IntcAzAudAddService - ok
21:30:06.0375 0x0bc4  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
21:30:06.0562 0x0bc4  IntelIde - ok
21:30:06.0609 0x0bc4  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:30:06.0765 0x0bc4  intelppm - ok
21:30:06.0781 0x0bc4  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
21:30:06.0937 0x0bc4  Ip6Fw - ok
21:30:06.0968 0x0bc4  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:30:07.0109 0x0bc4  IpFilterDriver - ok
21:30:07.0140 0x0bc4  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:30:07.0265 0x0bc4  IpInIp - ok
21:30:07.0296 0x0bc4  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:30:07.0437 0x0bc4  IpNat - ok
21:30:07.0484 0x0bc4  [ 50F2E042C33ED8D11264BE5C4D533C7F, 43D1CEA43BE41AEC765F5A5759857A58A474E663C22484611FC20C7E9C932B09 ] iPodService     C:\Program Files\iPod\bin\iPodService.exe
21:30:07.0515 0x0bc4  iPodService - detected UnsignedFile.Multi.Generic ( 1 )
21:30:09.0984 0x0bc4  Detect skipped due to KSN trusted
21:30:09.0984 0x0bc4  iPodService - ok
21:30:10.0000 0x0bc4  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:30:10.0156 0x0bc4  IPSec - ok
21:30:10.0171 0x0bc4  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
21:30:10.0328 0x0bc4  IRENUM - ok
21:30:10.0343 0x0bc4  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:30:10.0500 0x0bc4  isapnp - ok
21:30:10.0609 0x0bc4  [ BF918C9473D64BBD53C22C47045883F5, 1980726FBFEEE75E4B360B1A4F438CF1ADD929AC21BD5197F740CB8AD8194BD2 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
21:30:10.0640 0x0bc4  JavaQuickStarterService - ok
21:30:10.0703 0x0bc4  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:30:10.0843 0x0bc4  Kbdclass - ok
21:30:10.0875 0x0bc4  [ D9CA77A69473A93E40B7551A7DE425A9, 15733F12EC5AE8675CAFA79653AFDE4F52D1886A516FCB9BB9B20179E676282F ] KeyScrambler    C:\WINDOWS\system32\drivers\keyscrambler.sys
21:30:10.0921 0x0bc4  KeyScrambler - ok
21:30:10.0937 0x0bc4  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
21:30:11.0109 0x0bc4  kmixer - ok
21:30:11.0171 0x0bc4  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
21:30:11.0234 0x0bc4  KSecDD - ok
21:30:11.0265 0x0bc4  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
21:30:11.0359 0x0bc4  lanmanserver - ok
21:30:11.0406 0x0bc4  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:30:11.0468 0x0bc4  lanmanworkstation - ok
21:30:11.0484 0x0bc4  lbrtfdc - ok
21:30:11.0531 0x0bc4  [ 00944D59948596721D17510C94CD3E4F, FBD66042DEF6C5E29C3BB46B6A0739137DEC0EF73558A4C70C37CD1B6DDC240F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
21:30:11.0562 0x0bc4  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
21:30:14.0187 0x0bc4  Detect skipped due to KSN trusted
21:30:14.0187 0x0bc4  LightScribeService - ok
21:30:14.0218 0x0bc4  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
21:30:14.0375 0x0bc4  LmHosts - ok
21:30:14.0421 0x0bc4  [ 9EE18A5A45552673A67532EA37370377, F3BE11A6393A241FF5E2A73497D9E948EAA59BF4BBA308018EFDDF5CF9CE36C0 ] ltmodem5        C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
21:30:14.0562 0x0bc4  ltmodem5 - ok
21:30:14.0656 0x0bc4  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
21:30:14.0703 0x0bc4  MDM - ok
21:30:14.0734 0x0bc4  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
21:30:14.0890 0x0bc4  Messenger - ok
21:30:14.0921 0x0bc4  [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8BC27932EBF890B ] MHN             C:\WINDOWS\System32\mhn.dll
21:30:14.0953 0x0bc4  MHN - detected UnsignedFile.Multi.Generic ( 1 )
21:30:17.0421 0x0bc4  Detect skipped due to KSN trusted
21:30:17.0421 0x0bc4  MHN - ok
21:30:17.0437 0x0bc4  [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F49A397C361585C6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
21:30:17.0468 0x0bc4  MHNDRV - detected UnsignedFile.Multi.Generic ( 1 )
21:30:20.0093 0x0bc4  Detect skipped due to KSN trusted
21:30:20.0093 0x0bc4  MHNDRV - ok
21:30:20.0109 0x0bc4  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
21:30:20.0250 0x0bc4  mnmdd - ok
21:30:20.0281 0x0bc4  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
21:30:20.0437 0x0bc4  mnmsrvc - ok
21:30:20.0484 0x0bc4  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
21:30:20.0640 0x0bc4  Modem - ok
21:30:20.0656 0x0bc4  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:30:20.0796 0x0bc4  Mouclass - ok
21:30:20.0843 0x0bc4  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:30:20.0984 0x0bc4  mouhid - ok
21:30:21.0000 0x0bc4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
21:30:21.0171 0x0bc4  MountMgr - ok
21:30:21.0171 0x0bc4  mraid35x - ok
21:30:21.0187 0x0bc4  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:30:21.0359 0x0bc4  MRxDAV - ok
21:30:21.0421 0x0bc4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:30:21.0500 0x0bc4  MRxSmb - ok
21:30:21.0531 0x0bc4  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
21:30:21.0687 0x0bc4  MSDTC - ok
21:30:21.0703 0x0bc4  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:30:21.0859 0x0bc4  Msfs - ok
21:30:21.0859 0x0bc4  MSIServer - ok
21:30:21.0890 0x0bc4  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:30:22.0031 0x0bc4  MSKSSRV - ok
21:30:22.0062 0x0bc4  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:30:22.0203 0x0bc4  MSPCLOCK - ok
21:30:22.0218 0x0bc4  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
21:30:22.0343 0x0bc4  MSPQM - ok
21:30:22.0375 0x0bc4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:30:22.0500 0x0bc4  mssmbios - ok
21:30:22.0546 0x0bc4  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
21:30:22.0593 0x0bc4  Mup - ok
21:30:22.0640 0x0bc4  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
21:30:22.0796 0x0bc4  napagent - ok
21:30:22.0843 0x0bc4  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
21:30:23.0000 0x0bc4  NDIS - ok
21:30:23.0046 0x0bc4  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:30:23.0078 0x0bc4  NdisTapi - ok
21:30:23.0125 0x0bc4  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:30:23.0250 0x0bc4  Ndisuio - ok
21:30:23.0265 0x0bc4  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:30:23.0406 0x0bc4  NdisWan - ok
21:30:23.0453 0x0bc4  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
21:30:23.0500 0x0bc4  NDProxy - ok
21:30:23.0546 0x0bc4  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
21:30:23.0671 0x0bc4  NetBIOS - ok
21:30:23.0703 0x0bc4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:30:23.0859 0x0bc4  NetBT - ok
21:30:23.0890 0x0bc4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
21:30:24.0046 0x0bc4  NetDDE - ok
21:30:24.0062 0x0bc4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
21:30:24.0187 0x0bc4  NetDDEdsdm - ok
21:30:24.0218 0x0bc4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:30:24.0375 0x0bc4  Netlogon - ok
21:30:24.0406 0x0bc4  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
21:30:24.0578 0x0bc4  Netman - ok
21:30:24.0593 0x0bc4  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:30:24.0734 0x0bc4  NIC1394 - ok
21:30:24.0765 0x0bc4  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
21:30:24.0812 0x0bc4  Nla - ok
21:30:24.0843 0x0bc4  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:30:24.0984 0x0bc4  Npfs - ok
21:30:25.0015 0x0bc4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
21:30:25.0171 0x0bc4  Ntfs - ok
21:30:25.0203 0x0bc4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
21:30:25.0328 0x0bc4  NtLmSsp - ok
21:30:25.0421 0x0bc4  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
21:30:25.0578 0x0bc4  NtmsSvc - ok
21:30:25.0625 0x0bc4  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:30:25.0765 0x0bc4  Null - ok
21:30:25.0781 0x0bc4  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:30:25.0937 0x0bc4  NwlnkFlt - ok
21:30:25.0937 0x0bc4  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:30:26.0078 0x0bc4  NwlnkFwd - ok
21:30:26.0109 0x0bc4  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:30:26.0265 0x0bc4  ohci1394 - ok
21:30:26.0296 0x0bc4  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:30:26.0328 0x0bc4  ose - ok
21:30:26.0359 0x0bc4  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
21:30:26.0531 0x0bc4  Parport - ok
21:30:26.0531 0x0bc4  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
21:30:26.0671 0x0bc4  PartMgr - ok
21:30:26.0703 0x0bc4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
21:30:26.0843 0x0bc4  ParVdm - ok
21:30:26.0859 0x0bc4  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
21:30:27.0015 0x0bc4  PCI - ok
21:30:27.0015 0x0bc4  PCIDump - ok
21:30:27.0031 0x0bc4  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
21:30:27.0171 0x0bc4  PCIIde - ok
21:30:27.0218 0x0bc4  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
21:30:27.0375 0x0bc4  Pcmcia - ok
21:30:27.0390 0x0bc4  PDCOMP - ok
21:30:27.0390 0x0bc4  PDFRAME - ok
21:30:27.0390 0x0bc4  PDRELI - ok
21:30:27.0406 0x0bc4  PDRFRAME - ok
21:30:27.0406 0x0bc4  perc2 - ok
21:30:27.0421 0x0bc4  perc2hib - ok
21:30:27.0453 0x0bc4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
21:30:27.0484 0x0bc4  PlugPlay - ok
21:30:27.0515 0x0bc4  [ 9D84376931440F3679BEEF2A414FA493, C800227A67C3C10A26114DB54F5390D2A475D36BE65E87CB890A6819B0BB4884 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
21:30:27.0531 0x0bc4  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:30:30.0171 0x0bc4  Detect skipped due to KSN trusted
21:30:30.0171 0x0bc4  Pml Driver HPZ12 - ok
21:30:30.0187 0x0bc4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
21:30:30.0312 0x0bc4  PolicyAgent - ok
21:30:30.0343 0x0bc4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:30:30.0500 0x0bc4  PptpMiniport - ok
21:30:30.0500 0x0bc4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:30:30.0640 0x0bc4  ProtectedStorage - ok
21:30:30.0687 0x0bc4  [ BFFDB363485501A38F0BCA83AEC810DB, FFD5DB5D5C2E088EE5E2A5F586A5DC0CC70E15DA811406465B4940FCE0B61B3A ] Ps2             C:\WINDOWS\system32\DRIVERS\PS2.sys
21:30:30.0750 0x0bc4  Ps2 - ok
21:30:30.0750 0x0bc4  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
21:30:30.0906 0x0bc4  PSched - ok
21:30:30.0921 0x0bc4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:30:31.0109 0x0bc4  Ptilink - ok
21:30:31.0140 0x0bc4  [ 86724469CD077901706854974CD13C3E, 23C6B45928E43AC2893033DFC4265C2C87B3D185CB20553B9EAB818A46FB8C18 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:30:31.0140 0x0bc4  PxHelp20 - detected UnsignedFile.Multi.Generic ( 1 )
21:30:33.0609 0x0bc4  Detect skipped due to KSN trusted
21:30:33.0609 0x0bc4  PxHelp20 - ok
21:30:33.0609 0x0bc4  ql1080 - ok
21:30:33.0625 0x0bc4  Ql10wnt - ok
21:30:33.0625 0x0bc4  ql12160 - ok
21:30:33.0625 0x0bc4  ql1240 - ok
21:30:33.0640 0x0bc4  ql1280 - ok
21:30:33.0656 0x0bc4  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:30:33.0796 0x0bc4  RasAcd - ok
21:30:33.0843 0x0bc4  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:30:33.0984 0x0bc4  RasAuto - ok
21:30:34.0000 0x0bc4  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:30:34.0140 0x0bc4  Rasl2tp - ok
21:30:34.0187 0x0bc4  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:30:34.0328 0x0bc4  RasMan - ok
21:30:34.0343 0x0bc4  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:30:34.0468 0x0bc4  RasPppoe - ok
21:30:34.0500 0x0bc4  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
21:30:34.0640 0x0bc4  Raspti - ok
21:30:34.0671 0x0bc4  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:30:34.0812 0x0bc4  Rdbss - ok
21:30:34.0828 0x0bc4  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:30:34.0953 0x0bc4  RDPCDD - ok
21:30:34.0968 0x0bc4  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:30:35.0125 0x0bc4  rdpdr - ok
21:30:35.0156 0x0bc4  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
21:30:35.0218 0x0bc4  RDPWD - ok
21:30:35.0265 0x0bc4  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
21:30:35.0421 0x0bc4  RDSessMgr - ok
21:30:35.0437 0x0bc4  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
21:30:35.0593 0x0bc4  redbook - ok
21:30:35.0625 0x0bc4  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:30:35.0796 0x0bc4  RemoteAccess - ok
21:30:35.0828 0x0bc4  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
21:30:35.0984 0x0bc4  RemoteRegistry - ok
21:30:36.0015 0x0bc4  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:30:36.0187 0x0bc4  RpcLocator - ok
21:30:36.0218 0x0bc4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
21:30:36.0265 0x0bc4  RpcSs - ok
21:30:36.0312 0x0bc4  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
21:30:36.0468 0x0bc4  RSVP - ok
21:30:36.0500 0x0bc4  [ 7F0413BDD7D53EB4C7A371E7F6F84DF1, 41F9E4EC1204183C4D820AB1B764CC416ECF896BAAFA61DB8EB970BEE1BFEF18 ] RTL8023xp       C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
21:30:36.0593 0x0bc4  RTL8023xp - ok
21:30:36.0609 0x0bc4  [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
21:30:36.0671 0x0bc4  rtl8139 - ok
21:30:36.0687 0x0bc4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:30:36.0812 0x0bc4  SamSs - ok
21:30:36.0859 0x0bc4  [ F2BF19FE48D9B8ADF8F5A0A6F17FD6BA, 4215E6D93946E5E038118DA7A80C93A567DD907F2CB04C6D37AC2175A185B527 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
21:30:36.0906 0x0bc4  SbieDrv - ok
21:30:36.0921 0x0bc4  [ 72A63DB72D3DE34B880CE90464069E7E, 321FCAA7AD1BC0D805828C08AEA3CA1A81ACE20BE88FAF115D3DE8B009C5221B ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
21:30:36.0953 0x0bc4  SbieSvc - ok
21:30:37.0000 0x0bc4  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
21:30:37.0156 0x0bc4  SCardSvr - ok
21:30:37.0203 0x0bc4  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:30:37.0359 0x0bc4  Schedule - ok
21:30:37.0406 0x0bc4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:30:37.0546 0x0bc4  Secdrv - ok
21:30:37.0562 0x0bc4  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
21:30:37.0718 0x0bc4  seclogon - ok
21:30:37.0734 0x0bc4  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
21:30:37.0890 0x0bc4  SENS - ok
21:30:37.0906 0x0bc4  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] Serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
21:30:38.0046 0x0bc4  Serenum - ok
21:30:38.0078 0x0bc4  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
21:30:38.0234 0x0bc4  Serial - ok
21:30:38.0250 0x0bc4  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
21:30:38.0390 0x0bc4  Sfloppy - ok
21:30:38.0437 0x0bc4  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:30:38.0609 0x0bc4  SharedAccess - ok
21:30:38.0640 0x0bc4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:30:38.0687 0x0bc4  ShellHWDetection - ok
21:30:38.0687 0x0bc4  Simbad - ok
21:30:38.0703 0x0bc4  Sparrow - ok
21:30:38.0734 0x0bc4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
21:30:38.0875 0x0bc4  splitter - ok
21:30:38.0921 0x0bc4  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
21:30:38.0968 0x0bc4  Spooler - ok
21:30:38.0984 0x0bc4  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
21:30:39.0140 0x0bc4  sr - ok
21:30:39.0187 0x0bc4  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
21:30:39.0343 0x0bc4  srservice - ok
21:30:39.0375 0x0bc4  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:30:39.0468 0x0bc4  Srv - ok
21:30:39.0500 0x0bc4  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:30:39.0656 0x0bc4  SSDPSRV - ok
21:30:39.0687 0x0bc4  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
21:30:39.0718 0x0bc4  ssmdrv - ok
21:30:39.0734 0x0bc4  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
21:30:39.0890 0x0bc4  stisvc - ok
21:30:39.0937 0x0bc4  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
21:30:40.0078 0x0bc4  swenum - ok
21:30:40.0109 0x0bc4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
21:30:40.0250 0x0bc4  swmidi - ok
21:30:40.0250 0x0bc4  SwPrv - ok
21:30:40.0265 0x0bc4  symc810 - ok
21:30:40.0265 0x0bc4  symc8xx - ok
21:30:40.0281 0x0bc4  sym_hi - ok
21:30:40.0281 0x0bc4  sym_u3 - ok
21:30:40.0296 0x0bc4  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
21:30:40.0437 0x0bc4  sysaudio - ok
21:30:40.0484 0x0bc4  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
21:30:40.0656 0x0bc4  SysmonLog - ok
21:30:40.0703 0x0bc4  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:30:40.0859 0x0bc4  TapiSrv - ok
21:30:40.0921 0x0bc4  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:30:40.0968 0x0bc4  Tcpip - ok
21:30:41.0015 0x0bc4  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
21:30:41.0171 0x0bc4  TDPIPE - ok
21:30:41.0187 0x0bc4  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
21:30:41.0343 0x0bc4  TDTCP - ok
21:30:41.0359 0x0bc4  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
21:30:41.0500 0x0bc4  TermDD - ok
21:30:41.0546 0x0bc4  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
21:30:41.0703 0x0bc4  TermService - ok
21:30:41.0734 0x0bc4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
21:30:41.0765 0x0bc4  Themes - ok
21:30:41.0796 0x0bc4  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
21:30:41.0937 0x0bc4  TlntSvr - ok
21:30:41.0937 0x0bc4  TosIde - ok
21:30:41.0968 0x0bc4  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
21:30:42.0109 0x0bc4  TrkWks - ok
21:30:42.0140 0x0bc4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
21:30:42.0281 0x0bc4  Udfs - ok
21:30:42.0296 0x0bc4  ultra - ok
21:30:42.0312 0x0bc4  [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
21:30:42.0390 0x0bc4  UMWdf - ok
21:30:42.0437 0x0bc4  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
21:30:42.0625 0x0bc4  Update - ok
21:30:42.0687 0x0bc4  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:30:42.0843 0x0bc4  upnphost - ok
21:30:42.0859 0x0bc4  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
21:30:43.0015 0x0bc4  UPS - ok
21:30:43.0062 0x0bc4  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:30:43.0109 0x0bc4  usbehci - ok
21:30:43.0156 0x0bc4  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:30:43.0312 0x0bc4  usbhub - ok
21:30:43.0343 0x0bc4  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:30:43.0484 0x0bc4  USBSTOR - ok
21:30:43.0500 0x0bc4  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:30:43.0640 0x0bc4  usbuhci - ok
21:30:43.0656 0x0bc4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
21:30:43.0796 0x0bc4  VgaSave - ok
21:30:43.0812 0x0bc4  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
21:30:43.0953 0x0bc4  ViaIde - ok
21:30:43.0968 0x0bc4  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
21:30:44.0093 0x0bc4  VolSnap - ok
21:30:44.0140 0x0bc4  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
21:30:44.0296 0x0bc4  VSS - ok
21:30:44.0312 0x0bc4  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
21:30:44.0468 0x0bc4  W32Time - ok
21:30:44.0484 0x0bc4  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:30:44.0640 0x0bc4  Wanarp - ok
21:30:44.0640 0x0bc4  WDICA - ok
21:30:44.0687 0x0bc4  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
21:30:44.0812 0x0bc4  wdmaud - ok
21:30:44.0859 0x0bc4  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:30:45.0000 0x0bc4  WebClient - ok
21:30:45.0078 0x0bc4  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:30:45.0218 0x0bc4  winmgmt - ok
21:30:45.0250 0x0bc4  [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
21:30:45.0312 0x0bc4  WmdmPmSN - ok
21:30:45.0359 0x0bc4  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
21:30:45.0421 0x0bc4  Wmi - ok
21:30:45.0484 0x0bc4  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:30:45.0656 0x0bc4  WmiApSrv - ok
21:30:45.0750 0x0bc4  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:30:45.0796 0x0bc4  WPFFontCache_v0400 - ok
21:30:45.0843 0x0bc4  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
21:30:46.0000 0x0bc4  wscsvc - ok
21:30:46.0015 0x0bc4  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
21:30:46.0156 0x0bc4  wuauserv - ok
21:30:46.0203 0x0bc4  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
21:30:46.0390 0x0bc4  WZCSVC - ok
21:30:46.0406 0x0bc4  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
21:30:46.0593 0x0bc4  xmlprov - ok
21:30:46.0609 0x0bc4  ================ Scan global ===============================
21:30:46.0671 0x0bc4  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
21:30:46.0718 0x0bc4  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
21:30:46.0750 0x0bc4  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
21:30:46.0781 0x0bc4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
21:30:46.0796 0x0bc4  [ Global ] - ok
21:30:46.0796 0x0bc4  ================ Scan MBR ==================================
21:30:46.0812 0x0bc4  [ 0AC6D996BCE152AED9600E6D6B797E2E ] \Device\Harddisk0\DR0
21:30:47.0718 0x0bc4  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
21:30:47.0718 0x0bc4  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:30:50.0218 0x0bc4  ================ Scan VBR ==================================
21:30:50.0250 0x0bc4  [ A73E64913D5C010F08E3E7EAD4B4D0B0 ] \Device\Harddisk0\DR0\Partition1
21:30:50.0265 0x0bc4  \Device\Harddisk0\DR0\Partition1 - ok
21:30:50.0296 0x0bc4  [ C7542CD6F8FF752A7D569E443DC8B841 ] \Device\Harddisk0\DR0\Partition2
21:30:50.0343 0x0bc4  \Device\Harddisk0\DR0\Partition2 - ok
21:30:50.0343 0x0bc4  ================ Scan active images ========================
21:30:50.0343 0x0bc4  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] C:\WINDOWS\system32\drivers\intelppm.sys
21:30:50.0343 0x0bc4  C:\WINDOWS\system32\drivers\intelppm.sys - ok
21:30:50.0359 0x0bc4  [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
21:30:50.0359 0x0bc4  C:\WINDOWS\system32\drivers\videoprt.sys - ok
21:30:50.0359 0x0bc4  [ 4007984827E19E6A5B6FAF8532EAEFBA, 7D0A4B5C88C46C68F52D3293CB18077EB582131E2BF28BF4ACE700949B7188CB ] C:\WINDOWS\system32\drivers\ialmnt5.sys
21:30:50.0359 0x0bc4  C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
21:30:50.0359 0x0bc4  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
21:30:50.0359 0x0bc4  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
21:30:50.0375 0x0bc4  [ 6DF35CA139C3BC15CC74390ABB114EFE, 5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ] C:\WINDOWS\system32\drivers\usbport.sys
21:30:50.0375 0x0bc4  C:\WINDOWS\system32\drivers\usbport.sys - ok
21:30:50.0375 0x0bc4  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
21:30:50.0375 0x0bc4  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
21:30:50.0375 0x0bc4  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] C:\WINDOWS\system32\drivers\nic1394.sys
21:30:50.0375 0x0bc4  C:\WINDOWS\system32\drivers\nic1394.sys - ok
21:30:50.0375 0x0bc4  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] C:\WINDOWS\system32\drivers\usbehci.sys
21:30:50.0375 0x0bc4  C:\WINDOWS\system32\drivers\usbehci.sys - ok
21:30:50.0390 0x0bc4  [ 7F0413BDD7D53EB4C7A371E7F6F84DF1, 41F9E4EC1204183C4D820AB1B764CC416ECF896BAAFA61DB8EB970BEE1BFEF18 ] C:\WINDOWS\system32\drivers\Rtlnicxp.sys
21:30:50.0390 0x0bc4  C:\WINDOWS\system32\drivers\Rtlnicxp.sys - ok
21:30:50.0390 0x0bc4  [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
21:30:50.0390 0x0bc4  C:\WINDOWS\system32\drivers\ks.sys - ok
21:30:50.0390 0x0bc4  [ 34F27C7D71F1C49C7D3857F28B42F544, C307405BC92E174BF696F9A5EC844A95AD983AE2C4223C89F445D89A3361A232 ] C:\WINDOWS\system32\drivers\AGRSM.sys
21:30:50.0390 0x0bc4  C:\WINDOWS\system32\drivers\AGRSM.sys - ok
21:30:50.0390 0x0bc4  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] C:\WINDOWS\system32\drivers\modem.sys
21:30:50.0390 0x0bc4  C:\WINDOWS\system32\drivers\modem.sys - ok
21:30:50.0406 0x0bc4  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] C:\WINDOWS\system32\drivers\parport.sys
21:30:50.0406 0x0bc4  C:\WINDOWS\system32\drivers\parport.sys - ok
21:30:50.0406 0x0bc4  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] C:\WINDOWS\system32\drivers\i8042prt.sys
21:30:50.0406 0x0bc4  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
21:30:50.0406 0x0bc4  [ D9CA77A69473A93E40B7551A7DE425A9, 15733F12EC5AE8675CAFA79653AFDE4F52D1886A516FCB9BB9B20179E676282F ] C:\WINDOWS\system32\drivers\keyscrambler.sys
21:30:50.0421 0x0bc4  C:\WINDOWS\system32\drivers\keyscrambler.sys - ok
21:30:50.0421 0x0bc4  [ BFFDB363485501A38F0BCA83AEC810DB, FFD5DB5D5C2E088EE5E2A5F586A5DC0CC70E15DA811406465B4940FCE0B61B3A ] C:\WINDOWS\system32\drivers\PS2.sys
21:30:50.0421 0x0bc4  C:\WINDOWS\system32\drivers\PS2.sys - ok
21:30:50.0421 0x0bc4  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
21:30:50.0421 0x0bc4  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
21:30:50.0437 0x0bc4  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
21:30:50.0437 0x0bc4  C:\WINDOWS\system32\drivers\cdrom.sys - ok
21:30:50.0437 0x0bc4  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
21:30:50.0437 0x0bc4  C:\WINDOWS\system32\drivers\imapi.sys - ok
21:30:50.0437 0x0bc4  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] C:\WINDOWS\system32\drivers\audstub.sys
21:30:50.0437 0x0bc4  C:\WINDOWS\system32\drivers\audstub.sys - ok
21:30:50.0453 0x0bc4  [ 6F55305289A0765BD8AE8E8D32F17117, E9AE6270C03CA8C876234723FB087F63A04E1B07028B578EE8D75886736ACD35 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
21:30:50.0453 0x0bc4  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
21:30:50.0453 0x0bc4  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
21:30:50.0453 0x0bc4  C:\WINDOWS\system32\drivers\redbook.sys - ok
21:30:50.0453 0x0bc4  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
21:30:50.0453 0x0bc4  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
21:30:50.0468 0x0bc4  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
21:30:50.0468 0x0bc4  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
21:30:50.0468 0x0bc4  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
21:30:50.0468 0x0bc4  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
21:30:50.0484 0x0bc4  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
21:30:50.0484 0x0bc4  C:\WINDOWS\system32\drivers\psched.sys - ok
21:30:50.0484 0x0bc4  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
21:30:50.0484 0x0bc4  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
21:30:50.0484 0x0bc4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
21:30:50.0484 0x0bc4  C:\WINDOWS\system32\drivers\raspptp.sys - ok
21:30:50.0500 0x0bc4  [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
21:30:50.0500 0x0bc4  C:\WINDOWS\system32\drivers\tdi.sys - ok
21:30:50.0500 0x0bc4  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
21:30:50.0500 0x0bc4  C:\WINDOWS\system32\drivers\msgpc.sys - ok
21:30:50.0515 0x0bc4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
21:30:50.0515 0x0bc4  C:\WINDOWS\system32\drivers\ptilink.sys - ok
21:30:50.0515 0x0bc4  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
21:30:50.0515 0x0bc4  C:\WINDOWS\system32\drivers\raspti.sys - ok
21:30:50.0515 0x0bc4  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] C:\WINDOWS\system32\drivers\rdpdr.sys
21:30:50.0515 0x0bc4  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
21:30:50.0531 0x0bc4  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
21:30:50.0531 0x0bc4  C:\WINDOWS\system32\drivers\mouclass.sys - ok
21:30:50.0531 0x0bc4  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
21:30:50.0531 0x0bc4  C:\WINDOWS\system32\drivers\termdd.sys - ok
21:30:50.0546 0x0bc4  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
21:30:50.0546 0x0bc4  C:\WINDOWS\system32\drivers\swenum.sys - ok
21:30:50.0546 0x0bc4  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
21:30:50.0546 0x0bc4  C:\WINDOWS\system32\drivers\update.sys - ok
21:30:50.0546 0x0bc4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
21:30:50.0546 0x0bc4  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
21:30:50.0562 0x0bc4  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] C:\WINDOWS\system32\drivers\ndproxy.sys
21:30:50.0562 0x0bc4  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
21:30:50.0562 0x0bc4  [ 6CB08593487F5701D2D2254E693EAFCE, 0518A1FC540C036E6864DA8C01CADE043D4F897D7FCF8C61352865131DEB7414 ] C:\WINDOWS\system32\drivers\drmk.sys
21:30:50.0562 0x0bc4  C:\WINDOWS\system32\drivers\drmk.sys - ok
21:30:50.0562 0x0bc4  [ E82A496C3961EFC6828B508C310CE98F, E142A0809525B34A376B3063B07B8822930056BBCB886B7CF1D7585BCEC371A0 ] C:\WINDOWS\system32\drivers\portcls.sys
21:30:50.0562 0x0bc4  C:\WINDOWS\system32\drivers\portcls.sys - ok
21:30:50.0578 0x0bc4  [ D87FFA95D630EC8D1482CA25C454846A, 7CA5C18A7A74040F921C0985882102709629EFDFB2107931EBB5D4A478EA6B5F ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:30:50.0578 0x0bc4  C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
21:30:50.0578 0x0bc4  [ 04FE5EF6ED4818EC4839EA5C611A6310, 666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ] C:\WINDOWS\system32\drivers\usbd.sys
21:30:50.0578 0x0bc4  C:\WINDOWS\system32\drivers\usbd.sys - ok
21:30:50.0593 0x0bc4  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
21:30:50.0593 0x0bc4  C:\WINDOWS\system32\drivers\usbhub.sys - ok
21:30:50.0593 0x0bc4  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
21:30:50.0593 0x0bc4  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
21:30:50.0593 0x0bc4  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
21:30:50.0593 0x0bc4  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
21:30:50.0609 0x0bc4  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
21:30:50.0609 0x0bc4  C:\WINDOWS\system32\drivers\beep.sys - ok
21:30:50.0609 0x0bc4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
21:30:50.0609 0x0bc4  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
21:30:50.0609 0x0bc4  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] C:\WINDOWS\system32\drivers\mnmdd.sys
21:30:50.0609 0x0bc4  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
21:30:50.0625 0x0bc4  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
21:30:50.0625 0x0bc4  C:\WINDOWS\system32\drivers\null.sys - ok
21:30:50.0625 0x0bc4  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
21:30:50.0625 0x0bc4  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
21:30:50.0625 0x0bc4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
21:30:50.0625 0x0bc4  C:\WINDOWS\system32\drivers\vga.sys - ok
21:30:50.0640 0x0bc4  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
21:30:50.0640 0x0bc4  C:\WINDOWS\system32\drivers\ipsec.sys - ok
21:30:50.0640 0x0bc4  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
21:30:50.0640 0x0bc4  C:\WINDOWS\system32\drivers\msfs.sys - ok
21:30:50.0640 0x0bc4  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
21:30:50.0640 0x0bc4  C:\WINDOWS\system32\drivers\npfs.sys - ok
21:30:50.0640 0x0bc4  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
21:30:50.0640 0x0bc4  C:\WINDOWS\system32\drivers\rasacd.sys - ok
21:30:50.0656 0x0bc4  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
21:30:50.0656 0x0bc4  C:\WINDOWS\system32\drivers\tcpip.sys - ok
21:30:50.0656 0x0bc4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
21:30:50.0656 0x0bc4  C:\WINDOWS\system32\drivers\netbt.sys - ok
21:30:50.0656 0x0bc4  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
21:30:50.0656 0x0bc4  C:\WINDOWS\system32\drivers\afd.sys - ok
21:30:50.0671 0x0bc4  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] C:\WINDOWS\system32\drivers\ipnat.sys
21:30:50.0671 0x0bc4  C:\WINDOWS\system32\drivers\ipnat.sys - ok
21:30:50.0671 0x0bc4  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] C:\WINDOWS\system32\drivers\wanarp.sys
21:30:50.0671 0x0bc4  C:\WINDOWS\system32\drivers\wanarp.sys - ok
21:30:50.0671 0x0bc4  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] C:\WINDOWS\system32\drivers\arp1394.sys
21:30:50.0671 0x0bc4  C:\WINDOWS\system32\drivers\arp1394.sys - ok
21:30:50.0671 0x0bc4  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
21:30:50.0671 0x0bc4  C:\WINDOWS\system32\drivers\netbios.sys - ok
21:30:50.0687 0x0bc4  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] C:\WINDOWS\system32\drivers\serial.sys
21:30:50.0687 0x0bc4  C:\WINDOWS\system32\drivers\serial.sys - ok
21:30:50.0687 0x0bc4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
21:30:50.0687 0x0bc4  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
21:30:50.0687 0x0bc4  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
21:30:50.0687 0x0bc4  C:\WINDOWS\system32\drivers\rdbss.sys - ok
21:30:50.0687 0x0bc4  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] C:\WINDOWS\system32\drivers\ssmdrv.sys
21:30:50.0703 0x0bc4  C:\WINDOWS\system32\drivers\ssmdrv.sys - ok
21:30:50.0703 0x0bc4  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] C:\WINDOWS\system32\drivers\avkmgr.sys
21:30:50.0703 0x0bc4  C:\WINDOWS\system32\drivers\avkmgr.sys - ok
21:30:50.0703 0x0bc4  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] C:\WINDOWS\system32\drivers\fips.sys
21:30:50.0703 0x0bc4  C:\WINDOWS\system32\drivers\fips.sys - ok
21:30:50.0703 0x0bc4  [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] C:\WINDOWS\system32\drivers\avipbb.sys
21:30:50.0703 0x0bc4  C:\WINDOWS\system32\drivers\avipbb.sys - ok
21:30:50.0718 0x0bc4  [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
21:30:50.0718 0x0bc4  C:\WINDOWS\system32\ntdll.dll - ok
21:30:50.0718 0x0bc4  [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
21:30:50.0718 0x0bc4  C:\WINDOWS\system32\smss.exe - ok
21:30:50.0718 0x0bc4  [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
21:30:50.0718 0x0bc4  C:\WINDOWS\system32\autochk.exe - ok
21:30:50.0718 0x0bc4  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] C:\WINDOWS\system32\drivers\fastfat.sys
21:30:50.0718 0x0bc4  C:\WINDOWS\system32\drivers\fastfat.sys - ok
21:30:50.0734 0x0bc4  [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
21:30:50.0734 0x0bc4  C:\WINDOWS\system32\sfcfiles.dll - ok
21:30:50.0734 0x0bc4  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] C:\WINDOWS\system32\drivers\usbstor.sys
21:30:50.0734 0x0bc4  C:\WINDOWS\system32\drivers\usbstor.sys - ok
21:30:50.0734 0x0bc4  [ C569EF030B11F896E123A30AC92678DB, F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ] C:\WINDOWS\system32\drivers\hidparse.sys
21:30:50.0734 0x0bc4  C:\WINDOWS\system32\drivers\hidparse.sys - ok
21:30:50.0734 0x0bc4  [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
21:30:50.0734 0x0bc4  C:\WINDOWS\system32\drivers\hidclass.sys - ok
21:30:50.0750 0x0bc4  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
21:30:50.0750 0x0bc4  C:\WINDOWS\system32\drivers\hidusb.sys - ok
21:30:50.0750 0x0bc4  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
21:30:50.0750 0x0bc4  C:\WINDOWS\system32\drivers\mouhid.sys - ok
21:30:50.0750 0x0bc4  [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
21:30:50.0750 0x0bc4  C:\WINDOWS\system32\drivers\wmilib.sys - ok
21:30:50.0765 0x0bc4  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys
21:30:50.0765 0x0bc4  C:\WINDOWS\system32\drivers\atapi.sys - ok
21:30:50.0765 0x0bc4  [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
21:30:50.0765 0x0bc4  C:\WINDOWS\system32\drivers\dxapi.sys - ok
21:30:50.0765 0x0bc4  [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
21:30:50.0765 0x0bc4  C:\WINDOWS\system32\watchdog.sys - ok
21:30:50.0765 0x0bc4  [ 80AAA73D56272FD54DC6DE8643D10E9F, 0DC91699D5AF322C78AF7783CF3D55A1F561219EE32DC8DA186F2255704D52FC ] C:\WINDOWS\system32\win32k.sys
21:30:50.0765 0x0bc4  C:\WINDOWS\system32\win32k.sys - ok
21:30:50.0781 0x0bc4  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
21:30:50.0781 0x0bc4  C:\WINDOWS\system32\basesrv.dll - ok
21:30:50.0781 0x0bc4  [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
21:30:50.0781 0x0bc4  C:\WINDOWS\system32\csrsrv.dll - ok
21:30:50.0781 0x0bc4  [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
21:30:50.0781 0x0bc4  C:\WINDOWS\system32\csrss.exe - ok
21:30:50.0781 0x0bc4  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
21:30:50.0781 0x0bc4  C:\WINDOWS\system32\winsrv.dll - ok
21:30:50.0781 0x0bc4  [ AFFE0B7126A86603D3F49A19A5B7DC46, 63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ] C:\WINDOWS\system32\gdi32.dll
21:30:50.0781 0x0bc4  C:\WINDOWS\system32\gdi32.dll - ok
21:30:50.0796 0x0bc4  [ 4A45B692D2BAA74124DF57472D5EA2F1, DFC6B595BBADFEF4930CCCF48E9FE55551CF0891571257E3E0A0DE328077A89B ] C:\WINDOWS\system32\kernel32.dll
21:30:50.0796 0x0bc4  C:\WINDOWS\system32\kernel32.dll - ok
21:30:50.0796 0x0bc4  [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
21:30:50.0796 0x0bc4  C:\WINDOWS\system32\user32.dll - ok
21:30:50.0796 0x0bc4  [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
21:30:50.0796 0x0bc4  C:\WINDOWS\system32\drivers\dxg.sys - ok
21:30:50.0812 0x0bc4  [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
21:30:50.0812 0x0bc4  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
21:30:50.0812 0x0bc4  [ 6CF9A1903F8FE3F362F5C0A0CF528D56, CC596CAFB638F5EDB53EA17A9C74A54A79AED394BCF02CDD18AAA56446818818 ] C:\WINDOWS\system32\ialmdnt5.dll
21:30:50.0812 0x0bc4  C:\WINDOWS\system32\ialmdnt5.dll - ok
21:30:50.0812 0x0bc4  [ 328A02C795EDFAC2794C9D6CD239F6CC, E4CD99915CB12204AB4E86402938B15409676DB699E5608461907EAE11290122 ] C:\WINDOWS\system32\ialmrnt5.dll
21:30:50.0812 0x0bc4  C:\WINDOWS\system32\ialmrnt5.dll - ok
21:30:50.0812 0x0bc4  [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
21:30:50.0812 0x0bc4  C:\WINDOWS\system32\vga.dll - ok
21:30:50.0828 0x0bc4  [ 135024654370523B551CEE7C63588C22, F5E37C841A755F31799605137125E3BADAC896AD28D41896ABAC06B7FB5E5CA7 ] C:\WINDOWS\system32\ialmdev5.dll
21:30:50.0828 0x0bc4  C:\WINDOWS\system32\ialmdev5.dll - ok
21:30:50.0828 0x0bc4  [ D579B3AB8C18480088244DB1C2BE9D14, 90C8678FF9AA05DC08227DDF0CE0DF949431BB3CC22DDBDFD5DC3F5D4EFED079 ] C:\WINDOWS\system32\ialmdd5.dll
21:30:50.0828 0x0bc4  C:\WINDOWS\system32\ialmdd5.dll - ok
21:30:50.0828 0x0bc4  [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
21:30:50.0828 0x0bc4  C:\WINDOWS\system32\winlogon.exe - ok
21:30:50.0828 0x0bc4  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
21:30:50.0828 0x0bc4  C:\WINDOWS\system32\advapi32.dll - ok
21:30:50.0843 0x0bc4  [ 44C164B34A72F29087ECA32411F2ED44, 112761CCEFE8F4B936AC58FF1F13589C0DBA3BE1AC348584D874B65DAB1EDED6 ] C:\WINDOWS\system32\rpcrt4.dll
21:30:50.0843 0x0bc4  C:\WINDOWS\system32\rpcrt4.dll - ok
21:30:50.0843 0x0bc4  [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
21:30:50.0843 0x0bc4  C:\WINDOWS\system32\secur32.dll - ok
21:30:50.0843 0x0bc4  [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
21:30:50.0843 0x0bc4  C:\WINDOWS\system32\authz.dll - ok
21:30:50.0843 0x0bc4  [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
21:30:50.0843 0x0bc4  C:\WINDOWS\system32\msvcrt.dll - ok
21:30:50.0859 0x0bc4  [ 636DF3FF20A1B69B3F9D21325E7115C7, 6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ] C:\WINDOWS\system32\crypt32.dll
21:30:50.0859 0x0bc4  C:\WINDOWS\system32\crypt32.dll - ok
21:30:50.0859 0x0bc4  [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
21:30:50.0859 0x0bc4  C:\WINDOWS\system32\msasn1.dll - ok
21:30:50.0859 0x0bc4  [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
21:30:50.0859 0x0bc4  C:\WINDOWS\system32\nddeapi.dll - ok
21:30:50.0875 0x0bc4  [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
21:30:50.0875 0x0bc4  C:\WINDOWS\system32\netapi32.dll - ok
21:30:50.0875 0x0bc4  [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
21:30:50.0875 0x0bc4  C:\WINDOWS\system32\profmap.dll - ok
21:30:50.0875 0x0bc4  [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
21:30:50.0875 0x0bc4  C:\WINDOWS\system32\userenv.dll - ok
21:30:50.0875 0x0bc4  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
21:30:50.0875 0x0bc4  C:\WINDOWS\system32\psapi.dll - ok
21:30:50.0890 0x0bc4  [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
21:30:50.0890 0x0bc4  C:\WINDOWS\system32\regapi.dll - ok
21:30:50.0890 0x0bc4  [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
21:30:50.0890 0x0bc4  C:\WINDOWS\system32\setupapi.dll - ok
21:30:50.0890 0x0bc4  [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
21:30:50.0890 0x0bc4  C:\WINDOWS\system32\version.dll - ok
21:30:50.0890 0x0bc4  [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
21:30:50.0890 0x0bc4  C:\WINDOWS\system32\winsta.dll - ok
21:30:50.0906 0x0bc4  [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
21:30:50.0906 0x0bc4  C:\WINDOWS\system32\wintrust.dll - ok
21:30:50.0906 0x0bc4  [ 16E916243BDDBAF44D98E623B2D0CEAD, A1C56AC378EDA9ACBE73342BEE0897E028BDD368288552108FC77A7AA1478690 ] C:\WINDOWS\system32\imagehlp.dll
21:30:50.0906 0x0bc4  C:\WINDOWS\system32\imagehlp.dll - ok
21:30:50.0906 0x0bc4  [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
21:30:50.0906 0x0bc4  C:\WINDOWS\system32\imm32.dll - ok
21:30:50.0906 0x0bc4  [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
21:30:50.0906 0x0bc4  C:\WINDOWS\system32\ws2help.dll - ok
21:30:50.0921 0x0bc4  [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
21:30:50.0921 0x0bc4  C:\WINDOWS\system32\ws2_32.dll - ok
21:30:50.0921 0x0bc4  [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
21:30:50.0921 0x0bc4  C:\WINDOWS\system32\kbdus.dll - ok
21:30:50.0921 0x0bc4  [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
21:30:50.0921 0x0bc4  C:\WINDOWS\system32\msgina.dll - ok
21:30:50.0921 0x0bc4  [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
21:30:50.0921 0x0bc4  C:\WINDOWS\system32\comctl32.dll - ok
21:30:50.0937 0x0bc4  [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
21:30:50.0937 0x0bc4  C:\WINDOWS\system32\comdlg32.dll - ok
21:30:50.0937 0x0bc4  [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
21:30:50.0937 0x0bc4  C:\WINDOWS\system32\odbc32.dll - ok
21:30:50.0937 0x0bc4  [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
21:30:50.0937 0x0bc4  C:\WINDOWS\system32\shell32.dll - ok
21:30:50.0953 0x0bc4  [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
21:30:50.0953 0x0bc4  C:\WINDOWS\system32\shlwapi.dll - ok
21:30:50.0953 0x0bc4  [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
21:30:50.0953 0x0bc4  C:\WINDOWS\system32\sxs.dll - ok
21:30:50.0953 0x0bc4  [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
21:30:50.0953 0x0bc4  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
21:30:50.0953 0x0bc4  [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
21:30:50.0953 0x0bc4  C:\WINDOWS\system32\odbcint.dll - ok
21:30:50.0968 0x0bc4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
21:30:50.0968 0x0bc4  C:\WINDOWS\system32\shsvcs.dll - ok
21:30:50.0968 0x0bc4  [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
21:30:50.0968 0x0bc4  C:\WINDOWS\system32\ole32.dll - ok
21:30:50.0968 0x0bc4  [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
21:30:50.0968 0x0bc4  C:\WINDOWS\system32\sfc.dll - ok
21:30:50.0968 0x0bc4  [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
21:30:50.0968 0x0bc4  C:\WINDOWS\system32\sfc_os.dll - ok
21:30:50.0984 0x0bc4  [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
21:30:50.0984 0x0bc4  C:\WINDOWS\system32\apphelp.dll - ok
21:30:50.0984 0x0bc4  [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
21:30:50.0984 0x0bc4  C:\WINDOWS\system32\lsasrv.dll - ok
21:30:50.0984 0x0bc4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
21:30:50.0984 0x0bc4  C:\WINDOWS\system32\lsass.exe - ok
21:30:51.0000 0x0bc4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
21:30:51.0000 0x0bc4  C:\WINDOWS\system32\services.exe - ok
21:30:51.0000 0x0bc4  [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
21:30:51.0000 0x0bc4  C:\WINDOWS\system32\msvcp60.dll - ok
21:30:51.0015 0x0bc4  [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
21:30:51.0015 0x0bc4  C:\WINDOWS\system32\ncobjapi.dll - ok
21:30:51.0015 0x0bc4  [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
21:30:51.0015 0x0bc4  C:\WINDOWS\system32\scesrv.dll - ok
21:30:51.0015 0x0bc4  [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
21:30:51.0015 0x0bc4  C:\WINDOWS\system32\mpr.dll - ok
21:30:51.0031 0x0bc4  [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
21:30:51.0031 0x0bc4  C:\WINDOWS\system32\shimeng.dll - ok
21:30:51.0031 0x0bc4  [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
21:30:51.0031 0x0bc4  C:\WINDOWS\system32\umpnpmgr.dll - ok
21:30:51.0046 0x0bc4  [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\acadproc.dll
21:30:51.0046 0x0bc4  C:\WINDOWS\AppPatch\acadproc.dll - ok
21:30:51.0046 0x0bc4  [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
21:30:51.0046 0x0bc4  C:\WINDOWS\system32\dnsapi.dll - ok
21:30:51.0062 0x0bc4  [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
21:30:51.0062 0x0bc4  C:\WINDOWS\system32\ntdsapi.dll - ok
21:30:51.0078 0x0bc4  [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
21:30:51.0078 0x0bc4  C:\WINDOWS\system32\wldap32.dll - ok
21:30:51.0078 0x0bc4  [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
21:30:51.0078 0x0bc4  C:\WINDOWS\system32\samlib.dll - ok
21:30:51.0078 0x0bc4  [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
21:30:51.0078 0x0bc4  C:\WINDOWS\system32\samsrv.dll - ok
21:30:51.0093 0x0bc4  [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\acgenral.dll
21:30:51.0093 0x0bc4  C:\WINDOWS\AppPatch\acgenral.dll - ok
21:30:51.0093 0x0bc4  [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
21:30:51.0093 0x0bc4  C:\WINDOWS\system32\cryptdll.dll - ok
21:30:51.0109 0x0bc4  [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
21:30:51.0109 0x0bc4  C:\WINDOWS\system32\winmm.dll - ok
21:30:51.0109 0x0bc4  [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
21:30:51.0109 0x0bc4  C:\WINDOWS\system32\oleaut32.dll - ok
21:30:51.0109 0x0bc4  [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
21:30:51.0109 0x0bc4  C:\WINDOWS\system32\msacm32.dll - ok
21:30:51.0125 0x0bc4  [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
21:30:51.0125 0x0bc4  C:\WINDOWS\system32\uxtheme.dll - ok
21:30:51.0125 0x0bc4  [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
21:30:51.0125 0x0bc4  C:\WINDOWS\system32\msapsspc.dll - ok
21:30:51.0125 0x0bc4  [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
21:30:51.0125 0x0bc4  C:\WINDOWS\system32\digest.dll - ok
21:30:51.0125 0x0bc4  [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
21:30:51.0125 0x0bc4  C:\WINDOWS\system32\msnsspc.dll - ok
21:30:51.0140 0x0bc4  [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
21:30:51.0140 0x0bc4  C:\WINDOWS\system32\msvcrt40.dll - ok
21:30:51.0140 0x0bc4  [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
21:30:51.0140 0x0bc4  C:\WINDOWS\system32\schannel.dll - ok
21:30:51.0140 0x0bc4  [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
21:30:51.0140 0x0bc4  C:\WINDOWS\system32\kerberos.dll - ok
21:30:51.0156 0x0bc4  [ 5733177BCF16EE78B99543C9B0AB81EA, 6504D3D665AC8AB27A44F863F9C1A23FF3B68EAC0512F418712CC0D56F739E24 ] C:\WINDOWS\system32\msctfime.ime
21:30:51.0156 0x0bc4  C:\WINDOWS\system32\msctfime.ime - ok
21:30:51.0156 0x0bc4  [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
21:30:51.0156 0x0bc4  C:\WINDOWS\system32\msprivs.dll - ok
21:30:51.0156 0x0bc4  [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
21:30:51.0156 0x0bc4  C:\WINDOWS\system32\msv1_0.dll - ok
21:30:51.0156 0x0bc4  [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
21:30:51.0156 0x0bc4  C:\WINDOWS\system32\iphlpapi.dll - ok
21:30:51.0171 0x0bc4  [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
21:30:51.0171 0x0bc4  C:\WINDOWS\system32\netlogon.dll - ok
21:30:51.0171 0x0bc4  [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
21:30:51.0171 0x0bc4  C:\WINDOWS\system32\rsaenh.dll - ok
21:30:51.0171 0x0bc4  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
21:30:51.0171 0x0bc4  C:\WINDOWS\system32\w32time.dll - ok
21:30:51.0171 0x0bc4  [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
21:30:51.0171 0x0bc4  C:\WINDOWS\system32\wdigest.dll - ok
21:30:51.0187 0x0bc4  [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
21:30:51.0187 0x0bc4  C:\WINDOWS\system32\winscard.dll - ok
21:30:51.0187 0x0bc4  [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
21:30:51.0187 0x0bc4  C:\WINDOWS\system32\wtsapi32.dll - ok
21:30:51.0187 0x0bc4  [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
21:30:51.0187 0x0bc4  C:\WINDOWS\system32\scecli.dll - ok
21:30:51.0187 0x0bc4  [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] C:\WINDOWS\system32\drivers\avgntflt.sys

