Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

0access,no firewall or security center winxp [Solved]

Started by Cardoctork , Sep 30 2012 07:36 PM

This topic is locked

#1
Cardoctork

Posted 30 September 2012 - 07:36 PM

Member

Member
39 posts

I got infected yesterday. Clicked a link all of a sudden java started and mse shutdown. I opened task manager and killed java asap. ran mbam found 0access and removed. ran tdsskiller, I got window update and mse working but can not get windows firewall or security center working. This is the only place I've logged in with a password other than my router to look at outgoing on the firewall. Did not see any unusual out going ip addresses. I have run multiple scans of mse and mbam and look clean. Also ran sfc /scannow But not sure since firewall and security center did not work. Where should I go from here?

OTL logfile created on: 9/30/2012 9:42:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Aaron\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 426.38 Mb Available Physical Memory | 41.66% Memory free
1.61 Gb Paging File | 1.05 Gb Available in Paging File | 65.06% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.33 Gb Total Space | 42.46 Gb Free Space | 55.63% Space Free | Partition Type: NTFS

Computer Name: RAINBOW-ACRES | User Name: Aaron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/30 21:41:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL.scr
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/09/06 22:47:53 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
PRC - [2011/09/09 16:01:16 | 001,804,648 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
PRC - [2011/09/09 15:49:30 | 000,643,944 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/11/14 10:50:00 | 000,037,888 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
PRC - [2003/06/19 23:36:22 | 001,163,264 | ---- | M] () -- C:\Program Files\SystemControl\SystemControl\SystemControl.exe
PRC - [2002/12/05 00:23:26 | 000,073,728 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\sstray.exe
PRC - [2001/08/01 03:00:00 | 000,191,488 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\ShareDLL\CTNotify.exe
PRC - [2001/08/01 03:00:00 | 000,166,912 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\ShareDLL\Mediadet.exe
PRC - [1998/12/10 14:57:12 | 000,037,376 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\InstantAccess.exe

========== Modules (No Company Name) ==========

MOD - [2012/09/06 22:47:12 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/08/23 21:23:54 | 009,813,704 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2012/08/11 08:22:51 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
MOD - [2012/08/11 08:19:39 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012/08/11 08:08:49 | 003,186,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/08/11 08:08:47 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/08/11 08:08:46 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2012/08/11 08:08:41 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/08/11 08:08:41 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/08/11 08:08:40 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2012/08/11 08:08:39 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012/08/11 08:08:38 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2012/08/11 08:08:36 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2012/08/11 08:08:31 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/08/11 08:04:59 | 013,198,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012/06/24 09:52:09 | 001,666,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012/06/03 16:15:33 | 000,762,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
MOD - [2012/06/03 16:15:27 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll
MOD - [2012/06/03 16:15:25 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll
MOD - [2012/06/03 16:01:09 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/06/03 16:00:51 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/06/03 15:42:12 | 006,815,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
MOD - [2012/06/03 15:40:53 | 005,617,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/06/03 15:40:44 | 000,982,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012/06/03 15:40:33 | 007,069,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/06/03 15:39:43 | 009,091,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/06/03 15:39:27 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/04/25 19:52:28 | 001,270,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll
MOD - [2012/04/25 19:52:26 | 007,422,352 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll
MOD - [2012/04/25 19:52:24 | 000,795,024 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll
MOD - [2012/04/25 19:52:24 | 000,192,912 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll
MOD - [2012/04/25 19:52:22 | 002,453,904 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll
MOD - [2012/04/25 19:52:22 | 002,126,224 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll
MOD - [2011/02/13 22:32:51 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
MOD - [2011/02/13 22:32:51 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
MOD - [2010/02/01 20:35:28 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2010/02/01 20:35:27 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2010/02/01 20:35:27 | 000,403,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2010/02/01 20:35:26 | 000,046,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2010/02/01 20:35:25 | 000,419,616 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2010/02/01 20:35:25 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2010/02/01 20:35:24 | 000,270,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2010/02/01 20:35:24 | 000,120,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2010/02/01 20:35:23 | 000,070,432 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2010/02/01 20:35:22 | 000,121,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/03/01 17:23:56 | 001,058,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2009/03/01 17:23:55 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2009/03/01 17:23:54 | 000,402,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2009/03/01 17:23:54 | 000,238,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2009/03/01 17:23:54 | 000,047,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2009/03/01 17:23:54 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2009/03/01 17:23:53 | 000,130,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/03/01 17:23:53 | 000,120,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2009/03/01 17:23:53 | 000,072,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2009/03/01 17:00:38 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
MOD - [2009/03/01 17:00:36 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2009/03/01 17:00:34 | 000,458,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll
MOD - [2009/03/01 17:00:34 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll
MOD - [2009/03/01 17:00:33 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll
MOD - [2009/03/01 17:00:33 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll
MOD - [2003/06/19 23:36:22 | 001,163,264 | ---- | M] () -- C:\Program Files\SystemControl\SystemControl\SystemControl.exe
MOD - [1998/12/10 14:57:12 | 000,037,376 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\InstantAccess.exe
MOD - [1998/12/10 14:54:12 | 000,034,304 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\OfficeAccess.dll
MOD - [1998/12/10 14:53:10 | 000,034,304 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\ExcelAccess.dll
MOD - [1998/12/10 14:50:30 | 000,045,568 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\WordAccess.dll
MOD - [1998/12/10 14:47:54 | 000,008,704 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\MSAppAccess.dll
MOD - [1998/12/10 14:47:12 | 000,130,560 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\IAResENG.dll
MOD - [1998/12/10 14:43:04 | 000,022,016 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\REGDATA.DLL
MOD - [1998/12/10 14:40:10 | 000,119,808 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\Tbmhook.dll
MOD - [1998/12/10 13:57:08 | 000,034,304 | ---- | M] () -- C:\Program Files\Common Files\Xerox Shared\VGFILE.DLL
MOD - [1998/12/10 13:57:00 | 000,163,328 | ---- | M] () -- C:\Program Files\Common Files\Xerox Shared\EASYTB32.DLL

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe -- (VETMSGNT)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe -- (PPCtlPriv)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/09/06 22:47:53 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/23 21:23:56 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2005/03/30 17:46:56 | 000,411,920 | ---- | M] (Eastman Kodak Company) [On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - [2004/08/11 01:46:56 | 000,483,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Windows Media Connect\mswmccds.exe -- (WmcCds)
SRV - [2004/08/10 22:50:42 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect\mswmcls.exe -- (WmcCdsLs)
SRV - [2002/01/20 19:02:56 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\system32\drivers\papyjoy.sys -- (papyjoy)
SRV - [2002/01/20 19:02:54 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\system32\drivers\papycpu2.sys -- (papycpu2)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/09/30 21:17:39 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{80C082C6-EDCE-48BA-891E-011B76998B45}\MpKslb703d0c0.sys -- (MpKslb703d0c0)
DRV - [2008/08/20 05:42:14 | 000,108,288 | ---- | M] (Computer Associates International, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\veteboot.sys -- (VETEBOOT)
DRV - [2008/08/20 05:42:12 | 000,026,352 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vet-filt.sys -- (VET-FILT)
DRV - [2008/08/20 05:42:08 | 000,879,760 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vetefile.sys -- (VETEFILE)
DRV - [2008/08/20 05:42:08 | 000,032,240 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vetmonnt.sys -- (VETMONNT)
DRV - [2008/08/20 05:42:08 | 000,021,488 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vetfddnt.sys -- (VETFDDNT)
DRV - [2008/08/20 05:42:08 | 000,021,104 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vet-rec.sys -- (VET-REC)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/09/13 21:41:28 | 000,051,608 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2007/09/13 21:41:20 | 000,014,744 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2007/09/13 21:41:12 | 000,029,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2007/09/13 21:41:02 | 000,029,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2007/09/13 21:40:54 | 000,019,352 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2005/06/16 15:41:02 | 000,037,150 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)
DRV - [2005/03/31 09:00:08 | 000,152,081 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
DRV - [2005/03/31 08:47:56 | 000,070,262 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
DRV - [2005/03/31 08:47:50 | 000,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
DRV - [2005/03/31 08:47:48 | 000,038,673 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
DRV - [2005/03/31 08:47:42 | 000,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
DRV - [2004/10/30 21:24:57 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2004/05/13 09:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/05/13 07:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003/12/01 11:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/11/07 05:50:00 | 000,070,798 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/11/07 05:50:00 | 000,051,486 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042pr2.Sys -- (L8042pr2)
DRV - [2003/11/07 05:50:00 | 000,025,502 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHIDFLT2.SYS -- (LHidFlt2)
DRV - [2003/07/22 03:44:18 | 000,018,848 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\MLPTDR_Q.SYS -- (MLPTDR_Q)
DRV - [2003/05/26 23:19:00 | 000,284,800 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce)
DRV - [2003/05/26 23:19:00 | 000,029,952 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax)
DRV - [2003/03/21 13:34:08 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/02/21 10:29:16 | 000,005,120 | ---- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys -- (BS_I2cIo)
DRV - [2002/11/27 07:52:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002/11/13 03:10:00 | 000,020,224 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvidesm.sys -- (nvidesm)
DRV - [2002/10/18 18:06:28 | 000,842,128 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winachcf.sys -- (Winachcf)
DRV - [2002/09/05 23:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2002/01/20 19:02:56 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\WINDOWS\system32\drivers\papyjoy.sys -- (papyjoy)
DRV - [2002/01/20 19:02:54 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\WINDOWS\system32\drivers\papycpu2.sys -- (papycpu2)
DRV - [2001/08/17 10:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 09:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT)
DRV - [2001/08/15 15:21:28 | 000,023,200 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ppsio2.sys -- (ppsio2)
DRV - [2000/10/25 08:27:24 | 000,003,000 | R--- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\SetupNT.sys -- (SetupNT)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.autopart...rtal/login.html
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "eBay"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co...en-US:official"
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Aaron\Application Data\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{e9259cba-e7ad-4f74-863f-ef9fe935394d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/06 22:47:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/06 22:46:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.7\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2008/03/16 17:30:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.7\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/06/24 09:36:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2008/09/06 13:48:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.1\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/09/06 13:48:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/09/01 12:34:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.2\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/09/06 13:48:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.2\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/09/01 12:34:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\Firefox
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.1\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/09/06 13:48:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/09/01 12:34:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.2\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/09/06 13:48:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.2\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/09/01 12:34:21 | 000,000,000 | ---D | M]

[2010/09/25 19:16:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Extensions
[2010/09/25 19:16:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/05/01 22:38:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\extensions
[2008/03/16 17:31:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Sunbird\Profiles\d3ncou2h.default\extensions
[2012/09/26 20:07:32 | 000,001,243 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\a9.xml
[2008/06/20 22:19:14 | 000,001,712 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\ask.xml
[2011/01/09 22:08:47 | 000,001,279 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\ebay-us-completed-listings.xml
[2012/09/26 20:07:33 | 000,002,585 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\ebay-us-worldwide.xml
[2012/09/26 20:07:33 | 000,002,125 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\flickr-tags.xml
[2010/04/02 18:48:29 | 000,005,511 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\foodtv.xml
[2010/02/01 20:41:47 | 000,001,253 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\froogle.xml
[2010/06/15 18:29:38 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\usatoday.xml
[2012/09/26 20:07:33 | 000,001,835 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\weather.xml
[2008/06/20 22:19:20 | 000,001,108 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\wikipedia.xml
[2012/09/06 22:45:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/06 22:45:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/06 22:45:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/09/06 22:47:54 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2005/09/10 01:04:37 | 000,053,248 | ---- | M] (Microsoft Corp.) -- C:\Program Files\mozilla firefox\plugins\NPPGWrap.dll
[2012/08/30 19:44:01 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/08/30 19:44:01 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/10/22 00:33:35 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CTNotify.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [dvHighMem] C:\WINDOWS\cfgmng32.exe File not found
O4 - HKLM..\Run: [EssSpkPhone] C:\WINDOWS\essspk.exe ()
O4 - HKLM..\Run: [InstantAccess] C:\Program Files\TextBridge Pro 8.0\Bin\InstantAccess.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [nForce Tray Options] C:\WINDOWS\System32\sstray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [RegisterDropHandler] C:\Program Files\TextBridge Pro 8.0\Bin\RegisterDropHandler.exe ()
O4 - HKLM..\Run: [StorageGuard] C:\Program Files\VERITAS Software\Update Manager\sgtray.exe (VERITAS Software, Inc.)
O4 - HKCU..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [KSS] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - HKLM..\RunServices: [RegisterDropHandler] C:\Program Files\TextBridge Pro 8.0\Bin\RegisterDropHandler.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SystemControl.lnk = C:\Program Files\SystemControl\SystemControl\SystemControl.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000060 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000061 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000062 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000063 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000064 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000065 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000066 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000067 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000068 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000069 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000070 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000071 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000072 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000073 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000074 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000075 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000076 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000077 - %SystemRoot%\System32\mswsock.dll File not found
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1349031222140 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1349031764031 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} http://chat.msn.com/bin/msnchat45.cab (MSN Chat Control 4.5)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1B8A536-023C-4D8E-A83D-0CCEDEAC3DE9}: NameServer = 208.67.222.222,208.67.220.220,12.213.112.61
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {1869181A-9F50-4FCF-8BFF-1B8588ECB85C} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/12/06 16:31:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a39fcc92-b89f-11db-a828-00e04cb191d6}\Shell - "" = AutoRun
O33 - MountPoints2\{a39fcc92-b89f-11db-a828-00e04cb191d6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a39fcc92-b89f-11db-a828-00e04cb191d6}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{ff22fbd4-9ae9-11dc-a94a-00e04cb191d6}\Shell - "" = AutoRun
O33 - MountPoints2\{ff22fbd4-9ae9-11dc-a94a-00e04cb191d6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ff22fbd4-9ae9-11dc-a94a-00e04cb191d6}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/30 21:40:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL.scr
[2012/09/30 21:37:36 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL(1).exe
[2012/09/30 20:50:30 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/09/30 20:50:29 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/09/30 20:50:12 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/09/30 20:50:09 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/09/30 20:49:35 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/09/30 20:49:35 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/09/30 20:49:26 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/09/30 20:49:16 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/09/30 20:49:03 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/09/30 20:49:02 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/09/30 20:49:02 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/09/30 20:48:53 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/09/30 20:48:52 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/09/30 20:48:50 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/09/30 20:48:49 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/09/30 20:48:41 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/09/30 20:48:37 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/09/30 20:48:36 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/09/30 20:48:36 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/09/30 20:48:26 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/09/30 20:48:20 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/09/30 20:48:18 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/09/30 20:48:17 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/09/30 20:48:09 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/09/30 20:48:08 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/09/30 20:48:08 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/09/30 20:48:07 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/09/30 20:48:07 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/09/30 20:48:06 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/09/30 20:47:55 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/09/30 20:47:51 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/09/30 20:47:51 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/09/30 20:47:49 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/09/30 20:47:47 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/09/30 20:47:46 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/09/30 20:47:39 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/09/30 20:47:38 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/09/30 20:47:22 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/09/30 20:47:22 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/09/30 20:47:21 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/09/30 20:47:19 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/09/30 20:47:14 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/09/30 20:47:04 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2012/09/30 20:46:50 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/09/30 20:46:48 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/09/30 20:46:47 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/09/30 20:46:46 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/09/30 20:46:45 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/09/30 20:46:28 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/09/30 20:46:27 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/09/30 20:46:26 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/09/30 20:46:23 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/09/30 20:46:12 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/09/30 20:46:12 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/09/30 20:46:11 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/09/30 20:46:11 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/09/30 20:45:59 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/09/30 20:45:57 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/09/30 20:45:56 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/09/30 20:45:50 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/09/30 20:45:49 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/09/30 20:45:49 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/09/30 20:45:48 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/09/30 20:45:48 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/09/30 20:45:47 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/09/30 20:45:46 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/09/30 20:45:46 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/09/30 20:45:45 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/09/30 20:45:44 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/09/30 20:45:43 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/09/30 20:45:40 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/09/30 20:45:39 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/09/30 20:45:32 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/09/30 20:45:27 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/09/30 20:45:26 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/09/30 20:45:25 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/09/30 20:45:12 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/09/30 20:45:12 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/09/30 20:45:00 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/09/30 20:44:59 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/09/30 20:44:59 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/09/30 20:44:55 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/09/30 20:44:26 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/09/30 20:44:24 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/09/30 20:44:19 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/09/30 20:44:19 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/09/30 20:44:04 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/09/30 20:44:04 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/09/30 20:44:03 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/09/30 20:44:02 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/09/30 20:43:28 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/09/30 20:43:21 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/09/30 20:43:20 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/09/30 20:43:16 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/09/30 20:43:09 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/09/30 20:43:08 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/09/30 20:43:04 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/09/30 20:43:03 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/09/30 20:43:03 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/09/30 20:43:02 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/09/30 20:43:01 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/09/30 20:43:01 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/09/30 20:42:58 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/09/30 20:42:58 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/09/30 20:42:57 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/09/30 20:42:56 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/09/30 20:42:56 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/09/30 20:42:16 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2012/09/30 20:41:53 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/09/30 20:41:44 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/09/30 20:41:43 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2012/09/30 20:41:42 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/09/30 20:41:41 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/09/30 20:41:40 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/09/30 20:41:40 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/09/30 20:41:34 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/09/30 20:41:33 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/09/30 20:41:32 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/09/30 20:41:32 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/09/30 20:41:29 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/09/30 20:41:28 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/09/30 20:40:48 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/09/30 20:40:05 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/09/30 20:39:22 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/09/30 20:39:20 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/09/30 20:39:06 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/09/30 20:39:05 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/09/30 20:39:04 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/09/30 20:38:57 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/09/30 20:38:46 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/09/30 20:38:45 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/09/30 20:38:40 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/09/30 20:38:39 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/09/30 20:38:38 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/09/30 20:38:37 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/09/30 20:38:29 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/09/30 20:38:27 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/09/30 20:38:26 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/09/30 20:37:36 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/09/30 20:37:31 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/09/30 20:37:21 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/09/30 20:37:20 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/09/30 20:37:19 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/09/30 20:37:16 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/09/30 20:37:15 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/09/30 20:37:15 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/09/30 20:37:14 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/09/30 20:37:12 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/09/30 20:36:57 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/09/30 20:36:56 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/09/30 20:36:53 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/09/30 20:36:35 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/09/30 20:36:34 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/09/30 20:36:33 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/09/30 20:36:32 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/09/30 20:36:31 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/09/30 20:36:31 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/09/30 20:36:30 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/09/30 20:36:28 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/09/30 20:36:22 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/09/30 20:36:05 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/09/30 20:35:55 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/09/30 20:35:43 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/09/30 20:35:42 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/09/30 20:35:41 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/09/30 20:35:41 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/09/30 20:35:40 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/09/30 20:35:37 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/09/30 20:35:36 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/09/30 20:35:35 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/09/30 20:35:34 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/09/30 20:35:33 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/09/30 20:35:32 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/09/30 20:34:39 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/09/30 20:34:39 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/09/30 20:34:38 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/09/30 20:34:37 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/09/30 20:34:37 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/09/30 20:34:36 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/09/30 20:34:35 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/09/30 20:34:34 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/09/30 20:34:32 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/09/30 20:34:31 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/09/30 20:34:30 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/09/30 20:34:29 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/09/30 20:34:28 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/09/30 20:34:27 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/09/30 20:34:26 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/09/30 20:34:25 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/09/30 20:34:25 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/09/30 20:34:24 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/09/30 20:34:19 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/09/30 20:34:15 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/09/30 20:34:14 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/09/30 20:34:12 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/09/30 20:34:11 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/09/30 20:34:10 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/09/30 20:34:10 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/09/30 20:34:09 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/09/30 20:33:39 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/09/30 20:33:31 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/09/30 20:33:16 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/09/30 20:33:12 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/09/30 20:33:11 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/09/30 20:33:11 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/09/30 20:33:10 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/09/30 20:33:07 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/09/30 20:33:03 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/09/30 20:33:02 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2012/09/30 20:32:59 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/09/30 20:32:59 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/09/30 20:32:58 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/09/30 14:47:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron\Local Settings\Application Data\FixItCenter
[2012/09/30 14:42:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2012/09/30 14:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2012/09/30 14:36:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron\Application Data\ElevatedDiagnostics
[2012/09/30 14:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2012/09/30 14:34:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2012/09/30 14:27:13 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/09/30 09:41:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron\Start Menu\Programs\Kaspersky Security Scan
[2012/09/30 09:40:20 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2012/09/30 09:40:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2012/09/29 22:42:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/09/17 18:06:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron\Local Settings\Application Data\PCHealth
[2012/09/06 22:45:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/02/14 21:06:28 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Aaron\DesktopWinsockxpFix.exe
[2011/02/14 21:05:22 | 000,186,368 | ---- | C] (CEXX.ORG) -- C:\Documents and Settings\Aaron\DesktopLSPFix.exe
[2011/02/14 21:04:58 | 000,036,864 | ---- | C] (Rock Systems & Development) -- C:\Documents and Settings\Aaron\DesktopSafeMSI.exe
[2002/03/25 11:03:34 | 000,638,976 | ---- | C] (HMP - Hard- & Software GmbH) -- C:\Documents and Settings\Aaron\NPSI2KVW.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/30 21:41:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL.scr
[2012/09/30 21:38:05 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL(1).exe
[2012/09/30 21:23:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/09/30 21:22:30 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/09/30 21:20:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012/09/30 21:12:45 | 000,013,740 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/09/30 21:12:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/30 20:40:05 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012/09/30 15:11:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/09/30 14:42:08 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/09/30 14:00:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012/09/30 09:41:11 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\Aaron\Desktop\Kaspersky Security Scan.lnk
[2012/09/29 23:06:29 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/09/29 22:35:24 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/23 14:32:10 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/09/19 22:28:01 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/09/16 10:10:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/09/12 18:38:04 | 011,611,915 | ---- | M] () -- C:\Documents and Settings\Aaron\My Documents\COMPLETE OPE CATALOG 2.19.09.pdf
[2012/09/09 09:15:16 | 000,169,896 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/09/04 20:53:58 | 000,254,873 | ---- | M] () -- C:\Documents and Settings\Aaron\Desktop\healthcard.pdf
[2012/09/04 20:51:23 | 000,254,873 | ---- | M] () -- C:\Documents and Settings\Aaron\My Documents\Scan0010.pdf
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/30 20:50:28 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/09/30 20:50:27 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/09/30 20:39:21 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/09/30 20:39:20 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/09/30 20:39:19 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/09/30 20:39:18 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/09/30 20:39:16 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/09/30 20:37:18 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/09/30 20:37:18 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/09/30 20:37:17 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/09/30 20:34:01 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/09/30 20:34:00 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/09/30 20:33:59 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/09/30 20:33:59 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/09/30 20:33:58 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/09/30 20:33:57 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/09/30 20:33:56 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/09/30 20:33:56 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/09/30 20:33:53 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/09/30 20:33:46 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/09/30 14:42:08 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/09/30 14:42:08 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/09/30 09:41:17 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\Aaron\Desktop\Kaspersky Security Scan.lnk
[2012/09/29 23:16:18 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/09/12 18:38:04 | 011,611,915 | ---- | C] () -- C:\Documents and Settings\Aaron\My Documents\COMPLETE OPE CATALOG 2.19.09.pdf
[2012/09/04 20:53:58 | 000,254,873 | ---- | C] () -- C:\Documents and Settings\Aaron\Desktop\healthcard.pdf
[2012/09/04 20:51:22 | 000,254,873 | ---- | C] () -- C:\Documents and Settings\Aaron\My Documents\Scan0010.pdf
[2012/06/03 15:02:52 | 000,292,700 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/06/03 15:02:51 | 000,292,700 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/06/03 15:02:51 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/04/09 21:17:03 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini
[2012/03/11 01:24:01 | 000,946,356 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1801674531-1284227242-725345543-1003-0.dat
[2012/03/11 01:23:59 | 000,148,982 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/03/10 20:34:02 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2012/02/09 22:40:00 | 002,783,770 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2007/05/25 18:08:01 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/03/20 17:41:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Aaron\core
[2005/02/25 20:19:05 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Aaron\Local Settings\Application Data\fusioncache.dat
[2003/12/18 23:26:17 | 000,000,711 | ---- | C] () -- C:\Documents and Settings\Aaron\.plugin141_02.trace
[2003/12/15 21:33:25 | 000,001,244 | ---- | C] () -- C:\Documents and Settings\Aaron\OOo_dictionary_list.dat
[2003/12/15 21:16:37 | 000,000,083 | ---- | C] () -- C:\Documents and Settings\Aaron\Application Data\sversion.ini
[2003/12/13 22:11:27 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\Aaron\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2012/09/29 22:21:18 | 000,002,048 | -HS- | M] () -- C:\RECYCLER\S-1-5-18\$38cb1fd3fcce43707c3fb4b852093edc\@
[2012/09/29 22:21:18 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$38cb1fd3fcce43707c3fb4b852093edc\L
[2012/09/30 20:14:16 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$38cb1fd3fcce43707c3fb4b852093edc\U
[2005/02/25 20:13:01 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/09/30 14:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron\Application Data\ElevatedDiagnostics
[2010/04/17 23:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron\Application Data\Facebook
[2004/01/03 19:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron\Application Data\InterTrust
[2003/12/22 23:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron\Application Data\Leadertech
[2007/06/23 17:59:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron\Application Data\SystemRequirementsLab
[2010/09/25 19:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron\Application Data\Thunderbird
[2007/09/11 21:46:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron\Application Data\Uniblue
[2004/03/21 19:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron\Application Data\VERITAS
[2011/02/17 19:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2011/02/17 19:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2004/10/10 23:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

========== Purity Check ==========

< End of report >

Edited by Cardoctork, 30 September 2012 - 08:08 PM.

#2
maliprog

Posted 30 September 2012 - 11:07 PM

Trusted Helper

Malware Removal
6,172 posts

Hello Cardoctork and welcome to my office here at G2G! Posted Image

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:

Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
Absence of symptoms does not always mean the computer is clean
Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
Please DO NOT run any scans or fix on your own without my direction.
Please read all of my response through at least once before attempting to follow the procedures described.
If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
You must reply within 3 days or your topic will be closed

Step 1

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Double click on ComboFix.exe & follow the prompts.
Accept the disclaimer and allow to update if it asks
When finished, it shall produce a log for you.
Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Please make sure you include the combo fix log in your next reply

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside:
- Loaded modules
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Make sure to check:
- Services and drivers
- Boot sectors
- Loaded modules
- Verify Driver Digital Signature
- Detect TDLFS file system
then click OK.
Click the Start Scan button to start the scan.
If a suspicious object is detected, the default action will be Skip
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected for malicious objects
Click Continue then Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

Please don't forget to include these items in your reply:

Combofix log
TDSSKiller log

It would be helpful if you could post each log in separate post using "Add Reply" button

#3
Cardoctork

Posted 01 October 2012 - 07:27 PM

Member

Topic Starter
Member
39 posts

When I ran combo fix it said ca antivirus was running. I uninstalled but there must be some still in system. I had no way to turn it off.

combofix log
ComboFix 12-09-30.03 - Aaron 10/01/2012 20:41:58.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.591 [GMT -4:00]
Running from: C:\Documents and Settings\Aaron\Desktop\ComboFix.exe
AV: CA Anti-Virus *Enabled/Outdated* {17CFD1EA-56CF-40B5-A06B-BD3A27397C93}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\Documents and Settings\Aaron\WINDOWS
C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
C:\Program Files\driver
C:\WINDOWS\system32\DC120fc7_32.dll
C:\WINDOWS\system32\isafprod.1
C:\WINDOWS\system32\PowerToyReadme.htm
C:\WINDOWS\system32\SET66.tmp
C:\WINDOWS\system32\URTTemp
C:\WINDOWS\system32\URTTemp\fusion.dll
C:\WINDOWS\system32\URTTemp\mscoree.dll
C:\WINDOWS\system32\URTTemp\mscoree.dll.local
C:\WINDOWS\system32\URTTemp\mscorsn.dll
C:\WINDOWS\system32\URTTemp\mscorwks.dll
C:\WINDOWS\system32\URTTemp\msvcr71.dll
C:\WINDOWS\system32\URTTemp\regtlib.exe

((((((((((((((((((((((((( Files Created from 2012-09-02 to 2012-10-02 )))))))))))))))))))))))))))))))