Edited by CarrotCakes, 18 September 2014 - 08:37 PM.


#8 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:47 PM

Posted 18 September 2014 - 08:25 PM

21:30:51.0187 0x0bc4  C:\WINDOWS\system32\drivers\avgntflt.sys - ok
21:30:51.0203 0x0bc4  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
21:30:51.0203 0x0bc4  C:\WINDOWS\system32\svchost.exe - ok
21:30:51.0203 0x0bc4  [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
21:30:51.0203 0x0bc4  C:\WINDOWS\system32\ntmarta.dll - ok
21:30:51.0203 0x0bc4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
21:30:51.0203 0x0bc4  C:\WINDOWS\system32\rpcss.dll - ok
21:30:51.0218 0x0bc4  [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
21:30:51.0218 0x0bc4  C:\WINDOWS\system32\xpsp2res.dll - ok
21:30:51.0218 0x0bc4  [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
21:30:51.0218 0x0bc4  C:\WINDOWS\system32\eventlog.dll - ok
21:30:51.0218 0x0bc4  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
21:30:51.0218 0x0bc4  C:\WINDOWS\system32\mswsock.dll - ok
21:30:51.0218 0x0bc4  [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
21:30:51.0218 0x0bc4  C:\WINDOWS\system32\hnetcfg.dll - ok
21:30:51.0234 0x0bc4  [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
21:30:51.0234 0x0bc4  C:\WINDOWS\system32\winrnr.dll - ok
21:30:51.0234 0x0bc4  [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
21:30:51.0234 0x0bc4  C:\WINDOWS\system32\wshtcpip.dll - ok
21:30:51.0234 0x0bc4  [ 505D6A302AFC1811CEE46227AFA4198B, AB83CA166C454DB1AC18F4C0C029A01FDA9E5877F1246928B524C81CA00CA492 ] C:\Program Files\Sandboxie\SbieDll.dll
21:30:51.0234 0x0bc4  C:\Program Files\Sandboxie\SbieDll.dll - ok
21:30:51.0234 0x0bc4  [ 72A63DB72D3DE34B880CE90464069E7E, 321FCAA7AD1BC0D805828C08AEA3CA1A81ACE20BE88FAF115D3DE8B009C5221B ] C:\Program Files\Sandboxie\SbieSvc.exe
21:30:51.0234 0x0bc4  C:\Program Files\Sandboxie\SbieSvc.exe - ok
21:30:51.0250 0x0bc4  [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
21:30:51.0250 0x0bc4  C:\WINDOWS\system32\rasadhlp.dll - ok
21:30:51.0250 0x0bc4  [ F2BF19FE48D9B8ADF8F5A0A6F17FD6BA, 4215E6D93946E5E038118DA7A80C93A567DD907F2CB04C6D37AC2175A185B527 ] C:\Program Files\Sandboxie\SbieDrv.sys
21:30:51.0250 0x0bc4  C:\Program Files\Sandboxie\SbieDrv.sys - ok
21:30:51.0250 0x0bc4  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
21:30:51.0250 0x0bc4  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
21:30:51.0250 0x0bc4  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
21:30:51.0250 0x0bc4  C:\WINDOWS\system32\dhcpcsvc.dll - ok
21:30:51.0265 0x0bc4  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
21:30:51.0265 0x0bc4  C:\WINDOWS\system32\dnsrslvr.dll - ok
21:30:51.0265 0x0bc4  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
21:30:51.0265 0x0bc4  C:\WINDOWS\system32\lmhsvc.dll - ok
21:30:51.0265 0x0bc4  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
21:30:51.0265 0x0bc4  C:\WINDOWS\system32\wzcsvc.dll - ok
21:30:51.0281 0x0bc4  [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
21:30:51.0281 0x0bc4  C:\WINDOWS\system32\rtutils.dll - ok
21:30:51.0281 0x0bc4  [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
21:30:51.0281 0x0bc4  C:\WINDOWS\system32\wmi.dll - ok
21:30:51.0281 0x0bc4  [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
21:30:51.0281 0x0bc4  C:\WINDOWS\system32\atl.dll - ok
21:30:51.0281 0x0bc4  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
21:30:51.0281 0x0bc4  C:\WINDOWS\system32\eapolqec.dll - ok
21:30:51.0281 0x0bc4  [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
21:30:51.0281 0x0bc4  C:\WINDOWS\system32\qutil.dll - ok
21:30:51.0296 0x0bc4  [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
21:30:51.0296 0x0bc4  C:\WINDOWS\system32\dot3api.dll - ok
21:30:51.0296 0x0bc4  [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
21:30:51.0296 0x0bc4  C:\WINDOWS\system32\esent.dll - ok
21:30:51.0296 0x0bc4  [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
21:30:51.0296 0x0bc4  C:\WINDOWS\system32\clbcatq.dll - ok
21:30:51.0312 0x0bc4  [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
21:30:51.0312 0x0bc4  C:\WINDOWS\system32\comres.dll - ok
21:30:51.0312 0x0bc4  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
21:30:51.0312 0x0bc4  C:\WINDOWS\system32\cryptui.dll - ok
21:30:51.0312 0x0bc4  [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
21:30:51.0312 0x0bc4  C:\WINDOWS\system32\rastls.dll - ok
21:30:51.0312 0x0bc4  [ 8AF91E4B4C1F5338EBE1548117304296, 493F46CB43496B8158924229094374D4531DA32E3C77FF4F86FCB86DEACFB79B ] C:\WINDOWS\system32\wininet.dll
21:30:51.0312 0x0bc4  C:\WINDOWS\system32\wininet.dll - ok
21:30:51.0328 0x0bc4  [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
21:30:51.0328 0x0bc4  C:\WINDOWS\system32\normaliz.dll - ok
21:30:51.0328 0x0bc4  [ 1387AB5807E7A29D880699CC733F6AED, 0A3B777546E5F5EBC7914118D0BB32546279AEC726FED05519E0CF8F97DFA039 ] C:\WINDOWS\system32\urlmon.dll
21:30:51.0328 0x0bc4  C:\WINDOWS\system32\urlmon.dll - ok
21:30:51.0328 0x0bc4  [ 89A1EE0C4046375B4B9E0B010C90C802, 51D54DA31E30487E73B50F482F1A04F273BC812F3AB2C415D09CB44956097E11 ] C:\WINDOWS\system32\iertutil.dll
21:30:51.0328 0x0bc4  C:\WINDOWS\system32\iertutil.dll - ok
21:30:51.0328 0x0bc4  [ A14D324C50EB71FB480DDD60481D0C04, 15F1EF7CA639AF0B235493DF0934B4C525C3F4E4DEB3310B70EDDF43869BCA4D ] C:\WINDOWS\system32\pstorec.dll
21:30:51.0328 0x0bc4  C:\WINDOWS\system32\pstorec.dll - ok
21:30:51.0343 0x0bc4  [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
21:30:51.0343 0x0bc4  C:\WINDOWS\system32\activeds.dll - ok
21:30:51.0343 0x0bc4  [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
21:30:51.0343 0x0bc4  C:\WINDOWS\system32\adsldpc.dll - ok
21:30:51.0343 0x0bc4  [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
21:30:51.0343 0x0bc4  C:\WINDOWS\system32\mprapi.dll - ok
21:30:51.0359 0x0bc4  [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
21:30:51.0359 0x0bc4  C:\WINDOWS\system32\rasapi32.dll - ok
21:30:51.0359 0x0bc4  [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
21:30:51.0359 0x0bc4  C:\WINDOWS\system32\rasman.dll - ok
21:30:51.0359 0x0bc4  [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
21:30:51.0359 0x0bc4  C:\WINDOWS\system32\tapi32.dll - ok
21:30:51.0359 0x0bc4  [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
21:30:51.0359 0x0bc4  C:\WINDOWS\system32\riched20.dll - ok
21:30:51.0375 0x0bc4  [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
21:30:51.0375 0x0bc4  C:\WINDOWS\system32\raschap.dll - ok
21:30:51.0375 0x0bc4  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] C:\WINDOWS\system32\schedsvc.dll
21:30:51.0375 0x0bc4  C:\WINDOWS\system32\schedsvc.dll - ok
21:30:51.0375 0x0bc4  [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
21:30:51.0375 0x0bc4  C:\WINDOWS\system32\cscdll.dll - ok
21:30:51.0375 0x0bc4  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
21:30:51.0375 0x0bc4  C:\WINDOWS\system32\logonui.exe - ok
21:30:51.0390 0x0bc4  [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
21:30:51.0390 0x0bc4  C:\WINDOWS\system32\duser.dll - ok
21:30:51.0390 0x0bc4  [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
21:30:51.0390 0x0bc4  C:\WINDOWS\system32\dimsntfy.dll - ok
21:30:51.0390 0x0bc4  [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
21:30:51.0390 0x0bc4  C:\WINDOWS\system32\wlnotify.dll - ok
21:30:51.0390 0x0bc4  [ E47E364C96467FD54FA44D59F927C3AB, D48C377A7ACF805C413D4618A099A50BE6724E8996C151B00DEAFD27CA935183 ] C:\WINDOWS\system32\msidle.dll
21:30:51.0390 0x0bc4  C:\WINDOWS\system32\msidle.dll - ok
21:30:51.0406 0x0bc4  [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
21:30:51.0406 0x0bc4  C:\WINDOWS\system32\msimg32.dll - ok
21:30:51.0406 0x0bc4  [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
21:30:51.0406 0x0bc4  C:\WINDOWS\system32\winspool.drv - ok
21:30:51.0406 0x0bc4  [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
21:30:51.0406 0x0bc4  C:\WINDOWS\system32\oleacc.dll - ok
21:30:51.0421 0x0bc4  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] C:\WINDOWS\system32\spoolsv.exe
21:30:51.0421 0x0bc4  C:\WINDOWS\system32\spoolsv.exe - ok
21:30:51.0421 0x0bc4  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] C:\WINDOWS\system32\audiosrv.dll
21:30:51.0421 0x0bc4  C:\WINDOWS\system32\audiosrv.dll - ok
21:30:51.0421 0x0bc4  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] C:\Program Files\Avira\AntiVir Desktop\sched.exe
21:30:51.0421 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\sched.exe - ok
21:30:51.0421 0x0bc4  [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
21:30:51.0421 0x0bc4  C:\WINDOWS\system32\shgina.dll - ok
21:30:51.0437 0x0bc4  [ FD5CABBE52272BD76007B68186EBAF00, 87C42CA155473E4E71857D03497C8CBC28FA8FF7F2C8D72E8A1F39B71078F608 ] C:\Program Files\Avira\AntiVir Desktop\msvcp120.dll
21:30:51.0437 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\msvcp120.dll - ok
21:30:51.0437 0x0bc4  [ 034CCADC1C073E4216E9466B720F9849, 86E39B5995AF0E042FCDAA85FE2AEFD7C9DDC7AD65E6327BD5E7058BC3AB615F ] C:\Program Files\Avira\AntiVir Desktop\msvcr120.dll
21:30:51.0437 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\msvcr120.dll - ok
21:30:51.0437 0x0bc4  [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll
21:30:51.0437 0x0bc4  C:\WINDOWS\system32\dbghelp.dll - ok
21:30:51.0437 0x0bc4  [ 31B65773B54D85FB8541ED22E0EDC9EB, 80EFF686A09996C8EF7C6BF05A95C130FDE5B1EB3EB51C62EF3DFF7ADF8F8D1D ] C:\Program Files\Avira\AntiVir Desktop\grdcore.dll
21:30:51.0437 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\grdcore.dll - ok
21:30:51.0453 0x0bc4  [ 14DCE21D6311139729B576150EB67888, 25F61486E393BB74FCAB79623DCA7CB22647E50CE7185B98AF306E8DC5EAA7DC ] C:\Program Files\Avira\AntiVir Desktop\scewxmlw.dll
21:30:51.0453 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\scewxmlw.dll - ok
21:30:51.0453 0x0bc4  [ 6B4F1770A0E25CA32AC5F1BECEC895D6, 482495CD133AB418057C4EAB42D038C6C2287DC10F9FA7B6BF4ABF1B21F0AB23 ] C:\Program Files\Avira\AntiVir Desktop\cfglib.dll
21:30:51.0453 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\cfglib.dll - ok
21:30:51.0453 0x0bc4  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
21:30:51.0453 0x0bc4  C:\WINDOWS\system32\wkssvc.dll - ok
21:30:51.0453 0x0bc4  [ 7FFA62C1DEEF3D93A37B9DCFB19A7C72, 72A7052C217D86A2D861C9B3EE330A73A44551C993CD29FF6DDE04E54C82EA13 ] C:\Program Files\Avira\AntiVir Desktop\gpipc.dll
21:30:51.0453 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\gpipc.dll - ok
21:30:51.0468 0x0bc4  [ 7881DCF5B201F7F463906D5D50D9D54D, E32A621F3D228EA49910A06FC46D2FFC9420271A237D6219EF757C886C194881 ] C:\Program Files\Avira\AntiVir Desktop\gpgen.dll
21:30:51.0468 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\gpgen.dll - ok
21:30:51.0468 0x0bc4  [ 1387E3F6473704F017D7AF0B10BAE3E1, 7949D7D813DB65DF7A4AB27965B2CF7A15DAE0A1BA6DC916076AEC75801A8F34 ] C:\Program Files\Avira\AntiVir Desktop\gpschd.dll
21:30:51.0468 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\gpschd.dll - ok
21:30:51.0468 0x0bc4  [ F1AE79AA5AA805D8F2623D2274BCA497, 371670FCA5450C3B5E3E4D1AD531B3617ACFF52338324126F7E57F2B224E6CD2 ] C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll
21:30:51.0468 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll - ok
21:30:51.0468 0x0bc4  [ B25BD9C1A34121DB70235DAD26BAE33A, 07A6EEB579EE179061C8C19EDB064A926B45ADA115270AE437D667E8CFF510AB ] C:\Program Files\Avira\AntiVir Desktop\schedr.dll
21:30:51.0468 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\schedr.dll - ok
21:30:51.0484 0x0bc4  [ 6A64E3A957AB236D89DFE826644C46C2, 90A0F92AA42BF54CE5658099B68516E852FC3E40F00DB21C8E5E7F884E119F74 ] C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
21:30:51.0484 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll - ok
21:30:51.0484 0x0bc4  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] C:\WINDOWS\system32\drivers\mrxdav.sys
21:30:51.0484 0x0bc4  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
21:30:51.0484 0x0bc4  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] C:\WINDOWS\system32\webclnt.dll
21:30:51.0484 0x0bc4  C:\WINDOWS\system32\webclnt.dll - ok
21:30:51.0500 0x0bc4  [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
21:30:51.0500 0x0bc4  C:\WINDOWS\system32\cscui.dll - ok
21:30:51.0500 0x0bc4  [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
21:30:51.0500 0x0bc4  C:\WINDOWS\system32\powrprof.dll - ok
21:30:51.0500 0x0bc4  [ 6C26DCF01E2A92F183B97D434017268A, 0863B9AE37002CA3E1034A7FBDE80C3D0E4469A4561140EDE42EDD947E61DBD3 ] C:\WINDOWS\system32\dpcdll.dll
21:30:51.0500 0x0bc4  C:\WINDOWS\system32\dpcdll.dll - ok
21:30:51.0500 0x0bc4  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4, C095D8A3A1CEAD1D78B0EE17B982718CDF4B3FE1F86D9D273875B8C1893C981B ] C:\WINDOWS\system32\wdmaud.drv
21:30:51.0500 0x0bc4  C:\WINDOWS\system32\wdmaud.drv - ok
21:30:51.0515 0x0bc4  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] C:\WINDOWS\system32\drivers\sysaudio.sys
21:30:51.0515 0x0bc4  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
21:30:51.0515 0x0bc4  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] C:\WINDOWS\system32\drivers\wdmaud.sys
21:30:51.0515 0x0bc4  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
21:30:51.0515 0x0bc4  [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
21:30:51.0515 0x0bc4  C:\WINDOWS\system32\userinit.exe - ok
21:30:51.0515 0x0bc4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] C:\WINDOWS\system32\drivers\splitter.sys
21:30:51.0515 0x0bc4  C:\WINDOWS\system32\drivers\splitter.sys - ok
21:30:51.0531 0x0bc4  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] C:\WINDOWS\system32\drivers\aec.sys
21:30:51.0531 0x0bc4  C:\WINDOWS\system32\drivers\aec.sys - ok
21:30:51.0531 0x0bc4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] C:\WINDOWS\system32\drivers\swmidi.sys
21:30:51.0531 0x0bc4  C:\WINDOWS\system32\drivers\swmidi.sys - ok
21:30:51.0531 0x0bc4  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] C:\WINDOWS\system32\drivers\dmusic.sys
21:30:51.0531 0x0bc4  C:\WINDOWS\system32\drivers\dmusic.sys - ok
21:30:51.0531 0x0bc4  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] C:\WINDOWS\system32\drivers\kmixer.sys
21:30:51.0531 0x0bc4  C:\WINDOWS\system32\drivers\kmixer.sys - ok
21:30:51.0546 0x0bc4  [ FE2571A8C9FFAB1D45502D6B0BF472AA, 1442FC0180B555BC4F9B97B9A0D7674F75E67A6F61B87A6D690A20AE7D1EF360 ] C:\WINDOWS\system32\xp_eos.exe
21:30:51.0546 0x0bc4  C:\WINDOWS\system32\xp_eos.exe - ok
21:30:51.0546 0x0bc4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Program Files\Google\Update\GoogleUpdate.exe
21:30:51.0546 0x0bc4  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
21:30:51.0546 0x0bc4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] C:\WINDOWS\system32\drivers\drmkaud.sys
21:30:51.0546 0x0bc4  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
21:30:51.0546 0x0bc4  [ 4044E880593FE1AC9942190FCE414BE7, 1EBD42F10592D57A2C8562C641461DE5288D9E900FE91A4A1800C9AB9034F2CD ] C:\WINDOWS\system32\mstask.dll
21:30:51.0546 0x0bc4  C:\WINDOWS\system32\mstask.dll - ok
21:30:51.0562 0x0bc4  [ 77E585EDD4C7EB7AB2ACC36BC1DC32A5, 57BF4D683CA66AAC2A4B7FEDF9F7FB254860BE77E1F4A6DD2C40410783B5C113 ] C:\Program Files\Google\Update\1.3.24.15\goopdate.dll
21:30:51.0562 0x0bc4  C:\Program Files\Google\Update\1.3.24.15\goopdate.dll - ok
21:30:51.0562 0x0bc4  [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
21:30:51.0562 0x0bc4  C:\WINDOWS\explorer.exe - ok
21:30:51.0562 0x0bc4  [ D3F72D50DE53F9F1F55240115AF4D42E, F8831B6B33EE2EE49615AE45A81C8434E154331BEB1E64C491E64C1348314F3C ] C:\WINDOWS\system32\msi.dll
21:30:51.0562 0x0bc4  C:\WINDOWS\system32\msi.dll - ok
21:30:51.0578 0x0bc4  [ CFCF46EE92BCBE0242AB5677EC5A5860, 6EFD7B46E94FB7B36F588D163BA3444EA644415E2628F575EF211D4466A07140 ] C:\WINDOWS\system32\browseui.dll
21:30:51.0578 0x0bc4  C:\WINDOWS\system32\browseui.dll - ok
21:30:51.0578 0x0bc4  [ 9A3BD5F55AADFF859539142F6328A66E, B8165F650F0E24D380601D54BC81A84C06D886A6CF995EA6CA63EABCFA75554A ] C:\WINDOWS\system32\msacm32.drv
21:30:51.0578 0x0bc4  C:\WINDOWS\system32\msacm32.drv - ok
21:30:51.0578 0x0bc4  [ 5C12660A97822F6E61576943B49AAAD6, 621BE8E009DC95A8901F701F529ED98BD8E6D62D272AE0E1FAF69889A4D5633B ] C:\WINDOWS\system32\midimap.dll
21:30:51.0578 0x0bc4  C:\WINDOWS\system32\midimap.dll - ok
21:30:51.0578 0x0bc4  [ 1786A2F788B6F2E93C8A43D1C253A432, 20895A4A5AD9BDD6E72509361399D787E084057DAD02101F0AFF33BACA4F2E01 ] C:\WINDOWS\system32\shdocvw.dll
21:30:51.0593 0x0bc4  C:\WINDOWS\system32\shdocvw.dll - ok
21:30:51.0593 0x0bc4  [ 397D14958D6C9C2B365469A857B2AC4E, 1465D7DC50A27A2C75FFC477E8A453B0884D1E298F804233483B63A47634B7EA ] C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
21:30:51.0593 0x0bc4  C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe - ok
21:30:51.0593 0x0bc4  [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
21:30:51.0593 0x0bc4  C:\WINDOWS\system32\desk.cpl - ok
21:30:51.0593 0x0bc4  [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
21:30:51.0593 0x0bc4  C:\WINDOWS\system32\winhttp.dll - ok
21:30:51.0609 0x0bc4  [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
21:30:51.0609 0x0bc4  C:\WINDOWS\system32\themeui.dll - ok
21:30:51.0609 0x0bc4  [ 912B67BB8249925A5C972FC5839EAE09, 11F9F26C2D5EADD683F9FA4FDC8C25A1FB7EE9D6E3F4419C9DAB8C4E434F1857 ] C:\WINDOWS\system32\actxprxy.dll
21:30:51.0609 0x0bc4  C:\WINDOWS\system32\actxprxy.dll - ok
21:30:51.0609 0x0bc4  [ 6D778E0F95447E6546553EEEA709D03C, 62ABED7D45040381BBCED97EA7B6C697B418448FD3322FD4BFB2BBFDB6155EB4 ] C:\WINDOWS\system32\cmd.exe
21:30:51.0609 0x0bc4  C:\WINDOWS\system32\cmd.exe - ok
21:30:51.0625 0x0bc4  [ FA4A79DBB0E3CA56E1F0B1FD372559A8, 87BBE8A70DB7C1E3F3A9F42112D5D3A81645FB23A4120DFB926AF7D089ACA462 ] C:\WINDOWS\system32\ieframe.dll
21:30:51.0625 0x0bc4  C:\WINDOWS\system32\ieframe.dll - ok
21:30:51.0625 0x0bc4  [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
21:30:51.0625 0x0bc4  C:\WINDOWS\system32\cryptnet.dll - ok
21:30:51.0625 0x0bc4  [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
21:30:51.0625 0x0bc4  C:\WINDOWS\system32\sensapi.dll - ok
21:30:51.0625 0x0bc4  [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll
21:30:51.0625 0x0bc4  C:\WINDOWS\system32\cabinet.dll - ok
21:30:51.0640 0x0bc4  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] C:\Program Files\Avira\AntiVir Desktop\avguard.exe
21:30:51.0640 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\avguard.exe - ok
21:30:51.0640 0x0bc4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:30:51.0640 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
21:30:51.0640 0x0bc4  [ E5F7C30EDF0892667933BE879F067D67, E4BA45F4C6C74A0CDE9B12A00C91E2F5EF83536C89C9053DEC507CBB4F130A12 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
21:30:51.0640 0x0bc4  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
21:30:51.0656 0x0bc4  [ 8B6ECAE7C4C8B104E339C8271541E7A7, 8828F2B5CB509AF6E7B1A363FA464753725049B3238312E09B11371327451DD1 ] C:\Program Files\Avira\AntiVir Desktop\gpgrd.dll
21:30:51.0656 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\gpgrd.dll - ok
21:30:51.0656 0x0bc4  [ A3BFA5357E4AD4556A494A2D35628232, 27D7D4DDF95404F79F28BA74BC5C26EDB1E9E17A0B53AA858BEBCB6E6605B991 ] C:\Program Files\Avira\AntiVir Desktop\gpgui.dll
21:30:51.0656 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\gpgui.dll - ok
21:30:51.0656 0x0bc4  [ 36B725B67DBAE009F4FA30EA27EEFCC0, 5532E8E0DB9D6058B488275848B39F527020382DED148651F140D4530B6A7962 ] C:\Program Files\Avira\AntiVir Desktop\gpgavid.dll
21:30:51.0656 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\gpgavid.dll - ok
21:30:51.0656 0x0bc4  [ 1B0449DCEC92E9F580B0823AD5758428, F65EE36A6DAB3EC8D5C0416A6A6CF8ADD7E800766D945DD78CF604D4383F3A9B ] C:\Program Files\Avira\AntiVir Desktop\libdb53.dll
21:30:51.0656 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\libdb53.dll - ok
21:30:51.0671 0x0bc4  [ B04DB1F0B2652FCBCCC5FD0C46579F0F, 24D1919B63ED444F5C6629626C239EC78A5BB7A3F29B154FEEA03A6FB8F26148 ] C:\WINDOWS\system32\mscoree.dll
21:30:51.0671 0x0bc4  C:\WINDOWS\system32\mscoree.dll - ok
21:30:51.0671 0x0bc4  [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
21:30:51.0671 0x0bc4  C:\WINDOWS\system32\certcli.dll - ok
21:30:51.0671 0x0bc4  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
21:30:51.0671 0x0bc4  C:\WINDOWS\system32\cryptsvc.dll - ok
21:30:51.0671 0x0bc4  [ 63F371F0248E3732A4821F86E6D0E370, 35838070CF9AADF30FD465234DB27BCD8F471513698DC7E738DDB1762DAC3CE4 ] C:\WINDOWS\ehome\ehRecvr.exe
21:30:51.0687 0x0bc4  C:\WINDOWS\ehome\ehRecvr.exe - ok
21:30:51.0687 0x0bc4  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
21:30:51.0687 0x0bc4  C:\WINDOWS\system32\dmserver.dll - ok
21:30:51.0687 0x0bc4  [ C3D6D79E0B0ED893B5EE7FEEB727BEEE, 43040AABFD9CEBE39C12A016EE6635D4474A34109D08999D430AC9B935C2693F ] C:\Program Files\Avira\AntiVir Desktop\gpgenrep.dll
21:30:51.0687 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\gpgenrep.dll - ok
21:30:51.0687 0x0bc4  [ 3E6B96090AD2D045DAF1CB3A4849EE41, 8B6FB623326CE3B3F73CE9B90ECBAB0AC41829A3641E6F5858AC662804DD07B1 ] C:\Program Files\Avira\AntiVir Desktop\gplegacy.dll
21:30:51.0687 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\gplegacy.dll - ok
21:30:51.0703 0x0bc4  [ EF8783A9D03D464004AAC62681D1F2DB, 466B987E4F787690751144139383D809057FD36D436674975BCC089B014F4A04 ] C:\Program Files\Avira\AntiVir Desktop\onlcfg.dll
21:30:51.0703 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\onlcfg.dll - ok
21:30:51.0703 0x0bc4  [ 16910F8B482919BB6035ED053B691692, 457B65A1831B5F42F9AFF6C9E810B76D421FE57137768B97A965D5E76142A94E ] C:\WINDOWS\ehome\ehSched.exe
21:30:51.0703 0x0bc4  C:\WINDOWS\ehome\ehSched.exe - ok
21:30:51.0703 0x0bc4  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] C:\WINDOWS\system32\ersvc.dll
21:30:51.0703 0x0bc4  C:\WINDOWS\system32\ersvc.dll - ok
21:30:51.0703 0x0bc4  [ E0C92D81B799F0C3B54C16F5731137C1, 4A7A4FD7F4124EB621EC672362C0D9F9D1E61AC0BAE7995E051DBA4028C040C9 ] C:\Program Files\Avira\AntiVir Desktop\gavidb.dll
21:30:51.0703 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\gavidb.dll - ok
21:30:51.0718 0x0bc4  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
21:30:51.0718 0x0bc4  C:\WINDOWS\system32\es.dll - ok
21:30:51.0718 0x0bc4  [ 766D9646911A6435B1D7A2DF6FA1653D, 34DFA62D81E400ADF219DAEFE5E4E1B8DB9344C74AE6573910BBC945CE118E5A ] C:\WINDOWS\system32\sbe.dll
21:30:51.0718 0x0bc4  C:\WINDOWS\system32\sbe.dll - ok
21:30:51.0718 0x0bc4  [ C2E173C85478C09ACB1084B015E5CBA7, 9BB7154C99A6BDD1B82C0E802292278C7A44B7EE6A1AF90C828F07602DB4C691 ] C:\WINDOWS\system32\msvidctl.dll
21:30:51.0718 0x0bc4  C:\WINDOWS\system32\msvidctl.dll - ok
21:30:51.0718 0x0bc4  [ 029399C1F08C24C4957FA9D4C529ABC9, 2ABC3EFDED646E749B46341CFF188421F3C5387E63CE4AE9AF1A49AFAB959AEB ] C:\WINDOWS\ehome\ehRec.exe
21:30:51.0718 0x0bc4  C:\WINDOWS\ehome\ehRec.exe - ok
21:30:51.0734 0x0bc4  [ BF107ACF2CDD552AABE14E8C3E62E3FC, 24547C7A4B99AC3B24F60D8B26A5A935FD021C530EB0662A8563097F879620EF ] C:\WINDOWS\system32\quartz.dll
21:30:51.0734 0x0bc4  C:\WINDOWS\system32\quartz.dll - ok
21:30:51.0734 0x0bc4  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
21:30:51.0734 0x0bc4  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
21:30:51.0734 0x0bc4  [ BF918C9473D64BBD53C22C47045883F5, 1980726FBFEEE75E4B360B1A4F438CF1ADD929AC21BD5197F740CB8AD8194BD2 ] C:\Program Files\Java\jre7\bin\jqs.exe
21:30:51.0734 0x0bc4  C:\Program Files\Java\jre7\bin\jqs.exe - ok
21:30:51.0734 0x0bc4  [ 83BA5E873164A3711B44052F58C8FE9F, 7271ADE7A615E6F33375D23DACC32A8A652AF18CAAF8439F018E32E32E222F5A ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
21:30:51.0734 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
21:30:51.0750 0x0bc4  [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\Program Files\Java\jre7\bin\msvcr100.dll
21:30:51.0750 0x0bc4  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
21:30:51.0750 0x0bc4  [ 62CF83A6989312A0DD39BBFFB3D1C166, 05FB7F06444B4958BE3EFC6909614D516BE5FE3929E0F58D2C13C2A211C1F86A ] C:\WINDOWS\system32\pdh.dll
21:30:51.0750 0x0bc4  C:\WINDOWS\system32\pdh.dll - ok
21:30:51.0750 0x0bc4  [ AA5E22854F56C68148EB3345DBD62970, 441818E5E9F568C4AC7174BCF625ACB63D8837658559949DF468B61125900B96 ] C:\WINDOWS\system32\devenum.dll
21:30:51.0750 0x0bc4  C:\WINDOWS\system32\devenum.dll - ok
21:30:51.0765 0x0bc4  [ 415C6082A9258B03B66D337449B4F58D, AB74707FEA731F1225F12D9A6D58B406C1F4A95F887C5215B2ABB9EDA50CA64B ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll
21:30:51.0765 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll - ok
21:30:51.0765 0x0bc4  [ D25C03D04159D462D69F294BA7142BDB, 397B0FE2BB56FFBBF1BD89273802348B3AA102A5725E2CB3670FA89526E6C5EC ] C:\WINDOWS\system32\msdmo.dll
21:30:51.0765 0x0bc4  C:\WINDOWS\system32\msdmo.dll - ok
21:30:51.0765 0x0bc4  [ 369F7B1A4F358B976176556A1A331F36, 65A60C4C5D816D53DDAA208FEEDD4F8C185A77BACB8736EADCAE2F454C8FFC08 ] C:\WINDOWS\system32\odbcbcp.dll
21:30:51.0765 0x0bc4  C:\WINDOWS\system32\odbcbcp.dll - ok
21:30:51.0765 0x0bc4  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] C:\WINDOWS\system32\srvsvc.dll
21:30:51.0765 0x0bc4  C:\WINDOWS\system32\srvsvc.dll - ok
21:30:51.0781 0x0bc4  [ 00944D59948596721D17510C94CD3E4F, FBD66042DEF6C5E29C3BB46B6A0739137DEC0EF73558A4C70C37CD1B6DDC240F ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
21:30:51.0781 0x0bc4  C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
21:30:51.0781 0x0bc4  [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Program Files\Common Files\LightScribe\msvcr71.dll
21:30:51.0781 0x0bc4  C:\Program Files\Common Files\LightScribe\msvcr71.dll - ok
21:30:51.0781 0x0bc4  [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\Program Files\Common Files\LightScribe\msvcp71.dll
21:30:51.0781 0x0bc4  C:\Program Files\Common Files\LightScribe\msvcp71.dll - ok
21:30:51.0781 0x0bc4  [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll
21:30:51.0781 0x0bc4  C:\WINDOWS\system32\netmsg.dll - ok
21:30:51.0796 0x0bc4  [ ACDAFCD14EC0ECE89198503746A5C147, F90876961B6966915C4A1847F91F45282FFA48140D01503EF9013E774661C4E8 ] C:\WINDOWS\system32\perfos.dll
21:30:51.0796 0x0bc4  C:\WINDOWS\system32\perfos.dll - ok
21:30:51.0796 0x0bc4  [ 9972A6ED4F2388DBFA8E0A96F6F3FDF1, F68E4CDBC879423EA47D763A6768567F5F8063924F13A74239750C13FA8D168A ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\msvcr70.dll
21:30:51.0796 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\msvcr70.dll - ok
21:30:51.0796 0x0bc4  [ ABFB673B24A9B3287761D497529FB5B9, FD0DEC392BE1632C33E90981D799DD5C11C9D257F0B1D3190FA32658EB706F0A ] C:\WINDOWS\system32\perfdisk.dll
21:30:51.0796 0x0bc4  C:\WINDOWS\system32\perfdisk.dll - ok
21:30:51.0812 0x0bc4  [ C2611AEA5430809F61D82E920F796915, AE412528DB36C7CEA6B4334ACFEFE45311E20B1DC09BCA30D8940B742E70327C ] C:\Program Files\Avira\AntiVir Desktop\avipc.dll
21:30:51.0812 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\avipc.dll - ok
21:30:51.0812 0x0bc4  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] C:\WINDOWS\system32\drivers\srv.sys
21:30:51.0812 0x0bc4  C:\WINDOWS\system32\drivers\srv.sys - ok
21:30:51.0812 0x0bc4  [ C75AD7FCC92B371009D28FFA3E513936, E22C604535C180E25FCAA27DC95A260F38EC2F47FC0CE3645BB2DE3C0C4CBC27 ] C:\Program Files\Avira\AntiVir Desktop\avlode.dll
21:30:51.0812 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\avlode.dll - ok
21:30:51.0812 0x0bc4  [ 43C917A76F30F8A6AE522BAC0D48695E, 36AF06FD4CD24EDFB18C4E0A7CE38F5C61531C2591C462CAF65BC8E7F015A5CE ] C:\Program Files\Avira\AntiVir Desktop\apcfile.dll
21:30:51.0812 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\apcfile.dll - ok
21:30:51.0828 0x0bc4  [ B918B4FBA7E16B0F2A0EDED3C22CA5AB, 6F8D4A2B796E47880CD9ADF2DE6949A420133CBEC534EEF36FE1E7D0C5FD3A11 ] C:\Program Files\Avira\AntiVir Desktop\libcurl.dll
21:30:51.0828 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\libcurl.dll - ok
21:30:51.0828 0x0bc4  [ D12582F6022239716ABF3C1C5F4B1477, 9BD586A6D4BFF36127CC2FE66500CA5C6DF1BBA838B7DA7508DD7A8CB36E33DA ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\fusion.dll
21:30:51.0843 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\fusion.dll - ok
21:30:51.0843 0x0bc4  [ C4F9FD9419961D401B3508E67A4C3EF7, 06BED14F97952DF05812CE87432438E7E2D27BFE0D2728DDF44A67784B02D08C ] C:\Program Files\Avira\AntiVir Desktop\libeay32.dll
21:30:51.0843 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\libeay32.dll - ok
21:30:51.0843 0x0bc4  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
21:30:51.0843 0x0bc4  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE - ok
21:30:51.0859 0x0bc4  [ C4A57B23C3F426194AF1E6934ED8B190, C85F87C48CA2C2064576854C40931A4FB4C76F1F438CF39887B7A78EF9E187DD ] C:\Program Files\Avira\AntiVir Desktop\ssleay32.dll
21:30:51.0859 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ssleay32.dll - ok
21:30:51.0859 0x0bc4  [ 61522DDC8E649571E5682E826E8D98E8, 18E0EF4356AAAD88396123D0AA024D33D1D385DEEA48EDED187CB503E77EB265 ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorlib.dll
21:30:51.0859 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorlib.dll - ok
21:30:51.0859 0x0bc4  [ AF21FBB2E2F88EB29CC23BCA825642FA, 794243BF93693F7F567C6835666CAFD284DC9E1ABF36377F22CE15194A6B05E5 ] C:\Program Files\Avira\AntiVir Desktop\libaprutil-1.dll
21:30:51.0859 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\libaprutil-1.dll - ok
21:30:51.0859 0x0bc4  [ EACF0FEB2E38F0F790D73D08826B6567, 150F0DE074DF066A59CEA55CE4549FC6BAF9E2CDDE3C8795937A082CEC07642D ] C:\Program Files\Avira\AntiVir Desktop\libapriconv-1.dll
21:30:51.0859 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\libapriconv-1.dll - ok
21:30:51.0875 0x0bc4  [ F5BECD89B78BE45F29B44068A895BA70, 615EB925284527C1591A3683844421DBE381DF2D49CF3540B217D221F04DE913 ] C:\Program Files\Avira\AntiVir Desktop\libapr-1.dll
21:30:51.0875 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\libapr-1.dll - ok
21:30:51.0875 0x0bc4  [ F10E780DECE91707823BE0168DC3857D, E849DD430F46D541C7108892CD2AEF915777C19240E5B58F53B205F7586C1063 ] C:\Program Files\Avira\AntiVir Desktop\avwinll.dll
21:30:51.0875 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\avwinll.dll - ok
21:30:51.0875 0x0bc4  [ 8E633850180AC04E0024093BC0273E8A, CD0FD1A915718C04C4A93937A2C0AC7D3AF4FA6092F8072D5100F19ED63184A8 ] C:\Program Files\Avira\AntiVir Desktop\aecore.dll
21:30:51.0875 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aecore.dll - ok
21:30:51.0875 0x0bc4  [ 6253BE023C1FD726757741E950515931, DB040311501C746FDB242B645A88F67C32FFB1CFC908BB65BD19FDB1E806FCB5 ] C:\WINDOWS\assembly\NativeImages1_v1.0.3705\mscorlib\1.0.3300.0__b77a5c561934e089_5d146a32\mscorlib.dll
21:30:51.0875 0x0bc4  C:\WINDOWS\assembly\NativeImages1_v1.0.3705\mscorlib\1.0.3300.0__b77a5c561934e089_5d146a32\mscorlib.dll - ok
21:30:51.0890 0x0bc4  [ 6A9692792BEFC27B06B763342B74BB6D, 5D13C00449EAB0103883F5EA1A1D2D27AD26F7E385FDED91A3D0BEEF513325E6 ] C:\Program Files\Avira\AntiVir Desktop\aevdf.dll
21:30:51.0890 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aevdf.dll - ok
21:30:51.0890 0x0bc4  [ 5A392A9B1DBE89C16759FFA3A1BA5F67, CD722C92425CC2E4FC8F222A6BE506D4F9986CD26362C66FD4FF99EF13095549 ] C:\Program Files\Avira\AntiVir Desktop\aescript.dll
21:30:51.0890 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aescript.dll - ok
21:30:51.0890 0x0bc4  [ 7954EC74667D298DB411D9E57401F8CA, CFD85E9E9ED83BBCE42A4B8E69819E2ADF1C5807924DFBC6F4849D913071B4D5 ] C:\Program Files\Avira\AntiVir Desktop\aescn.dll
21:30:51.0890 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aescn.dll - ok
21:30:51.0890 0x0bc4  [ B6B495A0263138D3E2F06441B35EA4DD, FE4CAA8B6C0A76F195D444FA134384DDAC348A36E5CECBA3F9A2D8127AEB4624 ] C:\Program Files\Avira\AntiVir Desktop\aesbx.dll
21:30:51.0890 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aesbx.dll - ok
21:30:51.0906 0x0bc4  [ 39050A12A2EFBEC944C3585374898E54, 77E0EB9FFE26E317C338A7E6426AE6FCA75E8E2AC923149FC33000208026646A ] C:\Program Files\Avira\AntiVir Desktop\aerdl.dll
21:30:51.0906 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aerdl.dll - ok
21:30:51.0906 0x0bc4  [ 42476A9992B471B9B590A3F90B2203E8, FAF35FA1ADBFC840C2CD832BB41259A8240977137A4BFE912CDF8158C059CEFB ] C:\Program Files\Avira\AntiVir Desktop\aepack.dll
21:30:51.0906 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aepack.dll - ok
21:30:51.0906 0x0bc4  [ C44E3EC19AB2ADBE81B510D937342A0C, AF344486460788DF239D1210F2AD7F9C3E9E484C1CB10E3827748DA77457C862 ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
21:30:51.0906 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll - ok
21:30:51.0921 0x0bc4  [ E32844F51539C893B4BDD00DFC486C06, 579C6E96327F39FAB312A2F162AD3B2ED310AB69EE5043197E7D6C8B2F551804 ] C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll
21:30:51.0921 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll - ok
21:30:51.0921 0x0bc4  [ D17310B8161FBDE20E76FC688D93C1B3, 0CB791E02BA875CFF6429F8F0704401947EB7329EF426CD6420796B31064A7AB ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsn.dll
21:30:51.0921 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsn.dll - ok
21:30:51.0921 0x0bc4  [ FA9D165BEDD828110EBCD01CB89071CF, 77A0C3A4AE1CE4A13F34DDBE7730781D5D76528B983D07A85B726612DFCDA79F ] C:\Program Files\Avira\AntiVir Desktop\aeheur.dll
21:30:51.0921 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aeheur.dll - ok
21:30:51.0921 0x0bc4  [ 8F84E7A264FD5E41B192947998A17946, 937B02DD9922FE26DD32F49A85E580CDFB520EFF4A87084A84FDA96C1C486CB0 ] C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
21:30:51.0921 0x0bc4  C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll - ok
21:30:51.0937 0x0bc4  [ 1E5C92E71FF190C35160605DECDE2B93, A2F9948DFDFB08C041C8C2CEA278E847C98D4173DC489382C81590B8D06B6E52 ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorjit.dll
21:30:51.0937 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorjit.dll - ok
21:30:51.0937 0x0bc4  [ 42068CB64CA9C817FB5ED5A625EA58BE, 59F9F27F888AD60EBFC9BE15D9C8112D4D5D2CE414C6148DB6DC292C532D640D ] C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll
21:30:51.0937 0x0bc4  C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll - ok
21:30:51.0953 0x0bc4  [ 86ABCC180C462B357A74E6AEA351AC25, 15DEF2A8FA9C8E28773B6956FA6BA35A7480C082B5184AB79635F43C7CE84D47 ] C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll
21:30:51.0953 0x0bc4  C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll - ok
21:30:51.0953 0x0bc4  [ 245B0C95ED04056E0A89BCEB8B511DDA, 0A371FC428844A88B2AAB7ABE71374A5940AF2B20D791EF73953861A0DB9D94D ] C:\Program Files\Avira\AntiVir Desktop\aehelp.dll
21:30:51.0953 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aehelp.dll - ok
21:30:51.0953 0x0bc4  [ F9EF05130B485AFA6EDB193C1C518798, 0E5F99E48C39A8396F4DADF7503D7652FCB86D22527C2055D023A1DDD66496AA ] C:\WINDOWS\assembly\GAC\System\1.0.3300.0__b77a5c561934e089\System.dll
21:30:51.0953 0x0bc4  C:\WINDOWS\assembly\GAC\System\1.0.3300.0__b77a5c561934e089\System.dll - ok
21:30:51.0968 0x0bc4  [ 1A551F1E5D82C49D879A12DB3EA2475A, A252A188BF96E75FFE715432814DF78B8E5B611D2E610A067A2D75991C38C60F ] C:\Program Files\Avira\AntiVir Desktop\aegen.dll
21:30:51.0968 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aegen.dll - ok
21:30:51.0968 0x0bc4  [ EBE9769C873F7B30E0711F9E0B560EA4, 84DA9268F0FE92C6CFC641E45C7EC92B65B3D9423C80BB0A081C3D80FE3E90C8 ] C:\Program Files\Avira\AntiVir Desktop\aeexp.dll
21:30:51.0968 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aeexp.dll - ok
21:30:51.0968 0x0bc4  [ 2949877F766F1088E6F99F543BFDD54C, A8E8EE7D50B99B1F00A9AE8119E696F947D5163673A6119FEB14AD86388DDEE4 ] C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll
21:30:51.0968 0x0bc4  C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll - ok
21:30:51.0984 0x0bc4  [ 76E5BF8C3DAD02DC942CF625C5434190, F40D0087C99F49ECF40ACD6D74308B7999780EB4A6F966317C9351F4E4ACEA54 ] C:\Program Files\Avira\AntiVir Desktop\aeemu.dll
21:30:51.0984 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aeemu.dll - ok
21:30:51.0984 0x0bc4  [ 6DB4001D627CE0D8718A3D22D7999EA7, 907B3706E88F07FC20DB4E14406C6E76C020330FC978208A3ADBA50B1224739E ] C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll
21:30:51.0984 0x0bc4  C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll - ok
21:30:51.0984 0x0bc4  [ FCFC31FE1B8A81FD796B3A18610932CC, 9229E64B1C9B817EBB3A6B4F2914F213B032788E73AC4C0AA3A4966B2C1A17B2 ] C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System\1.0.3300.0__b77a5c561934e089_c9a515e0\System.dll
21:30:51.0984 0x0bc4  C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System\1.0.3300.0__b77a5c561934e089_c9a515e0\System.dll - ok
21:30:51.0984 0x0bc4  [ 00C1F27FF4B4E575C4160EB4A4464BE7, 1D37FCD4B521D44A9816F598C0D612F076148B6DDE852EAC24A1D8FFD7F413CE ] C:\Program Files\Avira\AntiVir Desktop\aedroid.dll
21:30:51.0984 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aedroid.dll - ok
21:30:52.0000 0x0bc4  [ AE80657661F164C09D802B339539DDC2, 1973B60640DBF0340626A877A8963FBC9F9882A0A7A84DC743A535E9D679F0FE ] C:\Program Files\Avira\AntiVir Desktop\aebb.dll
21:30:52.0000 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\aebb.dll - ok
21:30:52.0000 0x0bc4  [ E9488A950F5F03F5CB192A2D7CDC193D, BD81B4D4CE49303194DF046CDDE83B6355AF3BA25B06BC5CB69869BCAC8F3372 ] C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll
21:30:52.0000 0x0bc4  C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll - ok
21:30:52.0000 0x0bc4  [ D8215081E4E9E04DA33E842CFE6FE003, 611EE49393022C5E0BA470AC6602424DA95406C8598FD2D63F305EEC76253A94 ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll
21:30:52.0000 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll - ok
21:30:52.0000 0x0bc4  [ 9707DC586A15BFC5F169EAFB0028ADD2, 8497C6589AC4B2EFDAD3AD76C76BE2FD7D6A21D6FB5DEC636694FDD875F18764 ] C:\WINDOWS\ehome\EhUI.dll
21:30:52.0000 0x0bc4  C:\WINDOWS\ehome\EhUI.dll - ok
21:30:52.0015 0x0bc4  [ 0259E1CF565EC9A75676950B404B73D3, 6602153053FF606F5DE2B587C58955CCAE221AFB6A1CAEE53AF050642923190F ] C:\WINDOWS\ehome\EhDebug.dll
21:30:52.0015 0x0bc4  C:\WINDOWS\ehome\EhDebug.dll - ok
21:30:52.0015 0x0bc4  [ 8973122796E3B5D6B5900FC186E55FEA, 350120A20F8591C27E68A5903E3175DD3F4F85BA2FF1F8B6E1D3B3758B5B509D ] C:\WINDOWS\system32\hid.dll
21:30:52.0015 0x0bc4  C:\WINDOWS\system32\hid.dll - ok
21:30:52.0015 0x0bc4  [ 87FD63FEBCCA31C1104BA557C0EAF919, AFBFC86B5EC41C4BB530F1A01304501501BE84B38BD186B1A6EF5E1489A6C5F3 ] C:\WINDOWS\assembly\GAC\System.Xml\1.0.3300.0__b77a5c561934e089\System.Xml.dll
21:30:52.0015 0x0bc4  C:\WINDOWS\assembly\GAC\System.Xml\1.0.3300.0__b77a5c561934e089\System.Xml.dll - ok
21:30:52.0015 0x0bc4  [ 208AD2001AA9CF147BDD10F3D44FB3B9, 1A9F42031D74E468BE6628E9EE9A23EF7119B1D526656D766F2324D3BD2024EF ] C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System.Xml\1.0.3300.0__b77a5c561934e089_70d22bfe\System.Xml.dll
21:30:52.0015 0x0bc4  C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System.Xml\1.0.3300.0__b77a5c561934e089_70d22bfe\System.Xml.dll - ok
21:30:52.0031 0x0bc4  [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll
21:30:52.0031 0x0bc4  C:\WINDOWS\system32\shfolder.dll - ok
21:30:52.0031 0x0bc4  [ 30DA5EED5F64C875FDAF9E0283F654C9, 255645F67CA433118507D4B3DF426645D587DB7A5CA4D6D226C0A62A3CDF84DD ] C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll
21:30:52.0031 0x0bc4  C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll - ok
21:30:52.0031 0x0bc4  [ 3550DFA6FFFBD7604DABB28DF4ABF096, BABCA3DC67EDFD97B255D6FF34F9FBE1C06CADDF279F16ED09A368A4EDC3C60F ] C:\WINDOWS\ehome\custsat.dll
21:30:52.0031 0x0bc4  C:\WINDOWS\ehome\custsat.dll - ok
21:30:52.0031 0x0bc4  [ 7F86A0C11A59B94E134C71DF6C5528BF, 17579D7E478CE3F6D0133B728D0E9CD14EC20A75D1143C8F65466D0F80A266C9 ] C:\WINDOWS\assembly\GAC\System.Data\1.0.3300.0__b77a5c561934e089\System.Data.dll
21:30:52.0031 0x0bc4  C:\WINDOWS\assembly\GAC\System.Data\1.0.3300.0__b77a5c561934e089\System.Data.dll - ok
21:30:52.0046 0x0bc4  [ 332760FBA1655FCFD35BD6F4FD871300, 6C539FD14B9CF9423E305EAF60CB5C12CA0F7AEF571FB09BAF64E83F108B7F2D ] C:\WINDOWS\system32\ipsecsvc.dll
21:30:52.0046 0x0bc4  C:\WINDOWS\system32\ipsecsvc.dll - ok
21:30:52.0046 0x0bc4  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
21:30:52.0046 0x0bc4  C:\WINDOWS\system32\netman.dll - ok
21:30:52.0046 0x0bc4  [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
21:30:52.0046 0x0bc4  C:\WINDOWS\system32\netshell.dll - ok
21:30:52.0062 0x0bc4  [ 584C4DA856450CB22EBBE7A68CC6250F, 56030767CFD2DAFDAE8CC767DC1EED39DD2E6E42152BFAE7904C2C8826B2C3E2 ] C:\WINDOWS\system32\oakley.dll
21:30:52.0062 0x0bc4  C:\WINDOWS\system32\oakley.dll - ok
21:30:52.0062 0x0bc4  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] C:\WINDOWS\system32\regsvc.dll
21:30:52.0062 0x0bc4  C:\WINDOWS\system32\regsvc.dll - ok
21:30:52.0062 0x0bc4  [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
21:30:52.0062 0x0bc4  C:\WINDOWS\system32\winipsec.dll - ok
21:30:52.0062 0x0bc4  [ 853D0D0C6F02D7BFDF1CF99DD7553732, AC761B4CA518B787CB2C18101606E5F64245049D140C72B6B1112556DEC86B2E ] C:\WINDOWS\system32\pstorsvc.dll
21:30:52.0062 0x0bc4  C:\WINDOWS\system32\pstorsvc.dll - ok
21:30:52.0078 0x0bc4  [ 22D89D84E8E081CDA529DBF8C0255A38, 26863A2D27BE257D99EF28A612FC1B514558B27002EF10B0F682BC15C6D1CD74 ] C:\WINDOWS\system32\psbase.dll
21:30:52.0078 0x0bc4  C:\WINDOWS\system32\psbase.dll - ok
21:30:52.0078 0x0bc4  [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll
21:30:52.0078 0x0bc4  C:\WINDOWS\system32\dssenh.dll - ok
21:30:52.0078 0x0bc4  [ 326A73F82BCEC1D01F8D25C69C297245, AC2F5003BFD507D97836E8B2DA2034C087DC6C437167FAD642A41DEF2C98B00E ] C:\WINDOWS\ehome\ehproxy.dll
21:30:52.0078 0x0bc4  C:\WINDOWS\ehome\ehproxy.dll - ok
21:30:52.0078 0x0bc4  [ F4AC4B6C372B934B09CC68EBFC8EB2E5, 2C00E6CDA8F0E33A27E07E8A81C68A9C17A0D8A22088CFD25CA17613F6CA9D13 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
21:30:52.0078 0x0bc4  C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - ok
21:30:52.0093 0x0bc4  [ 8FBAABF97CCFC1264A0532C21CDC9AC9, E0ABAEACB5B5AEEC0FD43F9A739A1EAA29B59366A426EB1EF32C1B1ACDA2980F ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
21:30:52.0093 0x0bc4  C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll - ok
21:30:52.0093 0x0bc4  [ ED0C0DF222209E43AD9AFBF3FE87DDE0, 927329F9244DA9F0074FA0D4C101EE793AFCF433155E58714C33444C5EF35014 ] C:\WINDOWS\system32\comsvcs.dll
21:30:52.0093 0x0bc4  C:\WINDOWS\system32\comsvcs.dll - ok
21:30:52.0093 0x0bc4  [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
21:30:52.0093 0x0bc4  C:\WINDOWS\system32\credui.dll - ok
21:30:52.0093 0x0bc4  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
21:30:52.0093 0x0bc4  C:\WINDOWS\system32\dot3dlg.dll - ok
21:30:52.0109 0x0bc4  [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
21:30:52.0109 0x0bc4  C:\WINDOWS\system32\onex.dll - ok
21:30:52.0109 0x0bc4  [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
21:30:52.0109 0x0bc4  C:\WINDOWS\system32\eappcfg.dll - ok
21:30:52.0109 0x0bc4  [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
21:30:52.0109 0x0bc4  C:\WINDOWS\system32\eappprxy.dll - ok
21:30:52.0125 0x0bc4  [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
21:30:52.0125 0x0bc4  C:\WINDOWS\system32\wzcsapi.dll - ok
21:30:52.0125 0x0bc4  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] C:\WINDOWS\system32\seclogon.dll
21:30:52.0125 0x0bc4  C:\WINDOWS\system32\seclogon.dll - ok
21:30:52.0125 0x0bc4  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
21:30:52.0125 0x0bc4  C:\WINDOWS\system32\sens.dll - ok
21:30:52.0125 0x0bc4  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
21:30:52.0125 0x0bc4  C:\WINDOWS\system32\srsvc.dll - ok
21:30:52.0140 0x0bc4  [ 690D97864735E8ECD87F55777E266690, 2098D2AADEF82C3EDD82FD6182C14568CDE1EF02205ED1EA4CB19252B74BB807 ] C:\WINDOWS\system32\colbact.dll
21:30:52.0140 0x0bc4  C:\WINDOWS\system32\colbact.dll - ok
21:30:52.0140 0x0bc4  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] C:\WINDOWS\system32\trkwks.dll
21:30:52.0140 0x0bc4  C:\WINDOWS\system32\trkwks.dll - ok
21:30:52.0140 0x0bc4  [ 36795A645EAA47FE31D2A8F136A2C69B, D681D7DFC4A2A2F10658D76A93F009BDBFC6117E245E0883C509A286DC952EAD ] C:\WINDOWS\system32\mtxclu.dll
21:30:52.0140 0x0bc4  C:\WINDOWS\system32\mtxclu.dll - ok
21:30:52.0140 0x0bc4  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\WINDOWS\system32\wuaueng.dll
21:30:52.0140 0x0bc4  C:\WINDOWS\system32\wuaueng.dll - ok
21:30:52.0156 0x0bc4  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] C:\WINDOWS\system32\wuauserv.dll
21:30:52.0156 0x0bc4  C:\WINDOWS\system32\wuauserv.dll - ok
21:30:52.0156 0x0bc4  [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll
21:30:52.0156 0x0bc4  C:\WINDOWS\system32\wsock32.dll - ok
21:30:52.0156 0x0bc4  [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
21:30:52.0156 0x0bc4  C:\WINDOWS\system32\clusapi.dll - ok
21:30:52.0156 0x0bc4  [ F51EBB6FC536A6B2D588FD668D3A8249, 6C22B5FBE3F721025879447B006EC5A343D482A87E23674B5A3BB43983AB328E ] C:\WINDOWS\system32\resutils.dll
21:30:52.0156 0x0bc4  C:\WINDOWS\system32\resutils.dll - ok
21:30:52.0171 0x0bc4  [ B85E95679B5ADC12311BCD3F5385D623, 378D304CF408AE1928EF6290A5A9F2388920B55FD69382759B356B6A3FF94F3A ] C:\WINDOWS\system32\mspatcha.dll
21:30:52.0171 0x0bc4  C:\WINDOWS\system32\mspatcha.dll - ok
21:30:52.0171 0x0bc4  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
21:30:52.0171 0x0bc4  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
21:30:52.0171 0x0bc4  [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
21:30:52.0171 0x0bc4  C:\WINDOWS\system32\vssapi.dll - ok
21:30:52.0187 0x0bc4  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] C:\WINDOWS\system32\browser.dll
21:30:52.0187 0x0bc4  C:\WINDOWS\system32\browser.dll - ok
21:30:52.0187 0x0bc4  [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
21:30:52.0187 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe - ok
21:30:52.0187 0x0bc4  [ 3458EDA96E30FBD0477A2800D3FB1909, BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ] C:\WINDOWS\system32\wups.dll
21:30:52.0187 0x0bc4  C:\WINDOWS\system32\wups.dll - ok
21:30:52.0187 0x0bc4  [ BDC0C99E472176C8C2C853A68ADC5073, 9A0A0CEE321C9BAF5545D6CB0BE3E725228B694F331FFACCEB770350AAF2C8C3 ] C:\WINDOWS\system32\wups2.dll
21:30:52.0187 0x0bc4  C:\WINDOWS\system32\wups2.dll - ok
21:30:52.0203 0x0bc4  [ F64FD5C7FEF7FC25CBA37974FF3584D7, 8F9F7685416D1B5ECC842B0836F251D71DD79F5E32BC1DC6BE920C0A22AC90CC ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
21:30:52.0203 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
21:30:52.0203 0x0bc4  [ 2E0B0A051FFAA86E358465BB0880D453, 493CF6150DE95B269727631D50FE21405A41E449C4FF43E94F93D27559EA5624 ] C:\WINDOWS\system32\wuauclt.exe
21:30:52.0203 0x0bc4  C:\WINDOWS\system32\wuauclt.exe - ok
21:30:52.0203 0x0bc4  [ 79E3A8C328E7E569C32B0998377D9742, F5854956E452AD663004679BBDF8B006695B69C8962534CD243193F04F294DF3 ] C:\WINDOWS\system32\spoolss.dll
21:30:52.0203 0x0bc4  C:\WINDOWS\system32\spoolss.dll - ok
21:30:52.0203 0x0bc4  [ 5677DFE438EC1F009273FC84FEED6B10, 44B62CC4D138E13C22FC29E9751CB7ED0B0C6C8897A8E6469172F8642B0527BE ] C:\WINDOWS\system32\localspl.dll
21:30:52.0203 0x0bc4  C:\WINDOWS\system32\localspl.dll - ok
21:30:52.0218 0x0bc4  [ BD7BD4E342AB3AB84C1441AA76213605, 4FF2C38A59C2123983B89632CD42CD4632294F770CE4DD60EAE7172A85172B51 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll
21:30:52.0218 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll - ok
21:30:52.0218 0x0bc4  [ 5D3D1AB0EF4EA55B731863050482C111, 8713DAA48DBC5FDF95BE993863BEE669BBB4026347DC575D72F520F423EE21BA ] C:\WINDOWS\system32\cnbjmon.dll
21:30:52.0218 0x0bc4  C:\WINDOWS\system32\cnbjmon.dll - ok
21:30:52.0218 0x0bc4  [ E0B83ADFB16D794A0D207FE119D03182, FD3B4C09FF16C14F9153BD9C4C5CEE2FA3E6914826564CF2E38AF581F3EDF85B ] C:\WINDOWS\system32\HPTcpMon.dll
21:30:52.0218 0x0bc4  C:\WINDOWS\system32\HPTcpMon.dll - ok
21:30:52.0218 0x0bc4  [ 16FC2C309998C6D55C182652D6A1C5B1, 37034E39F67C3D61D2492FDEB7BDDDD13B7BD74B3273271A01DD0FEDE88C9071 ] C:\WINDOWS\system32\hpzjrd01.dll
21:30:52.0218 0x0bc4  C:\WINDOWS\system32\hpzjrd01.dll - ok
21:30:52.0234 0x0bc4  [ 5CC3838902A9257B79BD43F56D8B7275, BF2CF170CC211E49C0ACC0ED5B592600ECE03BA5D6B276585610BEAFB54C14F0 ] C:\WINDOWS\system32\HPTcpMUI.dll
21:30:52.0234 0x0bc4  C:\WINDOWS\system32\HPTcpMUI.dll - ok
21:30:52.0234 0x0bc4  [ 36247C6D5E1FE03A56EE81BB99D7E68C, 7AA08706962501FD780B86368BEC85F282A5B015C5E0AC638B6E3099521D147A ] C:\WINDOWS\system32\HPTcpMib.dll
21:30:52.0234 0x0bc4  C:\WINDOWS\system32\HPTcpMib.dll - ok
21:30:52.0234 0x0bc4  [ 1E744353BD534405187A404667DA3DC3, ACE581FBF36BD511C64E37760526F1BB7172FD5045708BA836933D8FACC4FAFA ] C:\WINDOWS\system32\mgmtapi.dll
21:30:52.0234 0x0bc4  C:\WINDOWS\system32\mgmtapi.dll - ok
21:30:52.0250 0x0bc4  [ 5C1F0537E61F87B435F56E00B4F20EE8, AA4BAD8612F45125421C13536D6E7FB4C85BA6DE7D61BDE19949286FB1910B3D ] C:\WINDOWS\system32\snmpapi.dll
21:30:52.0250 0x0bc4  C:\WINDOWS\system32\snmpapi.dll - ok
21:30:52.0250 0x0bc4  [ 277F3E3333F1D10CA428568197FCCE70, 1AC24A8817396FA4172DC6216FBF82A1F6F8F9A1A1F87D6884FF17DCCB15C3FF ] C:\WINDOWS\system32\wsnmp32.dll
21:30:52.0250 0x0bc4  C:\WINDOWS\system32\wsnmp32.dll - ok
21:30:52.0250 0x0bc4  [ CF0376023360AADD55C89BA50564AFDC, C34320B40645DEA817852AAB63C76F40C18F563EB2760A9D191047A2B6C73973 ] C:\WINDOWS\system32\mdimon.dll
21:30:52.0250 0x0bc4  C:\WINDOWS\system32\mdimon.dll - ok
21:30:52.0250 0x0bc4  [ CC6292CA575E851E5B74BF8883AB967A, 40DB13B96395FC753C4BC70C32A1845002DDD613955589F8EE0BF7E049A43779 ] C:\WINDOWS\system32\fxsmon.dll
21:30:52.0250 0x0bc4  C:\WINDOWS\system32\fxsmon.dll - ok
21:30:52.0265 0x0bc4  [ BDB83C844EDEC9BD01A94750D2C38DDF, B18B9E9B9EE74143153CA2479BF7FC9A5528DB4023FA085D0DA5E9B8795C7428 ] C:\WINDOWS\system32\fxsevent.dll
21:30:52.0265 0x0bc4  C:\WINDOWS\system32\fxsevent.dll - ok
21:30:52.0265 0x0bc4  [ 222DE7F5EDB9DDBE628384A1A8BE59CE, 063AF8C6C251961ABC93A8E8A07DB9B9582CD1812CA3BB297FAFDF0AD3E5B4CC ] C:\WINDOWS\system32\pjlmon.dll
21:30:52.0265 0x0bc4  C:\WINDOWS\system32\pjlmon.dll - ok
21:30:52.0265 0x0bc4  [ AE0382AD9C73D343D85E1A50C80B7C20, 7477A5A33C0ACF80BE73F0169893A7D53AF8ABC514FCE190A6ACC677092E5A55 ] C:\WINDOWS\system32\tcpmon.dll
21:30:52.0265 0x0bc4  C:\WINDOWS\system32\tcpmon.dll - ok
21:30:52.0265 0x0bc4  [ F26385E8BA4549B5186B774EC0E45D86, 0BA8CA4C06918690EA68678CA5887F1B7E2B0976C99BDFAF99CC1C99F3E300A0 ] C:\WINDOWS\system32\usbmon.dll
21:30:52.0265 0x0bc4  C:\WINDOWS\system32\usbmon.dll - ok
21:30:52.0281 0x0bc4  [ 58E13A2292839321D3CDC918D5A4F5AE, BC5978187A50AC886E30092904407F14B7BCFA997093989D20DB61EE6BA963E2 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
21:30:52.0281 0x0bc4  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
21:30:52.0281 0x0bc4  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C, 7123FC923BA4C3DD3EDFE9F8936442C4CCE7757D370AB799B0B5668223B965EE ] C:\WINDOWS\system32\win32spl.dll
21:30:52.0281 0x0bc4  C:\WINDOWS\system32\win32spl.dll - ok
21:30:52.0281 0x0bc4  [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
21:30:52.0281 0x0bc4  C:\WINDOWS\system32\netrap.dll - ok
21:30:52.0281 0x0bc4  [ EE4C651A217B01D636B5364AC77DA892, E40C7DD39234673A3BA8FD87C189653C391E326ECB3E8011B5020BB9D78F56D0 ] C:\WINDOWS\system32\inetpp.dll
21:30:52.0281 0x0bc4  C:\WINDOWS\system32\inetpp.dll - ok
21:30:52.0296 0x0bc4  [ 1986443C2F2C0E2A18E908DD241BF84D, AF9B29E3E6F3327185BF61F251BD4F759DC84A392E48A4EA69B8B9A062C2D57F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll
21:30:52.0296 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll - ok
21:30:52.0296 0x0bc4  [ 7D69C583DC724A8EB688D6ADCC3D73A6, 4AF44807208831000BF6FCFD1FEC377E3A83463825352EF9301966623F22E56E ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
21:30:52.0296 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
21:30:52.0296 0x0bc4  [ 7B1028A754BB63BBFC75B6A94C3F47E5, 5F95774F93217A717EBD865FEDBF3D0D2778E2E1D9AA56FF5D8D6DF845F68858 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
21:30:52.0296 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
21:30:52.0296 0x0bc4  [ 82E1FF067A74BF3EC61D1962AD9335BC, 4531C17A57F95BAB1EC4C176A3593B09114CA4264ACFC16B13528F38A61D6C1C ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll
21:30:52.0296 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll - ok
21:30:52.0312 0x0bc4  [ 6D3D5B39216081CD98CB7C4FCAEEFF3E, 50BA0BF9A09FE1B6460FF24D0E7BC9C581965D83B889EBC96B0EAA98AD96E6D9 ] C:\Program Files\Avira\My Avira\Avira.OE.WinCore.dll
21:30:52.0312 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.WinCore.dll - ok
21:30:52.0312 0x0bc4  [ 7D0658BE14EE9EF5982329AEE02F823F, 949B69F6A72DA519AC3C09DC714CE3966422A10AB1C49F3D028C9307C7590461 ] C:\Program Files\Avira\My Avira\Avira.OE.WinCore.Interface.dll
21:30:52.0312 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.WinCore.Interface.dll - ok
21:30:52.0312 0x0bc4  [ 19348207EADADF20555601D4513793D5, FAA05D239DD4A9E0CCC187F6A4EF10D97C6B7724577A336F8CF1390600E9EEE7 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll
21:30:52.0312 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll - ok
21:30:52.0328 0x0bc4  [ 40CB47F60854703F7A13594FE01B6486, 1EA9B25C9D9BEFE8DA20E3714412E3997ADE3A1C464D0EF91F0675F86289A599 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll
21:30:52.0328 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll - ok
21:30:52.0328 0x0bc4  [ A247F4652ACDAA8F11A0DEF33B08F7EF, 43BAD2215ED585785FB27774D71B05CD1433B650EDA8DFCBAF89FA4747BA6795 ] C:\Program Files\Avira\My Avira\en-US\Avira.OE.ServiceHost.resources.dll
21:30:52.0328 0x0bc4  C:\Program Files\Avira\My Avira\en-US\Avira.OE.ServiceHost.resources.dll - ok
21:30:52.0328 0x0bc4  [ F0C17D3F49025C0E6E384FFEB8B73C94, 30026E34A3EAEDBE17FAA0F05F2408AD84A776B1501E7649DBA3E486E2DF646D ] C:\Program Files\Avira\My Avira\Avira.OE.Communicator.Interface.dll
21:30:52.0328 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.Communicator.Interface.dll - ok
21:30:52.0328 0x0bc4  [ EDC06142791AF9B9CE83B3899D124010, 6BECDB374A324938CE5DBA0BC806A150A79A762962E202059291EE6431C8DD75 ] C:\Program Files\Avira\My Avira\Avira.OE.SpeedupConnector.Interface.dll
21:30:52.0328 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.SpeedupConnector.Interface.dll - ok
21:30:52.0343 0x0bc4  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] C:\WINDOWS\system32\wscsvc.dll
21:30:52.0343 0x0bc4  C:\WINDOWS\system32\wscsvc.dll - ok
21:30:52.0343 0x0bc4  [ 2BE9F91D58F0812785B15E3325F3B05A, 5CEAAE502E42F5002DEE7BFF9CA161DEACFCCE49DF1FD3EB00F11013859F8BE7 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\768ccd38c2bf1f7045e79ac03cb679f1\System.ComponentModel.Composition.ni.dll
21:30:52.0343 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\768ccd38c2bf1f7045e79ac03cb679f1\System.ComponentModel.Composition.ni.dll - ok
21:30:52.0343 0x0bc4  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] C:\WINDOWS\system32\ipnathlp.dll
21:30:52.0343 0x0bc4  C:\WINDOWS\system32\ipnathlp.dll - ok
21:30:52.0359 0x0bc4  [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
21:30:52.0359 0x0bc4  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
21:30:52.0359 0x0bc4  [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
21:30:52.0359 0x0bc4  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
21:30:52.0359 0x0bc4  [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
21:30:52.0359 0x0bc4  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
21:30:52.0359 0x0bc4  [ D5DD421DA004C9763B1826000F0D7DC4, 3569C6FB157BBD8659CDBDE34D87270A0EFDC22ADBEE83F8EAD3A6A8F1D8CF3A ] C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
21:30:52.0359 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll - ok
21:30:52.0375 0x0bc4  [ 034CCADC1C073E4216E9466B720F9849, 86E39B5995AF0E042FCDAA85FE2AEFD7C9DDC7AD65E6327BD5E7058BC3AB615F ] C:\WINDOWS\system32\msvcr120.dll
21:30:52.0375 0x0bc4  C:\WINDOWS\system32\msvcr120.dll - ok
21:30:52.0375 0x0bc4  [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
21:30:52.0375 0x0bc4  C:\WINDOWS\system32\wbem\esscli.dll - ok
21:30:52.0375 0x0bc4  [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
21:30:52.0375 0x0bc4  C:\WINDOWS\system32\wbem\fastprox.dll - ok
21:30:52.0375 0x0bc4  [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
21:30:52.0375 0x0bc4  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
21:30:52.0390 0x0bc4  [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
21:30:52.0390 0x0bc4  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
21:30:52.0390 0x0bc4  [ FD5CABBE52272BD76007B68186EBAF00, 87C42CA155473E4E71857D03497C8CBC28FA8FF7F2C8D72E8A1F39B71078F608 ] C:\WINDOWS\system32\msvcp120.dll
21:30:52.0390 0x0bc4  C:\WINDOWS\system32\msvcp120.dll - ok
21:30:52.0390 0x0bc4  [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
21:30:52.0390 0x0bc4  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
21:30:52.0390 0x0bc4  [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
21:30:52.0390 0x0bc4  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
21:30:52.0406 0x0bc4  [ 7FD5DA8145C09858AC201D4A29DF242D, 66062F2FA8282D49EC824FC1FA55B6D86B112FC5893BC234C126A6480E425A7F ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll
21:30:52.0406 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll - ok
21:30:52.0406 0x0bc4  [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
21:30:52.0406 0x0bc4  C:\WINDOWS\system32\wbem\wbemess.dll - ok
21:30:52.0406 0x0bc4  [ 1A617835452EEE5060976C9B9F5FE635, DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ] C:\WINDOWS\system32\wuapi.dll
21:30:52.0406 0x0bc4  C:\WINDOWS\system32\wuapi.dll - ok
21:30:52.0421 0x0bc4  [ 73D67A7F55A6438F10E35F16D47ABA29, 9FFBF5942BF05FC1C81B052EE691526D7F046BFA56AC8218C9DA907EA8DFE829 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll
21:30:52.0421 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll - ok
21:30:52.0421 0x0bc4  [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
21:30:52.0421 0x0bc4  C:\WINDOWS\system32\wbem\ncprov.dll - ok
21:30:52.0421 0x0bc4  [ 74A487F5C59CBBD1CBADD90CD222A8FD, CB6104F9BF4AFEDA71C6847817D5066922F3378F68EF7CF478AA36DAE6B70B04 ] C:\Program Files\Avira\My Avira\Avira.OE.Communicator.dll
21:30:52.0421 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.Communicator.dll - ok
21:30:52.0421 0x0bc4  [ 8D0A99BBD941DDF5486A29815ED4A65C, F3CD061563123D0CC57D694FF34A0131490592A31F05585EDB77BB16C9109AA8 ] C:\Program Files\Avira\My Avira\Avira.OE.AvConnector.dll
21:30:52.0421 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.AvConnector.dll - ok
21:30:52.0437 0x0bc4  [ C67A069A8862D417D4365028B7D278AD, 1A7EEF28705D59F759232FBD4A52788FC25905C3300A7810980BCF025C405F84 ] C:\Program Files\Avira\My Avira\Avira.OE.BrowserExtensionConnector.dll
21:30:52.0437 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.BrowserExtensionConnector.dll - ok
21:30:52.0437 0x0bc4  [ E8B7FA9F835372089C8D886243193670, 74D98E07E96810290D5041EAFDCE92190742AEB7FE033CEF5F0818733D033B86 ] C:\Program Files\Avira\My Avira\Avira.OE.DropboxConnector.dll
21:30:52.0437 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.DropboxConnector.dll - ok
21:30:52.0437 0x0bc4  [ 24D9118B6AE56C1646EAB8111678884F, 22326D7AE0EE63DC487544EB60228F7424ED637657D039FF5B9CEF9E2566ED64 ] C:\Program Files\Avira\My Avira\Avira.OE.SpeedupConnector.dll
21:30:52.0437 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.SpeedupConnector.dll - ok
21:30:52.0437 0x0bc4  [ F638F1E690C8DCC16EC7BFA731668D9F, BEB01E129B50031E575A4B1B360584714A2DB5FF3C88920B548C2095FAEB9160 ] C:\Program Files\Avira\My Avira\WebSocket4Net.dll
21:30:52.0437 0x0bc4  C:\Program Files\Avira\My Avira\WebSocket4Net.dll - ok
21:30:52.0453 0x0bc4  [ 7A114BF6C0D6B163B77508378373F3D8, F87A6928E09B544E14F54E52CA93DD62CA926E6A78431C6B172BA732074E811A ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9db486997d651f0646a089ff6cfb605e\System.Runtime.Serialization.ni.dll
21:30:52.0453 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9db486997d651f0646a089ff6cfb605e\System.Runtime.Serialization.ni.dll - ok
21:30:52.0453 0x0bc4  [ 77D17E48F4999EC725C37A83CF80F498, 4A46D1708449E8540DAB10700359D2EC38EB2C38608F589E9A316EE9939B1254 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\7c73ac0ffec7d226ca3dac70df184f18\System.ServiceModel.ni.dll
21:30:52.0453 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\7c73ac0ffec7d226ca3dac70df184f18\System.ServiceModel.ni.dll - ok
21:30:52.0453 0x0bc4  [ B7B6925569F579D109D2FE5D2CB758C2, 3FBEF512D14002E189FD911D1C2E86B4F0F66C69880132630F77890D07345538 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
21:30:52.0453 0x0bc4  C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll - ok
21:30:52.0453 0x0bc4  [ 3724A9C6025168FD53C6B5A385D6DE08, 8D2025890275BF647BE2038EDEE973A99EB950E01C24E099B079A6AAAB69500E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll
21:30:52.0453 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll - ok
21:30:52.0468 0x0bc4  [ 41962D5E18E9874390BC1F074571A6BB, 2015A691432CE09EB8A4C9D2C1FE95BFF4AF8A0702F3F2925068A54D416512B5 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
21:30:52.0468 0x0bc4  C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
21:30:52.0468 0x0bc4  [ 3FDCD4B976AF5FF4B345CB5CDBF19490, C75863FC9B96DA6F44593DF10986153EDCC0CD1CC5D556A222923D35BE144603 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll
21:30:52.0468 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll - ok
21:30:52.0468 0x0bc4  [ DAA19F5ECE17866DEE20A1693B5C96E7, 0ABEE3CE9253AD3B5FEB9FED5D3254893327F57CE3A903348F822A7743A4B40E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\ff4ecc058f27a9c36136e5d38e43fb59\WindowsBase.ni.dll
21:30:52.0468 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\ff4ecc058f27a9c36136e5d38e43fb59\WindowsBase.ni.dll - ok
21:30:52.0484 0x0bc4  [ 34058FAF01E261BEBF11D63CC14BC7BA, D601363FD4C3F35588162E932C68C2BEC3013C21ECA16DDD2719F9E633CCD80E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8a6f500c40e3fa7da71110af6c0a60ac\System.Xml.Linq.ni.dll
21:30:52.0484 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8a6f500c40e3fa7da71110af6c0a60ac\System.Xml.Linq.ni.dll - ok
21:30:52.0484 0x0bc4  [ 36314D5A8E68116ED45AFE3E204D18CA, 0B59959A8205A46F19EBDB49D597CE314D0603190AA6AF0A8A3BE79F9FB61EFA ] C:\Program Files\Avira\My Avira\Avira.OE.AvConnector.Interface.dll
21:30:52.0484 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.AvConnector.Interface.dll - ok
21:30:52.0484 0x0bc4  [ A96901AF8915969433CED8014584B20B, 1E68D5EAB3D6C54F79000F3D89F2E7A57A2D9D4DCF1E628527426F0F76371091 ] C:\Program Files\Avira\My Avira\Avira.OE.DropboxConnector.Interface.dll
21:30:52.0484 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.DropboxConnector.Interface.dll - ok
21:30:52.0500 0x0bc4  [ 7C359500407DD393A276010AB778D5AF, A4009288982E4C30D22B544167F72DB882E34F0FDA7D4061B2C02C84688C0ED1 ] C:\Program Files\Avira\My Avira\Ionic.Zip.Reduced.dll
21:30:52.0500 0x0bc4  C:\Program Files\Avira\My Avira\Ionic.Zip.Reduced.dll - ok
21:30:52.0500 0x0bc4  [ B80A7EF1A81EBE75356EB6DD28F0C495, 429E44A166A920D33616549BABB0921E5EC175748F7C9A459CA094C61889048A ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ba4bc24df463a622c0e918d8c49672ed\SMDiagnostics.ni.dll
21:30:52.0500 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ba4bc24df463a622c0e918d8c49672ed\SMDiagnostics.ni.dll - ok
21:30:52.0515 0x0bc4  [ 0BAC2D0E37475652B94DCE79BAD2D5D7, BAC5D019927E9F3AF1C310083E0725AEE72584C88F5348558328F9A0587312D3 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f56869ede7c0fddb751c39e050dd62a8\System.Runtime.DurableInstancing.ni.dll
21:30:52.0515 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f56869ede7c0fddb751c39e050dd62a8\System.Runtime.DurableInstancing.ni.dll - ok
21:30:52.0515 0x0bc4  [ 3C9420A013661B401791494CB9C7AF91, F5CE37262FC9DA3AA595F5C969CED7626528348F556C18F943EEC325BB0A0746 ] C:\Program Files\Avira\My Avira\NLog.dll
21:30:52.0515 0x0bc4  C:\Program Files\Avira\My Avira\NLog.dll - ok
21:30:52.0531 0x0bc4  [ 2D035877D6658C12B70ED978BAF7B3EC, 96A2B817C83C99D2ED8FA45D3693D4B01E129DA63589971221E86B00954D0242 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll
21:30:52.0531 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll - ok
21:30:52.0531 0x0bc4  [ B322ECF248C6872974CDC48F79D92290, 341C70EF877F2E993AC11789B3257AFFD009BD17BD5AC3CA1320AE80BA8EF7E6 ] C:\Program Files\Avira\AntiVir Desktop\rctext.dll
21:30:52.0531 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\rctext.dll - ok
21:30:52.0531 0x0bc4  [ 71FA6A94ECA5D70A56E492750FB76F2E, 274586DB5FE87FD965306780CD78EC7C2DEF76AADB3980FB5DD4ADA5B8583A60 ] C:\Program Files\Avira\AntiVir Desktop\avpref.dll
21:30:52.0531 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\avpref.dll - ok
21:30:52.0546 0x0bc4  [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{1EC30E7B-3F84-4C64-8925-561FBA76E37C}.exe
21:30:52.0546 0x0bc4  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{1EC30E7B-3F84-4C64-8925-561FBA76E37C}.exe - ok
21:30:52.0546 0x0bc4  [ 511C9E3DD98B1A403AAB8F2DBDCB667C, D3D706A050EDD84D6F5E6FF83260B844C8B5AE3D9D164D120EC942634072189E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll
21:30:52.0546 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll - ok
21:30:52.0546 0x0bc4  [ 17AA58A54C00F1746B8654C050491F43, AADA0D527FB96852998073E58F93710C4B3A25D7D1414BA9F23A28DA3D06B4CD ] C:\WINDOWS\system32\msutb.dll
21:30:52.0546 0x0bc4  C:\WINDOWS\system32\msutb.dll - ok
21:30:52.0562 0x0bc4  [ 621B8A1AA85635B59837F44D853B5859, EF551EA35FFD476334F9D798BB7C52BD1A7FC213059E1C13DF7CB60717277D81 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
21:30:52.0562 0x0bc4  C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
21:30:52.0562 0x0bc4  [ E40FCF943127DDC8FD60554B722D762B, 2E7A7C08B56E07D69CB32F335D93F6D2C748EFA2CF4C41102A18C7761A4E9CF0 ] C:\WINDOWS\system32\msctf.dll
21:30:52.0562 0x0bc4  C:\WINDOWS\system32\msctf.dll - ok
21:30:52.0562 0x0bc4  [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
21:30:52.0562 0x0bc4  C:\WINDOWS\system32\linkinfo.dll - ok
21:30:52.0578 0x0bc4  [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
21:30:52.0578 0x0bc4  C:\WINDOWS\system32\ntshrui.dll - ok
21:30:52.0578 0x0bc4  [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
21:30:52.0578 0x0bc4  C:\WINDOWS\system32\mlang.dll - ok
21:30:52.0578 0x0bc4  [ 4CE7F2EF945165FD681141EF6EA7B8C4, 2B7A1CCA5F1D4A1FC37C6F55421AA19D84C332A0CC4195DB0A7FFD4AB6C02272 ] C:\Program Files\Avira\My Avira\ServiceStack.Text.dll
21:30:52.0578 0x0bc4  C:\Program Files\Avira\My Avira\ServiceStack.Text.dll - ok
21:30:52.0578 0x0bc4  [ E8C66B9AD5EBD72D1A1CB63B33D79007, DD62B27D9C1116D5731CDAF100EF08049B9E35588D160258F5C50068CE1A8D6E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\3d105e94140b8c742ed50a2c6194394c\System.Data.Linq.ni.dll
21:30:52.0578 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\3d105e94140b8c742ed50a2c6194394c\System.Data.Linq.ni.dll - ok
21:30:52.0593 0x0bc4  [ 58EC3C662CBB3318A53B7E817FC7B751, 0F61430065E6B19E0F639691057E350A1E11932568BB9EDE0C3F7C410F0061B5 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a0204aa75b8665f3c674ff18eebbf13f\System.IdentityModel.ni.dll
21:30:52.0593 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a0204aa75b8665f3c674ff18eebbf13f\System.IdentityModel.ni.dll - ok
21:30:52.0593 0x0bc4  [ 77412987604826766E22B051AFCF8EAE, D0B3F70E53B9EEBF4875B76DD220CD8CE9A9EBED4838194E22EDF7151B3A67B3 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
21:30:52.0593 0x0bc4  C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll - ok
21:30:52.0593 0x0bc4  [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe
21:30:52.0593 0x0bc4  C:\WINDOWS\system32\verclsid.exe - ok
21:30:52.0593 0x0bc4  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{E548CA18-01D9-4D20-B00A-2A55CB0E8BBF}.tmp
21:30:52.0593 0x0bc4  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{E548CA18-01D9-4D20-B00A-2A55CB0E8BBF}.tmp - ok
21:30:52.0609 0x0bc4  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{4158FEBF-3263-498B-8B99-EC9D351DFDF6}.tmp
21:30:52.0609 0x0bc4  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{4158FEBF-3263-498B-8B99-EC9D351DFDF6}.tmp - ok
21:30:52.0609 0x0bc4  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{BD5A6EB4-10EB-45E6-B679-AEDE7F4515E9}.tmp
21:30:52.0609 0x0bc4  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{BD5A6EB4-10EB-45E6-B679-AEDE7F4515E9}.tmp - ok
21:30:52.0609 0x0bc4  [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll
21:30:52.0609 0x0bc4  C:\WINDOWS\system32\upnp.dll - ok
21:30:52.0625 0x0bc4  [ F90137A9897071EDE961A5ABA4EA524F, F3374B4ED84CCEC9F84339EB583001E15B56B1C548C0ADDB462764F6F4F1E884 ] C:\WINDOWS\ehome\ehtray.exe
21:30:52.0625 0x0bc4  C:\WINDOWS\ehome\ehtray.exe - ok
21:30:52.0625 0x0bc4  [ 9C3B2302B60FB0EFB13BC880A5E3E93E, 16F32AB74A57B521FF431F2C36609DE5F6ABE0DCD3111B4954471DEED700A66B ] C:\WINDOWS\system32\HdAShCut.exe
21:30:52.0625 0x0bc4  C:\WINDOWS\system32\HdAShCut.exe - ok
21:30:52.0625 0x0bc4  [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll
21:30:52.0625 0x0bc4  C:\WINDOWS\system32\ssdpapi.dll - ok
21:30:52.0625 0x0bc4  [ 409F6851BDAEC9ACCBDDE692D56D5C87, 22244B58BE2E80849D228679707FE6C0C73FDE0548E0EF29B3C3F82205D741CE ] C:\WINDOWS\system32\hkcmd.exe
21:30:52.0625 0x0bc4  C:\WINDOWS\system32\hkcmd.exe - ok
21:30:52.0640 0x0bc4  [ 2D838F01650A630AE7A78C864315FBDC, 74BEBB525374F90889A84682271CFB8E7E5F817B509CD3D45FDD9432A7A70461 ] C:\WINDOWS\system32\igfxpers.exe
21:30:52.0640 0x0bc4  C:\WINDOWS\system32\igfxpers.exe - ok
21:30:52.0640 0x0bc4  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{DFE95153-3E33-40CB-B43D-4CE7A92587E3}.tmp
21:30:52.0640 0x0bc4  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{DFE95153-3E33-40CB-B43D-4CE7A92587E3}.tmp - ok
21:30:52.0640 0x0bc4  [ 4F113169A2DE985D043A5530987AD6D0, 13804396E930DAFEF342FB179A02C93F4C99A177A2E145E933723FA382763E96 ] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
21:30:52.0640 0x0bc4  C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe - ok
21:30:52.0640 0x0bc4  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
21:30:52.0640 0x0bc4  C:\WINDOWS\system32\drivers\cdfs.sys - ok
21:30:52.0656 0x0bc4  [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
21:30:52.0656 0x0bc4  C:\WINDOWS\system32\netcfgx.dll - ok
21:30:52.0656 0x0bc4  [ CC8915DB4E33E8FB29CA0D2DBF75306E, 6319C0580FFDA989A2726814667C330F6A5C864D34B8C87645DD5A98E7A2C7FB ] C:\WINDOWS\system32\webcheck.dll
21:30:52.0656 0x0bc4  C:\WINDOWS\system32\webcheck.dll - ok
21:30:52.0656 0x0bc4  [ 25FA7A6A8E081EAC69CABFD13297A5D0, 18F97CBE023F31DA7E0CF3C618846FC6DE51E0D0C96C3E15DCE69070F7AC6F7B ] C:\WINDOWS\system32\HdAudRes.dll
21:30:52.0656 0x0bc4  C:\WINDOWS\system32\HdAudRes.dll - ok
21:30:52.0671 0x0bc4  [ F7B1C8EBF40CDE03356CADFF0B3EB4FE, 608A4C5C5144EEDAD6426C190CD5DDA702D6D4C67AF058D21155FC1DFD7AAD8D ] C:\WINDOWS\system32\hccutils.dll
21:30:52.0671 0x0bc4  C:\WINDOWS\system32\hccutils.dll - ok
21:30:52.0671 0x0bc4  [ 8FED1E0A491D4990853D23F21C59C730, 4BA6C93BFD43BAEB852B5CB9129522C97DDB542D7EF8EE34AECD8CDF1BF0FC38 ] C:\WINDOWS\system32\advpack.dll
21:30:52.0671 0x0bc4  C:\WINDOWS\system32\advpack.dll - ok
21:30:52.0671 0x0bc4  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{B98EED81-E081-4888-A025-035D1D844E12}.tmp
21:30:52.0671 0x0bc4  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{B98EED81-E081-4888-A025-035D1D844E12}.tmp - ok
21:30:52.0671 0x0bc4  [ 50512FC9B7878E3C2C147BC17326A7DB, 670006280CA98213C3A23B442615FD729C83953795619360F9D2988E56A602D7 ] C:\WINDOWS\system32\stobject.dll
21:30:52.0671 0x0bc4  C:\WINDOWS\system32\stobject.dll - ok
21:30:52.0687 0x0bc4  [ 231A0B0E3BA7ABFE469A8262FAA1FD71, 76F8AE2680438B279081EDFC2728E3785736E82A5C6396AA705BFFFF5C361294 ] C:\WINDOWS\system32\batmeter.dll
21:30:52.0687 0x0bc4  C:\WINDOWS\system32\batmeter.dll - ok
21:30:52.0687 0x0bc4  [ 30A086BA3520555B718E77763B1C52C0, 4F121DF4C11CFA53AE5AA4443811FDC12B9490A9E2CFF15B51944F830DA34A05 ] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
21:30:52.0687 0x0bc4  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe - ok
21:30:52.0687 0x0bc4  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{DD1B4C3A-352C-45EA-B9EF-71DA78510016}.tmp
21:30:52.0687 0x0bc4  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{DD1B4C3A-352C-45EA-B9EF-71DA78510016}.tmp - ok
21:30:52.0703 0x0bc4  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{2DD54037-46EC-4577-989C-B3CA08F8528E}.tmp
21:30:52.0703 0x0bc4  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{2DD54037-46EC-4577-989C-B3CA08F8528E}.tmp - ok
21:30:52.0703 0x0bc4  [ 4ABC3BFA7F63BA5A48450D89E83BB370, 8393CD77357D724D1408E31B46E7836DAFD2C5596A3883B1F27A50E00B82F746 ] C:\WINDOWS\system32\igfxsrvc.exe
21:30:52.0703 0x0bc4  C:\WINDOWS\system32\igfxsrvc.exe - ok
21:30:52.0703 0x0bc4  [ 6380625DD0480ED60960A149A087C848, 50D920A3184B431246B38066FB6D6452C90294FCCEB8E2F1F1B7A2743E6C1106 ] C:\hp\bin\cloaker.exe
21:30:52.0703 0x0bc4  C:\hp\bin\cloaker.exe - ok
21:30:52.0703 0x0bc4  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{94AC25AC-903A-47E6-9F66-1501411B5B0C}.tmp
21:30:52.0703 0x0bc4  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{94AC25AC-903A-47E6-9F66-1501411B5B0C}.tmp - ok
21:30:52.0718 0x0bc4  [ 5FD441FA69B135B8891EBF8F2F8631B7, 6827D7F5648E838E60D18304B2B2019CCBA18C9772FDFB2835BB99F4652A1B3F ] C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe
21:30:52.0718 0x0bc4  C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe - ok
21:30:52.0718 0x0bc4  [ 00D74959943FE92356CA918CD6167681, 37DE0D47F82CD99875D479193BC4309487D4E0B10F402E24AC76FB97E34CFC05 ] C:\WINDOWS\system32\igfxsrvc.dll
21:30:52.0718 0x0bc4  C:\WINDOWS\system32\igfxsrvc.dll - ok
21:30:52.0718 0x0bc4  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\HP\HP Software Update\hpwuschd2.exe
21:30:52.0718 0x0bc4  C:\Program Files\HP\HP Software Update\hpwuschd2.exe - ok
21:30:52.0718 0x0bc4  [ AB6903C307E5EDD6EF6437351FBE60FA, C319780910A1FD0461EF2F3C697DE43C6330B5FCDC07EB6E378573BF11026C54 ] C:\WINDOWS\system32\igfxdev.dll
21:30:52.0718 0x0bc4  C:\WINDOWS\system32\igfxdev.dll - ok
21:30:52.0734 0x0bc4  [ D09A5F5C4DBD5D4DFF09AB1A69812062, 2282EEA1AAD234A773C46FEA1EF4330E8320FC240BE3E2F5A38C3DF4F09CA947 ] C:\Program Files\Common Files\Real\Update_OB\realsched.exe
21:30:52.0734 0x0bc4  C:\Program Files\Common Files\Real\Update_OB\realsched.exe - ok
21:30:52.0734 0x0bc4  [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
21:30:52.0734 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\avgnt.exe - ok
21:30:52.0734 0x0bc4  [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
21:30:52.0734 0x0bc4  C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
21:30:52.0734 0x0bc4  [ 91833A460FF0E87071A806B622A658EC, 8552707696456C4304D1CDBB0F53F61DE1B5D72F438A0C1AF6CBF388A8E2E00F ] C:\WINDOWS\system32\igfxres.dll
21:30:52.0734 0x0bc4  C:\WINDOWS\system32\igfxres.dll - ok
21:30:52.0750 0x0bc4  [ 33CCE186D73E6EDE49F69ED0B5402372, 067EE34395E57275B5359DB165D96C1DA6E56F2D8BEF5B0F021B59E8377D11A4 ] C:\Program Files\KeyScrambler\KeyScrambler.exe
21:30:52.0750 0x0bc4  C:\Program Files\KeyScrambler\KeyScrambler.exe - ok
21:30:52.0750 0x0bc4  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{DCBF5A4F-2CA1-4D0C-88AD-4B22ECE0794F}.tmp
21:30:52.0750 0x0bc4  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{DCBF5A4F-2CA1-4D0C-88AD-4B22ECE0794F}.tmp - ok
21:30:52.0750 0x0bc4  [ F4F2A4C459DD3AA22DD3984D13B15746, C2D0E285E2333A9C620BE04A5747881AF0D5615DA32226886E659FF31A9761CC ] C:\Program Files\Avira\AntiVir Desktop\mfc120u.dll
21:30:52.0750 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\mfc120u.dll - ok
21:30:52.0765 0x0bc4  [ 845EB283583BD3C89F09636A10114EF3, BCB3002B867052FB381B1E44D31E381200751E1AD3F991EB4233B73E3E034A0E ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
21:30:52.0765 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe - ok
21:30:52.0765 0x0bc4  [ 3706642E75B5AAB16A9CAC0287AF5F7D, A85A2D015C7CB01947658A69E937AD58CCED499F8DF7CB8277974CD4D9CEA0A3 ] C:\Program Files\Common Files\LightScribe\LSCAPI.dll
21:30:52.0765 0x0bc4  C:\Program Files\Common Files\LightScribe\LSCAPI.dll - ok
21:30:52.0765 0x0bc4  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{391014FF-258A-4B83-9155-ADB2959D5014}.tmp
21:30:52.0765 0x0bc4  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{DED57FA9-A6D8-43AB-9E02-F4F2AB512663}\{391014FF-258A-4B83-9155-ADB2959D5014}.tmp - ok
21:30:52.0765 0x0bc4  [ 3690C710787D2E44F183DC70BD66290C, 728E327A87C03C09D556FD99F9733685663AE6CB57A378C7196E49EB0D57E256 ] C:\Program Files\Common Files\LightScribe\LSLog.dll
21:30:52.0765 0x0bc4  C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
21:30:52.0781 0x0bc4  [ 99D433325398CFCCCADB34BE48EE12B3, CDE9395DCC16B8AED5976C55EEB3284388CE0FD5807ADAAED94E6DF106FCF48D ] C:\Program Files\KeyScrambler\KeyScramblerIE.dll
21:30:52.0781 0x0bc4  C:\Program Files\KeyScrambler\KeyScramblerIE.dll - ok
21:30:52.0781 0x0bc4  [ 6CA9C9C471D384698945E2B9CAAB294E, 589332CB15AD023879342803F4F805B7D7F99E394EE092BB23B3D87FF3B6776D ] C:\Program Files\Common Files\LightScribe\LSPrtEn.dll
21:30:52.0781 0x0bc4  C:\Program Files\Common Files\LightScribe\LSPrtEn.dll - ok
21:30:52.0781 0x0bc4  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
21:30:52.0781 0x0bc4  C:\WINDOWS\system32\ctfmon.exe - ok
21:30:52.0781 0x0bc4  [ 9BA7143CA1769BFE8A5FC03F523F2EE5, 2323CBBF3FB32E946D274E9B1532253BFB0918D3B816A8193C603A0F8315B67A ] C:\Program Files\Sandboxie\SbieCtrl.exe
21:30:52.0781 0x0bc4  C:\Program Files\Sandboxie\SbieCtrl.exe - ok
21:30:52.0796 0x0bc4  [ 51D54AF343D536E7130DFEADB5372AFE, CDEFE063D2B1302D6A7633247113E4002080A94977323EC709A46772C5DBFC4B ] C:\Program Files\Common Files\LightScribe\LSDrComm.dll
21:30:52.0796 0x0bc4  C:\Program Files\Common Files\LightScribe\LSDrComm.dll - ok
21:30:52.0796 0x0bc4  [ 4446045B7F00482AC9FC3A03D271FF12, 3BF25F7C773AB9DA126EC2E5C94F190DC8F9ECA66CF34001F825F2291F1C2421 ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
21:30:52.0796 0x0bc4  C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
21:30:52.0796 0x0bc4  [ F6FAEC07446A78A9C5AF4558FF5BD118, 9291106F6666913DB6D18943D255D60F77CCDB5A46BD4C100A5E80D40D6927D9 ] C:\WINDOWS\ime\sptip.dll
21:30:52.0796 0x0bc4  C:\WINDOWS\ime\sptip.dll - ok
21:30:52.0796 0x0bc4  [ DC3078BA1B58562416C843582A42284C, 3A4EEC80B48F238CB79B8AEB8DF269313146BA93059EA648CD2A3E7EE9E27730 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
21:30:52.0796 0x0bc4  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
21:30:52.0812 0x0bc4  [ 4302BC97050BAED0910AABAF6F1486B2, D46BE895FC9F0663057082153B1AB794522922C871E245297946E68812156F35 ] C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll
21:30:52.0812 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll - ok
21:30:52.0812 0x0bc4  [ 88BEEF09C654252F3E46B6167B7F4ECB, 94A78D2D709AEED74BA1C29D00CFD55EF68A95764C067B470E1C19C376F32478 ] C:\WINDOWS\system32\msisip.dll
21:30:52.0812 0x0bc4  C:\WINDOWS\system32\msisip.dll - ok
21:30:52.0812 0x0bc4  [ FC2C8378D9084EB638741F8CE9921266, 71E0DD48686C0A7E48C9760715296D6495C7B08E30637078F886C6F55AFFB67C ] C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
21:30:52.0812 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\rcimage.dll - ok
21:30:52.0812 0x0bc4  [ 818DD7B94AF1CF471DA45FBF71513C03, CBEDCB2FACB4B304A6006EBC4E948E327A27890E29B6A36CA00DF8F9A300CD53 ] C:\PROGRA~1\COMMON~1\System\MSMAPI\1033\MSMAPI32.DLL
21:30:52.0812 0x0bc4  C:\PROGRA~1\COMMON~1\System\MSMAPI\1033\MSMAPI32.DLL - ok