2012-10-01 00:50:30 . 2008-04-13 23:12:12 116224 -c--a-w- C:\WINDOWS\system32\dllcache\xrxwiadr.dll
2012-10-01 00:50:29 . 2001-08-18 02:36:36 23040 -c--a-w- C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
2012-10-01 00:50:28 . 2008-04-13 23:12:12 18944 -c--a-w- C:\WINDOWS\system32\dllcache\xrxscnui.dll
2012-10-01 00:50:27 . 2001-08-18 02:37:02 4608 -c--a-w- C:\WINDOWS\system32\dllcache\xrxflnch.exe
2012-10-01 00:50:27 . 2001-08-18 02:37:02 27648 -c--a-w- C:\WINDOWS\system32\dllcache\xrxftplt.exe
2012-10-01 00:50:12 . 2001-08-18 02:37:02 99865 -c--a-w- C:\WINDOWS\system32\dllcache\xlog.exe
2012-10-01 00:50:09 . 2001-08-17 16:11:14 16970 -c--a-w- C:\WINDOWS\system32\dllcache\xem336n5.sys
2012-10-01 00:50:07 . 2004-08-04 02:29:50 19455 -c--a-w- C:\WINDOWS\system32\dllcache\wvchntxx.sys
2012-10-01 00:50:02 . 2004-08-04 02:29:48 12063 -c--a-w- C:\WINDOWS\system32\dllcache\wsiintxx.sys
2012-10-01 00:50:00 . 2008-04-13 23:12:10 8192 -c--a-w- C:\WINDOWS\system32\dllcache\wshirda.dll
2012-10-01 00:48:53 . 2001-08-17 17:28:16 64605 -c--a-w- C:\WINDOWS\system32\dllcache\vvoice.sys
2012-10-01 00:47:59 . 2001-08-17 18:02:00 230912 -c--a-w- C:\WINDOWS\system32\dllcache\tosdvd03.sys
2012-10-01 00:46:59 . 2008-04-13 17:40:52 7552 -c--a-w- C:\WINDOWS\system32\dllcache\sonyait.sys
2012-10-01 00:45:59 . 2001-08-17 17:51:16 17280 -c--a-w- C:\WINDOWS\system32\dllcache\scr111.sys
2012-10-01 00:44:59 . 2001-08-17 17:28:14 112574 -c--a-w- C:\WINDOWS\system32\dllcache\ptserlp.sys
2012-10-01 00:43:34 . 2001-08-17 16:50:18 198144 -c--a-w- C:\WINDOWS\system32\dllcache\nv3.sys
2012-10-01 00:42:59 . 2001-08-17 16:11:36 52255 -c--a-w- C:\WINDOWS\system32\dllcache\n1000nt5.sys
2012-10-01 00:41:59 . 2001-08-17 18:56:02 235648 -c--a-w- C:\WINDOWS\system32\dllcache\mgaud.dll
2012-10-01 00:40:56 . 2008-04-13 23:09:56 6144 -c--a-w- C:\WINDOWS\system32\dllcache\kbd106.dll
2012-10-01 00:39:59 . 2001-08-17 18:06:46 38528 -c--a-w- C:\WINDOWS\system32\dllcache\ibmvcap.sys
2012-10-01 00:38:59 . 2001-08-17 16:49:34 320384 -c--a-w- C:\WINDOWS\system32\dllcache\g200m.sys
2012-10-01 00:37:59 . 2001-08-17 17:53:02 7296 -c--a-w- C:\WINDOWS\system32\dllcache\elmsmc.sys
2012-10-01 00:36:59 . 2001-08-18 02:36:14 419357 -c--a-w- C:\WINDOWS\system32\dllcache\dgconfig.dll
2012-10-01 00:35:59 . 2001-08-17 18:56:00 91264 -c--a-w- C:\WINDOWS\system32\dllcache\cirrus.dll
2012-10-01 00:34:41 . 2001-08-17 17:51:00 13824 -c--a-w- C:\WINDOWS\system32\dllcache\bulltlp3.sys
2012-10-01 00:33:59 . 2001-08-17 16:49:44 19456 -c--a-w- C:\WINDOWS\system32\dllcache\ativttxx.sys
2012-10-01 00:32:59 . 2001-08-17 18:55:58 689216 -c--a-w- C:\WINDOWS\system32\dllcache\3dfxvs.dll
2012-10-01 00:32:59 . 2001-08-17 16:48:32 148352 -c--a-w- C:\WINDOWS\system32\dllcache\3dfxvsm.sys
2012-10-01 00:32:58 . 2001-08-17 17:28:00 762780 -c--a-w- C:\WINDOWS\system32\dllcache\3cwmcru.sys
2012-10-01 00:32:57 . 2001-08-17 18:06:48 11264 -c--a-w- C:\WINDOWS\system32\dllcache\1394vdbg.sys
2012-10-01 00:32:26 . 2001-08-17 18:56:04 66048 -c--a-w- C:\WINDOWS\system32\dllcache\s3legacy.dll
2012-09-30 19:30:12 . 2012-08-30 08:17:54 6980552 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{80C082C6-EDCE-48BA-891E-011B76998B45}\mpengine.dll
2012-09-30 18:47:48 . 2012-09-30 18:47:48 -------- d-----w- C:\Documents and Settings\Aaron\Local Settings\Application Data\FixItCenter
2012-09-30 18:42:05 . 2012-09-30 18:42:06 -------- d-----w- C:\WINDOWS\MATS
2012-09-30 18:42:03 . 2012-09-30 18:42:08 -------- d-----w- C:\Program Files\Microsoft Fix it Center
2012-09-30 18:36:57 . 2012-09-30 18:36:57 -------- d-----w- C:\Documents and Settings\Aaron\Application Data\ElevatedDiagnostics
2012-09-30 18:27:13 . 2012-09-30 18:27:13 -------- d-----w- C:\TDSSKiller_Quarantine
2012-09-30 13:40:20 . 2012-09-30 13:40:20 -------- d-----w- C:\Program Files\Kaspersky Lab
2012-09-30 13:40:20 . 2012-09-30 13:40:20 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2012-09-29 18:22:06 . 2012-08-30 08:17:54 6980552 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-17 22:06:54 . 2012-09-17 22:06:54 -------- d-----w- C:\Documents and Settings\Aaron\Local Settings\Application Data\PCHealth
.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-09-07 21:04:46 . 2012-06-02 00:19:52 22856 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2012-08-31 02:03:50 . 2010-10-25 02:25:38 193552 ----a-w- C:\WINDOWS\system32\drivers\MpFilter.sys
2012-08-29 00:24:56 . 2012-06-24 02:26:12 477168 ----a-w- C:\WINDOWS\system32\npdeployJava1.dll
2012-08-29 00:24:53 . 2010-04-16 00:44:32 473072 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2012-08-28 22:39:23 . 2008-03-12 23:35:29 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2012-08-28 15:14:53 . 2003-03-31 12:00:00 916992 ----a-w- C:\WINDOWS\system32\wininet.dll
2012-08-28 15:14:53 . 2003-03-31 12:00:00 43520 ------w- C:\WINDOWS\system32\licmgr10.dll
2012-08-28 15:14:52 . 2003-03-31 12:00:00 1469440 ------w- C:\WINDOWS\system32\inetcpl.cpl
2012-08-28 12:07:15 . 2004-10-04 03:46:43 385024 ------w- C:\WINDOWS\system32\html.iec
2012-08-24 01:23:56 . 2012-04-10 21:59:44 696520 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-08-24 01:23:55 . 2011-05-26 23:51:26 73416 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58:51 . 2003-03-31 12:00:00 78336 ----a-w- C:\WINDOWS\system32\browser.dll
2012-07-04 14:05:18 . 2003-12-06 20:27:00 139784 ----a-w- C:\WINDOWS\system32\drivers\rdpwd.sys
2012-09-07 02:47:54 . 2012-09-07 02:45:31 266720 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-22 21:10:30 1871872]
"HP Officejet Pro 8600 (NET)"="C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2011-09-09 20:01:16 1804648]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 00:05:26 204288]
"KSS"="C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" [2012-04-25 23:53:38 202296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EssSpkPhone"="essspk.exe -cb" [X]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [X]
"Disc Detector"="C:\Program Files\Creative\ShareDLL\CtNotify.exe" [2001-08-01 07:00:00 191488]
"StorageGuard"="C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" [2002-06-18 05:01:00 155648]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2003-03-12 06:03:00 114741]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 09:50:00 19968]
"nForce Tray Options"="sstray.exe" [2002-12-05 04:23:26 73728]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 16:50:42 155648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 02:16:38 39792]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe" [2012-09-12 21:19:44 947176]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 19:02:04 254696]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 06:41:12 49208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 06:01:00 437160]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2004-10-30 169472]
SystemControl.lnk - C:\Program Files\SystemControl\SystemControl\SystemControl.exe [2003-12-6 1163264]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeScape Media Detector]
2004-10-03 02:46:07 151552 ------w- C:\Program Files\Picasa\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
2003-10-01 15:01:12 53248 ----a-w- c:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneTouch Monitor]
2002-04-16 13:12:46 86016 ----a-w- C:\Program Files\Visioneer OneTouch\OneTouchMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Pitstop Optimize Scheduler]
2008-03-26 21:40:24 2577120 ----a-w- C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
2007-09-25 20:03:30 93208 ----a-w- C:\Program Files\Logitech\Gaming Software\LWEMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
2009-11-10 20:39:26 5244216 ----a-w- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SCardDrv"=3 (0x3)
"ITMRTSVC"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

R1 BS_I2cIo;BS_I2cIo;C:\WINDOWS\system32\drivers\BS_I2cIo.sys [12/6/2003 9:29:48 PM 5120]
R2 MLPTDR_Q;MLPTDR_Q;C:\WINDOWS\system32\MLPTDR_Q.SYS [7/22/2003 3:44:18 AM 18848]
R2 ppsio2;PPDevice;C:\WINDOWS\system32\drivers\ppsio2.sys [10/2/2004 10:19:02 PM 23200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/10/2012 5:59:44 PM 250568]
S3 pmxscan;Visioneer USB Kernel;C:\WINDOWS\system32\drivers\usbscan.sys [10/2/2004 10:11:31 PM 15104]
UnknownUnknown IntuitUpdateServiceV4;IntuitUpdateServiceV4; [x]
UnknownUnknown KSS;KSS; [x]
UnknownUnknown MatSvc;MatSvc; [x]
UnknownUnknown MozillaMaintenance;MozillaMaintenance; [x]
UnknownUnknown PPCtlPriv;PPCtlPriv; [x]

Contents of the 'Scheduled Tasks' folder

2012-10-02 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 21:59:44 . 2012-08-24 01:23:56]

2012-09-16 C:\WINDOWS\Tasks\At1.job
- C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2011-09-09 19:53:04 . 2011-09-09 19:53:04]

2012-10-01 C:\WINDOWS\Tasks\At2.job
- C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2011-09-09 19:53:04 . 2011-09-09 19:53:04]

2012-10-01 C:\WINDOWS\Tasks\At3.job
- C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2011-09-09 19:53:04 . 2011-09-09 19:53:04]

2012-09-30 C:\WINDOWS\Tasks\At4.job
- C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2011-09-09 19:53:04 . 2011-09-09 19:53:04]

2012-10-02 C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 21:25:22 . 2012-09-12 21:25:22]

------- Supplementary Scan -------

uStart Page = https://www.autopart...rtal/login.html
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
TCP: Interfaces\{F1B8A536-023C-4D8E-A83D-0CCEDEAC3DE9}: NameServer = 208.67.222.222,208.67.220.220,12.213.112.61
FF - ProfilePath - C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\
FF - prefs.js: browser.search.selectedEngine - eBay
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: network.proxy.type - 4
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

- - - - ORPHANS REMOVED - - - -

HKLM-Run-RegisterDropHandler - C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
HKLM-Run-dvHighMem - C:\WINDOWS\cfgmng32.exe
ShellExecuteHooks-{1869181A-9F50-4FCF-8BFF-1B8588ECB85C} - (no file)
MSConfigStartUp-cafw - C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe
MSConfigStartUp-capfasem - C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
MSConfigStartUp-capfupgrade - C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe
MSConfigStartUp-CAPPActiveProtection - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
MSConfigStartUp-CAVRID - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
MSConfigStartUp-cctray - C:\Program Files\CA\CA Internet Security Suite\casc.exe
AddRemove-Creative News - C:\Program Files\Creative\News\CTNews.isu
AddRemove-Visioneer PaperPort 6.1 - C:\Program Files\Visioneer\PaperPort\Config\DeIsL1.isu