21:30:52.0828 0x0bc4  [ 3A6D465F379E5C815F4AD565391E654C, EE40580ED71282B1D5D95752DD843DCC30689196B22051AF8CDF6127B985411E ] C:\WINDOWS\system32\wshext.dll
21:30:52.0828 0x0bc4  C:\WINDOWS\system32\wshext.dll - ok
21:30:52.0828 0x0bc4  [ 7429F12C27441F3E5AE57234003C0345, 28E664701086B47A5342DCFEB8A80F57AA8EFE5743B8E42A24FEB2C5D88527C5 ] C:\Program Files\Avira\My Avira\Avira.OE.MiniGui.dll
21:30:52.0828 0x0bc4  C:\Program Files\Avira\My Avira\Avira.OE.MiniGui.dll - ok
21:30:52.0828 0x0bc4  [ F0B0D86C7E5CE1781BB92F300169A257, 9BA533D02C86135EB9B3579E4B15602B7ABECCCEC142B3C7A115C7DBE8A90D96 ] C:\PROGRA~1\MI1933~1\OFFICE11\MCPS.DLL
21:30:52.0828 0x0bc4  C:\PROGRA~1\MI1933~1\OFFICE11\MCPS.DLL - ok
21:30:52.0828 0x0bc4  [ 86B41752ECFEDDEC56DB718CC2324163, 35929CE2869E8720F7B69E2FE6294FF37A91768345740A2BCE04A4E08AA2A000 ] C:\Program Files\Avira\AntiVir Desktop\ccguard.dll
21:30:52.0828 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccguard.dll - ok
21:30:52.0843 0x0bc4  [ 5597D0075861CB0A6E6087752D205C0D, 3F3FAC1FDC2934D3565F0AE94F547572E6DEAE83021E069978AAF13FB8A47AC8 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
21:30:52.0843 0x0bc4  C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - ok
21:30:52.0843 0x0bc4  [ CBCDA25B76B570A8252644594EDF3BE9, 7D3BEEF96402202D853323341C573C2B3F37EB2C52C8BCE3B15D07019A048B1F ] C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
21:30:52.0843 0x0bc4  C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe - ok
21:30:52.0843 0x0bc4  [ EA99B12613E5909526123EEC64D6ABDC, 1472B095FD344D666C0BC3219384998E861F3DC5673D702D80F8B691147858BC ] C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll
21:30:52.0843 0x0bc4  C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll - ok
21:30:52.0859 0x0bc4  [ 29ECDA17BA5E6D98430F698587569ACC, 9C37D92CCBED1F9ED4E585F98E7FB17C6AD083712B078ABCB40476310BCDB7F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll
21:30:52.0859 0x0bc4  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll - ok
21:30:52.0859 0x0bc4  [ 82E047AC9DCFA908F169EBB20C157198, E70F10B58F79D76DBCC7B81559729CD3E02CB915F8709C9FBF6C76095FCF8B93 ] C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll
21:30:52.0859 0x0bc4  C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll - ok
21:30:52.0859 0x0bc4  [ 149844639A31AD0D97A8B8A10FDC1FAA, 388F1F6D9D25F52C2816812184E7FE0C3AB6B14038127E3E9CBF83B202CF4B20 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\backweb.dll
21:30:52.0859 0x0bc4  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\backweb.dll - ok
21:30:52.0859 0x0bc4  [ 972297BAE5220EB376E52839BAE013B0, 89B28E407D1A9F5E29AAA74113E77CCEB8FBD4EF9AE3BF91170BAE6C8BE2C362 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc
21:30:52.0859 0x0bc4  C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc - ok
21:30:52.0875 0x0bc4  [ 621D873625B55315D248204E6588BA2D, A1DC8E9F539616C654733D8998D5020FB7D473939D5BC0A61B38D27883147077 ] C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll
21:30:52.0875 0x0bc4  C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll - ok
21:30:52.0875 0x0bc4  [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\WINDOWS\system32\msvcr100.dll
21:30:52.0875 0x0bc4  C:\WINDOWS\system32\msvcr100.dll - ok
21:30:52.0875 0x0bc4  [ 251C11444F614DE5FA47ECF7275E7BF1, 3DEDFFBAA82C9E83565F689F352E9CAE92C3CB8ED66179E4ABF8A5385DB2EF76 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSO.DLL
21:30:52.0875 0x0bc4  C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSO.DLL - ok
21:30:52.0875 0x0bc4  [ 9A1CF65F3A8BA6EF4D0CAB69E6440F42, F019F0E6F56FEC91405CF20A5807923E8BB02FF0712327D3ED4A9F1B8148C02D ] C:\Program Files\Avira\AntiVir Desktop\ccgrdrc.dll
21:30:52.0875 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccgrdrc.dll - ok
21:30:52.0890 0x0bc4  [ 1C22A3866112ED41E1F3684DAE9AD5D2, 621989160B8DCE383242FA844CA63557F7BCD4520335E7EA1AF85E7720A760CA ] C:\WINDOWS\system32\mmcshext.dll
21:30:52.0890 0x0bc4  C:\WINDOWS\system32\mmcshext.dll - ok
21:30:52.0890 0x0bc4  [ 64F8C18051496AE85F923A9B59EA28E5, A1D0BD22A175611F8523E4D51A709BCD32CFDDC0B4D4D3C78EEE7F586741EA75 ] C:\Program Files\Avira\AntiVir Desktop\ccgrdw.dll
21:30:52.0890 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccgrdw.dll - ok
21:30:52.0890 0x0bc4  [ D3E868700D9B5E3C54B7EED060215CC1, C066B0E63815018D6D345CE5DABD443C5CDA73200601FB51F67C602A4133A2C5 ] C:\WINDOWS\system32\hhsetup.dll
21:30:52.0890 0x0bc4  C:\WINDOWS\system32\hhsetup.dll - ok
21:30:52.0890 0x0bc4  [ F32077DF74EFD435A1DCDF415E189DF1, 24BB6838DEFD491DF5460A88BED2D70B903A2156C49FB63E214E2C77251ECA71 ] C:\WINDOWS\system32\mfc100u.dll
21:30:52.0890 0x0bc4  C:\WINDOWS\system32\mfc100u.dll - ok
21:30:52.0906 0x0bc4  [ 0E21535E9BC633AD345BC0F4D2249B33, C587DC9FB5B3BF97EFD5D4FD317A387C0536FF3EFDA6225A90D477493989CAE3 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwsec.dll
21:30:52.0906 0x0bc4  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwsec.dll - ok
21:30:52.0906 0x0bc4  [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
21:30:52.0906 0x0bc4  C:\WINDOWS\system32\drprov.dll - ok
21:30:52.0906 0x0bc4  [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
21:30:52.0906 0x0bc4  C:\WINDOWS\system32\ntlanman.dll - ok
21:30:52.0921 0x0bc4  [ A12BAA38CE07B522671678500D035D40, DA671948FF593DBF7F95EA1DC25091310E67A0B75920B5433DEFB937B5612B77 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\clntutil.dll
21:30:52.0921 0x0bc4  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\clntutil.dll - ok
21:30:52.0921 0x0bc4  [ 76848CB1AA5818DB47D5F5986E0A7485, 03BAB6981C6F447E41B78A96187FA619E4755C2101FF1A0B2ABF111BE53D9F92 ] C:\WINDOWS\system32\mfc42.dll
21:30:52.0921 0x0bc4  C:\WINDOWS\system32\mfc42.dll - ok
21:30:52.0921 0x0bc4  [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
21:30:52.0921 0x0bc4  C:\WINDOWS\system32\netui0.dll - ok
21:30:52.0921 0x0bc4  [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
21:30:52.0921 0x0bc4  C:\WINDOWS\system32\netui1.dll - ok
21:30:52.0937 0x0bc4  [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
21:30:52.0937 0x0bc4  C:\WINDOWS\system32\davclnt.dll - ok
21:30:52.0937 0x0bc4  [ D2DB004254624AA3A22ACF31597C3163, 10D9C7C541C03DE12110F17A87A6CDD693C220841ED54AB74E28FCB3E578FE8F ] C:\Program Files\Avira\AntiVir Desktop\ccwgrd.dll
21:30:52.0937 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccwgrd.dll - ok
21:30:52.0937 0x0bc4  [ CD81D51CBFD4DC6540340F761BB2E6B6, 9B28A7849DD8DE5A7E8FF90EEEBB945C57F151C49E17AC0C94740BA7990922BE ] C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\EN\ClientRc.dll
21:30:52.0937 0x0bc4  C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\EN\ClientRc.dll - ok
21:30:52.0937 0x0bc4  [ 98E53CA00D3C0A2E9FAA4E59C101AEBA, 9A6F978C0F1907915309F29FC2404910C3C7E205040C2B108685429E69625BD2 ] C:\WINDOWS\system32\mslbui.dll
21:30:52.0937 0x0bc4  C:\WINDOWS\system32\mslbui.dll - ok
21:30:52.0953 0x0bc4  [ 151EF98E3178FB87D343F796537787B4, 6B7B9EF9E3B05C5EB9986F0704B284C8C57A343736A83B9B2FB7F9B4354189FB ] C:\Program Files\HP\Digital Imaging\Unload\hpiCamTA.dll
21:30:52.0953 0x0bc4  C:\Program Files\HP\Digital Imaging\Unload\hpiCamTA.dll - ok
21:30:52.0953 0x0bc4  [ F35A584E947A5B401FEB0FE01DB4A0D7, 4DA5EFDC46D126B45DAEEE8BC69C0BA2AA243589046B7DFD12A7E21B9BEE6A32 ] C:\WINDOWS\system32\mfc71.dll
21:30:52.0953 0x0bc4  C:\WINDOWS\system32\mfc71.dll - ok
21:30:52.0953 0x0bc4  [ 303A63F4B913AA5D8998161CB77A8CE7, 0CE864B852E32F803754DD8827120F717D55E531E4F2BC87ECEB005F30356333 ] C:\WINDOWS\system32\feclient.dll
21:30:52.0953 0x0bc4  C:\WINDOWS\system32\feclient.dll - ok
21:30:52.0953 0x0bc4  [ A0DCA15E72425DC64C0D1E281BF45E9A, E3DF94F1011607C8B1B76FD9997ADAF57CEAFA59E4956E5187FB430B67B07489 ] C:\Program Files\Avira\AntiVir Desktop\ccwgrdrc.dll
21:30:52.0953 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
21:30:52.0968 0x0bc4  [ B4459D13473D07FCB43365C02732DE16, 0BCF7FB94533E1C3851874879538CD2476838BBCD18F21FFB9807C294F4289FB ] C:\WINDOWS\system32\pschdprf.dll
21:30:52.0968 0x0bc4  C:\WINDOWS\system32\pschdprf.dll - ok
21:30:52.0968 0x0bc4  [ 8BCD11D38FCE43A519246A91CC40DE6A, 981EE4B29FDE6DB58FAA17BCCA66DB8143D693D91A00B7519F01ABBAE11AA580 ] C:\WINDOWS\system32\security.dll
21:30:52.0968 0x0bc4  C:\WINDOWS\system32\security.dll - ok
21:30:52.0968 0x0bc4  [ 03A02D5A2D50198BDF6C62AF209438D0, 7A2577BB31B937436689EB8E3F415F71D3744209EFFC110C9B12C42025F36C88 ] C:\WINDOWS\system32\msxml3.dll
21:30:52.0968 0x0bc4  C:\WINDOWS\system32\msxml3.dll - ok
21:30:52.0984 0x0bc4  [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\WINDOWS\system32\msvcr71.dll
21:30:52.0984 0x0bc4  C:\WINDOWS\system32\msvcr71.dll - ok
21:30:52.0984 0x0bc4  [ 1F3A82333046F4B97B2BB148ABF38D54, DED83E1F40314D546E858DCBA4CDC483E39EE45A5CABEF7691F0D0C0C0051D18 ] C:\WINDOWS\system32\traffic.dll
21:30:52.0984 0x0bc4  C:\WINDOWS\system32\traffic.dll - ok
21:30:52.0984 0x0bc4  [ 6AF0D1E15E9C0DA848619C30CE1F41F7, 8ADBCF62D44390F30CA52C0B7B6626B70D077BBD1EAC6A7D1E3623461615FFD4 ] C:\Program Files\Avira\AntiVir Desktop\ccwgrdw.dll
21:30:52.0984 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccwgrdw.dll - ok
21:30:52.0984 0x0bc4  [ FB5B302976F30D11F7DB310C5BBA6710, 8078909AA102A51081AE6005E681110D22A9B74093F7E2D75FD3EE691384561C ] C:\Program Files\Avira\AntiVir Desktop\avbb.dll
21:30:52.0984 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\avbb.dll - ok
21:30:53.0000 0x0bc4  [ F9DD799E07ED5028DB2F1FFEA72C9357, FD8B46EDF7DB4B08EEB1C4D26F9438F9F69F3F70F3FB7F53A79023446C397038 ] C:\WINDOWS\system32\rsvpperf.dll
21:30:53.0000 0x0bc4  C:\WINDOWS\system32\rsvpperf.dll - ok
21:30:53.0000 0x0bc4  [ 2F3BBB26EF3B6A918786F98ACD4E4A0E, 872A892F72AB44A6E72D3413588A0EEA6E7C008DC12B8380D81617035E026184 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\Cpuinf32.dll
21:30:53.0000 0x0bc4  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\Cpuinf32.dll - ok
21:30:53.0000 0x0bc4  [ 514C579E7AC0F6F7C968A3860CFE20CD, 21C7E7373929A93FA89837D25428855B556248EF963EFC0B0A8939566B2B0610 ] C:\Program Files\Avira\AntiVir Desktop\ccfwmgt.dll
21:30:53.0000 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccfwmgt.dll - ok
21:30:53.0000 0x0bc4  [ 8779099E892C0750321741BB2038BE9F, CDB634D5ACE218199A719D365DC154AE1DD3491CF6469AED4C7B85DC8DF479E5 ] C:\Program Files\Updates from HP\9972322\Program\BWfiles-9972322.dll
21:30:53.0000 0x0bc4  C:\Program Files\Updates from HP\9972322\Program\BWfiles-9972322.dll - ok
21:30:53.0015 0x0bc4  [ 6951B89B4F591AA694048A6CD0E5224A, C055C54286AE406143F4F9102CAFC32CC684F076FA0F13717CD87FFAD4B6BA4F ] C:\WINDOWS\system32\tapiperf.dll
21:30:53.0015 0x0bc4  C:\WINDOWS\system32\tapiperf.dll - ok
21:30:53.0015 0x0bc4  [ 8B89AFFB35202B8F15A927DC1169F850, 4036BE2EB21DD98906F2586BCC977F02E328BE9FB0DB1CCAC37E21E7D9140D18 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwfiles.dll
21:30:53.0015 0x0bc4  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwfiles.dll - ok
21:30:53.0015 0x0bc4  [ 8F2097E8B174F38178570C611464935F, 3F25E7B097B65EAF82A6D5B58646DFF38CA19347664F40C2B8A409B9D6939457 ] C:\WINDOWS\system32\atl71.dll
21:30:53.0015 0x0bc4  C:\WINDOWS\system32\atl71.dll - ok
21:30:53.0031 0x0bc4  [ F908FE45F8FE9E0D4CBE65F9FF5DF6DA, 6FEC7C478F790D0EDCC4F0EFB2594A64878AC8FC8878B03F3611311C920E29BE ] C:\WINDOWS\system32\mfc100enu.dll
21:30:53.0031 0x0bc4  C:\WINDOWS\system32\mfc100enu.dll - ok
21:30:53.0031 0x0bc4  [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\WINDOWS\system32\msvcp71.dll
21:30:53.0031 0x0bc4  C:\WINDOWS\system32\msvcp71.dll - ok
21:30:53.0031 0x0bc4  [ 01377B4FE851FD151045FC348D045380, 3AA7DC3F5AAB8090C97BEEEDA412304AE82CFCE752C55F8385D6862D3DD65F51 ] C:\Program Files\Avira\AntiVir Desktop\ccfwmgtrc.dll
21:30:53.0031 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccfwmgtrc.dll - ok
21:30:53.0031 0x0bc4  [ 909EFA2D854AF25D1164BD5B02065FCE, 883F9116B1A9FF546F0C60E44CFA2C68C81893700294E9A2E9A1909AF42D9522 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll
21:30:53.0031 0x0bc4  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll - ok
21:30:53.0046 0x0bc4  [ 770CC9B961CEDBE8CAF171AAB05AB798, AD36C0BED0202BABDFDCAC9F51B9E746C0F0DF333C990A1CDFF5D99730D783DA ] C:\Program Files\Avira\AntiVir Desktop\firewall.dll
21:30:53.0046 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\firewall.dll - ok
21:30:53.0046 0x0bc4  [ 91686111F7C9E73521C3FC4A74B656B4, C4D44A2962F47C524D698DF265C80E50FD1602EB65658A9E07A4CE8FAF7BBCD5 ] C:\Program Files\Avira\AntiVir Desktop\gpavgio.dll
21:30:53.0046 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\gpavgio.dll - ok
21:30:53.0046 0x0bc4  [ 63E8D944AFBEEBB243F25C4ED07E74C5, 848AEE9975218939F7EB2C3548EA6AE235C54B1B2E2AF6835A034976A0CFDD28 ] C:\WINDOWS\system32\inetmib1.dll
21:30:53.0046 0x0bc4  C:\WINDOWS\system32\inetmib1.dll - ok
21:30:53.0046 0x0bc4  [ 8779099E892C0750321741BB2038BE9F, CDB634D5ACE218199A719D365DC154AE1DD3491CF6469AED4C7B85DC8DF479E5 ] C:\Program Files\Updates from HP\9972322\Program\frext-9972322.dll
21:30:53.0046 0x0bc4  C:\Program Files\Updates from HP\9972322\Program\frext-9972322.dll - ok
21:30:53.0062 0x0bc4  [ 29AED649F05213A527E5F62967DBBA41, 8F987B165433308CEA2D75685ED99E5E66E11A6264BA1F2508FD609713055B4C ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrExt.dll
21:30:53.0062 0x0bc4  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrExt.dll - ok
21:30:53.0062 0x0bc4  [ 99616874F4133627E86354730F193076, BCB19AC3F6D5683BDC6F105B664F23741ED541AE8C99F7A1EEF47B1B721C1879 ] C:\Program Files\Updates from HP\9972322\Program\HPClientExt.dll
21:30:53.0062 0x0bc4  C:\Program Files\Updates from HP\9972322\Program\HPClientExt.dll - ok
21:30:53.0062 0x0bc4  [ F555BF4139A8F2BD3A832A13A3BFDC39, 5992138276C6AAD9252A072487475856A14187C584A05143356FF95C4940FFB4 ] C:\Program Files\Updates from HP\9972322\Program\NewProbe.exe
21:30:53.0062 0x0bc4  C:\Program Files\Updates from HP\9972322\Program\NewProbe.exe - ok
21:30:53.0062 0x0bc4  [ 8779099E892C0750321741BB2038BE9F, CDB634D5ACE218199A719D365DC154AE1DD3491CF6469AED4C7B85DC8DF479E5 ] C:\Program Files\Updates from HP\9972322\Program\frcom-9972322.dll
21:30:53.0062 0x0bc4  C:\Program Files\Updates from HP\9972322\Program\frcom-9972322.dll - ok
21:30:53.0078 0x0bc4  [ 148387ECAED73B2172CA098DB13F322C, 08ACB7A88165E7607C562375792DD02E875D0FE27791F42C62C96D9F78C32C76 ] C:\Program Files\Avira\AntiVir Desktop\avgio.dll
21:30:53.0078 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\avgio.dll - ok
21:30:53.0078 0x0bc4  [ 9DF35470215CC872926B470D110F1A64, E909963E512E001843EBFF8D48A319A7AC4FBB260CF402CED6193D02E6DABB52 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrCom.dll
21:30:53.0078 0x0bc4  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrCom.dll - ok
21:30:53.0078 0x0bc4  [ 38335104279A7ACA5B3FBDF1173D6D35, 17E6AAF2072ADEB2C148FCCA2B15579DC7B90662A9886A2EB3D402232D897B67 ] C:\Program Files\Avira\AntiVir Desktop\ccgen.dll
21:30:53.0078 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccgen.dll - ok
21:30:53.0078 0x0bc4  [ BAF751E7061FF626AA60F56D1D5D1FDC, 177B0BAC987E7882449BD7C5900406F61A997F97EA1797614C8D86F40F03648B ] C:\WINDOWS\system32\MFC71ENU.DLL
21:30:53.0078 0x0bc4  C:\WINDOWS\system32\MFC71ENU.DLL - ok
21:30:53.0093 0x0bc4  [ 5D43C9A33F18C707BA169AFDA88BDF30, 6796891360B4731B4F165300BD9FAC9A2A4C54E8CFF86DEC8036D3765AE4D9A3 ] C:\WINDOWS\system32\fltlib.dll
21:30:53.0093 0x0bc4  C:\WINDOWS\system32\fltlib.dll - ok
21:30:53.0093 0x0bc4  [ 44E7202218861ACFC8D13092123ABE1D, B4C90807236913C841C94082B380EE68F35A3A9889B96AD6FD2B0BCA7D3B583E ] C:\Program Files\Avira\AntiVir Desktop\avesvc.dll
21:30:53.0093 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\avesvc.dll - ok
21:30:53.0093 0x0bc4  [ A00885BFA65E4B1A77C6211488EB57B9, B6BFCE2DF5B37AF69F3D360A1D916F09A6E94AA7E10DB297D7E35FFE7E61E9AD ] C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\EN\frcomRc.dll
21:30:53.0093 0x0bc4  C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\EN\frcomRc.dll - ok
21:30:53.0109 0x0bc4  [ E49D13C53D51F6E8E1FFEF175A320AD7, B2C68F99AB81A6151F3D94F9B43B54612763EC8A61123A4050FB8864B36A0221 ] C:\Program Files\HP\Digital Imaging\Unload\hpqunres.dll
21:30:53.0109 0x0bc4  C:\Program Files\HP\Digital Imaging\Unload\hpqunres.dll - ok
21:30:53.0109 0x0bc4  [ 0EACC6582BD6791F2F2602149601B461, B69ED5F9C05B113D227EF6A595BB20148FD7F7AE7D442D073AFD80AB2C330E43 ] C:\Program Files\Avira\AntiVir Desktop\gpsauth.dll
21:30:53.0109 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\gpsauth.dll - ok
21:30:53.0109 0x0bc4  [ 4321C84A16BAD00E361AAA70E0F77F4D, C6AF0F35A1D551290967FBD74EE89D27E0AA0C3DF0E95BBD393653E02299D74B ] C:\Program Files\Avira\AntiVir Desktop\systemutilities.dll
21:30:53.0109 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\systemutilities.dll - ok
21:30:53.0109 0x0bc4  [ 93F099F941044EC67D9A81FCAF28FD82, B6D0060F23BDFC7719ABDF639AC4954B89B1B52A836FEFD1495BE4A29AE0190F ] C:\Program Files\Avira\AntiVir Desktop\ccgenrc.dll
21:30:53.0109 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccgenrc.dll - ok
21:30:53.0125 0x0bc4  [ 3B854E04EBF1EDE2E2D2B7F3CF25C4AF, 50BB41017FF9CDCC2AB5C831310C7DA6EB3F9F0EBB702B82B6F7CE8FF8E38731 ] C:\Program Files\Avira\AntiVir Desktop\ccupdate.dll
21:30:53.0125 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccupdate.dll - ok
21:30:53.0125 0x0bc4  [ 84E7E74E2F2E49C34D5985068A5AF4C1, F4974118D0B903477198993BA19BEA86EB013F1FA16882BB76A08D5BDA2BB763 ] C:\Program Files\Avira\AntiVir Desktop\productutilities.dll
21:30:53.0125 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\productutilities.dll - ok
21:30:53.0125 0x0bc4  [ F435FA32C12F6213B7F92C6F902BAD70, 84D9B21A661175932DD205CFC6A689B07A11A6711AE1A6FB2A13EAFCED0BACFA ] C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll
21:30:53.0125 0x0bc4  C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll - ok
21:30:53.0125 0x0bc4  [ 798A9E6828997EEF4517ADA8A2259831, 64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ] C:\WINDOWS\system32\wbem\wmiprvse.exe
21:30:53.0125 0x0bc4  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
21:30:53.0140 0x0bc4  [ B282DB2BFA4A4AB16C40E16B2AD69B65, 06E57065FC6BFAB1A7EC19763045CB7A2F76B3A6C898D08E15631DCD4A83BE0F ] C:\Program Files\Avira\AntiVir Desktop\ccupdrc.dll
21:30:53.0140 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccupdrc.dll - ok
21:30:53.0140 0x0bc4  [ 52BD9F2706D4BBA1746C56E61951E740, 1B4A231A2F3140A8EF4ABFB19CFA92D4E4140837BBFC651DB0373206C9B37894 ] C:\Program Files\Avira\AntiVir Desktop\cclic.dll
21:30:53.0140 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\cclic.dll - ok
21:30:53.0140 0x0bc4  [ AEA0B0AA26E4EA377D6A12B3B5D6F90F, 41A8788F349A3697F073F273A450FEB68C67DCF163D8168C56AD3FA6D26A590F ] C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll
21:30:53.0140 0x0bc4  C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll - ok
21:30:53.0140 0x0bc4  [ ECCD56D8FE7799B8A5E21697AC53A439, B49E2DEBBC14254E015D3B3AA44E529D299A0586A1B7AA145D3F7A1F49C20DFB ] C:\Program Files\Avira\AntiVir Desktop\win32apiwrapper.dll
21:30:53.0140 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\win32apiwrapper.dll - ok
21:30:53.0156 0x0bc4  [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll
21:30:53.0156 0x0bc4  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
21:30:53.0156 0x0bc4  [ 675FF7EC6C9305C5C30E88B916E83E75, 97AEEBEFD1E57969A410E431008A2BB8B7904F691CF2E3DE9FCBA227F9865E8A ] C:\Program Files\Avira\AntiVir Desktop\cclicrc.dll
21:30:53.0156 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\cclicrc.dll - ok
21:30:53.0156 0x0bc4  [ 633A529EBAEB78FF0F50A5A658600EB4, 5C0F92538D9F4FC332FBC8E7F58559671BDD824882EE66BA3BAC83C16AC3FCEF ] C:\Program Files\HP\Digital Imaging\bin\hphtra08.dll
21:30:53.0156 0x0bc4  C:\Program Files\HP\Digital Imaging\bin\hphtra08.dll - ok
21:30:53.0171 0x0bc4  [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll
21:30:53.0171 0x0bc4  C:\WINDOWS\system32\cfgmgr32.dll - ok
21:30:53.0171 0x0bc4  [ 3217C8BF9DD8D49C03307F3608474336, E7E98207FF3A2017DDEBC181E8F8C447F1F29BE1995C18DEFDC8A619A6A76610 ] C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll
21:30:53.0171 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll - ok
21:30:53.0171 0x0bc4  [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll
21:30:53.0171 0x0bc4  C:\WINDOWS\system32\wbem\framedyn.dll - ok
21:30:53.0171 0x0bc4  [ BDD9AD1A43AB5DA8E322109439D85F71, CC85774ED8ECDD4A89B125DD7F73B4DDC280742575211578224B9F89905978BF ] C:\Program Files\Avira\AntiVir Desktop\ccev.dll
21:30:53.0171 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccev.dll - ok
21:30:53.0187 0x0bc4  [ BCFF869EE9CA8BADC7E3637A96C64A71, 283A34643EB283EE3D220AEDC784973534F2E744F1C760866BBCD809D0840299 ] C:\Program Files\Avira\AntiVir Desktop\ccevrc.dll
21:30:53.0187 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccevrc.dll - ok
21:30:53.0187 0x0bc4  [ 4C7CE6459461B61EAD294EAF50AF3160, 1F9FCAC98B98C1AAEA5F0F50DB95D703C9F4DB48501E5637438368382BD4B22E ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll
21:30:53.0187 0x0bc4  C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll - ok
21:30:53.0187 0x0bc4  [ 05B1B94698939457571E4DCF96EDDF9B, B6A3462F92CA2F3FDAD2BC73B023D551F1BAFA0C15A3B1B44BDEF237974AB49B ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll
21:30:53.0187 0x0bc4  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll - ok
21:30:53.0187 0x0bc4  [ 6B21E28B105E47DF05E830A1A2816E6C, 1F013DC6F3C91F2DBB115587B2954D542452A02BB6BC0473B7F7F7F3E038A756 ] C:\Program Files\Avira\AntiVir Desktop\ccmsg.dll
21:30:53.0187 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccmsg.dll - ok
21:30:53.0203 0x0bc4  [ 1F7B23305F0D7CA120A3E65DEC21671F, E66618BBD95C1EF78F6BA732E3B8BFF5A7844AFA7359C8E69294251B6AB64BF1 ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc
21:30:53.0203 0x0bc4  C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc - ok
21:30:53.0203 0x0bc4  [ 29A4B763588E9D36B4E9B66F472968F4, D0B7724BAF44CEEFF2D14F082AEF884214B6E802290B932F439BEB2D61F4255B ] C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
21:30:53.0203 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\avshadow.exe - ok
21:30:53.0203 0x0bc4  [ D38BD2A40A156341DD23B18647725647, 98D4D97451A06598F3339136EDE2477693BB0B84855766A1C3CFD49A2E4DE75A ] C:\Program Files\Avira\AntiVir Desktop\ccmsgrc.dll
21:30:53.0203 0x0bc4  C:\Program Files\Avira\AntiVir Desktop\ccmsgrc.dll - ok
21:30:53.0203 0x0bc4  ================ Scan generic autorun ======================
21:30:53.0234 0x0bc4  [ F90137A9897071EDE961A5ABA4EA524F, F3374B4ED84CCEC9F84339EB583001E15B56B1C548C0ADDB462764F6F4F1E884 ] C:\WINDOWS\ehome\ehtray.exe
21:30:53.0296 0x0bc4  ehTray - ok
21:30:53.0343 0x0bc4  [ 9C3B2302B60FB0EFB13BC880A5E3E93E, 16F32AB74A57B521FF431F2C36609DE5F6ABE0DCD3111B4954471DEED700A66B ] C:\WINDOWS\system32\HDAShCut.exe
21:30:53.0375 0x0bc4  High Definition Audio Property Page Shortcut - ok
21:30:53.0421 0x0bc4  [ 409F6851BDAEC9ACCBDDE692D56D5C87, 22244B58BE2E80849D228679707FE6C0C73FDE0548E0EF29B3C3F82205D741CE ] C:\WINDOWS\system32\hkcmd.exe
21:30:53.0453 0x0bc4  HotKeysCmds - ok
21:30:53.0484 0x0bc4  [ 2D838F01650A630AE7A78C864315FBDC, 74BEBB525374F90889A84682271CFB8E7E5F817B509CD3D45FDD9432A7A70461 ] C:\WINDOWS\system32\igfxpers.exe
21:30:53.0515 0x0bc4  Persistence - ok
21:30:53.0593 0x0bc4  [ 4F113169A2DE985D043A5530987AD6D0, 13804396E930DAFEF342FB179A02C93F4C99A177A2E145E933723FA382763E96 ] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
21:30:53.0609 0x0bc4  HPHUPD08 - detected UnsignedFile.Multi.Generic ( 1 )
21:30:59.0078 0x0bc4  Detect skipped due to KSN trusted
21:30:59.0078 0x0bc4  HPHUPD08 - ok
21:30:59.0109 0x0bc4  [ 30A086BA3520555B718E77763B1C52C0, 4F121DF4C11CFA53AE5AA4443811FDC12B9490A9E2CFF15B51944F830DA34A05 ] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
21:30:59.0156 0x0bc4  HPBootOp - detected UnsignedFile.Multi.Generic ( 1 )
21:31:01.0875 0x0bc4  Detect skipped due to KSN trusted
21:31:01.0875 0x0bc4  HPBootOp - ok
21:31:01.0953 0x0bc4  [ 6380625DD0480ED60960A149A087C848, 50D920A3184B431246B38066FB6D6452C90294FCCEB8E2F1F1B7A2743E6C1106 ] c:\hp\bin\cloaker.exe
21:31:01.0984 0x0bc4  IcoSet - detected UnsignedFile.Multi.Generic ( 1 )
21:31:04.0437 0x0bc4  Detect skipped due to KSN trusted
21:31:04.0437 0x0bc4  IcoSet - ok
21:31:04.0515 0x0bc4  [ 5FD441FA69B135B8891EBF8F2F8631B7, 6827D7F5648E838E60D18304B2B2019CCBA18C9772FDFB2835BB99F4652A1B3F ] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
21:31:04.0562 0x0bc4  LSBWatcher - detected UnsignedFile.Multi.Generic ( 1 )
21:31:07.0000 0x0bc4  Detect skipped due to KSN trusted
21:31:07.0000 0x0bc4  LSBWatcher - ok
21:31:07.0046 0x0bc4  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
21:31:07.0078 0x0bc4  HP Software Update - ok
21:31:07.0140 0x0bc4  [ D09A5F5C4DBD5D4DFF09AB1A69812062, 2282EEA1AAD234A773C46FEA1EF4330E8320FC240BE3E2F5A38C3DF4F09CA947 ] C:\Program Files\Common Files\Real\Update_OB\realsched.exe
21:31:07.0171 0x0bc4  TkBellExe - detected UnsignedFile.Multi.Generic ( 1 )
21:31:09.0625 0x0bc4  Detect skipped due to KSN trusted
21:31:09.0625 0x0bc4  TkBellExe - ok
21:31:09.0687 0x0bc4  [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
21:31:09.0750 0x0bc4  avgnt - ok
21:31:09.0828 0x0bc4  [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
21:31:09.0875 0x0bc4  SunJavaUpdateSched - ok
21:31:09.0906 0x0bc4  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
21:31:10.0078 0x0bc4  ctfmon.exe - ok
21:31:10.0109 0x0bc4  [ 9BA7143CA1769BFE8A5FC03F523F2EE5, 2323CBBF3FB32E946D274E9B1532253BFB0918D3B816A8193C603A0F8315B67A ] C:\Program Files\Sandboxie\SbieCtrl.exe
21:31:10.0171 0x0bc4  SandboxieControl - ok
21:31:10.0187 0x0bc4  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
21:31:10.0312 0x0bc4  ctfmon.exe - ok
21:31:10.0312 0x0bc4  Waiting for KSN requests completion. In queue: 6
21:31:11.0312 0x0bc4  Waiting for KSN requests completion. In queue: 6
21:31:12.0312 0x0bc4  Waiting for KSN requests completion. In queue: 5
21:31:13.0437 0x0bc4  AV detected via SS1: Avira Desktop, 14.0.6.522, enabled, updated
21:31:13.0437 0x0bc4  Win FW state via NFM: enabled
21:31:15.0937 0x0bc4  ============================================================
21:31:15.0937 0x0bc4  Scan finished
21:31:15.0937 0x0bc4  ============================================================
21:31:15.0968 0x0bbc  Detected object count: 1
21:31:15.0968 0x0bbc  Actual detected object count: 1
21:33:25.0718 0x0bbc  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:33:25.0718 0x0bbc  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 

21:34:53.0156 0x0838  Deinitialize success

Attached Files


Edited by CarrotCakes, 18 September 2014 - 08:38 PM.


#9 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:47 PM

Posted 18 September 2014 - 08:40 PM

And here is the Farbar log:
 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by HP_Administrator (administrator) on ABC on 17-09-2014 21:41:50
Running from C:\Documents and Settings\HP_Administrator\My Documents\Downloads
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehRecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Company) C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(QFX Software Corporation) C:\Program Files\KeyScrambler\KeyScrambler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\ALCMTR.EXE
(RealTek Semicoductor Corp.) C:\WINDOWS\ALCWZRD.EXE
(Hewlett-Packard Company) C:\WINDOWS\system\hpsysdrv.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieCrypto.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Apple Computer, Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Computer, Inc.) C:\Program Files\iPod\bin\iPodService.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [59392 2004-08-10] (Microsoft Corporation)
HKLM\...\Run: [High Definition Audio Property Page Shortcut] => C:\WINDOWS\system32\HDAShCut.exe [61952 2005-01-08] (Windows ® Server 2003 DDK provider)
HKLM\...\Run: [HPHUPD08] => c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [49152 2005-06-01] (Hewlett-Packard)
HKLM\...\Run: [PCDrProfiler] => [X]
HKLM\...\Run: [HPBootOp] => C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [245760 2005-02-25] (Hewlett-Packard Company)
HKLM\...\Run: [IcoSet] => c:\hp\bin\cloaker.exe [27136 1999-11-07] (Hewlett-Packard Co.)
HKLM\...\Run: [LSBWatcher] => c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [253952 2005-05-10] (Hewlett-Packard Company)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [180269 2005-09-06] (RealNetworks, Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-15] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [KeyScrambler] => C:\Program Files\KeyScrambler\keyscrambler.exe [508144 2014-05-30] (QFX Software Corporation)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse]  <==== ATTENTION!
HKU\S-1-5-21-403728013-4087379911-1177270023-1008\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [631816 2014-05-29] (Sandboxie Holdings, LLC)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
ShortcutTarget: Updates from HP.lnk -> C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Hewlett-Packard)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.9
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\1Iy6oeQV.default
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2061 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2122 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1059 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: Avira Browser Safety - C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\1Iy6oeQV.default\Extensions\abs@avira.com [2014-08-26]
 
Chrome: 
=======
CHR HomePage: Default -> 46DDA111008C4B11B9337498830D1CC937ED918CCBC767898F5A6EC3CCD51629
CHR StartupUrls: Default -> "about:blank"
CHR DefaultSearchKeyword: Default -> 6A7B8F9BAB66AC0F6402D821A35CF688A34E12BEA282D879919158F5EB33C946
CHR DefaultSearchProvider: Default -> D94B1170A742422888565D101C22CBAEE391C0BA57E944CCED87D008B4D9BE48
CHR DefaultSearchURL: Default -> B557CC45A98228C633294E76FD812048EA440EF9E50BC8E4B922F0E8F7C44CF0
CHR CustomProfile: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-08-26]
CHR Extension: (Google Docs) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-26]
CHR Extension: (Google Drive) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-26]
CHR Extension: (WOT) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-08-26]
CHR Extension: (YouTube) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-26]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-26]
CHR Extension: (Google Search) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-26]
CHR Extension: (Google Sheets) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-08-26]
CHR Extension: (Google Wallet) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26]
CHR Extension: (Gmail) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-26]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
S3 aspnet_state; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [32768 2004-07-15] (Microsoft Corporation) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R3 iPodService; C:\Program Files\iPod\bin\iPodService.exe [327680 2005-05-05] (Apple Computer, Inc.) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-27] (Oracle Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248 2005-06-21] (Hewlett-Packard Company) [File not signed]
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S0 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [69632 2004-09-29] (HP) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-05-29] (Sandboxie Holdings, LLC)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [97648 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2014-08-15] (Avira Operations GmbH & Co. KG)
R0 bb-run; C:\WINDOWS\System32\DRIVERS\bb-run.sys [17408 2003-11-05] (Promise Technology, Inc.)
R0 ftsata2; C:\WINDOWS\System32\DRIVERS\ftsata2.sys [175616 2005-04-14] (Promise Technology, Inc.)
S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [145920 2005-01-08] (Windows ® Server 2003 DDK provider)
R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [209016 2013-05-31] (QFX Software Corporation)
S3 ltmodem5; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [606684 2004-08-04] (LT)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [74496 2005-03-04] (Realtek Semiconductor Corporation                           )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [160264 2014-05-29] (Sandboxie Holdings, LLC)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2014-08-15] (Avira GmbH)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-17 21:41 - 2014-09-17 21:41 - 00000000 ____D () C:\FRST
2014-09-08 13:54 - 2014-09-08 13:54 - 00000869 _____ () C:\Documents and Settings\All Users\Desktop\Avira.lnk
2014-09-04 22:15 - 2014-09-10 02:19 - 00013357 _____ () C:\Documents and Settings\HP_Administrator\My Documents\attach.txt
2014-09-04 22:15 - 2014-09-10 02:18 - 00016474 _____ () C:\Documents and Settings\HP_Administrator\My Documents\dds.txt
2014-09-04 22:15 - 2014-09-10 02:16 - 00016474 _____ () C:\Documents and Settings\HP_Administrator\Desktop\dds.txt
2014-09-04 22:15 - 2014-09-10 02:16 - 00013357 _____ () C:\Documents and Settings\HP_Administrator\Desktop\attach.txt
2014-09-02 01:54 - 2014-09-02 01:54 - 00003584 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-28 17:07 - 2014-08-28 17:07 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\QFX Software
2014-08-28 17:07 - 2014-08-28 17:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\QFX Software
2014-08-28 17:03 - 2014-08-28 17:03 - 00000000 ____D () C:\Program Files\KeyScrambler
2014-08-28 17:03 - 2014-08-28 17:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\KeyScrambler
2014-08-28 17:03 - 2013-05-31 07:53 - 00209016 _____ (QFX Software Corporation) C:\WINDOWS\system32\Drivers\keyscrambler.sys
2014-08-28 16:45 - 2014-08-28 16:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$
2014-08-28 16:45 - 2014-08-28 16:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-08-28 16:32 - 2014-08-28 16:58 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\HpUpdate
2014-08-28 16:30 - 2014-08-28 16:30 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-08-28 16:29 - 2014-08-28 16:29 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Sun
2014-08-27 01:54 - 2014-08-27 01:54 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-27 01:54 - 2014-08-27 01:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Sun
2014-08-27 01:54 - 2014-08-27 01:53 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-27 01:54 - 2014-08-27 01:53 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-08-27 01:53 - 2014-08-27 01:53 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-27 01:53 - 2014-08-27 01:53 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-27 01:53 - 2014-08-27 01:53 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-08-27 01:53 - 2014-08-27 01:53 - 00000000 ____D () C:\Program Files\Java
2014-08-27 01:53 - 2014-08-27 01:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-08-27 01:44 - 2014-09-17 21:26 - 00000244 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-27 01:44 - 2014-09-08 15:00 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-27 01:44 - 2014-08-27 01:44 - 00000000 __SHD () C:\Documents and Settings\HP_Administrator\IETldCache
2014-08-27 01:17 - 2014-08-27 01:17 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB959426$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952954$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951376-v2$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-08-27 01:12 - 2014-08-28 16:44 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-08-27 01:12 - 2014-08-27 01:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2467659$
2014-08-27 01:12 - 2014-03-06 10:59 - 00522240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-08-27 01:12 - 2011-08-16 03:45 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2014-08-27 01:11 - 2014-08-27 01:16 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-08-27 01:11 - 2014-03-06 10:59 - 11113472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-08-27 01:11 - 2014-03-06 10:59 - 02006016 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-08-27 01:11 - 2014-03-06 10:59 - 00743424 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-08-27 01:11 - 2014-03-06 10:59 - 00630272 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-08-27 01:11 - 2014-03-06 10:59 - 00247808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-08-27 01:11 - 2014-03-06 10:59 - 00055296 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-08-27 01:11 - 2014-03-06 10:59 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-08-27 01:10 - 2014-08-27 01:11 - 00000000 __HDC () C:\WINDOWS\ie8
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960859$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB946648$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-08-27 01:04 - 2014-08-27 01:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-08-27 01:01 - 2014-09-12 17:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-27 01:01 - 2014-09-12 16:57 - 98758480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-27 01:00 - 2014-08-27 01:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979904$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2491683$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923723$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2115168$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969059$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951978$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950974$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971657$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB954155_WM9$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956572$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2510581$
2014-08-27 00:51 - 2014-08-27 00:52 - 00006622 _____ () C:\WINDOWS\system32\TZLog.log
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956844$
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975025$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974571$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952004$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2936068$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973507$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB941569$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977816$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950762$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2964358$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952287$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-08-27 00:45 - 2014-08-27 00:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-08-27 00:45 - 2014-08-27 00:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-08-27 00:45 - 2014-08-27 00:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2742607$
2014-08-27 00:44 - 2014-08-27 00:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973904$
2014-08-27 00:44 - 2014-08-27 00:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-08-27 00:44 - 2014-08-27 00:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-08-27 00:39 - 2014-08-27 00:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973540_WM9$
2014-08-27 00:39 - 2014-08-27 00:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952069_WM9$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973768$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-08-27 00:34 - 2014-08-27 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-08-27 00:34 - 2014-08-27 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-08-27 00:21 - 2014-08-27 00:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960803$
2014-08-27 00:20 - 2014-08-27 00:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973815$
2014-08-27 00:12 - 2014-08-27 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904878$
2014-08-27 00:12 - 2014-08-27 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-08-27 00:05 - 2014-08-27 00:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-08-27 00:05 - 2014-08-27 00:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-08-27 00:05 - 2014-08-27 00:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975467$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923561$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-08-27 00:02 - 2014-08-27 00:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB968389$
2014-08-27 00:02 - 2014-08-27 00:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-08-26 23:56 - 2014-08-26 23:56 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-26 23:56 - 2014-08-26 23:56 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Sun
2014-08-26 23:56 - 2014-08-26 23:56 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-08-26 23:55 - 2014-08-26 23:55 - 00000730 _____ () C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-08-26 23:55 - 2014-08-26 23:55 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
2014-08-26 23:54 - 2014-08-26 23:54 - 00000000 ____D () C:\Program Files\VideoLAN
2014-08-26 23:41 - 2010-09-17 23:53 - 00953856 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc40u.dll
2014-08-26 23:41 - 2008-06-13 04:05 - 00272128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthport.sys
2014-08-26 23:40 - 2014-02-25 18:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-08-26 23:40 - 2014-02-25 18:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-08-26 23:40 - 2011-07-15 06:29 - 00456320 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mrxsmb.sys
2014-08-26 23:39 - 2010-08-23 09:12 - 00617472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comctl32.dll
2014-08-26 23:39 - 2009-11-21 08:51 - 00471552 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aclayers.dll
2014-08-26 23:38 - 2010-06-14 07:31 - 00744448 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helpsvc.exe
2014-08-26 23:37 - 2013-07-02 19:12 - 00025088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-08-26 23:37 - 2013-07-02 18:59 - 00014976 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2014-08-26 23:37 - 2010-08-27 01:02 - 00119808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\t2embed.dll
2014-08-26 23:37 - 2009-10-15 09:28 - 00081920 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fontsub.dll
2014-08-26 23:36 - 2009-06-21 14:44 - 00153088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\triedit.dll
2014-08-26 23:36 - 2009-03-06 07:22 - 00284160 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pdh.dll
2014-08-26 23:36 - 2009-02-09 05:10 - 00617472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\advapi32.dll
2014-08-26 23:36 - 2009-02-09 05:10 - 00473600 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fastprox.dll
2014-08-26 23:36 - 2009-02-09 05:10 - 00453120 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvsd.dll
2014-08-26 23:36 - 2009-02-09 05:10 - 00401408 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rpcss.dll
2014-08-26 23:36 - 2009-02-06 04:11 - 00110592 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\services.exe
2014-08-26 23:36 - 2009-02-06 03:10 - 00227840 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvse.exe
2014-08-26 23:35 - 2009-07-27 15:27 - 00128512 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dhtmled.ocx
2014-08-26 23:34 - 2014-04-30 01:13 - 06022144 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-08-26 23:34 - 2011-04-21 06:37 - 00105472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mup.sys
2014-08-26 23:34 - 2008-05-08 07:02 - 00203136 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rmcast.sys
2014-08-26 23:33 - 2013-07-16 17:58 - 00123008 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-08-26 23:33 - 2013-07-16 17:58 - 00060160 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-08-26 23:33 - 2013-07-16 17:58 - 00046848 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2014-08-26 23:33 - 2013-02-11 17:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys
2014-08-26 23:33 - 2013-02-11 17:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023.sys
2014-08-26 23:33 - 2008-05-01 07:33 - 00331776 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadce.dll
2014-08-26 23:30 - 2012-05-28 11:16 - 00536576 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado15.dll
2014-08-26 23:29 - 2012-07-04 07:05 - 00139784 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpwd.sys
2014-08-26 23:29 - 2010-06-18 06:36 - 03558912 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\moviemk.exe
2014-08-26 23:28 - 2014-08-26 23:28 - 00000000 ___RD () C:\Sandbox
2014-08-26 23:28 - 2013-08-08 17:55 - 00144128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-08-26 23:28 - 2013-08-08 17:55 - 00032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2014-08-26 23:28 - 2013-08-08 17:55 - 00005376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-08-26 23:28 - 2009-03-18 04:02 - 00030336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-08-26 23:27 - 2013-11-05 18:03 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsp4res.dll
2014-08-26 23:27 - 2013-07-03 20:03 - 02149888 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2014-08-26 23:27 - 2013-07-03 19:59 - 02193536 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2014-08-26 23:27 - 2013-07-03 19:08 - 02070144 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2014-08-26 23:27 - 2013-07-03 19:08 - 02028544 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2014-08-26 23:27 - 2010-12-09 08:15 - 00718336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntdll.dll
2014-08-26 23:27 - 2010-07-12 05:55 - 00218112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wordpad.exe
2014-08-26 23:27 - 2009-11-21 08:51 - 01206508 ____N () C:\WINDOWS\system32\dllcache\sysmain.sdb
2014-08-26 23:26 - 2013-11-27 13:21 - 00040960 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndproxy.sys
2014-08-26 23:26 - 2012-01-11 12:06 - 00003072 ____N () C:\WINDOWS\system32\iacenc.dll
2014-08-26 23:26 - 2012-01-11 12:06 - 00003072 ____N () C:\WINDOWS\system32\dllcache\iacenc.dll
2014-08-26 23:26 - 2011-07-08 07:02 - 00010496 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndistapi.sys
2014-08-26 23:26 - 2010-10-11 07:59 - 00045568 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe
2014-08-26 23:11 - 2014-08-26 23:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB898461$
2014-08-26 23:11 - 2014-08-26 23:11 - 00000000 ____D () C:\WINDOWS\system32\PreInstall
2014-08-26 20:53 - 2014-09-06 02:11 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-26 20:53 - 2014-08-26 20:53 - 00000693 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-08-26 20:53 - 2014-08-26 20:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2014-08-26 20:52 - 2014-09-14 13:36 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-26 20:52 - 2014-08-26 20:52 - 00000788 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-26 20:52 - 2014-08-26 20:52 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-26 20:52 - 2014-08-26 20:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-26 20:52 - 2014-08-26 20:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-26 20:52 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-26 20:52 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-26 16:18 - 2014-09-17 21:09 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-08-26 16:18 - 2014-09-14 13:34 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-26 16:11 - 2014-09-14 13:31 - 00002934 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Rkill.txt
2014-08-26 16:06 - 2014-09-08 13:46 - 00001450 _____ () C:\WINDOWS\Sandboxie.ini
2014-08-26 16:06 - 2014-08-26 16:05 - 00000777 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Sandboxed Web Browser.lnk
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Program Files\Sandboxie
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
2014-08-26 16:01 - 2014-08-26 16:01 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Avira
2014-08-26 15:56 - 2014-08-26 15:56 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Avira
2014-08-26 15:55 - 2014-08-15 10:30 - 00028520 _____ (Avira GmbH) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2014-08-26 15:54 - 2014-08-15 10:30 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-08-26 15:54 - 2014-08-15 10:30 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-08-26 15:54 - 2014-08-15 10:30 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-08-26 15:52 - 2014-09-08 13:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avira
2014-08-26 15:52 - 2014-09-08 13:53 - 00000000 ____D () C:\Program Files\Avira
2014-08-26 15:52 - 2014-08-26 15:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avira
2014-08-26 15:47 - 2014-09-17 21:25 - 00194786 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-08-26 15:47 - 2014-09-12 17:01 - 00194786 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-403728013-4087379911-1177270023-1008-0.dat
2014-08-26 15:45 - 2014-08-26 15:45 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-08-26 15:37 - 2014-08-26 15:37 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
2014-08-26 15:28 - 2014-09-08 13:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-08-26 15:27 - 2014-08-26 15:27 - 00000245 _____ () C:\WINDOWS\system32\spupdwxp.log
2014-08-26 15:19 - 2014-08-26 15:19 - 00000000 ____D () C:\WINDOWS\system32\scripting
2014-08-26 15:19 - 2014-08-26 15:19 - 00000000 ____D () C:\WINDOWS\system32\bits
2014-08-26 15:19 - 2014-08-26 15:19 - 00000000 ____D () C:\WINDOWS\l2schemas
2014-08-26 15:19 - 2013-11-12 18:13 - 00046080 ____N (Microsoft Corporation) C:\WINDOWS\system32\tzchange.exe
2014-08-26 15:19 - 2013-07-16 17:58 - 00046848 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irbus.sys
2014-08-26 15:19 - 2012-11-05 19:01 - 01371648 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml6.dll
2014-08-26 15:19 - 2012-11-05 19:01 - 01371648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-08-26 15:19 - 2009-01-07 18:21 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 04274816 ____N (NVIDIA Corporation) C:\WINDOWS\system32\nv4_disp.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 01737856 ____N (Matrox Graphics Inc.) C:\WINDOWS\system32\mtxparhd.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00712704 ____N (Microsoft Corporation) C:\WINDOWS\system32\windowscodecs.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00412160 ____N (Microsoft Corporation) C:\WINDOWS\system32\photometadatahandler.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00397056 ____N (S3 Graphics, Inc.) C:\WINDOWS\system32\s3gnb.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00346112 ____N (Microsoft Corporation) C:\WINDOWS\system32\windowscodecsext.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00291328 ____N (Microsoft Corporation) C:\WINDOWS\system32\qagentrt.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00290304 ____N (Microsoft Corporation) C:\WINDOWS\system32\rhttpaa.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00286792 ____N (Smart Link) C:\WINDOWS\system32\slextspk.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00276992 ____N (Microsoft Corporation) C:\WINDOWS\system32\wmphoto.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00193024 ____N (Microsoft Corporation) C:\WINDOWS\system32\napmontr.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00188508 ____N (Smart Link) C:\WINDOWS\system32\slgen.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00176640 ____N (Microsoft Corporation) C:\WINDOWS\system32\napstat.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00155136 ____N (Microsoft Corporation) C:\WINDOWS\system32\mssha.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00150528 ____N (Microsoft Corporation) C:\WINDOWS\system32\qagent.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00144384 ____N (Microsoft Corporation) C:\WINDOWS\system32\onex.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00076800 ____N (Microsoft Corporation) C:\WINDOWS\system32\qutil.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00073832 ____N (Smart Link) C:\WINDOWS\system32\slcoinst.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00073796 ____N (Smart Link) C:\WINDOWS\system32\slserv.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00069120 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00062464 ____N (Microsoft Corporation) C:\WINDOWS\system32\qcliprov.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00061952 ____N (Microsoft Corporation) C:\WINDOWS\system32\rasqec.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00053248 ____N (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00050688 ____N (Microsoft Corporation) C:\WINDOWS\system32\tspkg.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00033792 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcperf.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00032866 ____N (Smart Link) C:\WINDOWS\system32\slrundll.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00032866 ____N (Smart Link) C:\WINDOWS\slrundll.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00032768 ____N (Microsoft Corporation) C:\WINDOWS\system32\setupn.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00030208 ____N (Microsoft Corporation) C:\WINDOWS\system32\napipsec.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00028672 ____N (Microsoft Corporation) C:\WINDOWS\system32\vidcap.ax
2014-08-26 15:19 - 2008-04-14 05:42 - 00028672 ____N (Microsoft Corporation) C:\WINDOWS\system32\verclsid.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00023040 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativmvxx.ax
2014-08-26 15:19 - 2008-04-14 05:42 - 00010752 ____N (Microsoft Corporation) C:\WINDOWS\system32\smtpapi.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00009728 ____N (Microsoft Corporation) C:\WINDOWS\system32\rwnh.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00009728 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativdaxx.ax
2014-08-26 15:19 - 2008-04-14 05:41 - 01888992 ____N (ATI Technologies Inc. ) C:\WINDOWS\system32\ati3duag.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00870784 ____N (ATI Technologies Inc. ) C:\WINDOWS\system32\ati3d1ag.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00650752 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00516768 ____N (ATI Technologies Inc. ) C:\WINDOWS\system32\ativvaxx.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00397312 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcex.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00377984 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ati2dvaa.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00233472 ____N (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00229376 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ati2cqag.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00201728 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ati2dvag.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00184832 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00184320 ____N (Microsoft Corporation) C:\WINDOWS\system32\microsoft.managementconsole.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00180224 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00136192 ____N (Microsoft Corporation) C:\WINDOWS\system32\aaclient.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00132096 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00126976 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00106496 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcfxcommon.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00094208 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00086016 ____N (Conexant) C:\WINDOWS\system32\mdmxsdk.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00061440 ____N (Microsoft Corporation) C:\WINDOWS\system32\kmsvc.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00059392 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapqec.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00057856 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3cfg.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00056320 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00048640 ____N (Microsoft Corporation) C:\WINDOWS\system32\dhcpqec.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00040960 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00039936 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3gpclnt.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00039936 ____N (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00037376 ____N (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00033792 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapsvc.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00032768 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativtmxx.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00032285 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\hsfcisp2.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00030720 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapolqec.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00026112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00019456 ____N (Microsoft Corporation) C:\WINDOWS\system32\dimsntfy.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00009216 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3dlg.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00007168 ____N (Microsoft Corporation) C:\WINDOWS\system32\bitsprx4.dll
2014-08-26 15:19 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdpash.dll
2014-08-26 15:19 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdnepr.dll
2014-08-26 15:19 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdiultn.dll
2014-08-26 15:19 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdbhc.dll
2014-08-26 15:19 - 2008-04-14 00:13 - 00009728 ____N (Microsoft Corporation) C:\WINDOWS\system32\comsdupd.exe
2014-08-26 15:19 - 2008-04-13 23:45 - 00076800 ____N (Microsoft Corporation) C:\WINDOWS\system32\msshavmsg.dll
2014-08-26 15:19 - 2008-04-13 23:09 - 00689152 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpsp3res.dll
2014-08-26 15:19 - 2008-04-13 22:57 - 00079872 ____N (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2014-08-26 15:19 - 2008-04-13 22:57 - 00079872 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml6r.dll
2014-08-26 15:17 - 2014-08-26 15:17 - 00000000 ____D () C:\WINDOWS\ServicePackFiles
2014-08-26 15:16 - 2013-07-16 17:58 - 00123008 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2014-08-26 15:16 - 2013-02-11 17:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023x.sys
2014-08-26 15:16 - 2008-06-13 04:05 - 00272128 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-08-26 15:16 - 2008-04-14 05:42 - 00011325 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\vchnt5.dll
2014-08-26 15:16 - 2008-04-14 05:42 - 00003901 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\siint5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00025471 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv04nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00021183 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv01nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00017279 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv10nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00015423 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\ch7xxnt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00014143 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv06nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00011359 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv02nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00004255 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv01nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00003967 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv02nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00003775 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv11nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00003711 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv09nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00003647 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv07nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00003615 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv05nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00003135 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv08nt5.dll
2014-08-26 15:16 - 2008-04-14 00:26 - 00030592 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismpx.sys
2014-08-26 15:16 - 2008-04-14 00:21 - 00101120 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-08-26 15:16 - 2008-04-14 00:16 - 00059136 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2014-08-26 15:16 - 2008-04-14 00:16 - 00037888 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2014-08-26 15:16 - 2008-04-14 00:16 - 00036480 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthprint.sys
2014-08-26 15:16 - 2008-04-14 00:16 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2014-08-26 15:16 - 2008-04-14 00:16 - 00018944 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthusb.sys
2014-08-26 15:16 - 2008-04-14 00:16 - 00017024 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2014-08-26 15:16 - 2008-04-14 00:15 - 00019200 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidir.sys
2014-08-26 15:16 - 2008-04-14 00:13 - 00014208 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wacompen.sys
2014-08-26 15:16 - 2008-04-14 00:13 - 00012672 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mutohpen.sys
2014-08-26 15:16 - 2008-04-14 00:10 - 00010240 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sffp_mmc.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00046464 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gagp30kx.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00044928 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agpcpq.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00044672 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uagp35.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00043008 ____N (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdagp.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00042752 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\alim1541.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00042368 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agp440.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00042240 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viaagp.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00040960 ____N (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\Drivers\sisagp.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00005888 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smbali.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 01309184 ____N (Smart Link) C:\WINDOWS\system32\Drivers\mtlstrm.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 01041536 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfdpsp2.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00685056 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfcxts2.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00404990 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slntamr.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00220032 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfbs2s2.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00180360 ____N (Smart Link) C:\WINDOWS\system32\Drivers\ntmtlfax.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00129535 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slnt7554.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00126686 ____N (Smart Link) C:\WINDOWS\system32\Drivers\mtlmnt5.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00095424 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slnthal.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00013776 ____N (Smart Link) C:\WINDOWS\system32\Drivers\recagent.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00013240 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slwdmsup.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00011868 ____N (Conexant) C:\WINDOWS\system32\Drivers\mdmxsdk.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 01897408 ____N (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nv4_mini.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00701440 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtag.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00452736 ____N (Matrox Graphics Inc.) C:\WINDOWS\system32\Drivers\mtxparhm.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00327040 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtaa.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00166912 ____N (S3 Graphics, Inc.) C:\WINDOWS\system32\Drivers\s3gnbm.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00104960 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinrvxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00073216 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atintuxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00063663 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1rvxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00063488 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxsxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00057856 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinbtxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00056623 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1btxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00052224 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinraxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00036463 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1tuxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00034735 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xsxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00031744 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxbxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00030671 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1raxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00029455 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xbxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00028672 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinsnxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00026367 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1snxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00025471 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\watv10nt.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00022271 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\watv06nt.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00021343 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1ttxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00014336 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinpdxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinttxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinmdxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00012047 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1pdxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00011935 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv11nt.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00011871 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv09nt.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00011807 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv07nt.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00011615 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1mdxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00011295 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv08nt.sys
2014-08-26 15:16 - 2007-04-02 21:36 - 00129045 ____N () C:\WINDOWS\system32\Drivers\cxthsfs2.cty
2014-08-26 15:16 - 2006-12-29 20:21 - 00064352 ____N () C:\WINDOWS\system32\Drivers\ativmc20.cod
2014-08-26 15:16 - 2006-12-29 20:02 - 00067866 ____N () C:\WINDOWS\system32\Drivers\netwlan5.img
2014-08-26 15:12 - 2014-08-26 15:14 - 00000000 __HDC () C:\WINDOWS\$NtServicePackUninstall$
2014-08-26 14:52 - 2014-08-26 14:54 - 00000075 _____ () C:\Documents and Settings\HP_Administrator\LuResult.txt
2014-08-26 14:51 - 2014-08-26 14:52 - 00000075 _____ () C:\WINDOWS\system32\LuResult.txt
2014-08-26 14:30 - 2014-08-28 22:11 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-26 14:26 - 2014-09-12 16:44 - 00001824 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-08-26 14:26 - 2014-08-26 14:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-08-26 14:24 - 2014-09-17 21:29 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-26 14:24 - 2014-09-17 21:26 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-26 14:18 - 2014-08-26 14:18 - 00000000 __SHD () C:\Documents and Settings\HP_Administrator\UserData
2014-08-26 14:11 - 2014-08-26 15:37 - 00050272 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-08-26 14:09 - 2014-08-26 14:09 - 00000264 _____ () C:\WINDOWS\UPGRADE.TXT
2014-08-26 14:09 - 2014-08-26 14:09 - 00000000 _RSHD () C:\cmdcons
2014-08-26 14:09 - 2014-08-26 14:09 - 00000000 ____D () C:\WINDOWS\setup.pss
2014-08-26 14:09 - 2014-08-26 04:13 - 00000211 __RSH () C:\BOOT.BAK
2014-08-26 14:09 - 2004-08-10 05:00 - 00260272 __RSH () C:\cmldr
2014-08-26 04:17 - 2014-08-26 04:17 - 00002054 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office 2003 Edition 60 Days Trial Welcome Tour.lnk
2014-08-26 04:17 - 2014-08-26 04:17 - 00000603 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Register with HP.url
2014-08-26 04:17 - 2014-08-26 04:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office (60 Day Trial)
2014-08-26 04:16 - 2014-08-26 04:16 - 00001896 __RSH () C:\WINDOWS\system32\Drivers\103C_HP_CPC_EG139AA-ABA A1257C_YC_0Pavi_QMXK536_E54NAsyMPC1_48_IGoldfish3_SASUSTeK Computer INC._V1.xx_B3.24_T050811_WXP2_L409_M1016_J250_7Intel_8Pentium 4_93_#120913_N10EC8139_Z11C1048C_G80862582.MRK
2014-08-26 04:16 - 2014-08-26 04:16 - 00000338 _____ () C:\WINDOWS\Tasks\Easy Internet Sign-up.job
2014-08-26 04:15 - 2014-09-17 21:42 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Temp
2014-08-26 04:15 - 2014-09-17 21:25 - 00000178 ___SH () C:\Documents and Settings\HP_Administrator\ntuser.ini
2014-08-26 04:15 - 2014-09-17 21:25 - 00000000 ____D () C:\Documents and Settings\HP_Administrator
2014-08-26 04:15 - 2014-08-27 01:44 - 00000814 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Internet Explorer.lnk
2014-08-26 04:15 - 2014-08-27 01:44 - 00000000 ___RD () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Accessories
2014-08-26 04:15 - 2014-08-26 15:26 - 00000749 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Outlook Express.lnk
2014-08-26 04:15 - 2014-08-26 14:26 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google
2014-08-26 04:15 - 2014-08-26 04:16 - 00000803 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Windows Media Player.lnk
2014-08-26 04:15 - 2005-09-06 08:58 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Symantec
2014-08-26 04:15 - 2005-09-06 08:51 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Online Services
2014-08-26 04:15 - 2005-09-06 08:44 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\SampleView
2014-08-26 04:15 - 2005-09-06 08:42 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Intuit
2014-08-26 04:15 - 2005-09-06 08:39 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\WINDOWS
2014-08-26 04:15 - 2005-09-06 08:39 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Apple Computer
2014-08-26 04:15 - 2005-09-06 08:39 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Apple Computer
2014-08-26 04:15 - 2005-09-06 08:30 - 00000136 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
2014-08-26 04:15 - 2005-09-06 08:25 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Real
2014-08-26 04:15 - 2005-09-06 07:55 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150000}
2014-08-26 04:15 - 2005-01-24 19:55 - 00002892 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Help and Support.lnk
2014-08-26 04:15 - 2004-11-17 04:32 - 00001599 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Remote Assistance.lnk
2014-08-26 04:14 - 2014-08-26 04:16 - 00000745 _____ () C:\Documents and Settings\All Users\Desktop\Easy Internet Sign-up.lnk
2014-08-26 04:14 - 2005-09-06 08:53 - 00002197 _____ () C:\Documents and Settings\All Users\Desktop\BLOCKBUSTER Online.lnk
2014-08-26 04:14 - 2005-09-06 08:52 - 00001857 _____ () C:\Documents and Settings\All Users\Desktop\MSN.lnk
2014-08-26 04:14 - 2005-09-06 08:51 - 00002088 _____ () C:\Documents and Settings\All Users\Desktop\AOL Latino 3 Meses Incluidos.lnk
2014-08-26 04:14 - 2005-09-06 08:51 - 00001944 _____ () C:\Documents and Settings\All Users\Desktop\AOL 3 Months Included.lnk
2014-08-26 04:14 - 2005-09-06 08:46 - 00001540 _____ () C:\Documents and Settings\All Users\Desktop\HP Extended Service Plans.lnk
2014-08-26 04:14 - 2005-09-06 08:42 - 00001486 _____ () C:\Documents and Settings\All Users\Desktop\Quicken 2005.lnk
2014-08-26 04:14 - 2005-09-06 08:39 - 00001625 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-08-26 04:14 - 2005-09-06 08:29 - 00001977 _____ () C:\Documents and Settings\All Users\Desktop\My HP Games.lnk
2014-08-26 04:14 - 2005-09-06 08:25 - 00000908 _____ () C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
2014-08-26 04:13 - 2005-09-06 09:10 - 00000178 ___SH () C:\Documents and Settings\Default User\ntuser.ini
2014-08-26 04:13 - 2005-09-06 08:58 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\Symantec
2014-08-26 04:13 - 2005-09-06 08:54 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Google
2014-08-26 04:13 - 2005-09-06 08:51 - 00000000 ____D () C:\Documents and Settings\Default User\Start Menu\Programs\Online Services
2014-08-26 04:13 - 2005-09-06 08:44 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\SampleView
2014-08-26 04:13 - 2005-09-06 08:42 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\Intuit
2014-08-26 04:13 - 2005-09-06 08:39 - 00000000 ____D () C:\Documents and Settings\Default User\WINDOWS
2014-08-26 04:13 - 2005-09-06 08:39 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Apple Computer
2014-08-26 04:13 - 2005-09-06 08:39 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\Apple Computer
2014-08-26 04:13 - 2005-09-06 08:30 - 00000136 _____ () C:\Documents and Settings\Default User\Local Settings\Application Data\fusioncache.dat
2014-08-26 04:13 - 2005-09-06 08:25 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\Real
2014-08-26 04:13 - 2005-09-06 07:55 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150000}
2014-08-26 04:13 - 2005-01-24 19:55 - 00002892 _____ () C:\Documents and Settings\Default User\Desktop\Help and Support.lnk
2014-08-26 04:13 - 2004-11-17 04:37 - 00000767 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Internet Explorer.lnk
2014-08-26 04:13 - 2004-11-17 04:37 - 00000738 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Outlook Express.lnk
2014-08-26 04:11 - 2008-04-14 00:15 - 00010368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-08-26 04:11 - 2001-08-17 13:48 - 00012160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2014-08-26 04:08 - 2014-09-17 21:31 - 00000248 _____ () C:\WINDOWS\system\hpsysdrv.dat
2014-08-26 04:07 - 2014-08-26 14:08 - 00000000 ____D () C:\WINDOWS\I386
2014-08-26 04:00 - 2014-08-26 15:19 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2014-08-26 04:00 - 2014-08-26 04:07 - 00000000 __RHD () C:\MSOCache
2014-08-26 04:00 - 2014-08-26 04:07 - 00000000 ___RD () C:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2014-08-26 04:00 - 2014-08-26 04:07 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2014-08-26 04:00 - 2014-08-26 04:07 - 00000000 ___RD () C:\Documents and Settings\All Users\Desktop\User's Guides
2014-08-26 04:00 - 2014-08-26 04:07 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
2014-08-26 03:59 - 2014-08-26 04:07 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-17 21:42 - 2014-08-26 04:15 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Temp
2014-09-17 21:41 - 2014-09-17 21:41 - 00000000 ____D () C:\FRST
2014-09-17 21:31 - 2014-08-26 04:08 - 00000248 _____ () C:\WINDOWS\system\hpsysdrv.dat
2014-09-17 21:29 - 2014-08-26 14:24 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-17 21:29 - 2005-06-10 10:28 - 00000000 ____D () C:\WINDOWS\Registration
2014-09-17 21:28 - 2005-06-06 23:57 - 01500193 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-17 21:26 - 2014-08-27 01:44 - 00000244 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-09-17 21:26 - 2014-08-26 14:24 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-17 21:26 - 2005-06-06 23:57 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-17 21:25 - 2014-08-26 15:47 - 00194786 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-09-17 21:25 - 2014-08-26 04:15 - 00000178 ___SH () C:\Documents and Settings\HP_Administrator\ntuser.ini
2014-09-17 21:25 - 2014-08-26 04:15 - 00000000 ____D () C:\Documents and Settings\HP_Administrator
2014-09-17 21:25 - 2005-06-06 23:57 - 00032526 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-17 21:09 - 2014-08-26 16:18 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-09-16 21:12 - 2005-06-06 23:53 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-14 13:36 - 2014-08-26 20:52 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 13:34 - 2014-08-26 16:18 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-14 13:31 - 2014-08-26 16:11 - 00002934 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Rkill.txt
2014-09-12 17:01 - 2014-08-27 01:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-12 17:01 - 2014-08-26 15:47 - 00194786 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-403728013-4087379911-1177270023-1008-0.dat
2014-09-12 16:57 - 2014-08-27 01:01 - 98758480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-12 16:44 - 2014-08-26 14:26 - 00001824 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-09-10 02:19 - 2014-09-04 22:15 - 00013357 _____ () C:\Documents and Settings\HP_Administrator\My Documents\attach.txt
2014-09-10 02:18 - 2014-09-04 22:15 - 00016474 _____ () C:\Documents and Settings\HP_Administrator\My Documents\dds.txt
2014-09-10 02:16 - 2014-09-04 22:15 - 00016474 _____ () C:\Documents and Settings\HP_Administrator\Desktop\dds.txt
2014-09-10 02:16 - 2014-09-04 22:15 - 00013357 _____ () C:\Documents and Settings\HP_Administrator\Desktop\attach.txt
2014-09-08 15:00 - 2014-08-27 01:44 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-09-08 13:54 - 2014-09-08 13:54 - 00000869 _____ () C:\Documents and Settings\All Users\Desktop\Avira.lnk
2014-09-08 13:54 - 2014-08-26 15:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avira
2014-09-08 13:53 - 2014-08-26 15:52 - 00000000 ____D () C:\Program Files\Avira
2014-09-08 13:49 - 2014-08-26 15:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-09-08 13:46 - 2014-08-26 16:06 - 00001450 _____ () C:\WINDOWS\Sandboxie.ini
2014-09-06 02:11 - 2014-08-26 20:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-02 01:54 - 2014-09-02 01:54 - 00003584 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-28 22:11 - 2014-08-26 14:30 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-28 17:07 - 2014-08-28 17:07 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\QFX Software
2014-08-28 17:07 - 2014-08-28 17:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\QFX Software
2014-08-28 17:03 - 2014-08-28 17:03 - 00000000 ____D () C:\Program Files\KeyScrambler
2014-08-28 17:03 - 2014-08-28 17:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\KeyScrambler
2014-08-28 16:58 - 2014-08-28 16:32 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\HpUpdate
2014-08-28 16:51 - 2005-06-06 23:55 - 00494464 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-28 16:45 - 2014-08-28 16:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$
2014-08-28 16:45 - 2014-08-28 16:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-08-28 16:44 - 2014-08-27 01:12 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-08-28 16:44 - 2005-09-06 08:01 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-08-28 16:32 - 2005-09-06 08:33 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-08-28 16:32 - 2005-09-06 08:12 - 00000000 ____D () C:\Program Files\HP
2014-08-28 16:32 - 2005-09-06 08:12 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-08-28 16:30 - 2014-08-28 16:30 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-08-28 16:29 - 2014-08-28 16:29 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Sun
2014-08-27 01:54 - 2014-08-27 01:54 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-27 01:54 - 2014-08-27 01:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Sun
2014-08-27 01:53 - 2014-08-27 01:54 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-27 01:53 - 2014-08-27 01:54 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-08-27 01:53 - 2014-08-27 01:53 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-27 01:53 - 2014-08-27 01:53 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-27 01:53 - 2014-08-27 01:53 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-08-27 01:53 - 2014-08-27 01:53 - 00000000 ____D () C:\Program Files\Java
2014-08-27 01:53 - 2014-08-27 01:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-08-27 01:44 - 2014-08-27 01:44 - 00000000 __SHD () C:\Documents and Settings\HP_Administrator\IETldCache
2014-08-27 01:44 - 2014-08-26 04:15 - 00000814 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Internet Explorer.lnk
2014-08-27 01:44 - 2014-08-26 04:15 - 00000000 ___RD () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Accessories
2014-08-27 01:25 - 2005-06-10 10:25 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-08-27 01:17 - 2014-08-27 01:17 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2014-08-27 01:17 - 2005-09-06 07:45 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-08-27 01:16 - 2014-08-27 01:11 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-08-27 01:16 - 2005-06-10 10:10 - 00000000 ____D () C:\WINDOWS\Help
2014-08-27 01:16 - 2005-06-07 15:48 - 00192184 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB959426$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952954$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951376-v2$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-08-27 01:12 - 2014-08-27 01:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2467659$
2014-08-27 01:11 - 2014-08-27 01:10 - 00000000 __HDC () C:\WINDOWS\ie8
2014-08-27 01:11 - 2005-06-10 10:25 - 00000000 ____D () C:\WINDOWS\Media
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960859$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB946648$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-08-27 01:05 - 2005-06-10 10:04 - 00000000 ____D () C:\Program Files\Messenger
2014-08-27 01:04 - 2014-08-27 01:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-08-27 01:00 - 2014-08-27 01:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979904$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2491683$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923723$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2115168$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969059$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951978$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950974$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971657$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB954155_WM9$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956572$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2510581$
2014-08-27 00:52 - 2014-08-27 00:51 - 00006622 _____ () C:\WINDOWS\system32\TZLog.log
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956844$
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975025$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974571$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952004$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2936068$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973507$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB941569$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977816$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950762$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2964358$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952287$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-08-27 00:45 - 2014-08-27 00:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-08-27 00:45 - 2014-08-27 00:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-08-27 00:45 - 2014-08-27 00:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2742607$
2014-08-27 00:44 - 2014-08-27 00:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973904$
2014-08-27 00:44 - 2014-08-27 00:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-08-27 00:44 - 2014-08-27 00:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-08-27 00:39 - 2014-08-27 00:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973540_WM9$
2014-08-27 00:39 - 2014-08-27 00:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952069_WM9$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973768$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-08-27 00:35 - 2005-06-10 10:04 - 00000000 ____D () C:\Program Files\Outlook Express
2014-08-27 00:34 - 2014-08-27 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-08-27 00:34 - 2014-08-27 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-08-27 00:34 - 2005-06-10 10:04 - 00000000 ____D () C:\Program Files\Movie Maker
2014-08-27 00:21 - 2014-08-27 00:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960803$
2014-08-27 00:20 - 2014-08-27 00:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973815$
2014-08-27 00:12 - 2014-08-27 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904878$
2014-08-27 00:12 - 2014-08-27 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-08-27 00:05 - 2014-08-27 00:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-08-27 00:05 - 2014-08-27 00:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-08-27 00:05 - 2014-08-27 00:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975467$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923561$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-08-27 00:02 - 2014-08-27 00:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB968389$
2014-08-27 00:02 - 2014-08-27 00:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-08-26 23:56 - 2014-08-26 23:56 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-26 23:56 - 2014-08-26 23:56 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Sun
2014-08-26 23:56 - 2014-08-26 23:56 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-08-26 23:55 - 2014-08-26 23:55 - 00000730 _____ () C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-08-26 23:55 - 2014-08-26 23:55 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
2014-08-26 23:54 - 2014-08-26 23:54 - 00000000 ____D () C:\Program Files\VideoLAN
2014-08-26 23:28 - 2014-08-26 23:28 - 00000000 ___RD () C:\Sandbox
2014-08-26 23:22 - 2005-06-10 10:41 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-08-26 23:11 - 2014-08-26 23:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB898461$
2014-08-26 23:11 - 2014-08-26 23:11 - 00000000 ____D () C:\WINDOWS\system32\PreInstall
2014-08-26 20:53 - 2014-08-26 20:53 - 00000693 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-08-26 20:53 - 2014-08-26 20:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2014-08-26 20:52 - 2014-08-26 20:52 - 00000788 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-26 20:52 - 2014-08-26 20:52 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-26 20:52 - 2014-08-26 20:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-26 20:52 - 2014-08-26 20:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-26 16:18 - 2005-06-10 10:29 - 00000000 ____D () C:\WINDOWS\repair
2014-08-26 16:05 - 2014-08-26 16:06 - 00000777 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Sandboxed Web Browser.lnk
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Program Files\Sandboxie
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
2014-08-26 16:05 - 2005-06-10 10:03 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-26 16:01 - 2014-08-26 16:01 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Avira
2014-08-26 15:56 - 2014-08-26 15:56 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Avira
2014-08-26 15:54 - 2014-08-26 15:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avira
2014-08-26 15:45 - 2014-08-26 15:45 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-08-26 15:37 - 2014-08-26 15:37 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
2014-08-26 15:37 - 2014-08-26 14:11 - 00050272 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-08-26 15:29 - 2005-09-06 08:37 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-08-26 15:27 - 2014-08-26 15:27 - 00000245 _____ () C:\WINDOWS\system32\spupdwxp.log
2014-08-26 15:27 - 2004-11-17 04:32 - 00316640 _____ () C:\WINDOWS\WMSysPr9.prx
2014-08-26 15:26 - 2014-08-26 04:15 - 00000749 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Outlook Express.lnk
2014-08-26 15:25 - 2005-06-10 10:29 - 00000000 ____D () C:\WINDOWS\security
2014-08-26 15:19 - 2014-08-26 15:19 - 00000000 ____D () C:\WINDOWS\system32\scripting
2014-08-26 15:19 - 2014-08-26 15:19 - 00000000 ____D () C:\WINDOWS\system32\bits
2014-08-26 15:19 - 2014-08-26 15:19 - 00000000 ____D () C:\WINDOWS\l2schemas
2014-08-26 15:19 - 2014-08-26 04:00 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2014-08-26 15:19 - 2005-06-10 10:42 - 00000000 ____D () C:\WINDOWS\system32\usmt
2014-08-26 15:19 - 2005-06-10 10:28 - 00000000 ____D () C:\WINDOWS\PeerNet
2014-08-26 15:19 - 2005-06-10 10:22 - 00000000 ____D () C:\WINDOWS\ime
2014-08-26 15:19 - 2005-06-08 10:11 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-08-26 15:19 - 2004-11-17 04:32 - 00001574 _____ () C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2014-08-26 15:17 - 2014-08-26 15:17 - 00000000 ____D () C:\WINDOWS\ServicePackFiles
2014-08-26 15:17 - 2005-06-10 10:40 - 00000000 ____D () C:\WINDOWS\system32\npp
2014-08-26 15:17 - 2005-06-10 10:29 - 00000000 ____D () C:\WINDOWS\system32\Com
2014-08-26 15:17 - 2005-06-10 10:29 - 00000000 ____D () C:\WINDOWS\system
2014-08-26 15:17 - 2005-06-10 10:29 - 00000000 ____D () C:\WINDOWS\srchasst
2014-08-26 15:17 - 2005-06-10 10:26 - 00000000 ____D () C:\WINDOWS\mui
2014-08-26 15:17 - 2005-06-10 10:26 - 00000000 ____D () C:\WINDOWS\msagent
2014-08-26 15:17 - 2005-06-10 10:04 - 00000000 ____D () C:\Program Files\Windows NT
2014-08-26 15:17 - 2005-06-10 10:04 - 00000000 ____D () C:\Program Files\NetMeeting
2014-08-26 15:17 - 2005-06-10 10:04 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-26 15:16 - 2004-08-10 19:00 - 00250048 __RSH () C:\ntldr
2014-08-26 15:15 - 2005-06-10 10:41 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-08-26 15:14 - 2014-08-26 15:12 - 00000000 __HDC () C:\WINDOWS\$NtServicePackUninstall$
2014-08-26 14:55 - 2005-09-06 08:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Symantec
2014-08-26 14:54 - 2014-08-26 14:52 - 00000075 _____ () C:\Documents and Settings\HP_Administrator\LuResult.txt
2014-08-26 14:52 - 2014-08-26 14:51 - 00000075 _____ () C:\WINDOWS\system32\LuResult.txt
2014-08-26 14:31 - 2005-06-10 10:03 - 00000000 ___HD () C:\hp
2014-08-26 14:31 - 2004-11-17 04:32 - 00000623 _____ () C:\WINDOWS\win.ini
2014-08-26 14:26 - 2014-08-26 14:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-08-26 14:26 - 2014-08-26 04:15 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google
2014-08-26 14:25 - 2005-09-06 08:54 - 00000000 ____D () C:\Program Files\Google
2014-08-26 14:18 - 2014-08-26 14:18 - 00000000 __SHD () C:\Documents and Settings\HP_Administrator\UserData
2014-08-26 14:09 - 2014-08-26 14:09 - 00000264 _____ () C:\WINDOWS\UPGRADE.TXT
2014-08-26 14:09 - 2014-08-26 14:09 - 00000000 _RSHD () C:\cmdcons
2014-08-26 14:09 - 2014-08-26 14:09 - 00000000 ____D () C:\WINDOWS\setup.pss
2014-08-26 14:09 - 2005-06-08 09:54 - 00000281 __RSH () C:\boot.ini
2014-08-26 14:08 - 2014-08-26 04:07 - 00000000 ____D () C:\WINDOWS\I386
2014-08-26 04:17 - 2014-08-26 04:17 - 00002054 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office 2003 Edition 60 Days Trial Welcome Tour.lnk
2014-08-26 04:17 - 2014-08-26 04:17 - 00000603 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Register with HP.url
2014-08-26 04:17 - 2014-08-26 04:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office (60 Day Trial)
2014-08-26 04:16 - 2014-08-26 04:16 - 00001896 __RSH () C:\WINDOWS\system32\Drivers\103C_HP_CPC_EG139AA-ABA A1257C_YC_0Pavi_QMXK536_E54NAsyMPC1_48_IGoldfish3_SASUSTeK Computer INC._V1.xx_B3.24_T050811_WXP2_L409_M1016_J250_7Intel_8Pentium 4_93_#120913_N10EC8139_Z11C1048C_G80862582.MRK
2014-08-26 04:16 - 2014-08-26 04:16 - 00000338 _____ () C:\WINDOWS\Tasks\Easy Internet Sign-up.job
2014-08-26 04:16 - 2014-08-26 04:15 - 00000803 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Windows Media Player.lnk
2014-08-26 04:16 - 2014-08-26 04:14 - 00000745 _____ () C:\Documents and Settings\All Users\Desktop\Easy Internet Sign-up.lnk
2014-08-26 04:16 - 2005-09-06 08:50 - 00000000 ____D () C:\Program Files\Easy Internet signup
2014-08-26 04:16 - 2005-09-06 08:46 - 00000000 ____D () C:\WINDOWS\system32\pcintro
2014-08-26 04:16 - 2005-06-08 09:59 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM
2014-08-26 04:15 - 2005-09-06 07:45 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2014-08-26 04:13 - 2014-08-26 14:09 - 00000211 __RSH () C:\BOOT.BAK
2014-08-26 04:11 - 2004-11-16 20:21 - 00000231 _____ () C:\WINDOWS\system.ini
2014-08-26 04:08 - 2005-06-10 10:29 - 00000000 ____D () C:\WINDOWS\SMINST
2014-08-26 04:07 - 2014-08-26 04:00 - 00000000 __RHD () C:\MSOCache
2014-08-26 04:07 - 2014-08-26 04:00 - 00000000 ___RD () C:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2014-08-26 04:07 - 2014-08-26 04:00 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2014-08-26 04:07 - 2014-08-26 04:00 - 00000000 ___RD () C:\Documents and Settings\All Users\Desktop\User's Guides
2014-08-26 04:07 - 2014-08-26 04:00 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
2014-08-26 04:07 - 2014-08-26 03:59 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
 