#4
Cardoctork

Posted 01 October 2012 - 07:30 PM

Member

Topic Starter
Member
39 posts

Here is the tdss log
21:16:27.0687 0512 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:16:28.0218 0512 ============================================================
21:16:28.0218 0512 Current date / time: 2012/10/01 21:16:28.0218
21:16:28.0218 0512 SystemInfo:
21:16:28.0218 0512
21:16:28.0218 0512 OS Version: 5.1.2600 ServicePack: 3.0
21:16:28.0218 0512 Product type: Workstation
21:16:28.0218 0512 ComputerName: RAINBOW-ACRES
21:16:28.0218 0512 UserName: Aaron
21:16:28.0218 0512 Windows directory: C:\WINDOWS
21:16:28.0218 0512 System windows directory: C:\WINDOWS
21:16:28.0218 0512 Processor architecture: Intel x86
21:16:28.0218 0512 Number of processors: 1
21:16:28.0218 0512 Page size: 0x1000
21:16:28.0218 0512 Boot type: Normal boot
21:16:28.0218 0512 ============================================================
21:16:29.0234 0512 BG loaded
21:16:29.0734 0512 Drive \Device\Harddisk0\DR0 - Size: 0x1315740000 (76.34 Gb), SectorSize: 0x200, Cylinders: 0x26EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
21:16:29.0734 0512 ============================================================
21:16:29.0734 0512 \Device\Harddisk0\DR0:
21:16:29.0734 0512 MBR partitions:
21:16:29.0734 0512 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x98A7FAD
21:16:29.0734 0512 ============================================================
21:16:29.0734 0512 C: <-> \Device\Harddisk0\DR0\Partition1
21:16:29.0765 0512 ============================================================
21:16:29.0765 0512 Initialize success
21:16:29.0765 0512 ============================================================
21:17:45.0734 3100 ============================================================
21:17:45.0734 3100 Scan started
21:17:45.0734 3100 Mode: Manual;
21:17:45.0734 3100 ============================================================
21:17:45.0921 3100 ================ Scan system memory ========================
21:17:45.0921 3100 System memory - ok
21:17:45.0937 3100 ================ Scan services =============================
21:17:46.0046 3100 Abiosdsk - ok
21:17:46.0062 3100 abp480n5 - ok
21:17:46.0125 3100 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:17:46.0125 3100 ACPI - ok
21:17:46.0234 3100 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:17:46.0234 3100 ACPIEC - ok
21:17:46.0312 3100 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:17:46.0328 3100 AdobeFlashPlayerUpdateSvc - ok
21:17:46.0343 3100 adpu160m - ok
21:17:46.0406 3100 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:17:46.0421 3100 aec - ok
21:17:46.0500 3100 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:17:46.0500 3100 AFD - ok
21:17:46.0531 3100 Aha154x - ok
21:17:46.0546 3100 aic78u2 - ok
21:17:46.0562 3100 aic78xx - ok
21:17:46.0609 3100 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:17:46.0609 3100 Alerter - ok
21:17:46.0625 3100 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
21:17:46.0640 3100 ALG - ok
21:17:46.0656 3100 AliIde - ok
21:17:46.0687 3100 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7 C:\WINDOWS\system32\DRIVERS\amdk7.sys
21:17:46.0687 3100 AmdK7 - ok
21:17:46.0703 3100 amsint - ok
21:17:46.0765 3100 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:17:46.0765 3100 AppMgmt - ok
21:17:46.0796 3100 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:17:46.0812 3100 Arp1394 - ok
21:17:46.0828 3100 asc - ok
21:17:46.0843 3100 asc3350p - ok
21:17:46.0859 3100 asc3550 - ok
21:17:46.0968 3100 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:17:47.0015 3100 aspnet_state - ok
21:17:47.0046 3100 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:17:47.0046 3100 AsyncMac - ok
21:17:47.0078 3100 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:17:47.0078 3100 atapi - ok
21:17:47.0109 3100 Atdisk - ok
21:17:47.0140 3100 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:17:47.0140 3100 Atmarpc - ok
21:17:47.0171 3100 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:17:47.0171 3100 AudioSrv - ok
21:17:47.0218 3100 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:17:47.0218 3100 audstub - ok
21:17:47.0265 3100 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:17:47.0265 3100 Beep - ok
21:17:47.0312 3100 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
21:17:47.0421 3100 BITS - ok
21:17:47.0453 3100 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
21:17:47.0468 3100 Browser - ok
21:17:47.0500 3100 [ 8815984EBB9457CF79D096A271C4ECA8 ] BS_I2cIo C:\WINDOWS\System32\drivers\BS_I2cIo.sys
21:17:47.0500 3100 BS_I2cIo - ok
21:17:47.0640 3100 catchme - ok
21:17:47.0671 3100 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:17:47.0671 3100 cbidf2k - ok
21:17:47.0687 3100 cd20xrnt - ok
21:17:47.0718 3100 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:17:47.0734 3100 Cdaudio - ok
21:17:47.0765 3100 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:17:47.0781 3100 Cdfs - ok
21:17:47.0796 3100 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:17:47.0796 3100 Cdrom - ok
21:17:47.0812 3100 Changer - ok
21:17:47.0859 3100 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:17:47.0859 3100 CiSvc - ok
21:17:47.0906 3100 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:17:47.0906 3100 ClipSrv - ok
21:17:47.0937 3100 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:17:48.0031 3100 clr_optimization_v2.0.50727_32 - ok
21:17:48.0093 3100 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:17:48.0109 3100 clr_optimization_v4.0.30319_32 - ok
21:17:48.0125 3100 CmdIde - ok
21:17:48.0140 3100 COMSysApp - ok
21:17:48.0171 3100 Cpqarray - ok
21:17:48.0218 3100 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\System32\CTSVCCDA.EXE
21:17:48.0218 3100 Creative Service for CDROM Access - ok
21:17:48.0265 3100 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:17:48.0281 3100 CryptSvc - ok
21:17:48.0296 3100 dac2w2k - ok
21:17:48.0312 3100 dac960nt - ok
21:17:48.0343 3100 [ 1B269ED3EB2D81EC11CD5B0544E89962 ] DcCam C:\WINDOWS\system32\DRIVERS\DcCam.sys
21:17:48.0343 3100 DcCam - ok
21:17:48.0375 3100 [ BD6CE20068159F9714EBE9E76DECAB2C ] DcFpoint C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
21:17:48.0375 3100 DcFpoint - ok
21:17:48.0421 3100 [ 1315E0B5B6FC1FE930EE3498309700BD ] DCFS2K C:\WINDOWS\system32\drivers\dcfs2k.sys
21:17:48.0421 3100 DCFS2K - ok
21:17:48.0468 3100 [ 5F5055EFB3E0820F349924E7C5BD5AF4 ] DcLps C:\WINDOWS\system32\DRIVERS\DcLps.sys
21:17:48.0468 3100 DcLps - ok
21:17:48.0531 3100 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:17:48.0546 3100 DcomLaunch - ok
21:17:48.0640 3100 [ 31689427DA60A724B31A622B35ED21EC ] DcPTP C:\WINDOWS\system32\DRIVERS\DcPTP.sys
21:17:48.0640 3100 DcPTP - ok
21:17:48.0671 3100 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:17:48.0687 3100 Dhcp - ok
21:17:48.0718 3100 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:17:48.0718 3100 Disk - ok
21:17:48.0750 3100 dmadmin - ok
21:17:48.0843 3100 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:17:48.0890 3100 dmboot - ok
21:17:48.0906 3100 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:17:48.0906 3100 dmio - ok
21:17:48.0937 3100 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:17:48.0937 3100 dmload - ok
21:17:48.0984 3100 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:17:48.0984 3100 dmserver - ok
21:17:49.0031 3100 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:17:49.0031 3100 DMusic - ok
21:17:49.0062 3100 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:17:49.0062 3100 Dnscache - ok
21:17:49.0109 3100 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:17:49.0125 3100 Dot3svc - ok
21:17:49.0140 3100 dpti2o - ok
21:17:49.0171 3100 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:17:49.0171 3100 drmkaud - ok
21:17:49.0203 3100 [ E807F83E239C734173C14740787045F5 ] drvmcdb C:\WINDOWS\system32\DRIVERS\drvmcdb.sys
21:17:49.0203 3100 drvmcdb - ok
21:17:49.0234 3100 [ 1BAA922D627A59A6542ACFA6FD7DC40A ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
21:17:49.0250 3100 drvnddm - ok
21:17:49.0281 3100 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:17:49.0281 3100 EapHost - ok
21:17:49.0328 3100 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:17:49.0328 3100 ERSvc - ok
21:17:49.0359 3100 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
21:17:49.0375 3100 Eventlog - ok
21:17:49.0406 3100 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
21:17:49.0406 3100 EventSystem - ok
21:17:49.0437 3100 [ F85FFDEAE43F9E9A7C3F4E3CC5EF09EB ] Exportit C:\WINDOWS\system32\DRIVERS\exportit.sys
21:17:49.0453 3100 Exportit - ok
21:17:49.0484 3100 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:17:49.0484 3100 Fastfat - ok
21:17:49.0546 3100 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:17:49.0562 3100 FastUserSwitchingCompatibility - ok
21:17:49.0593 3100 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
21:17:49.0593 3100 Fdc - ok
21:17:49.0625 3100 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:17:49.0625 3100 Fips - ok
21:17:49.0640 3100 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:17:49.0640 3100 Flpydisk - ok
21:17:49.0656 3100 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:17:49.0656 3100 FltMgr - ok
21:17:49.0718 3100 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:17:49.0718 3100 FontCache3.0.0.0 - ok
21:17:49.0765 3100 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:17:49.0765 3100 Fs_Rec - ok
21:17:49.0781 3100 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:17:49.0781 3100 Ftdisk - ok
21:17:49.0843 3100 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
21:17:49.0843 3100 gameenum - ok
21:17:49.0921 3100 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:17:49.0921 3100 Gpc - ok
21:17:49.0984 3100 [ 4236E014632F4163F53EBB717F41594C ] HCF_MSFT C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys
21:17:50.0031 3100 HCF_MSFT - ok
21:17:50.0093 3100 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:17:50.0093 3100 helpsvc - ok
21:17:50.0109 3100 HidServ - ok
21:17:50.0125 3100 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:17:50.0125 3100 HidUsb - ok
21:17:50.0171 3100 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:17:50.0187 3100 hkmsvc - ok
21:17:50.0203 3100 hpn - ok
21:17:50.0250 3100 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:17:50.0250 3100 HTTP - ok
21:17:50.0296 3100 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:17:50.0312 3100 HTTPFilter - ok
21:17:50.0312 3100 i2omgmt - ok
21:17:50.0328 3100 i2omp - ok
21:17:50.0343 3100 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:17:50.0343 3100 i8042prt - ok
21:17:50.0437 3100 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:17:50.0437 3100 IDriverT - ok
21:17:50.0515 3100 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:17:50.0546 3100 idsvc - ok
21:17:50.0578 3100 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:17:50.0578 3100 Imapi - ok
21:17:50.0625 3100 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
21:17:50.0640 3100 ImapiService - ok
21:17:50.0656 3100 ini910u - ok
21:17:50.0671 3100 IntelIde - ok
21:17:50.0765 3100 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
21:17:50.0765 3100 IntuitUpdateService - ok
21:17:50.0812 3100 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
21:17:50.0812 3100 IntuitUpdateServiceV4 - ok
21:17:50.0875 3100 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:17:50.0890 3100 ip6fw - ok
21:17:50.0937 3100 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:17:50.0937 3100 IpFilterDriver - ok
21:17:50.0968 3100 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:17:50.0968 3100 IpInIp - ok
21:17:50.0984 3100 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:17:51.0000 3100 IpNat - ok
21:17:51.0046 3100 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:17:51.0046 3100 IPSec - ok
21:17:51.0078 3100 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:17:51.0078 3100 IRENUM - ok
21:17:51.0093 3100 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:17:51.0109 3100 isapnp - ok
21:17:51.0109 3100 ITMRTSVC - ok
21:17:51.0203 3100 [ 0E410EDC8D0527801B899CF29E60597C ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
21:17:51.0203 3100 JavaQuickStarterService - ok
21:17:51.0234 3100 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:17:51.0234 3100 Kbdclass - ok
21:17:51.0281 3100 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:17:51.0281 3100 kbdhid - ok
21:17:51.0312 3100 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:17:51.0312 3100 kmixer - ok
21:17:51.0359 3100 [ B3F86266F372A97624F5D132DA6E97E6 ] KodakCCS C:\WINDOWS\system32\drivers\KodakCCS.exe
21:17:51.0390 3100 KodakCCS - ok
21:17:51.0421 3100 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:17:51.0437 3100 KSecDD - ok
21:17:51.0484 3100 [ E47FFCA0909871AC1BFF0D446FF63CA9 ] KSS C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
21:17:51.0500 3100 KSS - ok
21:17:51.0531 3100 [ 4103DBB6CAA85E40D271C1AD12BBF776 ] L8042pr2 C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys
21:17:51.0546 3100 L8042pr2 - ok
21:17:51.0578 3100 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:17:51.0593 3100 lanmanserver - ok
21:17:51.0609 3100 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:17:51.0625 3100 lanmanworkstation - ok
21:17:51.0640 3100 lbrtfdc - ok
21:17:51.0687 3100 [ B97D05E656818572B6B04BA682D3AA8F ] LHidFlt2 C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
21:17:51.0687 3100 LHidFlt2 - ok
21:17:51.0734 3100 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:17:51.0750 3100 LmHosts - ok
21:17:51.0765 3100 [ B666F835C18974F392A387C6E863072F ] LMouFlt2 C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
21:17:51.0765 3100 LMouFlt2 - ok
21:17:51.0859 3100 [ DDF15A42E27E8EFE27B18FD403151A86 ] MatSvc C:\Program Files\Microsoft Fix it Center\Matsvc.exe
21:17:51.0859 3100 MatSvc - ok
21:17:51.0906 3100 [ 2E29E9AA60C18CEC7A2B9AE1855567E0 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
21:17:51.0921 3100 mdmxsdk - ok
21:17:51.0953 3100 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:17:51.0953 3100 Messenger - ok
21:17:52.0000 3100 [ B39BF953A3A304A2D12751692EC355A0 ] MLPTDR_Q C:\WINDOWS\System32\MLPTDR_Q.sys
21:17:52.0000 3100 MLPTDR_Q - ok
21:17:52.0062 3100 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:17:52.0062 3100 mnmdd - ok
21:17:52.0109 3100 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
21:17:52.0109 3100 mnmsrvc - ok
21:17:52.0140 3100 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:17:52.0140 3100 Modem - ok
21:17:52.0203 3100 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
21:17:52.0203 3100 MODEMCSA - ok
21:17:52.0218 3100 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:17:52.0234 3100 Mouclass - ok
21:17:52.0265 3100 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:17:52.0265 3100 mouhid - ok
21:17:52.0296 3100 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:17:52.0296 3100 MountMgr - ok
21:17:52.0343 3100 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:17:52.0343 3100 MozillaMaintenance - ok
21:17:52.0375 3100 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
21:17:52.0375 3100 MpFilter - ok
21:17:52.0500 3100 [ A69630D039C38018689190234F866D77 ] MpKsl31db59c8 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0CD7AFEF-0E81-46EC-88C5-83958D59ABEB}\MpKsl31db59c8.sys
21:17:52.0500 3100 MpKsl31db59c8 - ok
21:17:52.0515 3100 mraid35x - ok
21:17:52.0562 3100 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:17:52.0562 3100 MRxDAV - ok
21:17:52.0625 3100 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:17:52.0640 3100 MRxSmb - ok
21:17:52.0687 3100 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:17:52.0687 3100 MSDTC - ok
21:17:52.0718 3100 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:17:52.0718 3100 Msfs - ok
21:17:52.0734 3100 MSIServer - ok
21:17:52.0750 3100 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:17:52.0750 3100 MSKSSRV - ok
21:17:52.0828 3100 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:17:52.0828 3100 MsMpSvc - ok
21:17:52.0859 3100 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:17:52.0859 3100 MSPCLOCK - ok
21:17:52.0906 3100 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:17:52.0906 3100 MSPQM - ok
21:17:52.0937 3100 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:17:52.0937 3100 mssmbios - ok