Some content of TEMP:
====================
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\IadHide5.dll
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\{1EC30E7B-3F84-4C64-8925-561FBA76E37C}.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End Of Log ============================


#10 Bud_91

Bud_91

  • Malware Response Team
  • 438 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:47 PM

Posted 21 September 2014 - 12:14 PM

Hi CarrotCakes,

 

Was the operating system on this computer reinstalled lately?

 

We need to run TDSSKiller again, and select delete for the following entry:

 

 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 

 

Please post the resulting log. You can attach it since it is so long.

 

Then, please run a fresh FRST scan and post the log.


If I have not responded to your log in 36 hours, feel free to send me a PM.

If you would like to make a thank-you donation, please click here: btn_donate_SM.png

 

A.K.A. Buddierdl @ GeeksToGo.com


#11 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:47 PM

Posted 22 September 2014 - 06:20 PM

Yeah, the system was restored a few weeks ago.

Here's the Farbar log:
 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by HP_Administrator (administrator) on ABC on 22-09-2014 16:11:09
Running from C:\Documents and Settings\HP_Administrator\My Documents\Downloads
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehRecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Company) C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(QFX Software Corporation) C:\Program Files\KeyScrambler\KeyScrambler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\ALCMTR.EXE
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(RealTek Semicoductor Corp.) C:\WINDOWS\ALCWZRD.EXE
(Hewlett-Packard Company) C:\WINDOWS\system\hpsysdrv.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Apple Computer, Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Computer, Inc.) C:\Program Files\iPod\bin\iPodService.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [59392 2004-08-10] (Microsoft Corporation)
HKLM\...\Run: [High Definition Audio Property Page Shortcut] => C:\WINDOWS\system32\HDAShCut.exe [61952 2005-01-08] (Windows ® Server 2003 DDK provider)
HKLM\...\Run: [HPHUPD08] => c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [49152 2005-06-01] (Hewlett-Packard)
HKLM\...\Run: [PCDrProfiler] => [X]
HKLM\...\Run: [HPBootOp] => C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [245760 2005-02-25] (Hewlett-Packard Company)
HKLM\...\Run: [IcoSet] => c:\hp\bin\cloaker.exe [27136 1999-11-07] (Hewlett-Packard Co.)
HKLM\...\Run: [LSBWatcher] => c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [253952 2005-05-10] (Hewlett-Packard Company)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [180269 2005-09-06] (RealNetworks, Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-15] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [KeyScrambler] => C:\Program Files\KeyScrambler\keyscrambler.exe [508144 2014-05-30] (QFX Software Corporation)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse]  <==== ATTENTION!
HKU\S-1-5-21-403728013-4087379911-1177270023-1008\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [631816 2014-05-29] (Sandboxie Holdings, LLC)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
ShortcutTarget: Updates from HP.lnk -> C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Hewlett-Packard)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\1Iy6oeQV.default
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2061 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2122 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1059 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: Avira Browser Safety - C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\1Iy6oeQV.default\Extensions\abs@avira.com [2014-08-26]
 
Chrome: 
=======
CHR HomePage: Default -> 46DDA111008C4B11B9337498830D1CC937ED918CCBC767898F5A6EC3CCD51629
CHR StartupUrls: Default -> "about:blank"
CHR DefaultSearchKeyword: Default -> 6A7B8F9BAB66AC0F6402D821A35CF688A34E12BEA282D879919158F5EB33C946
CHR DefaultSearchProvider: Default -> D94B1170A742422888565D101C22CBAEE391C0BA57E944CCED87D008B4D9BE48
CHR DefaultSearchURL: Default -> B557CC45A98228C633294E76FD812048EA440EF9E50BC8E4B922F0E8F7C44CF0
CHR CustomProfile: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-08-26]
CHR Extension: (Google Docs) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-26]
CHR Extension: (Google Drive) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-26]
CHR Extension: (WOT) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-08-26]
CHR Extension: (YouTube) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-26]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-26]
CHR Extension: (Google Search) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-26]
CHR Extension: (Google Sheets) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-08-26]
CHR Extension: (Google Wallet) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26]
CHR Extension: (Gmail) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-26]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
S3 aspnet_state; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [32768 2004-07-15] (Microsoft Corporation) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R3 iPodService; C:\Program Files\iPod\bin\iPodService.exe [327680 2005-05-05] (Apple Computer, Inc.) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-27] (Oracle Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248 2005-06-21] (Hewlett-Packard Company) [File not signed]
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S0 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [69632 2004-09-29] (HP) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-05-29] (Sandboxie Holdings, LLC)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [97648 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2014-08-15] (Avira Operations GmbH & Co. KG)
R0 bb-run; C:\WINDOWS\System32\DRIVERS\bb-run.sys [17408 2003-11-05] (Promise Technology, Inc.)
R0 ftsata2; C:\WINDOWS\System32\DRIVERS\ftsata2.sys [175616 2005-04-14] (Promise Technology, Inc.)
S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [145920 2005-01-08] (Windows ® Server 2003 DDK provider)
R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [209016 2013-05-31] (QFX Software Corporation)
S3 ltmodem5; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [606684 2004-08-04] (LT)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [74496 2005-03-04] (Realtek Semiconductor Corporation                           )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [160264 2014-05-29] (Sandboxie Holdings, LLC)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2014-08-15] (Avira GmbH)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
 
========================== Drivers MD5 =======================
 
C:\WINDOWS\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17
C:\WINDOWS\system32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5
C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\WINDOWS\System32\DRIVERS\AGRSM.sys 34F27C7D71F1C49C7D3857F28B42F544
C:\WINDOWS\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\WINDOWS\System32\DRIVERS\avgntflt.sys B0A63DD71CB0CB597D8BD5C364E73F7C
C:\WINDOWS\System32\DRIVERS\avipbb.sys 05AF7CBF0BDA1571BBADC36703EB9CA4
C:\WINDOWS\System32\DRIVERS\avkmgr.sys D8C712305F73CD34D1B344810E522728
C:\WINDOWS\System32\DRIVERS\bb-run.sys 7270D070173B20AC9487EA16BB08B45F
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\WINDOWS\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41
C:\WINDOWS\System32\drivers\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\WINDOWS\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\WINDOWS\system32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3
C:\WINDOWS\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\WINDOWS\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D
C:\WINDOWS\System32\DRIVERS\ftsata2.sys 92E8443C7BF5C0137671CDE080655DFC
C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys 6F55305289A0765BD8AE8E8D32F17117
C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\WINDOWS\System32\drivers\HdAudio.sys 2A013E7530BEAB6E569FAA83F517E836
C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\WINDOWS\System32\DRIVERS\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30
C:\WINDOWS\System32\DRIVERS\ialmnt5.sys 4007984827E19E6A5B6FAF8532EAEFBA
C:\WINDOWS\System32\DRIVERS\iaStor.sys 79AE2A97C120F282845D854D0F070EA9
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\drivers\RtkHDAud.sys D87FFA95D630EC8D1482CA25C454846A
C:\WINDOWS\System32\DRIVERS\intelide.sys B5466A9250342A7AA0CD1FBA13420678
C:\WINDOWS\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B
C:\WINDOWS\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128
C:\WINDOWS\System32\drivers\keyscrambler.sys D9CA77A69473A93E40B7551A7DE425A9
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys 9EE18A5A45552673A67532EA37370377
C:\WINDOWS\System32\DRIVERS\mhndrv.sys 7F2F1D2815A6449D346FCCCBC569FBD6
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1
C:\WINDOWS\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04
C:\WINDOWS\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\WINDOWS\System32\DRIVERS\parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1
C:\WINDOWS\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1
C:\WINDOWS\System32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0
C:\WINDOWS\system32\Drivers\Pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\PS2.sys BFFDB363485501A38F0BCA83AEC810DB
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\Drivers\PxHelp20.sys 86724469CD077901706854974CD13C3E
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\WINDOWS\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5
C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys 7F0413BDD7D53EB4C7A371E7F6F84DF1
C:\WINDOWS\System32\DRIVERS\RTL8139.SYS D507C1400284176573224903819FFDA3
C:\Program Files\Sandboxie\SbieDrv.sys F2BF19FE48D9B8ADF8F5A0A6F17FD6BA
C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\WINDOWS\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\WINDOWS\System32\DRIVERS\serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\System32\DRIVERS\ssmdrv.sys A36EE93698802CD899F98BFD553D8185
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\System32\DRIVERS\viaide.sys 3B3EFCDA263B8AC14FDF9CBDD0791B2E
C:\WINDOWS\system32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-17 21:41 - 2014-09-22 16:11 - 00000000 ____D () C:\FRST
2014-09-08 13:54 - 2014-09-08 13:54 - 00000869 _____ () C:\Documents and Settings\All Users\Desktop\Avira.lnk
2014-09-04 22:15 - 2014-09-10 02:19 - 00013357 _____ () C:\Documents and Settings\HP_Administrator\My Documents\attach.txt
2014-09-04 22:15 - 2014-09-10 02:18 - 00016474 _____ () C:\Documents and Settings\HP_Administrator\My Documents\dds.txt
2014-09-04 22:15 - 2014-09-10 02:16 - 00016474 _____ () C:\Documents and Settings\HP_Administrator\Desktop\dds.txt
2014-09-04 22:15 - 2014-09-10 02:16 - 00013357 _____ () C:\Documents and Settings\HP_Administrator\Desktop\attach.txt
2014-09-02 01:54 - 2014-09-02 01:54 - 00003584 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-28 17:07 - 2014-08-28 17:07 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\QFX Software
2014-08-28 17:07 - 2014-08-28 17:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\QFX Software
2014-08-28 17:03 - 2014-08-28 17:03 - 00000000 ____D () C:\Program Files\KeyScrambler
2014-08-28 17:03 - 2014-08-28 17:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\KeyScrambler
2014-08-28 17:03 - 2013-05-31 07:53 - 00209016 _____ (QFX Software Corporation) C:\WINDOWS\system32\Drivers\keyscrambler.sys
2014-08-28 16:45 - 2014-08-28 16:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$
2014-08-28 16:45 - 2014-08-28 16:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-08-28 16:32 - 2014-08-28 16:58 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\HpUpdate
2014-08-28 16:30 - 2014-08-28 16:30 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-08-28 16:29 - 2014-08-28 16:29 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Sun
2014-08-27 01:54 - 2014-08-27 01:54 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-27 01:54 - 2014-08-27 01:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Sun
2014-08-27 01:54 - 2014-08-27 01:53 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-27 01:54 - 2014-08-27 01:53 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-08-27 01:53 - 2014-08-27 01:53 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-27 01:53 - 2014-08-27 01:53 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-27 01:53 - 2014-08-27 01:53 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-08-27 01:53 - 2014-08-27 01:53 - 00000000 ____D () C:\Program Files\Java
2014-08-27 01:53 - 2014-08-27 01:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-08-27 01:44 - 2014-09-22 15:49 - 00000244 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-27 01:44 - 2014-09-08 15:00 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-27 01:44 - 2014-08-27 01:44 - 00000000 __SHD () C:\Documents and Settings\HP_Administrator\IETldCache
2014-08-27 01:17 - 2014-08-27 01:17 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB959426$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952954$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951376-v2$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-08-27 01:12 - 2014-08-28 16:44 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-08-27 01:12 - 2014-08-27 01:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2467659$
2014-08-27 01:12 - 2014-03-06 10:59 - 00522240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-08-27 01:12 - 2011-08-16 03:45 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2014-08-27 01:11 - 2014-08-27 01:16 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-08-27 01:11 - 2014-03-06 10:59 - 11113472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-08-27 01:11 - 2014-03-06 10:59 - 02006016 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-08-27 01:11 - 2014-03-06 10:59 - 00743424 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-08-27 01:11 - 2014-03-06 10:59 - 00630272 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-08-27 01:11 - 2014-03-06 10:59 - 00247808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-08-27 01:11 - 2014-03-06 10:59 - 00055296 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-08-27 01:11 - 2014-03-06 10:59 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-08-27 01:10 - 2014-08-27 01:11 - 00000000 __HDC () C:\WINDOWS\ie8
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960859$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB946648$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-08-27 01:04 - 2014-08-27 01:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-08-27 01:01 - 2014-09-12 17:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-27 01:01 - 2014-09-12 16:57 - 98758480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-27 01:00 - 2014-08-27 01:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979904$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2491683$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923723$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2115168$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969059$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951978$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950974$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971657$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB954155_WM9$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956572$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2510581$
2014-08-27 00:51 - 2014-08-27 00:52 - 00006622 _____ () C:\WINDOWS\system32\TZLog.log
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956844$
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975025$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974571$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952004$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2936068$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973507$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB941569$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977816$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950762$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2964358$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952287$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-08-27 00:45 - 2014-08-27 00:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-08-27 00:45 - 2014-08-27 00:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-08-27 00:45 - 2014-08-27 00:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2742607$
2014-08-27 00:44 - 2014-08-27 00:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973904$
2014-08-27 00:44 - 2014-08-27 00:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-08-27 00:44 - 2014-08-27 00:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-08-27 00:39 - 2014-08-27 00:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973540_WM9$
2014-08-27 00:39 - 2014-08-27 00:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952069_WM9$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973768$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-08-27 00:34 - 2014-08-27 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-08-27 00:34 - 2014-08-27 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-08-27 00:21 - 2014-08-27 00:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960803$
2014-08-27 00:20 - 2014-08-27 00:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973815$
2014-08-27 00:12 - 2014-08-27 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904878$
2014-08-27 00:12 - 2014-08-27 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-08-27 00:05 - 2014-08-27 00:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-08-27 00:05 - 2014-08-27 00:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-08-27 00:05 - 2014-08-27 00:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975467$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923561$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-08-27 00:02 - 2014-08-27 00:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB968389$
2014-08-27 00:02 - 2014-08-27 00:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-08-26 23:56 - 2014-08-26 23:56 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-26 23:56 - 2014-08-26 23:56 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Sun
2014-08-26 23:56 - 2014-08-26 23:56 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-08-26 23:55 - 2014-08-26 23:55 - 00000730 _____ () C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-08-26 23:55 - 2014-08-26 23:55 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
2014-08-26 23:54 - 2014-08-26 23:54 - 00000000 ____D () C:\Program Files\VideoLAN
2014-08-26 23:41 - 2010-09-17 23:53 - 00953856 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc40u.dll
2014-08-26 23:41 - 2008-06-13 04:05 - 00272128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthport.sys
2014-08-26 23:40 - 2014-02-25 18:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-08-26 23:40 - 2014-02-25 18:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-08-26 23:40 - 2011-07-15 06:29 - 00456320 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mrxsmb.sys
2014-08-26 23:39 - 2010-08-23 09:12 - 00617472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comctl32.dll
2014-08-26 23:39 - 2009-11-21 08:51 - 00471552 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aclayers.dll
2014-08-26 23:38 - 2010-06-14 07:31 - 00744448 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helpsvc.exe
2014-08-26 23:37 - 2013-07-02 19:12 - 00025088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-08-26 23:37 - 2013-07-02 18:59 - 00014976 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2014-08-26 23:37 - 2010-08-27 01:02 - 00119808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\t2embed.dll
2014-08-26 23:37 - 2009-10-15 09:28 - 00081920 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fontsub.dll
2014-08-26 23:36 - 2009-06-21 14:44 - 00153088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\triedit.dll
2014-08-26 23:36 - 2009-03-06 07:22 - 00284160 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pdh.dll
2014-08-26 23:36 - 2009-02-09 05:10 - 00617472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\advapi32.dll
2014-08-26 23:36 - 2009-02-09 05:10 - 00473600 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fastprox.dll
2014-08-26 23:36 - 2009-02-09 05:10 - 00453120 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvsd.dll
2014-08-26 23:36 - 2009-02-09 05:10 - 00401408 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rpcss.dll
2014-08-26 23:36 - 2009-02-06 04:11 - 00110592 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\services.exe
2014-08-26 23:36 - 2009-02-06 03:10 - 00227840 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvse.exe
2014-08-26 23:35 - 2009-07-27 15:27 - 00128512 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dhtmled.ocx
2014-08-26 23:34 - 2014-04-30 01:13 - 06022144 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-08-26 23:34 - 2011-04-21 06:37 - 00105472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mup.sys
2014-08-26 23:34 - 2008-05-08 07:02 - 00203136 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rmcast.sys
2014-08-26 23:33 - 2013-07-16 17:58 - 00123008 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-08-26 23:33 - 2013-07-16 17:58 - 00060160 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-08-26 23:33 - 2013-07-16 17:58 - 00046848 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2014-08-26 23:33 - 2013-02-11 17:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys
2014-08-26 23:33 - 2013-02-11 17:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023.sys
2014-08-26 23:33 - 2008-05-01 07:33 - 00331776 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadce.dll
2014-08-26 23:30 - 2012-05-28 11:16 - 00536576 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado15.dll
2014-08-26 23:29 - 2012-07-04 07:05 - 00139784 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpwd.sys
2014-08-26 23:29 - 2010-06-18 06:36 - 03558912 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\moviemk.exe
2014-08-26 23:28 - 2014-08-26 23:28 - 00000000 ___RD () C:\Sandbox
2014-08-26 23:28 - 2013-08-08 17:55 - 00144128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-08-26 23:28 - 2013-08-08 17:55 - 00032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2014-08-26 23:28 - 2013-08-08 17:55 - 00005376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-08-26 23:28 - 2009-03-18 04:02 - 00030336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-08-26 23:27 - 2013-11-05 18:03 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsp4res.dll
2014-08-26 23:27 - 2013-07-03 20:03 - 02149888 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2014-08-26 23:27 - 2013-07-03 19:59 - 02193536 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2014-08-26 23:27 - 2013-07-03 19:08 - 02070144 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2014-08-26 23:27 - 2013-07-03 19:08 - 02028544 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2014-08-26 23:27 - 2010-12-09 08:15 - 00718336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntdll.dll
2014-08-26 23:27 - 2010-07-12 05:55 - 00218112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wordpad.exe
2014-08-26 23:27 - 2009-11-21 08:51 - 01206508 ____N () C:\WINDOWS\system32\dllcache\sysmain.sdb
2014-08-26 23:26 - 2013-11-27 13:21 - 00040960 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndproxy.sys
2014-08-26 23:26 - 2012-01-11 12:06 - 00003072 ____N () C:\WINDOWS\system32\iacenc.dll
2014-08-26 23:26 - 2012-01-11 12:06 - 00003072 ____N () C:\WINDOWS\system32\dllcache\iacenc.dll
2014-08-26 23:26 - 2011-07-08 07:02 - 00010496 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndistapi.sys
2014-08-26 23:26 - 2010-10-11 07:59 - 00045568 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe
2014-08-26 23:11 - 2014-08-26 23:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB898461$
2014-08-26 23:11 - 2014-08-26 23:11 - 00000000 ____D () C:\WINDOWS\system32\PreInstall
2014-08-26 20:53 - 2014-09-06 02:11 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-26 20:53 - 2014-08-26 20:53 - 00000693 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-08-26 20:53 - 2014-08-26 20:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2014-08-26 20:52 - 2014-09-14 13:36 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-26 20:52 - 2014-08-26 20:52 - 00000788 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-26 20:52 - 2014-08-26 20:52 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-26 20:52 - 2014-08-26 20:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-26 20:52 - 2014-08-26 20:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-26 20:52 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-26 20:52 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-26 16:18 - 2014-09-22 15:57 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-08-26 16:18 - 2014-09-22 15:54 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-26 16:11 - 2014-09-18 17:50 - 00003018 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Rkill.txt
2014-08-26 16:06 - 2014-09-18 17:05 - 00001450 _____ () C:\WINDOWS\Sandboxie.ini
2014-08-26 16:06 - 2014-08-26 16:05 - 00000777 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Sandboxed Web Browser.lnk
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Program Files\Sandboxie
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
2014-08-26 16:01 - 2014-08-26 16:01 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Avira
2014-08-26 15:56 - 2014-08-26 15:56 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Avira
2014-08-26 15:55 - 2014-08-15 10:30 - 00028520 _____ (Avira GmbH) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2014-08-26 15:54 - 2014-08-15 10:30 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-08-26 15:54 - 2014-08-15 10:30 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-08-26 15:54 - 2014-08-15 10:30 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-08-26 15:52 - 2014-09-08 13:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avira
2014-08-26 15:52 - 2014-09-08 13:53 - 00000000 ____D () C:\Program Files\Avira
2014-08-26 15:52 - 2014-08-26 15:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avira
2014-08-26 15:47 - 2014-09-22 15:48 - 00194786 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-08-26 15:47 - 2014-09-22 15:48 - 00194786 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-403728013-4087379911-1177270023-1008-0.dat
2014-08-26 15:45 - 2014-08-26 15:45 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-08-26 15:37 - 2014-08-26 15:37 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
2014-08-26 15:28 - 2014-09-08 13:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-08-26 15:27 - 2014-08-26 15:27 - 00000245 _____ () C:\WINDOWS\system32\spupdwxp.log
2014-08-26 15:19 - 2014-08-26 15:19 - 00000000 ____D () C:\WINDOWS\system32\scripting
2014-08-26 15:19 - 2014-08-26 15:19 - 00000000 ____D () C:\WINDOWS\system32\bits
2014-08-26 15:19 - 2014-08-26 15:19 - 00000000 ____D () C:\WINDOWS\l2schemas
2014-08-26 15:19 - 2013-11-12 18:13 - 00046080 ____N (Microsoft Corporation) C:\WINDOWS\system32\tzchange.exe
2014-08-26 15:19 - 2013-07-16 17:58 - 00046848 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irbus.sys
2014-08-26 15:19 - 2012-11-05 19:01 - 01371648 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml6.dll
2014-08-26 15:19 - 2012-11-05 19:01 - 01371648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-08-26 15:19 - 2009-01-07 18:21 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 04274816 ____N (NVIDIA Corporation) C:\WINDOWS\system32\nv4_disp.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 01737856 ____N (Matrox Graphics Inc.) C:\WINDOWS\system32\mtxparhd.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00712704 ____N (Microsoft Corporation) C:\WINDOWS\system32\windowscodecs.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00412160 ____N (Microsoft Corporation) C:\WINDOWS\system32\photometadatahandler.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00397056 ____N (S3 Graphics, Inc.) C:\WINDOWS\system32\s3gnb.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00346112 ____N (Microsoft Corporation) C:\WINDOWS\system32\windowscodecsext.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00291328 ____N (Microsoft Corporation) C:\WINDOWS\system32\qagentrt.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00290304 ____N (Microsoft Corporation) C:\WINDOWS\system32\rhttpaa.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00286792 ____N (Smart Link) C:\WINDOWS\system32\slextspk.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00276992 ____N (Microsoft Corporation) C:\WINDOWS\system32\wmphoto.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00193024 ____N (Microsoft Corporation) C:\WINDOWS\system32\napmontr.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00188508 ____N (Smart Link) C:\WINDOWS\system32\slgen.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00176640 ____N (Microsoft Corporation) C:\WINDOWS\system32\napstat.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00155136 ____N (Microsoft Corporation) C:\WINDOWS\system32\mssha.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00150528 ____N (Microsoft Corporation) C:\WINDOWS\system32\qagent.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00144384 ____N (Microsoft Corporation) C:\WINDOWS\system32\onex.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00076800 ____N (Microsoft Corporation) C:\WINDOWS\system32\qutil.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00073832 ____N (Smart Link) C:\WINDOWS\system32\slcoinst.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00073796 ____N (Smart Link) C:\WINDOWS\system32\slserv.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00069120 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00062464 ____N (Microsoft Corporation) C:\WINDOWS\system32\qcliprov.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00061952 ____N (Microsoft Corporation) C:\WINDOWS\system32\rasqec.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00053248 ____N (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00050688 ____N (Microsoft Corporation) C:\WINDOWS\system32\tspkg.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00033792 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcperf.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00032866 ____N (Smart Link) C:\WINDOWS\system32\slrundll.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00032866 ____N (Smart Link) C:\WINDOWS\slrundll.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00032768 ____N (Microsoft Corporation) C:\WINDOWS\system32\setupn.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00030208 ____N (Microsoft Corporation) C:\WINDOWS\system32\napipsec.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00028672 ____N (Microsoft Corporation) C:\WINDOWS\system32\vidcap.ax
2014-08-26 15:19 - 2008-04-14 05:42 - 00028672 ____N (Microsoft Corporation) C:\WINDOWS\system32\verclsid.exe
2014-08-26 15:19 - 2008-04-14 05:42 - 00023040 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativmvxx.ax
2014-08-26 15:19 - 2008-04-14 05:42 - 00010752 ____N (Microsoft Corporation) C:\WINDOWS\system32\smtpapi.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00009728 ____N (Microsoft Corporation) C:\WINDOWS\system32\rwnh.dll
2014-08-26 15:19 - 2008-04-14 05:42 - 00009728 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativdaxx.ax
2014-08-26 15:19 - 2008-04-14 05:41 - 01888992 ____N (ATI Technologies Inc. ) C:\WINDOWS\system32\ati3duag.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00870784 ____N (ATI Technologies Inc. ) C:\WINDOWS\system32\ati3d1ag.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00650752 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00516768 ____N (ATI Technologies Inc. ) C:\WINDOWS\system32\ativvaxx.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00397312 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcex.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00377984 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ati2dvaa.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00233472 ____N (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00229376 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ati2cqag.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00201728 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ati2dvag.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00184832 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00184320 ____N (Microsoft Corporation) C:\WINDOWS\system32\microsoft.managementconsole.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00180224 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00136192 ____N (Microsoft Corporation) C:\WINDOWS\system32\aaclient.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00132096 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00126976 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00106496 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcfxcommon.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00094208 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00086016 ____N (Conexant) C:\WINDOWS\system32\mdmxsdk.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00061440 ____N (Microsoft Corporation) C:\WINDOWS\system32\kmsvc.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00059392 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapqec.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00057856 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3cfg.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00056320 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00048640 ____N (Microsoft Corporation) C:\WINDOWS\system32\dhcpqec.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00040960 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00039936 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3gpclnt.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00039936 ____N (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00037376 ____N (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00033792 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapsvc.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00032768 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativtmxx.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00032285 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\hsfcisp2.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00030720 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapolqec.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00026112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00019456 ____N (Microsoft Corporation) C:\WINDOWS\system32\dimsntfy.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00009216 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3dlg.dll
2014-08-26 15:19 - 2008-04-14 05:41 - 00007168 ____N (Microsoft Corporation) C:\WINDOWS\system32\bitsprx4.dll
2014-08-26 15:19 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdpash.dll
2014-08-26 15:19 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdnepr.dll
2014-08-26 15:19 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdiultn.dll
2014-08-26 15:19 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdbhc.dll
2014-08-26 15:19 - 2008-04-14 00:13 - 00009728 ____N (Microsoft Corporation) C:\WINDOWS\system32\comsdupd.exe
2014-08-26 15:19 - 2008-04-13 23:45 - 00076800 ____N (Microsoft Corporation) C:\WINDOWS\system32\msshavmsg.dll
2014-08-26 15:19 - 2008-04-13 23:09 - 00689152 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpsp3res.dll
2014-08-26 15:19 - 2008-04-13 22:57 - 00079872 ____N (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2014-08-26 15:19 - 2008-04-13 22:57 - 00079872 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml6r.dll
2014-08-26 15:17 - 2014-08-26 15:17 - 00000000 ____D () C:\WINDOWS\ServicePackFiles
2014-08-26 15:16 - 2013-07-16 17:58 - 00123008 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2014-08-26 15:16 - 2013-02-11 17:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023x.sys
2014-08-26 15:16 - 2008-06-13 04:05 - 00272128 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-08-26 15:16 - 2008-04-14 05:42 - 00011325 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\vchnt5.dll
2014-08-26 15:16 - 2008-04-14 05:42 - 00003901 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\siint5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00025471 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv04nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00021183 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv01nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00017279 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv10nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00015423 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\ch7xxnt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00014143 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv06nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00011359 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv02nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00004255 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv01nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00003967 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv02nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00003775 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv11nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00003711 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv09nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00003647 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv07nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00003615 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv05nt5.dll
2014-08-26 15:16 - 2008-04-14 05:41 - 00003135 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv08nt5.dll
2014-08-26 15:16 - 2008-04-14 00:26 - 00030592 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismpx.sys
2014-08-26 15:16 - 2008-04-14 00:21 - 00101120 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-08-26 15:16 - 2008-04-14 00:16 - 00059136 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2014-08-26 15:16 - 2008-04-14 00:16 - 00037888 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2014-08-26 15:16 - 2008-04-14 00:16 - 00036480 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthprint.sys
2014-08-26 15:16 - 2008-04-14 00:16 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2014-08-26 15:16 - 2008-04-14 00:16 - 00018944 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthusb.sys
2014-08-26 15:16 - 2008-04-14 00:16 - 00017024 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2014-08-26 15:16 - 2008-04-14 00:15 - 00019200 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidir.sys
2014-08-26 15:16 - 2008-04-14 00:13 - 00014208 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wacompen.sys
2014-08-26 15:16 - 2008-04-14 00:13 - 00012672 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mutohpen.sys
2014-08-26 15:16 - 2008-04-14 00:10 - 00010240 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sffp_mmc.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00046464 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gagp30kx.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00044928 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agpcpq.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00044672 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uagp35.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00043008 ____N (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdagp.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00042752 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\alim1541.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00042368 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agp440.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00042240 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viaagp.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00040960 ____N (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\Drivers\sisagp.sys
2014-08-26 15:16 - 2008-04-14 00:06 - 00005888 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smbali.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 01309184 ____N (Smart Link) C:\WINDOWS\system32\Drivers\mtlstrm.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 01041536 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfdpsp2.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00685056 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfcxts2.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00404990 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slntamr.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00220032 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfbs2s2.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00180360 ____N (Smart Link) C:\WINDOWS\system32\Drivers\ntmtlfax.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00129535 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slnt7554.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00126686 ____N (Smart Link) C:\WINDOWS\system32\Drivers\mtlmnt5.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00095424 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slnthal.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00013776 ____N (Smart Link) C:\WINDOWS\system32\Drivers\recagent.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00013240 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slwdmsup.sys
2014-08-26 15:16 - 2008-04-13 23:53 - 00011868 ____N (Conexant) C:\WINDOWS\system32\Drivers\mdmxsdk.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 01897408 ____N (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nv4_mini.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00701440 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtag.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00452736 ____N (Matrox Graphics Inc.) C:\WINDOWS\system32\Drivers\mtxparhm.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00327040 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtaa.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00166912 ____N (S3 Graphics, Inc.) C:\WINDOWS\system32\Drivers\s3gnbm.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00104960 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinrvxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00073216 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atintuxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00063663 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1rvxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00063488 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxsxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00057856 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinbtxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00056623 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1btxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00052224 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinraxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00036463 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1tuxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00034735 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xsxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00031744 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxbxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00030671 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1raxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00029455 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xbxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00028672 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinsnxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00026367 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1snxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00025471 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\watv10nt.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00022271 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\watv06nt.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00021343 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1ttxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00014336 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinpdxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinttxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinmdxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00012047 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1pdxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00011935 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv11nt.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00011871 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv09nt.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00011807 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv07nt.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00011615 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1mdxx.sys
2014-08-26 15:16 - 2008-04-13 22:04 - 00011295 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv08nt.sys
2014-08-26 15:16 - 2007-04-02 21:36 - 00129045 ____N () C:\WINDOWS\system32\Drivers\cxthsfs2.cty
2014-08-26 15:16 - 2006-12-29 20:21 - 00064352 ____N () C:\WINDOWS\system32\Drivers\ativmc20.cod
2014-08-26 15:16 - 2006-12-29 20:02 - 00067866 ____N () C:\WINDOWS\system32\Drivers\netwlan5.img
2014-08-26 15:12 - 2014-08-26 15:14 - 00000000 __HDC () C:\WINDOWS\$NtServicePackUninstall$
2014-08-26 14:52 - 2014-08-26 14:54 - 00000075 _____ () C:\Documents and Settings\HP_Administrator\LuResult.txt
2014-08-26 14:51 - 2014-08-26 14:52 - 00000075 _____ () C:\WINDOWS\system32\LuResult.txt
2014-08-26 14:30 - 2014-08-28 22:11 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-26 14:26 - 2014-09-12 16:44 - 00001824 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-08-26 14:26 - 2014-08-26 14:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-08-26 14:24 - 2014-09-22 15:49 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-26 14:24 - 2014-09-19 17:29 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-26 14:18 - 2014-08-26 14:18 - 00000000 __SHD () C:\Documents and Settings\HP_Administrator\UserData
2014-08-26 14:11 - 2014-08-26 15:37 - 00050272 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-08-26 14:09 - 2014-08-26 14:09 - 00000264 _____ () C:\WINDOWS\UPGRADE.TXT
2014-08-26 14:09 - 2014-08-26 14:09 - 00000000 _RSHD () C:\cmdcons
2014-08-26 14:09 - 2014-08-26 14:09 - 00000000 ____D () C:\WINDOWS\setup.pss
2014-08-26 14:09 - 2014-08-26 04:13 - 00000211 __RSH () C:\BOOT.BAK
2014-08-26 14:09 - 2004-08-10 05:00 - 00260272 __RSH () C:\cmldr
2014-08-26 04:17 - 2014-08-26 04:17 - 00002054 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office 2003 Edition 60 Days Trial Welcome Tour.lnk
2014-08-26 04:17 - 2014-08-26 04:17 - 00000603 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Register with HP.url
2014-08-26 04:17 - 2014-08-26 04:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office (60 Day Trial)
2014-08-26 04:16 - 2014-08-26 04:16 - 00001896 __RSH () C:\WINDOWS\system32\Drivers\103C_HP_CPC_EG139AA-ABA A1257C_YC_0Pavi_QMXK536_E54NAsyMPC1_48_IGoldfish3_SASUSTeK Computer INC._V1.xx_B3.24_T050811_WXP2_L409_M1016_J250_7Intel_8Pentium 4_93_#120913_N10EC8139_Z11C1048C_G80862582.MRK
2014-08-26 04:16 - 2014-08-26 04:16 - 00000338 _____ () C:\WINDOWS\Tasks\Easy Internet Sign-up.job
2014-08-26 04:15 - 2014-09-22 16:11 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Temp
2014-08-26 04:15 - 2014-09-22 15:48 - 00000178 ___SH () C:\Documents and Settings\HP_Administrator\ntuser.ini
2014-08-26 04:15 - 2014-09-22 15:48 - 00000000 ____D () C:\Documents and Settings\HP_Administrator
2014-08-26 04:15 - 2014-08-27 01:44 - 00000814 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Internet Explorer.lnk
2014-08-26 04:15 - 2014-08-27 01:44 - 00000000 ___RD () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Accessories
2014-08-26 04:15 - 2014-08-26 15:26 - 00000749 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Outlook Express.lnk
2014-08-26 04:15 - 2014-08-26 14:26 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google
2014-08-26 04:15 - 2014-08-26 04:16 - 00000803 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Windows Media Player.lnk
2014-08-26 04:15 - 2005-09-06 08:58 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Symantec
2014-08-26 04:15 - 2005-09-06 08:51 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Online Services
2014-08-26 04:15 - 2005-09-06 08:44 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\SampleView
2014-08-26 04:15 - 2005-09-06 08:42 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Intuit
2014-08-26 04:15 - 2005-09-06 08:39 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\WINDOWS
2014-08-26 04:15 - 2005-09-06 08:39 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Apple Computer
2014-08-26 04:15 - 2005-09-06 08:39 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Apple Computer
2014-08-26 04:15 - 2005-09-06 08:30 - 00000136 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
2014-08-26 04:15 - 2005-09-06 08:25 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Real
2014-08-26 04:15 - 2005-09-06 07:55 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150000}
2014-08-26 04:15 - 2005-01-24 19:55 - 00002892 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Help and Support.lnk
2014-08-26 04:15 - 2004-11-17 04:32 - 00001599 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Remote Assistance.lnk
2014-08-26 04:14 - 2014-08-26 04:16 - 00000745 _____ () C:\Documents and Settings\All Users\Desktop\Easy Internet Sign-up.lnk
2014-08-26 04:14 - 2005-09-06 08:53 - 00002197 _____ () C:\Documents and Settings\All Users\Desktop\BLOCKBUSTER Online.lnk
2014-08-26 04:14 - 2005-09-06 08:52 - 00001857 _____ () C:\Documents and Settings\All Users\Desktop\MSN.lnk
2014-08-26 04:14 - 2005-09-06 08:51 - 00002088 _____ () C:\Documents and Settings\All Users\Desktop\AOL Latino 3 Meses Incluidos.lnk
2014-08-26 04:14 - 2005-09-06 08:51 - 00001944 _____ () C:\Documents and Settings\All Users\Desktop\AOL 3 Months Included.lnk
2014-08-26 04:14 - 2005-09-06 08:46 - 00001540 _____ () C:\Documents and Settings\All Users\Desktop\HP Extended Service Plans.lnk
2014-08-26 04:14 - 2005-09-06 08:42 - 00001486 _____ () C:\Documents and Settings\All Users\Desktop\Quicken 2005.lnk
2014-08-26 04:14 - 2005-09-06 08:39 - 00001625 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-08-26 04:14 - 2005-09-06 08:29 - 00001977 _____ () C:\Documents and Settings\All Users\Desktop\My HP Games.lnk
2014-08-26 04:14 - 2005-09-06 08:25 - 00000908 _____ () C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
2014-08-26 04:13 - 2005-09-06 09:10 - 00000178 ___SH () C:\Documents and Settings\Default User\ntuser.ini
2014-08-26 04:13 - 2005-09-06 08:58 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\Symantec
2014-08-26 04:13 - 2005-09-06 08:54 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Google
2014-08-26 04:13 - 2005-09-06 08:51 - 00000000 ____D () C:\Documents and Settings\Default User\Start Menu\Programs\Online Services
2014-08-26 04:13 - 2005-09-06 08:44 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\SampleView
2014-08-26 04:13 - 2005-09-06 08:42 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\Intuit
2014-08-26 04:13 - 2005-09-06 08:39 - 00000000 ____D () C:\Documents and Settings\Default User\WINDOWS
2014-08-26 04:13 - 2005-09-06 08:39 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Apple Computer
2014-08-26 04:13 - 2005-09-06 08:39 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\Apple Computer
2014-08-26 04:13 - 2005-09-06 08:30 - 00000136 _____ () C:\Documents and Settings\Default User\Local Settings\Application Data\fusioncache.dat
2014-08-26 04:13 - 2005-09-06 08:25 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\Real
2014-08-26 04:13 - 2005-09-06 07:55 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150000}
2014-08-26 04:13 - 2005-01-24 19:55 - 00002892 _____ () C:\Documents and Settings\Default User\Desktop\Help and Support.lnk
2014-08-26 04:13 - 2004-11-17 04:37 - 00000767 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Internet Explorer.lnk
2014-08-26 04:13 - 2004-11-17 04:37 - 00000738 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Outlook Express.lnk
2014-08-26 04:11 - 2008-04-14 00:15 - 00010368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-08-26 04:11 - 2001-08-17 13:48 - 00012160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2014-08-26 04:08 - 2014-09-22 15:54 - 00000248 _____ () C:\WINDOWS\system\hpsysdrv.dat
2014-08-26 04:07 - 2014-08-26 14:08 - 00000000 ____D () C:\WINDOWS\I386
2014-08-26 04:00 - 2014-08-26 15:19 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2014-08-26 04:00 - 2014-08-26 04:07 - 00000000 __RHD () C:\MSOCache
2014-08-26 04:00 - 2014-08-26 04:07 - 00000000 ___RD () C:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2014-08-26 04:00 - 2014-08-26 04:07 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2014-08-26 04:00 - 2014-08-26 04:07 - 00000000 ___RD () C:\Documents and Settings\All Users\Desktop\User's Guides
2014-08-26 04:00 - 2014-08-26 04:07 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
2014-08-26 03:59 - 2014-08-26 04:07 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-22 16:11 - 2014-09-17 21:41 - 00000000 ____D () C:\FRST
2014-09-22 16:11 - 2014-08-26 04:15 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Temp
2014-09-22 15:57 - 2014-08-26 16:18 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-09-22 15:54 - 2014-08-26 16:18 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-22 15:54 - 2014-08-26 04:08 - 00000248 _____ () C:\WINDOWS\system\hpsysdrv.dat
2014-09-22 15:52 - 2005-06-10 10:28 - 00000000 ____D () C:\WINDOWS\Registration
2014-09-22 15:50 - 2005-06-06 23:57 - 01569277 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-22 15:49 - 2014-08-27 01:44 - 00000244 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-09-22 15:49 - 2014-08-26 14:24 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-22 15:48 - 2014-08-26 15:47 - 00194786 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-09-22 15:48 - 2014-08-26 15:47 - 00194786 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-403728013-4087379911-1177270023-1008-0.dat
2014-09-22 15:48 - 2014-08-26 04:15 - 00000178 ___SH () C:\Documents and Settings\HP_Administrator\ntuser.ini
2014-09-22 15:48 - 2014-08-26 04:15 - 00000000 ____D () C:\Documents and Settings\HP_Administrator
2014-09-22 15:48 - 2005-06-06 23:57 - 00032526 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-22 15:48 - 2005-06-06 23:57 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-22 15:32 - 2005-06-06 23:53 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-19 17:29 - 2014-08-26 14:24 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-18 17:50 - 2014-08-26 16:11 - 00003018 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Rkill.txt
2014-09-18 17:05 - 2014-08-26 16:06 - 00001450 _____ () C:\WINDOWS\Sandboxie.ini
2014-09-14 13:36 - 2014-08-26 20:52 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 17:01 - 2014-08-27 01:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-12 16:57 - 2014-08-27 01:01 - 98758480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-12 16:44 - 2014-08-26 14:26 - 00001824 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-09-10 02:19 - 2014-09-04 22:15 - 00013357 _____ () C:\Documents and Settings\HP_Administrator\My Documents\attach.txt
2014-09-10 02:18 - 2014-09-04 22:15 - 00016474 _____ () C:\Documents and Settings\HP_Administrator\My Documents\dds.txt
2014-09-10 02:16 - 2014-09-04 22:15 - 00016474 _____ () C:\Documents and Settings\HP_Administrator\Desktop\dds.txt
2014-09-10 02:16 - 2014-09-04 22:15 - 00013357 _____ () C:\Documents and Settings\HP_Administrator\Desktop\attach.txt
2014-09-08 15:00 - 2014-08-27 01:44 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-09-08 13:54 - 2014-09-08 13:54 - 00000869 _____ () C:\Documents and Settings\All Users\Desktop\Avira.lnk
2014-09-08 13:54 - 2014-08-26 15:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avira
2014-09-08 13:53 - 2014-08-26 15:52 - 00000000 ____D () C:\Program Files\Avira
2014-09-08 13:49 - 2014-08-26 15:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-09-06 02:11 - 2014-08-26 20:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-02 01:54 - 2014-09-02 01:54 - 00003584 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-28 22:11 - 2014-08-26 14:30 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-28 17:07 - 2014-08-28 17:07 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\QFX Software
2014-08-28 17:07 - 2014-08-28 17:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\QFX Software
2014-08-28 17:03 - 2014-08-28 17:03 - 00000000 ____D () C:\Program Files\KeyScrambler
2014-08-28 17:03 - 2014-08-28 17:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\KeyScrambler
2014-08-28 16:58 - 2014-08-28 16:32 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\HpUpdate
2014-08-28 16:51 - 2005-06-06 23:55 - 00494464 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-28 16:45 - 2014-08-28 16:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$
2014-08-28 16:45 - 2014-08-28 16:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-08-28 16:44 - 2014-08-27 01:12 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-08-28 16:44 - 2005-09-06 08:01 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-08-28 16:32 - 2005-09-06 08:33 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-08-28 16:32 - 2005-09-06 08:12 - 00000000 ____D () C:\Program Files\HP
2014-08-28 16:32 - 2005-09-06 08:12 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-08-28 16:30 - 2014-08-28 16:30 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-08-28 16:29 - 2014-08-28 16:29 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Sun
2014-08-27 01:54 - 2014-08-27 01:54 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-27 01:54 - 2014-08-27 01:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Sun
2014-08-27 01:53 - 2014-08-27 01:54 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-27 01:53 - 2014-08-27 01:54 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-08-27 01:53 - 2014-08-27 01:53 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-27 01:53 - 2014-08-27 01:53 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-27 01:53 - 2014-08-27 01:53 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-08-27 01:53 - 2014-08-27 01:53 - 00000000 ____D () C:\Program Files\Java
2014-08-27 01:53 - 2014-08-27 01:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-08-27 01:44 - 2014-08-27 01:44 - 00000000 __SHD () C:\Documents and Settings\HP_Administrator\IETldCache
2014-08-27 01:44 - 2014-08-26 04:15 - 00000814 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Internet Explorer.lnk
2014-08-27 01:44 - 2014-08-26 04:15 - 00000000 ___RD () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Accessories
2014-08-27 01:25 - 2005-06-10 10:25 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-08-27 01:17 - 2014-08-27 01:17 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2014-08-27 01:17 - 2005-09-06 07:45 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-08-27 01:16 - 2014-08-27 01:11 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-08-27 01:16 - 2005-06-10 10:10 - 00000000 ____D () C:\WINDOWS\Help
2014-08-27 01:16 - 2005-06-07 15:48 - 00192184 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB959426$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952954$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951376-v2$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-08-27 01:14 - 2014-08-27 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-08-27 01:12 - 2014-08-27 01:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2467659$
2014-08-27 01:11 - 2014-08-27 01:10 - 00000000 __HDC () C:\WINDOWS\ie8
2014-08-27 01:11 - 2005-06-10 10:25 - 00000000 ____D () C:\WINDOWS\Media
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960859$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB946648$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-08-27 01:05 - 2014-08-27 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-08-27 01:05 - 2005-06-10 10:04 - 00000000 ____D () C:\Program Files\Messenger
2014-08-27 01:04 - 2014-08-27 01:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-08-27 01:00 - 2014-08-27 01:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979904$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2491683$
2014-08-27 00:59 - 2014-08-27 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923723$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-08-27 00:58 - 2014-08-27 00:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-08-27 00:57 - 2014-08-27 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2115168$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969059$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951978$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-08-27 00:56 - 2014-08-27 00:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950974$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-08-27 00:55 - 2014-08-27 00:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-08-27 00:54 - 2014-08-27 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971657$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB954155_WM9$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-08-27 00:53 - 2014-08-27 00:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956572$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2510581$
2014-08-27 00:52 - 2014-08-27 00:51 - 00006622 _____ () C:\WINDOWS\system32\TZLog.log
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956844$
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-08-27 00:51 - 2014-08-27 00:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975025$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-08-27 00:50 - 2014-08-27 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974571$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952004$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2936068$
2014-08-27 00:49 - 2014-08-27 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973507$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB941569$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-08-27 00:48 - 2014-08-27 00:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977816$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950762$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2964358$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-08-27 00:47 - 2014-08-27 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952287$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-08-27 00:46 - 2014-08-27 00:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-08-27 00:45 - 2014-08-27 00:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-08-27 00:45 - 2014-08-27 00:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-08-27 00:45 - 2014-08-27 00:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2742607$
2014-08-27 00:44 - 2014-08-27 00:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973904$
2014-08-27 00:44 - 2014-08-27 00:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-08-27 00:44 - 2014-08-27 00:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-08-27 00:39 - 2014-08-27 00:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973540_WM9$
2014-08-27 00:39 - 2014-08-27 00:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-08-27 00:38 - 2014-08-27 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952069_WM9$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2014-08-27 00:37 - 2014-08-27 00:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973768$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-08-27 00:36 - 2014-08-27 00:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2014-08-27 00:35 - 2014-08-27 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-08-27 00:35 - 2005-06-10 10:04 - 00000000 ____D () C:\Program Files\Outlook Express
2014-08-27 00:34 - 2014-08-27 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-08-27 00:34 - 2014-08-27 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-08-27 00:34 - 2005-06-10 10:04 - 00000000 ____D () C:\Program Files\Movie Maker
2014-08-27 00:21 - 2014-08-27 00:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960803$
2014-08-27 00:20 - 2014-08-27 00:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973815$
2014-08-27 00:12 - 2014-08-27 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904878$
2014-08-27 00:12 - 2014-08-27 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-08-27 00:05 - 2014-08-27 00:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-08-27 00:05 - 2014-08-27 00:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-08-27 00:05 - 2014-08-27 00:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-08-27 00:04 - 2014-08-27 00:04 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975467$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923561$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-08-27 00:03 - 2014-08-27 00:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-08-27 00:02 - 2014-08-27 00:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB968389$
2014-08-27 00:02 - 2014-08-27 00:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-08-26 23:56 - 2014-08-26 23:56 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-26 23:56 - 2014-08-26 23:56 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Sun
2014-08-26 23:56 - 2014-08-26 23:56 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-08-26 23:55 - 2014-08-26 23:55 - 00000730 _____ () C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-08-26 23:55 - 2014-08-26 23:55 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
2014-08-26 23:54 - 2014-08-26 23:54 - 00000000 ____D () C:\Program Files\VideoLAN
2014-08-26 23:28 - 2014-08-26 23:28 - 00000000 ___RD () C:\Sandbox
2014-08-26 23:22 - 2005-06-10 10:41 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-08-26 23:11 - 2014-08-26 23:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB898461$
2014-08-26 23:11 - 2014-08-26 23:11 - 00000000 ____D () C:\WINDOWS\system32\PreInstall
2014-08-26 20:53 - 2014-08-26 20:53 - 00000693 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-08-26 20:53 - 2014-08-26 20:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2014-08-26 20:52 - 2014-08-26 20:52 - 00000788 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-26 20:52 - 2014-08-26 20:52 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-26 20:52 - 2014-08-26 20:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-26 20:52 - 2014-08-26 20:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-26 16:18 - 2005-06-10 10:29 - 00000000 ____D () C:\WINDOWS\repair
2014-08-26 16:05 - 2014-08-26 16:06 - 00000777 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Sandboxed Web Browser.lnk
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Program Files\Sandboxie
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
2014-08-26 16:05 - 2005-06-10 10:03 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-26 16:01 - 2014-08-26 16:01 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Avira
2014-08-26 15:56 - 2014-08-26 15:56 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Avira
2014-08-26 15:54 - 2014-08-26 15:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avira
2014-08-26 15:45 - 2014-08-26 15:45 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-08-26 15:37 - 2014-08-26 15:37 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
2014-08-26 15:37 - 2014-08-26 14:11 - 00050272 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-08-26 15:29 - 2005-09-06 08:37 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-08-26 15:27 - 2014-08-26 15:27 - 00000245 _____ () C:\WINDOWS\system32\spupdwxp.log
2014-08-26 15:27 - 2004-11-17 04:32 - 00316640 _____ () C:\WINDOWS\WMSysPr9.prx
2014-08-26 15:26 - 2014-08-26 04:15 - 00000749 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Outlook Express.lnk
2014-08-26 15:25 - 2005-06-10 10:29 - 00000000 ____D () C:\WINDOWS\security
2014-08-26 15:19 - 2014-08-26 15:19 - 00000000 ____D () C:\WINDOWS\system32\scripting
2014-08-26 15:19 - 2014-08-26 15:19 - 00000000 ____D () C:\WINDOWS\system32\bits
2014-08-26 15:19 - 2014-08-26 15:19 - 00000000 ____D () C:\WINDOWS\l2schemas
2014-08-26 15:19 - 2014-08-26 04:00 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2014-08-26 15:19 - 2005-06-10 10:42 - 00000000 ____D () C:\WINDOWS\system32\usmt
2014-08-26 15:19 - 2005-06-10 10:28 - 00000000 ____D () C:\WINDOWS\PeerNet
2014-08-26 15:19 - 2005-06-10 10:22 - 00000000 ____D () C:\WINDOWS\ime
2014-08-26 15:19 - 2005-06-08 10:11 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-08-26 15:19 - 2004-11-17 04:32 - 00001574 _____ () C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2014-08-26 15:17 - 2014-08-26 15:17 - 00000000 ____D () C:\WINDOWS\ServicePackFiles
2014-08-26 15:17 - 2005-06-10 10:40 - 00000000 ____D () C:\WINDOWS\system32\npp
2014-08-26 15:17 - 2005-06-10 10:29 - 00000000 ____D () C:\WINDOWS\system32\Com
2014-08-26 15:17 - 2005-06-10 10:29 - 00000000 ____D () C:\WINDOWS\system
2014-08-26 15:17 - 2005-06-10 10:29 - 00000000 ____D () C:\WINDOWS\srchasst
2014-08-26 15:17 - 2005-06-10 10:26 - 00000000 ____D () C:\WINDOWS\mui
2014-08-26 15:17 - 2005-06-10 10:26 - 00000000 ____D () C:\WINDOWS\msagent
2014-08-26 15:17 - 2005-06-10 10:04 - 00000000 ____D () C:\Program Files\Windows NT
2014-08-26 15:17 - 2005-06-10 10:04 - 00000000 ____D () C:\Program Files\NetMeeting
2014-08-26 15:17 - 2005-06-10 10:04 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-26 15:16 - 2004-08-10 19:00 - 00250048 __RSH () C:\ntldr
2014-08-26 15:15 - 2005-06-10 10:41 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-08-26 15:14 - 2014-08-26 15:12 - 00000000 __HDC () C:\WINDOWS\$NtServicePackUninstall$
2014-08-26 14:55 - 2005-09-06 08:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Symantec
2014-08-26 14:54 - 2014-08-26 14:52 - 00000075 _____ () C:\Documents and Settings\HP_Administrator\LuResult.txt
2014-08-26 14:52 - 2014-08-26 14:51 - 00000075 _____ () C:\WINDOWS\system32\LuResult.txt
2014-08-26 14:31 - 2005-06-10 10:03 - 00000000 ___HD () C:\hp
2014-08-26 14:31 - 2004-11-17 04:32 - 00000623 _____ () C:\WINDOWS\win.ini
2014-08-26 14:26 - 2014-08-26 14:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-08-26 14:26 - 2014-08-26 04:15 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google
2014-08-26 14:25 - 2005-09-06 08:54 - 00000000 ____D () C:\Program Files\Google
2014-08-26 14:18 - 2014-08-26 14:18 - 00000000 __SHD () C:\Documents and Settings\HP_Administrator\UserData
2014-08-26 14:09 - 2014-08-26 14:09 - 00000264 _____ () C:\WINDOWS\UPGRADE.TXT
2014-08-26 14:09 - 2014-08-26 14:09 - 00000000 _RSHD () C:\cmdcons
2014-08-26 14:09 - 2014-08-26 14:09 - 00000000 ____D () C:\WINDOWS\setup.pss
2014-08-26 14:09 - 2005-06-08 09:54 - 00000281 __RSH () C:\boot.ini
2014-08-26 14:08 - 2014-08-26 04:07 - 00000000 ____D () C:\WINDOWS\I386
2014-08-26 04:17 - 2014-08-26 04:17 - 00002054 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office 2003 Edition 60 Days Trial Welcome Tour.lnk
2014-08-26 04:17 - 2014-08-26 04:17 - 00000603 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Register with HP.url
2014-08-26 04:17 - 2014-08-26 04:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office (60 Day Trial)
2014-08-26 04:16 - 2014-08-26 04:16 - 00001896 __RSH () C:\WINDOWS\system32\Drivers\103C_HP_CPC_EG139AA-ABA A1257C_YC_0Pavi_QMXK536_E54NAsyMPC1_48_IGoldfish3_SASUSTeK Computer INC._V1.xx_B3.24_T050811_WXP2_L409_M1016_J250_7Intel_8Pentium 4_93_#120913_N10EC8139_Z11C1048C_G80862582.MRK
2014-08-26 04:16 - 2014-08-26 04:16 - 00000338 _____ () C:\WINDOWS\Tasks\Easy Internet Sign-up.job
2014-08-26 04:16 - 2014-08-26 04:15 - 00000803 _____ () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Windows Media Player.lnk
2014-08-26 04:16 - 2014-08-26 04:14 - 00000745 _____ () C:\Documents and Settings\All Users\Desktop\Easy Internet Sign-up.lnk
2014-08-26 04:16 - 2005-09-06 08:50 - 00000000 ____D () C:\Program Files\Easy Internet signup
2014-08-26 04:16 - 2005-09-06 08:46 - 00000000 ____D () C:\WINDOWS\system32\pcintro
2014-08-26 04:16 - 2005-06-08 09:59 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM
2014-08-26 04:15 - 2005-09-06 07:45 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2014-08-26 04:13 - 2014-08-26 14:09 - 00000211 __RSH () C:\BOOT.BAK
2014-08-26 04:11 - 2004-11-16 20:21 - 00000231 _____ () C:\WINDOWS\system.ini
2014-08-26 04:08 - 2005-06-10 10:29 - 00000000 ____D () C:\WINDOWS\SMINST
2014-08-26 04:07 - 2014-08-26 04:00 - 00000000 __RHD () C:\MSOCache
2014-08-26 04:07 - 2014-08-26 04:00 - 00000000 ___RD () C:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2014-08-26 04:07 - 2014-08-26 04:00 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2014-08-26 04:07 - 2014-08-26 04:00 - 00000000 ___RD () C:\Documents and Settings\All Users\Desktop\User's Guides
2014-08-26 04:07 - 2014-08-26 04:00 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
2014-08-26 04:07 - 2014-08-26 03:59 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
 
Some content of TEMP:
====================
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\IadHide5.dll
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\{C317A458-F512-4DEB-997E-C310DF4B7632}.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End Of Log ============================

Attached Files



#12 Bud_91

Bud_91

  • Malware Response Team
  • 438 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:47 PM

Posted 23 September 2014 - 09:13 AM

First I need to warn you about Windows XP. Microsoft has ended support for XP, so there will be no more security fixes for it. This leaves you computer vulnerable to malicious attack. I strongly recommend upgrading the operating system or switching to Linux on this machine. This is a great article that discusses this matter thoroughly as well as gives a summary of your options.

 

Please download the attached fixlist.txt to your desktop. Also, move FRST from your downloads folder to your desktop. Then run FRST again and select "Fix." Post the resulting log.

 

How is the computer running now?

Attached Files


If I have not responded to your log in 36 hours, feel free to send me a PM.

If you would like to make a thank-you donation, please click here: btn_donate_SM.png

 

A.K.A. Buddierdl @ GeeksToGo.com


#13 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:47 PM

Posted 24 September 2014 - 12:41 AM

Thanks for the article. I'm thinking a new one altogether would be prudent, since this one is very old.

Here's the FRST log (ran it twice since I wasn't sure if I had done it correctly the first time) :
 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-09-2014
Ran by HP_Administrator at 2014-09-23 22:25:42 Run:2
Running from C:\Documents and Settings\HP_Administrator\Desktop
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse]  <==== ATTENTION!
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
 
*****************
 
HKLM\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32\\Default => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value not found.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
 
==== End of Fixlog ====

It seems to be running normally. Should I run TDSSkiller again to see if the problem persists or has FRST deleted it permanently?


#14 Bud_91

Bud_91

  • Malware Response Team
  • 438 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:47 PM

Posted 25 September 2014 - 08:36 AM

It should be gone now, but you could run TDSSKiller to check if you wish. Don't delete or quarantine any of the other detections, as they are harmless.
 
Let's sweep for any remnants and check general security.
 
Step 1: Run SecurityCheck
 
Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Step 2: Run MBAM.
 
Please update the definitions for MBAM, and run a Threat Scan. Then post the log for me.
 
Step 3: Run online scan.
 
Run ESET Online Scanner:
 
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go here then click on: EOLS1.gif

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: EOLS2.gif
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is Not checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: EOLS4.gif
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
 
Things I need in your next reply:
  • SecurityCheck log
  • MBAM log
  • ESET log
  • Any outstanding problems?

If I have not responded to your log in 36 hours, feel free to send me a PM.

If you would like to make a thank-you donation, please click here: btn_donate_SM.png

 

A.K.A. Buddierdl @ GeeksToGo.com


#15 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:47 PM

Posted 25 September 2014 - 10:32 PM

Security Check log:
 

 Results of screen317's Security Check version 0.99.87  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Please wait while WMIC is being installed.d 
ECHO is off.
ECHO is off.
ECHO is off.
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 CCleaner     
 Java 7 Update 67  
 Adobe Reader 7 Adobe Reader out of Date! 
 Google Chrome 37.0.2062.102  
 Google Chrome 37.0.2062.103  
 Google Chrome 37.0.2062.120  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 

MBAM log:

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/25/2014
Scan Time: 5:30:46 PM
Logfile: Mbam log.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.09.25.11
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: HP_Administrator
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 327105
Time Elapsed: 25 min, 28 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

ESET log (I temporarily disabled Avira as per the instructions in the other post, but ESET still detected it...?):
 

C:\Documents and Settings\HP_Administrator\My Documents\Downloads\ccsetup417.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Sandbox\HP_Administrator\DefaultBox\drive\C\Documents and Settings\HP_Administrator\My Documents\Downloads\ccsetup417.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Sandbox\HP_Administrator\DefaultBox\user\current\My Documents\Downloads\ccsetup417.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users