21:17:52.0968 3100 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
21:17:52.0968 3100 ms_mpu401 - ok
21:17:53.0015 3100 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:17:53.0015 3100 Mup - ok
21:17:53.0062 3100 [ 31509F505FEA9B37F9E59A10ADCFE8F5 ] MxlW2k C:\WINDOWS\system32\drivers\MxlW2k.sys
21:17:53.0062 3100 MxlW2k - ok
21:17:53.0109 3100 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
21:17:53.0125 3100 napagent - ok
21:17:53.0171 3100 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:17:53.0171 3100 NDIS - ok
21:17:53.0218 3100 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:17:53.0218 3100 NdisTapi - ok
21:17:53.0234 3100 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:17:53.0234 3100 Ndisuio - ok
21:17:53.0281 3100 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:17:53.0281 3100 NdisWan - ok
21:17:53.0343 3100 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:17:53.0343 3100 NDProxy - ok
21:17:53.0359 3100 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:17:53.0359 3100 NetBIOS - ok
21:17:53.0375 3100 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:17:53.0390 3100 NetBT - ok
21:17:53.0453 3100 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
21:17:53.0453 3100 NetDDE - ok
21:17:53.0468 3100 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:17:53.0468 3100 NetDDEdsdm - ok
21:17:53.0515 3100 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:17:53.0515 3100 Netlogon - ok
21:17:53.0562 3100 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
21:17:53.0578 3100 Netman - ok
21:17:53.0609 3100 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:17:53.0625 3100 NetTcpPortSharing - ok
21:17:53.0640 3100 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:17:53.0656 3100 NIC1394 - ok
21:17:53.0687 3100 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
21:17:53.0703 3100 Nla - ok
21:17:53.0718 3100 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:17:53.0718 3100 Npfs - ok
21:17:53.0765 3100 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:17:53.0781 3100 Ntfs - ok
21:17:53.0812 3100 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
21:17:53.0812 3100 NtLmSsp - ok
21:17:53.0875 3100 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:17:53.0890 3100 NtmsSvc - ok
21:17:53.0906 3100 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:17:53.0906 3100 Null - ok
21:17:54.0390 3100 [ 0DC79B60CEDC3A8854C27B3C6E4B3414 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:17:54.0781 3100 nv - ok
21:17:54.0843 3100 [ 10DFFF2CBA6CF2B56AB3B472D03C2122 ] nvax C:\WINDOWS\system32\drivers\nvax.sys
21:17:54.0843 3100 nvax - ok
21:17:54.0890 3100 [ C8400CA70BF8A30156487BF887886432 ] NVENET C:\WINDOWS\system32\DRIVERS\NVENET.sys
21:17:54.0890 3100 NVENET - ok
21:17:54.0906 3100 [ 857ACF58D21D6A7F2EAB84FB54B4EDA4 ] nvidesm C:\WINDOWS\system32\drivers\nvidesm.sys
21:17:54.0906 3100 nvidesm - ok
21:17:54.0953 3100 [ 9E587342D385AE57BAEF9FB267E5F331 ] nvnforce C:\WINDOWS\system32\drivers\nvapu.sys
21:17:54.0953 3100 nvnforce - ok
21:17:55.0000 3100 [ 0FEBE37DB6650FAA5965C00545009D1D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
21:17:55.0000 3100 NVSvc - ok
21:17:55.0015 3100 [ DB36442C20793C53B4128EB85F9A3D32 ] nv_agp C:\WINDOWS\system32\DRIVERS\nv_agp.sys
21:17:55.0015 3100 nv_agp - ok
21:17:55.0078 3100 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:17:55.0078 3100 NwlnkFlt - ok
21:17:55.0109 3100 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:17:55.0109 3100 NwlnkFwd - ok
21:17:55.0171 3100 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:17:55.0171 3100 ohci1394 - ok
21:17:55.0218 3100 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:17:55.0218 3100 ose - ok
21:17:55.0265 3100 [ 37990B683CEAE72AE4E72BC4962A708F ] papycpu2 C:\WINDOWS\system32\drivers\papycpu2.sys
21:17:55.0265 3100 papycpu2 - ok
21:17:55.0281 3100 [ 1E238722F218D945322FE1685C0E9161 ] papyjoy C:\WINDOWS\system32\drivers\papyjoy.sys
21:17:55.0296 3100 papyjoy - ok
21:17:55.0312 3100 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
21:17:55.0312 3100 Parport - ok
21:17:55.0343 3100 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:17:55.0343 3100 PartMgr - ok
21:17:55.0390 3100 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:17:55.0406 3100 ParVdm - ok
21:17:55.0421 3100 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:17:55.0421 3100 PCI - ok
21:17:55.0437 3100 PCIDump - ok
21:17:55.0468 3100 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:17:55.0468 3100 PCIIde - ok
21:17:55.0500 3100 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:17:55.0500 3100 Pcmcia - ok
21:17:55.0515 3100 PDCOMP - ok
21:17:55.0531 3100 PDFRAME - ok
21:17:55.0546 3100 PDRELI - ok
21:17:55.0578 3100 PDRFRAME - ok
21:17:55.0593 3100 perc2 - ok
21:17:55.0609 3100 perc2hib - ok
21:17:55.0656 3100 [ DA86016F0672ADA925F589EDE715F185 ] pfc C:\WINDOWS\system32\drivers\pfc.sys
21:17:55.0656 3100 pfc - ok
21:17:55.0703 3100 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
21:17:55.0703 3100 PlugPlay - ok
21:17:55.0750 3100 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] pmxscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:17:55.0750 3100 pmxscan - ok
21:17:55.0765 3100 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:17:55.0765 3100 PolicyAgent - ok
21:17:55.0781 3100 PPCtlPriv - ok
21:17:55.0859 3100 [ DE4DFB09BF96FD5F810750140E2AA236 ] ppsio2 C:\WINDOWS\system32\drivers\ppsio2.sys
21:17:55.0859 3100 ppsio2 - ok
21:17:55.0906 3100 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:17:55.0906 3100 PptpMiniport - ok
21:17:55.0937 3100 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
21:17:55.0937 3100 Processor - ok
21:17:55.0984 3100 [ F2E3C8F1EB6BA0733E0A1F6373DF7957 ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
21:17:55.0984 3100 prodrv06 - ok
21:17:56.0015 3100 [ 150307B52807D0C493C605AB913038AD ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
21:17:56.0031 3100 prohlp02 - ok
21:17:56.0046 3100 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:17:56.0046 3100 ProtectedStorage - ok
21:17:56.0062 3100 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:17:56.0062 3100 PSched - ok
21:17:56.0125 3100 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:17:56.0125 3100 Ptilink - ok
21:17:56.0156 3100 [ DB3B30C3A4CDCF07E164C14584D9D0F2 ] PxHelp20 C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
21:17:56.0156 3100 PxHelp20 - ok
21:17:56.0187 3100 ql1080 - ok
21:17:56.0203 3100 Ql10wnt - ok
21:17:56.0218 3100 ql12160 - ok
21:17:56.0234 3100 ql1240 - ok
21:17:56.0250 3100 ql1280 - ok
21:17:56.0265 3100 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:17:56.0265 3100 RasAcd - ok
21:17:56.0312 3100 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:17:56.0312 3100 RasAuto - ok
21:17:56.0343 3100 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:17:56.0343 3100 Rasl2tp - ok
21:17:56.0406 3100 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:17:56.0406 3100 RasMan - ok
21:17:56.0437 3100 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:17:56.0437 3100 RasPppoe - ok
21:17:56.0453 3100 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:17:56.0453 3100 Raspti - ok
21:17:56.0484 3100 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:17:56.0484 3100 Rdbss - ok
21:17:56.0500 3100 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:17:56.0500 3100 RDPCDD - ok
21:17:56.0546 3100 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:17:56.0546 3100 rdpdr - ok
21:17:56.0609 3100 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:17:56.0609 3100 RDPWD - ok
21:17:56.0656 3100 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:17:56.0656 3100 RDSessMgr - ok
21:17:56.0687 3100 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:17:56.0703 3100 redbook - ok
21:17:56.0734 3100 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:17:56.0750 3100 RemoteAccess - ok
21:17:56.0781 3100 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:17:56.0781 3100 RemoteRegistry - ok
21:17:56.0828 3100 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
21:17:56.0843 3100 RpcLocator - ok
21:17:56.0875 3100 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
21:17:56.0875 3100 RpcSs - ok
21:17:56.0921 3100 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
21:17:56.0937 3100 RSVP - ok
21:17:56.0953 3100 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
21:17:56.0968 3100 SamSs - ok
21:17:57.0000 3100 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:17:57.0000 3100 SCardSvr - ok
21:17:57.0031 3100 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:17:57.0031 3100 Schedule - ok
21:17:57.0078 3100 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:17:57.0093 3100 Secdrv - ok
21:17:57.0125 3100 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
21:17:57.0125 3100 seclogon - ok
21:17:57.0140 3100 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
21:17:57.0140 3100 SENS - ok
21:17:57.0187 3100 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:17:57.0187 3100 serenum - ok
21:17:57.0218 3100 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:17:57.0218 3100 Serial - ok
21:17:57.0312 3100 [ 549EA830A5D9EDD9CD14311126C2849B ] SetupNT C:\WINDOWS\system32\SetupNT.sys
21:17:57.0312 3100 SetupNT - ok
21:17:57.0343 3100 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
21:17:57.0359 3100 sfhlp01 - ok
21:17:57.0375 3100 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:17:57.0375 3100 Sfloppy - ok
21:17:57.0421 3100 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:17:57.0421 3100 SharedAccess - ok
21:17:57.0453 3100 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:17:57.0453 3100 ShellHWDetection - ok
21:17:57.0468 3100 Simbad - ok
21:17:57.0500 3100 Sparrow - ok
21:17:57.0546 3100 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:17:57.0546 3100 splitter - ok
21:17:57.0593 3100 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:17:57.0593 3100 Spooler - ok
21:17:57.0609 3100 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:17:57.0625 3100 sr - ok
21:17:57.0656 3100 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
21:17:57.0656 3100 srservice - ok
21:17:57.0718 3100 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:17:57.0718 3100 Srv - ok
21:17:57.0750 3100 [ 3D1CE2231937376E3F5E1AC644357D8F ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
21:17:57.0750 3100 sscdbhk5 - ok
21:17:57.0781 3100 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:17:57.0796 3100 SSDPSRV - ok
21:17:57.0812 3100 [ 4E85DC934D3430427420C0E568727529 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
21:17:57.0812 3100 ssrtln - ok
21:17:57.0859 3100 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
21:17:57.0859 3100 StillCam - ok
21:17:57.0890 3100 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:17:57.0906 3100 stisvc - ok
21:17:57.0937 3100 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:17:57.0937 3100 swenum - ok
21:17:57.0984 3100 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:17:57.0984 3100 swmidi - ok
21:17:58.0000 3100 SwPrv - ok
21:17:58.0015 3100 symc810 - ok
21:17:58.0031 3100 symc8xx - ok
21:17:58.0046 3100 sym_hi - ok
21:17:58.0062 3100 sym_u3 - ok
21:17:58.0093 3100 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:17:58.0093 3100 sysaudio - ok
21:17:58.0125 3100 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:17:58.0125 3100 SysmonLog - ok
21:17:58.0156 3100 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:17:58.0156 3100 TapiSrv - ok
21:17:58.0187 3100 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:17:58.0203 3100 Tcpip - ok
21:17:58.0250 3100 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:17:58.0250 3100 TDPIPE - ok
21:17:58.0281 3100 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:17:58.0281 3100 TDTCP - ok
21:17:58.0343 3100 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:17:58.0343 3100 TermDD - ok
21:17:58.0375 3100 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
21:17:58.0375 3100 TermService - ok
21:17:58.0484 3100 [ 2FFCE4C313DA2EC680A57E6C30852B31 ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
21:17:58.0484 3100 tfsnboio - ok
21:17:58.0515 3100 [ C763504B98FE93C835220806ACA9BAC2 ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
21:17:58.0531 3100 tfsncofs - ok
21:17:58.0593 3100 [ A1505CC96C0881DD0017111974911BF9 ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
21:17:58.0609 3100 tfsndrct - ok
21:17:58.0625 3100 [ 83B1F68D828AC62C8077AA6B61051BE0 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
21:17:58.0625 3100 tfsndres - ok
21:17:58.0640 3100 [ 7DC7C85CB1E89A5FD654AB8DD1D6015D ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
21:17:58.0640 3100 tfsnifs - ok
21:17:58.0656 3100 [ ACFF328A4F138FD8BFA16CC04748F3BF ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
21:17:58.0656 3100 tfsnopio - ok
21:17:58.0671 3100 [ 329435EC26B2244D2F82DA75CD7F76E5 ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
21:17:58.0671 3100 tfsnpool - ok
21:17:58.0718 3100 [ CD74577F1DC375DB774DF3EDED6EFC88 ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
21:17:58.0718 3100 tfsnudf - ok
21:17:58.0734 3100 [ BC6DAEA9B2CC4BA4B7EE47D91F21C8E5 ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
21:17:58.0750 3100 tfsnudfa - ok
21:17:58.0765 3100 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
21:17:58.0765 3100 Themes - ok
21:17:58.0828 3100 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
21:17:58.0828 3100 TlntSvr - ok
21:17:58.0843 3100 TosIde - ok
21:17:58.0890 3100 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:17:58.0890 3100 TrkWks - ok
21:17:58.0921 3100 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:17:58.0937 3100 Udfs - ok
21:17:58.0953 3100 ultra - ok
21:17:58.0984 3100 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:17:59.0000 3100 Update - ok
21:17:59.0031 3100 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:17:59.0046 3100 upnphost - ok
21:17:59.0062 3100 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
21:17:59.0062 3100 UPS - ok
21:17:59.0093 3100 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:17:59.0093 3100 usbehci - ok
21:17:59.0140 3100 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:17:59.0140 3100 usbhub - ok
21:17:59.0156 3100 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:17:59.0156 3100 usbohci - ok
21:17:59.0187 3100 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:17:59.0187 3100 usbprint - ok
21:17:59.0218 3100 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:17:59.0218 3100 usbscan - ok
21:17:59.0265 3100 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:17:59.0265 3100 USBSTOR - ok
21:17:59.0312 3100 [ 7E27BE5ABE50BD8272D39DC7C8EC3FB8 ] VET-FILT C:\WINDOWS\system32\drivers\VET-FILT.sys
21:17:59.0312 3100 VET-FILT - ok
21:17:59.0343 3100 [ 73658B6C126A75A13B6794BFFCB2346F ] VET-REC C:\WINDOWS\system32\drivers\VET-REC.sys
21:17:59.0343 3100 VET-REC - ok
21:17:59.0390 3100 [ C1AE4CD9D7DF40DD63D6E91C50C21B6E ] VETEBOOT C:\WINDOWS\system32\drivers\VETEBOOT.sys
21:17:59.0390 3100 VETEBOOT - ok
21:17:59.0437 3100 [ 9191A77167A274E3A2DE89A12483453D ] VETEFILE C:\WINDOWS\system32\drivers\VETEFILE.sys
21:17:59.0468 3100 VETEFILE - ok
21:17:59.0484 3100 [ D35A4DAC8975AF153F4560D8EDDF3681 ] VETFDDNT C:\WINDOWS\system32\drivers\VETFDDNT.sys
21:17:59.0500 3100 VETFDDNT - ok
21:17:59.0515 3100 [ 3D28EBBC136AECE03136F157AC49617F ] VETMONNT C:\WINDOWS\system32\drivers\VETMONNT.sys
21:17:59.0515 3100 VETMONNT - ok
21:17:59.0531 3100 VETMSGNT - ok
21:17:59.0546 3100 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:17:59.0546 3100 VgaSave - ok
21:17:59.0562 3100 ViaIde - ok
21:17:59.0593 3100 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:17:59.0593 3100 VolSnap - ok
21:17:59.0640 3100 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
21:17:59.0656 3100 VSS - ok
21:17:59.0687 3100 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
21:17:59.0703 3100 W32Time - ok
21:17:59.0750 3100 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:17:59.0750 3100 Wanarp - ok
21:17:59.0765 3100 WDICA - ok
21:17:59.0796 3100 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:17:59.0796 3100 wdmaud - ok
21:17:59.0859 3100 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:17:59.0859 3100 WebClient - ok
21:17:59.0921 3100 [ 0AB973F5C373D58839632DA1BEE4C20B ] Winachcf C:\WINDOWS\system32\DRIVERS\winachcf.sys
21:17:59.0953 3100 Winachcf - ok
21:18:00.0031 3100 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:18:00.0031 3100 winmgmt - ok
21:18:00.0093 3100 [ C8A3F4B7D6EC50A428101AC8C9FF973C ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys
21:18:00.0093 3100 WmBEnum - ok
21:18:00.0171 3100 [ 20263DAFD033D30F151BB87568386769 ] WmcCds c:\program files\windows media connect\mswmccds.exe
21:18:00.0187 3100 WmcCds - ok
21:18:00.0218 3100 [ 1DD015A69235DCFAE18B5F98FB50BE23 ] WmcCdsLs C:\Program Files\Windows Media Connect\mswmcls.exe
21:18:00.0218 3100 WmcCdsLs - ok
21:18:00.0265 3100 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:18:00.0265 3100 WmdmPmSN - ok
21:18:00.0312 3100 [ 10A7B8281210F5CBD5A0D978AC547FA6 ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys
21:18:00.0312 3100 WmFilter - ok
21:18:00.0343 3100 [ BAEF5220C34238FCE2921AAEB9BB21FF ] WmHidLo C:\WINDOWS\system32\drivers\WmHidLo.sys
21:18:00.0343 3100 WmHidLo - ok
21:18:00.0406 3100 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:18:00.0421 3100 Wmi - ok
21:18:00.0453 3100 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
21:18:00.0468 3100 WmiApSrv - ok
21:18:00.0546 3100 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
21:18:00.0562 3100 WMPNetworkSvc - ok
21:18:00.0593 3100 [ A12F19C9234836C66E109513D5BE636B ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys
21:18:00.0593 3100 WmVirHid - ok
21:18:00.0625 3100 [ 79755654F4845B7A5DDD35E68899A44D ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys
21:18:00.0625 3100 WmXlCore - ok
21:18:00.0718 3100 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:18:00.0750 3100 WPFFontCache_v0400 - ok
21:18:00.0796 3100 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:18:00.0796 3100 WS2IFSL - ok
21:18:00.0875 3100 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:18:00.0875 3100 wscsvc - ok
21:18:00.0921 3100 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:18:00.0921 3100 wuauserv - ok
21:18:00.0968 3100 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:18:00.0968 3100 WudfPf - ok
21:18:01.0000 3100 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:18:01.0000 3100 WudfRd - ok
21:18:01.0015 3100 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
21:18:01.0031 3100 WudfSvc - ok
21:18:01.0078 3100 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:18:01.0109 3100 WZCSVC - ok
21:18:01.0156 3100 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:18:01.0171 3100 xmlprov - ok
21:18:01.0187 3100 ================ Scan global ===============================
21:18:01.0234 3100 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:18:01.0265 3100 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:18:01.0296 3100 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:18:01.0312 3100 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:18:01.0312 3100 [Global] - ok
21:18:01.0328 3100 ================ Scan MBR ==================================
21:18:01.0359 3100 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:18:01.0515 3100 \Device\Harddisk0\DR0 - ok
21:18:01.0531 3100 ================ Scan VBR ==================================
21:18:01.0531 3100 [ 0988A17D76E4C496910EBA0885096523 ] \Device\Harddisk0\DR0\Partition1
21:18:01.0531 3100 \Device\Harddisk0\DR0\Partition1 - ok
21:18:01.0546 3100 ================ Scan active images ========================
21:18:01.0546 3100 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] C:\WINDOWS\system32\drivers\amdk7.sys
21:18:01.0546 3100 C:\WINDOWS\system32\drivers\amdk7.sys - ok
21:18:01.0562 3100 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
21:18:01.0562 3100 C:\WINDOWS\system32\drivers\usbport.sys - ok
21:18:01.0578 3100 [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys
21:18:01.0578 3100 C:\WINDOWS\system32\drivers\usbohci.sys - ok
21:18:01.0593 3100 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
21:18:01.0593 3100 C:\WINDOWS\system32\drivers\usbehci.sys - ok
21:18:01.0593 3100 [ C8400CA70BF8A30156487BF887886432 ] C:\WINDOWS\system32\drivers\NVENET.sys
21:18:01.0593 3100 C:\WINDOWS\system32\drivers\NVENET.sys - ok
21:18:01.0609 3100 [ 10DFFF2CBA6CF2B56AB3B472D03C2122 ] C:\WINDOWS\system32\drivers\nvax.sys
21:18:01.0609 3100 C:\WINDOWS\system32\drivers\nvax.sys - ok
21:18:01.0625 3100 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
21:18:01.0625 3100 C:\WINDOWS\system32\drivers\imapi.sys - ok
21:18:01.0640 3100 [ 3D1CE2231937376E3F5E1AC644357D8F ] C:\WINDOWS\system32\drivers\sscdbhk5.sys
21:18:01.0640 3100 C:\WINDOWS\system32\drivers\sscdbhk5.sys - ok
21:18:01.0656 3100 [ DA86016F0672ADA925F589EDE715F185 ] C:\WINDOWS\system32\drivers\pfc.sys
21:18:01.0656 3100 C:\WINDOWS\system32\drivers\pfc.sys - ok
21:18:01.0656 3100 [ 31509F505FEA9B37F9E59A10ADCFE8F5 ] C:\WINDOWS\system32\drivers\MxlW2k.sys
21:18:01.0656 3100 C:\WINDOWS\system32\drivers\MxlW2k.sys - ok
21:18:01.0671 3100 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
21:18:01.0671 3100 C:\WINDOWS\system32\drivers\cdrom.sys - ok
21:18:01.0687 3100 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
21:18:01.0687 3100 C:\WINDOWS\system32\drivers\ks.sys - ok
21:18:01.0703 3100 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
21:18:01.0703 3100 C:\WINDOWS\system32\drivers\redbook.sys - ok
21:18:01.0703 3100 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
21:18:01.0703 3100 C:\WINDOWS\system32\drivers\nic1394.sys - ok
21:18:01.0718 3100 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
21:18:01.0718 3100 C:\WINDOWS\system32\drivers\videoprt.sys - ok
21:18:01.0734 3100 [ 0DC79B60CEDC3A8854C27B3C6E4B3414 ] C:\WINDOWS\system32\drivers\nv4_mini.sys
21:18:01.0734 3100 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
21:18:01.0750 3100 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
21:18:01.0750 3100 C:\WINDOWS\system32\drivers\fdc.sys - ok
21:18:01.0750 3100 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
21:18:01.0750 3100 C:\WINDOWS\system32\drivers\serial.sys - ok
21:18:01.0765 3100 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
21:18:01.0765 3100 C:\WINDOWS\system32\drivers\parport.sys - ok
21:18:01.0781 3100 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
21:18:01.0781 3100 C:\WINDOWS\system32\drivers\serenum.sys - ok
21:18:01.0796 3100 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
21:18:01.0796 3100 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
21:18:01.0796 3100 [ 4103DBB6CAA85E40D271C1AD12BBF776 ] C:\WINDOWS\system32\drivers\L8042pr2.Sys
21:18:01.0796 3100 C:\WINDOWS\system32\drivers\L8042pr2.Sys - ok
21:18:01.0812 3100 [ B666F835C18974F392A387C6E863072F ] C:\WINDOWS\system32\drivers\LMouFlt2.Sys
21:18:01.0812 3100 C:\WINDOWS\system32\drivers\LMouFlt2.Sys - ok
21:18:01.0828 3100 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
21:18:01.0828 3100 C:\WINDOWS\system32\drivers\mouclass.sys - ok
21:18:01.0843 3100 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
21:18:01.0843 3100 C:\WINDOWS\system32\drivers\audstub.sys - ok
21:18:01.0859 3100 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
21:18:01.0859 3100 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
21:18:01.0875 3100 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
21:18:01.0875 3100 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
21:18:01.0875 3100 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
21:18:01.0875 3100 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
21:18:01.0890 3100 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
21:18:01.0890 3100 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
21:18:01.0906 3100 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
21:18:01.0906 3100 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
21:18:01.0921 3100 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
21:18:01.0921 3100 C:\WINDOWS\system32\drivers\msgpc.sys - ok
21:18:01.0921 3100 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
21:18:01.0921 3100 C:\WINDOWS\system32\drivers\psched.sys - ok
21:18:01.0937 3100 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
21:18:01.0937 3100 C:\WINDOWS\system32\drivers\raspptp.sys - ok
21:18:01.0953 3100 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
21:18:01.0953 3100 C:\WINDOWS\system32\drivers\tdi.sys - ok
21:18:01.0968 3100 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
21:18:01.0968 3100 C:\WINDOWS\system32\drivers\ptilink.sys - ok
21:18:01.0984 3100 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
21:18:01.0984 3100 C:\WINDOWS\system32\drivers\raspti.sys - ok
21:18:01.0984 3100 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
21:18:01.0984 3100 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
21:18:02.0000 3100 [ A9573045BAA16EAB9B1085205B82F1ED ] C:\WINDOWS\system32\drivers\serscan.sys
21:18:02.0000 3100 C:\WINDOWS\system32\drivers\serscan.sys - ok
21:18:02.0015 3100 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
21:18:02.0015 3100 C:\WINDOWS\system32\drivers\swenum.sys - ok
21:18:02.0031 3100 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
21:18:02.0031 3100 C:\WINDOWS\system32\drivers\termdd.sys - ok
21:18:02.0046 3100 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
21:18:02.0046 3100 C:\WINDOWS\system32\drivers\update.sys - ok
21:18:02.0046 3100 [ C8A3F4B7D6EC50A428101AC8C9FF973C ] C:\WINDOWS\system32\drivers\WmBEnum.sys
21:18:02.0046 3100 C:\WINDOWS\system32\drivers\WmBEnum.sys - ok
21:18:02.0062 3100 [ 79755654F4845B7A5DDD35E68899A44D ] C:\WINDOWS\system32\drivers\WmXlCore.sys
21:18:02.0062 3100 C:\WINDOWS\system32\drivers\WmXlCore.sys - ok
21:18:02.0078 3100 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
21:18:02.0078 3100 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
21:18:02.0093 3100 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
21:18:02.0093 3100 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
21:18:02.0109 3100 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
21:18:02.0109 3100 C:\WINDOWS\system32\drivers\usbd.sys - ok
21:18:02.0109 3100 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
21:18:02.0109 3100 C:\WINDOWS\system32\drivers\usbhub.sys - ok
21:18:02.0125 3100 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
21:18:02.0125 3100 C:\WINDOWS\system32\drivers\drmk.sys - ok
21:18:02.0140 3100 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
21:18:02.0140 3100 C:\WINDOWS\system32\drivers\portcls.sys - ok
21:18:02.0156 3100 [ 8EE3B8236266AA16C84A17C7C9428857 ] C:\WINDOWS\system32\drivers\nvarm.sys
21:18:02.0156 3100 C:\WINDOWS\system32\drivers\nvarm.sys - ok
21:18:02.0156 3100 [ 59B4DAEB414D13041FD00F22BA5B0209 ] C:\WINDOWS\system32\drivers\nvmcp.sys
21:18:02.0156 3100 C:\WINDOWS\system32\drivers\nvmcp.sys - ok
21:18:02.0171 3100 [ 9E587342D385AE57BAEF9FB267E5F331 ] C:\WINDOWS\system32\drivers\nvapu.sys
21:18:02.0171 3100 C:\WINDOWS\system32\drivers\nvapu.sys - ok
21:18:02.0187 3100 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
21:18:02.0187 3100 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
21:18:02.0203 3100 [ D35A4DAC8975AF153F4560D8EDDF3681 ] C:\WINDOWS\system32\drivers\vetfddnt.sys
21:18:02.0203 3100 C:\WINDOWS\system32\drivers\vetfddnt.sys - ok
21:18:02.0203 3100 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
21:18:02.0218 3100 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
21:18:02.0218 3100 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
21:18:02.0218 3100 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
21:18:02.0234 3100 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
21:18:02.0234 3100 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
21:18:02.0250 3100 [ 7E27BE5ABE50BD8272D39DC7C8EC3FB8 ] C:\WINDOWS\system32\drivers\vet-filt.sys
21:18:02.0250 3100 C:\WINDOWS\system32\drivers\vet-filt.sys - ok
21:18:02.0265 3100 [ 73658B6C126A75A13B6794BFFCB2346F ] C:\WINDOWS\system32\drivers\vet-rec.sys
21:18:02.0265 3100 C:\WINDOWS\system32\drivers\vet-rec.sys - ok
21:18:02.0265 3100 [ 9191A77167A274E3A2DE89A12483453D ] C:\WINDOWS\system32\drivers\vetefile.sys
21:18:02.0265 3100 C:\WINDOWS\system32\drivers\vetefile.sys - ok
21:18:02.0281 3100 [ 1B269ED3EB2D81EC11CD5B0544E89962 ] C:\WINDOWS\system32\drivers\DcCam.sys
21:18:02.0281 3100 C:\WINDOWS\system32\drivers\DcCam.sys - ok
21:18:02.0296 3100 [ F85FFDEAE43F9E9A7C3F4E3CC5EF09EB ] C:\WINDOWS\system32\drivers\ExportIt.sys
21:18:02.0296 3100 C:\WINDOWS\system32\drivers\ExportIt.sys - ok
21:18:02.0312 3100 [ C1AE4CD9D7DF40DD63D6E91C50C21B6E ] C:\WINDOWS\system32\drivers\veteboot.sys
21:18:02.0312 3100 C:\WINDOWS\system32\drivers\veteboot.sys - ok
21:18:02.0312 3100 [ 3D28EBBC136AECE03136F157AC49617F ] C:\WINDOWS\system32\drivers\vetmonnt.sys
21:18:02.0312 3100 C:\WINDOWS\system32\drivers\vetmonnt.sys - ok
21:18:02.0328 3100 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
21:18:02.0328 3100 C:\WINDOWS\system32\drivers\beep.sys - ok
21:18:02.0343 3100 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
21:18:02.0343 3100 C:\WINDOWS\system32\drivers\null.sys - ok
21:18:02.0359 3100 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
21:18:02.0359 3100 C:\WINDOWS\system32\drivers\hidparse.sys - ok
21:18:02.0375 3100 [ 37990B683CEAE72AE4E72BC4962A708F ] C:\WINDOWS\system32\drivers\papycpu2.sys
21:18:02.0375 3100 C:\WINDOWS\system32\drivers\papycpu2.sys - ok
21:18:02.0375 3100 [ 1E238722F218D945322FE1685C0E9161 ] C:\WINDOWS\system32\drivers\papyjoy.sys
21:18:02.0375 3100 C:\WINDOWS\system32\drivers\papyjoy.sys - ok
21:18:02.0390 3100 [ 4E85DC934D3430427420C0E568727529 ] C:\WINDOWS\system32\drivers\ssrtln.sys
21:18:02.0390 3100 C:\WINDOWS\system32\drivers\ssrtln.sys - ok
21:18:02.0406 3100 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
21:18:02.0406 3100 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
21:18:02.0421 3100 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
21:18:02.0421 3100 C:\WINDOWS\system32\drivers\vga.sys - ok
21:18:02.0437 3100 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
21:18:02.0437 3100 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
21:18:02.0437 3100 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
21:18:02.0437 3100 C:\WINDOWS\system32\drivers\msfs.sys - ok
21:18:02.0453 3100 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
21:18:02.0453 3100 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
21:18:02.0468 3100 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
21:18:02.0468 3100 C:\WINDOWS\system32\drivers\ipsec.sys - ok
21:18:02.0484 3100 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
21:18:02.0484 3100 C:\WINDOWS\system32\drivers\npfs.sys - ok
21:18:02.0484 3100 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
21:18:02.0484 3100 C:\WINDOWS\system32\drivers\rasacd.sys - ok
21:18:02.0500 3100 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
21:18:02.0500 3100 C:\WINDOWS\system32\drivers\tcpip.sys - ok
21:18:02.0515 3100 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
21:18:02.0515 3100 C:\WINDOWS\system32\drivers\netbt.sys - ok
21:18:02.0531 3100 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
21:18:02.0531 3100 C:\WINDOWS\system32\drivers\ipnat.sys - ok
21:18:02.0531 3100 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
21:18:02.0531 3100 C:\WINDOWS\system32\drivers\afd.sys - ok
21:18:02.0546 3100 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
21:18:02.0546 3100 C:\WINDOWS\system32\drivers\netbios.sys - ok
21:18:02.0562 3100 [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
21:18:02.0562 3100 C:\WINDOWS\system32\drivers\processr.sys - ok
21:18:02.0578 3100 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:18:02.0578 3100 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
21:18:02.0593 3100 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
21:18:02.0593 3100 C:\WINDOWS\system32\drivers\rdbss.sys - ok
21:18:02.0593 3100 [ F2E3C8F1EB6BA0733E0A1F6373DF7957 ] C:\WINDOWS\system32\drivers\prodrv06.sys
21:18:02.0593 3100 C:\WINDOWS\system32\drivers\prodrv06.sys - ok
21:18:02.0609 3100 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
21:18:02.0609 3100 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
21:18:02.0625 3100 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
21:18:02.0625 3100 C:\WINDOWS\system32\drivers\fips.sys - ok
21:18:02.0640 3100 [ 8815984EBB9457CF79D096A271C4ECA8 ] C:\WINDOWS\system32\drivers\BS_I2cIo.sys
21:18:02.0640 3100 C:\WINDOWS\system32\drivers\BS_I2cIo.sys - ok
21:18:02.0656 3100 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
21:18:02.0656 3100 C:\WINDOWS\system32\smss.exe - ok
21:18:02.0656 3100 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
21:18:02.0656 3100 C:\WINDOWS\system32\ntdll.dll - ok
21:18:02.0671 3100 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
21:18:02.0671 3100 C:\WINDOWS\system32\drivers\wanarp.sys - ok
21:18:02.0687 3100 [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
21:18:02.0687 3100 C:\WINDOWS\system32\drivers\arp1394.sys - ok
21:18:02.0703 3100 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
21:18:02.0703 3100 C:\WINDOWS\system32\autochk.exe - ok
21:18:02.0703 3100 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
21:18:02.0703 3100 C:\WINDOWS\system32\sfcfiles.dll - ok
21:18:02.0718 3100 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
21:18:02.0718 3100 C:\WINDOWS\system32\drivers\cdfs.sys - ok
21:18:02.0734 3100 [ E65E2353A5D74EA89971CB918EEEB2F6 ] C:\WINDOWS\system32\drivers\diskdump.sys
21:18:02.0734 3100 C:\WINDOWS\system32\drivers\diskdump.sys - ok
21:18:02.0750 3100 [ 857ACF58D21D6A7F2EAB84FB54B4EDA4 ] C:\WINDOWS\system32\drivers\nvidesm.sys
21:18:02.0750 3100 C:\WINDOWS\system32\drivers\nvidesm.sys - ok
21:18:02.0750 3100 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
21:18:02.0750 3100 C:\WINDOWS\system32\drivers\dxapi.sys - ok
21:18:02.0765 3100 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
21:18:02.0765 3100 C:\WINDOWS\system32\watchdog.sys - ok
21:18:02.0781 3100 [ D6F934A361D7F0BE8271673988D4E7FD ] C:\WINDOWS\system32\win32k.sys
21:18:02.0781 3100 C:\WINDOWS\system32\win32k.sys - ok
21:18:02.0796 3100 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
21:18:02.0796 3100 C:\WINDOWS\system32\csrsrv.dll - ok
21:18:02.0796 3100 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
21:18:02.0796 3100 C:\WINDOWS\system32\csrss.exe - ok
21:18:02.0812 3100 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:18:02.0812 3100 C:\WINDOWS\system32\basesrv.dll - ok
21:18:02.0828 3100 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:18:02.0828 3100 C:\WINDOWS\system32\winsrv.dll - ok
21:18:02.0843 3100 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
21:18:02.0843 3100 C:\WINDOWS\system32\gdi32.dll - ok
21:18:02.0859 3100 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll
21:18:02.0859 3100 C:\WINDOWS\system32\kernel32.dll - ok
21:18:02.0875 3100 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
21:18:02.0875 3100 C:\WINDOWS\system32\user32.dll - ok
21:18:02.0875 3100 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
21:18:02.0875 3100 C:\WINDOWS\system32\drivers\dxg.sys - ok
21:18:02.0890 3100 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
21:18:02.0890 3100 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
21:18:02.0906 3100 [ 2E5F65B8A1D1A6894F6A5DBD08665F87 ] C:\WINDOWS\system32\nv4_disp.dll
21:18:02.0906 3100 C:\WINDOWS\system32\nv4_disp.dll - ok
21:18:02.0921 3100 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
21:18:02.0921 3100 C:\WINDOWS\system32\vga.dll - ok
21:18:02.0921 3100 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
21:18:02.0921 3100 C:\WINDOWS\system32\winlogon.exe - ok
21:18:02.0937 3100 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
21:18:02.0937 3100 C:\WINDOWS\system32\advapi32.dll - ok
21:18:02.0953 3100 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
21:18:02.0953 3100 C:\WINDOWS\system32\rpcrt4.dll - ok
21:18:02.0968 3100 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
21:18:02.0968 3100 C:\WINDOWS\system32\authz.dll - ok
21:18:02.0968 3100 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
21:18:02.0968 3100 C:\WINDOWS\system32\secur32.dll - ok
21:18:02.0984 3100 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
21:18:02.0984 3100 C:\WINDOWS\system32\msvcrt.dll - ok
21:18:03.0000 3100 [ 64416C6E07606720C1ECE6DD374BDFFD ] C:\WINDOWS\system32\crypt32.dll
21:18:03.0000 3100 C:\WINDOWS\system32\crypt32.dll - ok
21:18:03.0015 3100 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
21:18:03.0015 3100 C:\WINDOWS\system32\msasn1.dll - ok
21:18:03.0031 3100 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
21:18:03.0031 3100 C:\WINDOWS\system32\nddeapi.dll - ok
21:18:03.0031 3100 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
21:18:03.0031 3100 C:\WINDOWS\system32\netapi32.dll - ok
21:18:03.0046 3100 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
21:18:03.0046 3100 C:\WINDOWS\system32\profmap.dll - ok
21:18:03.0062 3100 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
21:18:03.0062 3100 C:\WINDOWS\system32\userenv.dll - ok
21:18:03.0078 3100 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
21:18:03.0078 3100 C:\WINDOWS\system32\psapi.dll - ok
21:18:03.0078 3100 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
21:18:03.0078 3100 C:\WINDOWS\system32\regapi.dll - ok
21:18:03.0093 3100 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
21:18:03.0093 3100 C:\WINDOWS\system32\setupapi.dll - ok
21:18:03.0109 3100 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
21:18:03.0109 3100 C:\WINDOWS\system32\version.dll - ok
21:18:03.0125 3100 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
21:18:03.0125 3100 C:\WINDOWS\system32\winsta.dll - ok
21:18:03.0140 3100 [ 95F5C420E9BDD4C3569602911420A774 ] C:\WINDOWS\system32\wintrust.dll
21:18:03.0140 3100 C:\WINDOWS\system32\wintrust.dll - ok
21:18:03.0140 3100 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
21:18:03.0140 3100 C:\WINDOWS\system32\imagehlp.dll - ok
21:18:03.0156 3100 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
21:18:03.0156 3100 C:\WINDOWS\system32\ws2_32.dll - ok
21:18:03.0171 3100 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
21:18:03.0171 3100 C:\WINDOWS\system32\imm32.dll - ok
21:18:03.0187 3100 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
21:18:03.0187 3100 C:\WINDOWS\system32\ws2help.dll - ok
21:18:03.0203 3100 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
21:18:03.0203 3100 C:\WINDOWS\system32\kbdus.dll - ok
21:18:03.0203 3100 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
21:18:03.0203 3100 C:\WINDOWS\system32\msgina.dll - ok
21:18:03.0218 3100 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
21:18:03.0218 3100 C:\WINDOWS\system32\comctl32.dll - ok
21:18:03.0234 3100 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
21:18:03.0234 3100 C:\WINDOWS\system32\comdlg32.dll - ok
21:18:03.0250 3100 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
21:18:03.0250 3100 C:\WINDOWS\system32\odbc32.dll - ok
21:18:03.0250 3100 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
21:18:03.0250 3100 C:\WINDOWS\system32\shell32.dll - ok
21:18:03.0265 3100 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
21:18:03.0265 3100 C:\WINDOWS\system32\shlwapi.dll - ok
21:18:03.0281 3100 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
21:18:03.0281 3100 C:\WINDOWS\system32\sxs.dll - ok
21:18:03.0296 3100 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
21:18:03.0296 3100 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
21:18:03.0296 3100 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
21:18:03.0296 3100 C:\WINDOWS\system32\odbcint.dll - ok
21:18:03.0312 3100 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
21:18:03.0312 3100 C:\WINDOWS\system32\sfc.dll - ok
21:18:03.0328 3100 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
21:18:03.0328 3100 C:\WINDOWS\system32\shsvcs.dll - ok
21:18:03.0343 3100 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
21:18:03.0343 3100 C:\WINDOWS\system32\sfc_os.dll - ok
21:18:03.0343 3100 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
21:18:03.0343 3100 C:\WINDOWS\system32\ole32.dll - ok
21:18:03.0359 3100 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
21:18:03.0359 3100 C:\WINDOWS\system32\apphelp.dll - ok
21:18:03.0375 3100 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
21:18:03.0375 3100 C:\WINDOWS\system32\lsass.exe - ok
21:18:03.0390 3100 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:18:03.0390 3100 C:\WINDOWS\system32\services.exe - ok
21:18:03.0406 3100 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
21:18:03.0406 3100 C:\WINDOWS\system32\lsasrv.dll - ok
21:18:03.0421 3100 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
21:18:03.0421 3100 C:\WINDOWS\system32\ncobjapi.dll - ok
21:18:03.0421 3100 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
21:18:03.0421 3100 C:\WINDOWS\system32\msvcp60.dll - ok
21:18:03.0437 3100 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
21:18:03.0437 3100 C:\WINDOWS\system32\scesrv.dll - ok
21:18:03.0453 3100 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
21:18:03.0453 3100 C:\WINDOWS\system32\mpr.dll - ok
21:18:03.0468 3100 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
21:18:03.0468 3100 C:\WINDOWS\system32\ntdsapi.dll - ok
21:18:03.0468 3100 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
21:18:03.0468 3100 C:\WINDOWS\system32\umpnpmgr.dll - ok
21:18:03.0484 3100 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
21:18:03.0484 3100 C:\WINDOWS\system32\dnsapi.dll - ok
21:18:03.0500 3100 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
21:18:03.0500 3100 C:\WINDOWS\system32\shimeng.dll - ok
21:18:03.0515 3100 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
21:18:03.0515 3100 C:\WINDOWS\AppPatch\acadproc.dll - ok
21:18:03.0515 3100 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
21:18:03.0515 3100 C:\WINDOWS\system32\wldap32.dll - ok
21:18:03.0531 3100 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
21:18:03.0531 3100 C:\WINDOWS\system32\samlib.dll - ok
21:18:03.0546 3100 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
21:18:03.0546 3100 C:\WINDOWS\system32\samsrv.dll - ok
21:18:03.0562 3100 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
21:18:03.0562 3100 C:\WINDOWS\system32\cryptdll.dll - ok
21:18:03.0562 3100 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
21:18:03.0562 3100 C:\WINDOWS\AppPatch\acgenral.dll - ok
21:18:03.0578 3100 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
21:18:03.0578 3100 C:\WINDOWS\system32\winmm.dll - ok
21:18:03.0593 3100 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll
21:18:03.0593 3100 C:\WINDOWS\system32\oleaut32.dll - ok
21:18:03.0609 3100 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
21:18:03.0609 3100 C:\WINDOWS\system32\msacm32.dll - ok
21:18:03.0625 3100 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
21:18:03.0625 3100 C:\WINDOWS\system32\uxtheme.dll - ok
21:18:03.0625 3100 [ E73F18195CCF4AAAA87B2D22E83F791C ] C:\WINDOWS\system32\serwvdrv.dll
21:18:03.0625 3100 C:\WINDOWS\system32\serwvdrv.dll - ok
21:18:03.0640 3100 [ EC2AD9AC452E0A8D976FB1B1718517CE ] C:\WINDOWS\system32\umdmxfrm.dll
21:18:03.0640 3100 C:\WINDOWS\system32\umdmxfrm.dll - ok
21:18:03.0656 3100 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
21:18:03.0656 3100 C:\WINDOWS\system32\msapsspc.dll - ok
21:18:03.0671 3100 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
21:18:03.0671 3100 C:\WINDOWS\system32\msvcrt40.dll - ok
21:18:03.0687 3100 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
21:18:03.0687 3100 C:\WINDOWS\system32\schannel.dll - ok
21:18:03.0687 3100 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
21:18:03.0687 3100 C:\WINDOWS\system32\digest.dll - ok
21:18:03.0703 3100 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
21:18:03.0703 3100 C:\WINDOWS\system32\msnsspc.dll - ok
21:18:03.0718 3100 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
21:18:03.0718 3100 C:\WINDOWS\system32\msctfime.ime - ok
21:18:03.0734 3100 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
21:18:03.0734 3100 C:\WINDOWS\system32\msprivs.dll - ok
21:18:03.0734 3100 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
21:18:03.0734 3100 C:\WINDOWS\system32\kerberos.dll - ok
21:18:03.0750 3100 [ 1E644E3533DCE2B580A663AE1ACBD539 ] C:\WINDOWS\system32\atmfd.dll
21:18:03.0750 3100 C:\WINDOWS\system32\atmfd.dll - ok
21:18:03.0765 3100 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
21:18:03.0765 3100 C:\WINDOWS\system32\msv1_0.dll - ok
21:18:03.0781 3100 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
21:18:03.0781 3100 C:\WINDOWS\system32\iphlpapi.dll - ok
21:18:03.0781 3100 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
21:18:03.0781 3100 C:\WINDOWS\system32\netlogon.dll - ok
21:18:03.0796 3100 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
21:18:03.0796 3100 C:\WINDOWS\system32\w32time.dll - ok
21:18:03.0812 3100 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
21:18:03.0812 3100 C:\WINDOWS\system32\wdigest.dll - ok
21:18:03.0828 3100 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
21:18:03.0828 3100 C:\WINDOWS\system32\rsaenh.dll - ok
21:18:03.0828 3100 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
21:18:03.0828 3100 C:\WINDOWS\system32\winscard.dll - ok
21:18:03.0843 3100 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
21:18:03.0843 3100 C:\WINDOWS\system32\wtsapi32.dll - ok
21:18:03.0859 3100 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
21:18:03.0859 3100 C:\WINDOWS\system32\scecli.dll - ok
21:18:03.0875 3100 [ 1BAA922D627A59A6542ACFA6FD7DC40A ] C:\WINDOWS\system32\drivers\drvnddm.sys
21:18:03.0875 3100 C:\WINDOWS\system32\drivers\drvnddm.sys - ok
21:18:03.0890 3100 [ 1315E0B5B6FC1FE930EE3498309700BD ] C:\WINDOWS\system32\drivers\DCFS2k.sys
21:18:03.0890 3100 C:\WINDOWS\system32\drivers\DCFS2k.sys - ok
21:18:03.0906 3100 [ 83B1F68D828AC62C8077AA6B61051BE0 ] C:\WINDOWS\system32\dla\tfsndres.sys
21:18:03.0906 3100 C:\WINDOWS\system32\dla\tfsndres.sys - ok
21:18:03.0906 3100 [ 7DC7C85CB1E89A5FD654AB8DD1D6015D ] C:\WINDOWS\system32\dla\tfsnifs.sys
21:18:03.0906 3100 C:\WINDOWS\system32\dla\tfsnifs.sys - ok
21:18:03.0921 3100 [ ACFF328A4F138FD8BFA16CC04748F3BF ] C:\WINDOWS\system32\dla\tfsnopio.sys
21:18:03.0921 3100 C:\WINDOWS\system32\dla\tfsnopio.sys - ok
21:18:03.0937 3100 [ 2FFCE4C313DA2EC680A57E6C30852B31 ] C:\WINDOWS\system32\dla\tfsnboio.sys
21:18:03.0937 3100 C:\WINDOWS\system32\dla\tfsnboio.sys - ok
21:18:03.0953 3100 [ 329435EC26B2244D2F82DA75CD7F76E5 ] C:\WINDOWS\system32\dla\tfsnpool.sys
21:18:03.0953 3100 C:\WINDOWS\system32\dla\tfsnpool.sys - ok
21:18:03.0953 3100 [ C763504B98FE93C835220806ACA9BAC2 ] C:\WINDOWS\system32\dla\tfsncofs.sys
21:18:03.0953 3100 C:\WINDOWS\system32\dla\tfsncofs.sys - ok
21:18:03.0968 3100 [ A1505CC96C0881DD0017111974911BF9 ] C:\WINDOWS\system32\dla\tfsndrct.sys
21:18:03.0968 3100 C:\WINDOWS\system32\dla\tfsndrct.sys - ok
21:18:03.0984 3100 [ CD74577F1DC375DB774DF3EDED6EFC88 ] C:\WINDOWS\system32\dla\tfsnudf.sys
21:18:03.0984 3100 C:\WINDOWS\system32\dla\tfsnudf.sys - ok
21:18:04.0000 3100 [ BC6DAEA9B2CC4BA4B7EE47D91F21C8E5 ] C:\WINDOWS\system32\dla\tfsnudfa.sys
21:18:04.0000 3100 C:\WINDOWS\system32\dla\tfsnudfa.sys - ok
21:18:04.0000 3100 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
21:18:04.0000 3100 C:\WINDOWS\system32\svchost.exe - ok
21:18:04.0015 3100 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
21:18:04.0015 3100 C:\WINDOWS\system32\ntmarta.dll - ok
21:18:04.0031 3100 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
21:18:04.0031 3100 C:\WINDOWS\system32\rpcss.dll - ok
21:18:04.0046 3100 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
21:18:04.0046 3100 C:\WINDOWS\system32\xpsp2res.dll - ok
21:18:04.0062 3100 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
21:18:04.0062 3100 C:\WINDOWS\system32\eventlog.dll - ok
21:18:04.0062 3100 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
21:18:04.0062 3100 C:\WINDOWS\system32\mswsock.dll - ok
21:18:04.0078 3100 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
21:18:04.0078 3100 C:\WINDOWS\system32\hnetcfg.dll - ok
21:18:04.0093 3100 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
21:18:04.0093 3100 C:\WINDOWS\system32\wshtcpip.dll - ok
21:18:04.0109 3100 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
21:18:04.0109 3100 C:\WINDOWS\system32\winrnr.dll - ok
21:18:04.0125 3100 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
21:18:04.0125 3100 C:\WINDOWS\system32\rasadhlp.dll - ok
21:18:04.0140 3100 [ 9AC7F31404F784753C4C04296E48CFAB ] C:\Program Files\Microsoft Security Client\MpSvc.dll
21:18:04.0140 3100 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
21:18:04.0140 3100 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:18:04.0140 3100 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
21:18:04.0156 3100 [ 84204FDA617A3611D510A1DCBAE64004 ] C:\Program Files\Microsoft Security Client\MpClient.dll
21:18:04.0156 3100 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
21:18:04.0171 3100 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
21:18:04.0171 3100 C:\WINDOWS\system32\logonui.exe - ok
21:18:04.0187 3100 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
21:18:04.0187 3100 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
21:18:04.0187 3100 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
21:18:04.0187 3100 C:\WINDOWS\system32\duser.dll - ok
21:18:04.0203 3100 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
21:18:04.0203 3100 C:\WINDOWS\system32\msimg32.dll - ok
21:18:04.0218 3100 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
21:18:04.0218 3100 C:\WINDOWS\system32\oleacc.dll - ok
21:18:04.0234 3100 [ 7C29BC74635524E13FAA556A5FD48968 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
21:18:04.0234 3100 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
21:18:04.0234 3100 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
21:18:04.0234 3100 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
21:18:04.0250 3100 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
21:18:04.0250 3100 C:\WINDOWS\system32\cscdll.dll - ok
21:18:04.0265 3100 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
21:18:04.0265 3100 C:\WINDOWS\system32\dhcpcsvc.dll - ok
21:18:04.0281 3100 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
21:18:04.0281 3100 C:\WINDOWS\system32\fltlib.dll - ok
21:18:04.0281 3100 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
21:18:04.0281 3100 C:\WINDOWS\system32\dimsntfy.dll - ok
21:18:04.0296 3100 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
21:18:04.0296 3100 C:\WINDOWS\system32\wlnotify.dll - ok
21:18:04.0312 3100 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
21:18:04.0312 3100 C:\WINDOWS\system32\clbcatq.dll - ok
21:18:04.0328 3100 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
21:18:04.0328 3100 C:\WINDOWS\system32\winspool.drv - ok
21:18:04.0328 3100 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
21:18:04.0328 3100 C:\WINDOWS\system32\dnsrslvr.dll - ok
21:18:04.0343 3100 [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
21:18:04.0343 3100 C:\WINDOWS\system32\WgaLogon.dll - ok
21:18:04.0359 3100 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
21:18:04.0359 3100 C:\WINDOWS\system32\comres.dll - ok
21:18:04.0375 3100 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
21:18:04.0375 3100 C:\WINDOWS\system32\shgina.dll - ok
21:18:04.0390 3100 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
21:18:04.0390 3100 C:\WINDOWS\system32\msxml3.dll - ok
21:18:04.0406 3100 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
21:18:04.0406 3100 C:\WINDOWS\system32\lmhsvc.dll - ok
21:18:04.0406 3100 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
21:18:04.0406 3100 C:\WINDOWS\system32\wzcsvc.dll - ok
21:18:04.0421 3100 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
21:18:04.0421 3100 C:\WINDOWS\system32\rtutils.dll - ok
21:18:04.0437 3100 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
21:18:04.0437 3100 C:\WINDOWS\system32\wmi.dll - ok
21:18:04.0453 3100 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
21:18:04.0453 3100 C:\WINDOWS\system32\eapolqec.dll - ok
21:18:04.0453 3100 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
21:18:04.0453 3100 C:\WINDOWS\system32\atl.dll - ok
21:18:04.0468 3100 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
21:18:04.0468 3100 C:\WINDOWS\system32\qutil.dll - ok
21:18:04.0484 3100 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
21:18:04.0484 3100 C:\WINDOWS\system32\dot3api.dll - ok
21:18:04.0500 3100 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
21:18:04.0500 3100 C:\WINDOWS\system32\esent.dll - ok
21:18:04.0500 3100 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
21:18:04.0500 3100 C:\WINDOWS\system32\rastls.dll - ok
21:18:04.0515 3100 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
21:18:04.0515 3100 C:\WINDOWS\system32\cryptui.dll - ok
21:18:04.0531 3100 [ FF1C14BCA1A797CE45DD359FA2C9EDA8 ] C:\WINDOWS\system32\wininet.dll
21:18:04.0531 3100 C:\WINDOWS\system32\wininet.dll - ok
21:18:04.0546 3100 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
21:18:04.0546 3100 C:\WINDOWS\system32\normaliz.dll - ok
21:18:04.0562 3100 [ 9371862D37E8F0AF21E4DEA95E867C39 ] C:\WINDOWS\system32\urlmon.dll
21:18:04.0562 3100 C:\WINDOWS\system32\urlmon.dll - ok
21:18:04.0562 3100 [ 0579CC3B95EDD1CE664A35E016F3DD58 ] C:\WINDOWS\system32\iertutil.dll
21:18:04.0562 3100 C:\WINDOWS\system32\iertutil.dll - ok
21:18:04.0578 3100 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
21:18:04.0578 3100 C:\WINDOWS\system32\mprapi.dll - ok
21:18:04.0593 3100 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
21:18:04.0593 3100 C:\WINDOWS\system32\activeds.dll - ok
21:18:04.0609 3100 [ 70B253713FC33CC7DBE304693C4FE9A3 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0CD7AFEF-0E81-46EC-88C5-83958D59ABEB}\mpengine.dll
21:18:04.0609 3100 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0CD7AFEF-0E81-46EC-88C5-83958D59ABEB}\mpengine.dll - ok
21:18:04.0625 3100 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
21:18:04.0625 3100 C:\WINDOWS\system32\adsldpc.dll - ok
21:18:04.0625 3100 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
21:18:04.0625 3100 C:\WINDOWS\system32\rasapi32.dll - ok
21:18:04.0640 3100 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
21:18:04.0640 3100 C:\WINDOWS\system32\rasman.dll - ok
21:18:04.0656 3100 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
21:18:04.0656 3100 C:\WINDOWS\system32\tapi32.dll - ok
21:18:04.0671 3100 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
21:18:04.0671 3100 C:\WINDOWS\system32\riched20.dll - ok
21:18:04.0671 3100 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
21:18:04.0671 3100 C:\WINDOWS\system32\raschap.dll - ok
21:18:04.0687 3100 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
21:18:04.0687 3100 C:\WINDOWS\system32\schedsvc.dll - ok
21:18:04.0703 3100 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
21:18:04.0703 3100 C:\WINDOWS\system32\msidle.dll - ok
21:18:04.0718 3100 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
21:18:04.0718 3100 C:\WINDOWS\system32\spoolsv.exe - ok
21:18:04.0734 3100 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
21:18:04.0734 3100 C:\WINDOWS\system32\audiosrv.dll - ok
21:18:04.0734 3100 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
21:18:04.0734 3100 C:\WINDOWS\system32\wkssvc.dll - ok
21:18:04.0750 3100 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
21:18:04.0750 3100 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
21:18:04.0765 3100 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
21:18:04.0765 3100 C:\WINDOWS\system32\webclnt.dll - ok
21:18:04.0781 3100 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
21:18:04.0781 3100 C:\WINDOWS\system32\drivers\parvdm.sys - ok
21:18:04.0781 3100 [ B39BF953A3A304A2D12751692EC355A0 ] C:\WINDOWS\system32\MLPTDR_Q.SYS
21:18:04.0781 3100 C:\WINDOWS\system32\MLPTDR_Q.SYS - ok
21:18:04.0796 3100 [ DE4DFB09BF96FD5F810750140E2AA236 ] C:\WINDOWS\system32\drivers\ppsio2.sys
21:18:04.0796 3100 C:\WINDOWS\system32\drivers\ppsio2.sys - ok
21:18:04.0812 3100 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:18:04.0812 3100 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
21:18:04.0828 3100 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
21:18:04.0828 3100 C:\WINDOWS\system32\qmgr.dll - ok
21:18:04.0828 3100 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
21:18:04.0828 3100 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
21:18:04.0843 3100 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
21:18:04.0843 3100 C:\WINDOWS\system32\shfolder.dll - ok
21:18:04.0859 3100 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
21:18:04.0859 3100 C:\WINDOWS\system32\winhttp.dll - ok
21:18:04.0875 3100 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
21:18:04.0875 3100 C:\WINDOWS\system32\netman.dll - ok
21:18:04.0890 3100 [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
21:18:04.0890 3100 C:\WINDOWS\system32\mscoree.dll - ok
21:18:04.0906 3100 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
21:18:04.0906 3100 C:\WINDOWS\system32\netshell.dll - ok
21:18:04.0906 3100 [ 3C8B6609712F4FF78E521F6DCFC4032B ] C:\WINDOWS\system32\Ctsvccda.exe
21:18:04.0906 3100 C:\WINDOWS\system32\Ctsvccda.exe - ok
21:18:04.0921 3100 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
21:18:04.0921 3100 C:\WINDOWS\system32\drivers\http.sys - ok
21:18:04.0937 3100 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
21:18:04.0937 3100 C:\WINDOWS\system32\cryptsvc.dll - ok
21:18:04.0953 3100 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
21:18:04.0953 3100 C:\WINDOWS\system32\certcli.dll - ok
21:18:04.0953 3100 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:18:04.0953 3100 C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll - ok
21:18:04.0968 3100 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
21:18:04.0968 3100 C:\WINDOWS\system32\es.dll - ok
21:18:04.0984 3100 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
21:18:04.0984 3100 C:\WINDOWS\system32\credui.dll - ok
21:18:05.0000 3100 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
21:18:05.0000 3100 C:\WINDOWS\system32\ersvc.dll - ok
21:18:05.0015 3100 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
21:18:05.0015 3100 C:\WINDOWS\system32\dmserver.dll - ok
21:18:05.0015 3100 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
21:18:05.0015 3100 C:\WINDOWS\system32\w3ssl.dll - ok
21:18:05.0031 3100 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
21:18:05.0031 3100 C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe - ok
21:18:05.0046 3100 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
21:18:05.0046 3100 C:\WINDOWS\system32\strmfilt.dll - ok
21:18:05.0062 3100 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
21:18:05.0062 3100 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
21:18:05.0062 3100 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
21:18:05.0062 3100 C:\WINDOWS\system32\dot3dlg.dll - ok
21:18:05.0078 3100 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
21:18:05.0078 3100 C:\WINDOWS\system32\onex.dll - ok
21:18:05.0093 3100 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
21:18:05.0093 3100 C:\WINDOWS\system32\httpapi.dll - ok
21:18:05.0109 3100 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
21:18:05.0109 3100 C:\WINDOWS\system32\eappcfg.dll - ok
21:18:05.0125 3100 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
21:18:05.0125 3100 C:\WINDOWS\system32\eappprxy.dll - ok
21:18:05.0140 3100 [ 1C88CF5977C016A37BFAC1178DAA7822 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
21:18:05.0140 3100 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
21:18:05.0140 3100 [ 1169436EE42F860C7DB37A4692B38F0E ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
21:18:05.0140 3100 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll - ok
21:18:05.0156 3100 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
21:18:05.0156 3100 C:\WINDOWS\system32\wzcsapi.dll - ok
21:18:05.0171 3100 [ DEC7885B2EF0966EA285C9A40E7AFBA4 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
21:18:05.0171 3100 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll - ok
21:18:05.0171 3100 [ B560A085EED4D5D72B039929F9AE4991 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
21:18:05.0171 3100 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
21:18:05.0187 3100 [ 72CADF7EE0722DAE4A6B98EEFEAC06BC ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
21:18:05.0187 3100 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll - ok
21:18:05.0203 3100 [ B7A48556EB302CD02A725D2D425F2D0C ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
21:18:05.0203 3100 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll - ok
21:18:05.0203 3100 [ 515D0E89532FA76488BE97427DE4207F ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
21:18:05.0203 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll - ok
21:18:05.0218 3100 [ FC5372FD2DEB28E847C8394C58BC76FA ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
21:18:05.0218 3100 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
21:18:05.0234 3100 [ 54B21273AAF8A0BA1C06494FFB21BB29 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
21:18:05.0234 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll - ok
21:18:05.0234 3100 [ 1663A135865F0BA6E853353E98E67F2A ] C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
21:18:05.0234 3100 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe - ok
21:18:05.0250 3100 [ 55C9B75102B54FA486A0BC5462E95FE4 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
21:18:05.0250 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll - ok
21:18:05.0265 3100 [ 215CE077258CEDD5BE4C56E9D614DB9F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
21:18:05.0265 3100 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
21:18:05.0281 3100 [ 375FD11C25F5E43E0D1620FD6114BABA ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
21:18:05.0281 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll - ok
21:18:05.0281 3100 [ 7EDF1A41E9C31DCE28BD71D6142534CC ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll
21:18:05.0281 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll - ok
21:18:05.0296 3100 [ E247301B09B5CFFA332A00F1B7BB55F7 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
21:18:05.0296 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll - ok
21:18:05.0312 3100 [ 5AC46A3A31BC58E512C4CAFD87327922 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll
21:18:05.0312 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll - ok
21:18:05.0328 3100 [ 34DCF0E4754F8FA599E33AA444742481 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll
21:18:05.0328 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll - ok
21:18:05.0328 3100 [ 8DA93D9A662E4BA18802BC6C2CCACD66 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll
21:18:05.0328 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll - ok
21:18:05.0343 3100 [ 58ED45BFB06EC7C6B7D151B77247E4B3 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll
21:18:05.0343 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll - ok
21:18:05.0359 3100 [ 1D52BCAF65EC439C735ED109431D1C09 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
21:18:05.0359 3100 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll - ok
21:18:05.0359 3100 [ 8495229CB7E717879C8E6A22EF661D09 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
21:18:05.0359 3100 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll - ok
21:18:05.0375 3100 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
21:18:05.0375 3100 C:\WINDOWS\system32\cabinet.dll - ok
21:18:05.0390 3100 [ 6D37DFFE4B89AB1E17367FEEF2327B34 ] C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
21:18:05.0390 3100 C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - ok
21:18:05.0390 3100 [ 3B47E60E1012B23873ED2E4A9B4F2310 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
21:18:05.0390 3100 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
21:18:05.0406 3100 [ A26E0A6A7EBB45815A3583E170C27031 ] C:\Program Files\Microsoft Security Client\LegitLib.dll
21:18:05.0406 3100 C:\Program Files\Microsoft Security Client\LegitLib.dll - ok
21:18:05.0421 3100 [ C1C4025B5F5311AC8BCC318B0C244D58 ] C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
21:18:05.0421 3100 C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - ok
21:18:05.0421 3100 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
21:18:05.0421 3100 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
21:18:05.0437 3100 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
21:18:05.0437 3100 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
21:18:05.0453 3100 [ 163DB46B803E4C83C444A026FF17D269 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0CD7AFEF-0E81-46EC-88C5-83958D59ABEB}\offreg.dll
21:18:05.0453 3100 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0CD7AFEF-0E81-46EC-88C5-83958D59ABEB}\offreg.dll - ok
21:18:05.0468 3100 [ EB97291E3C9E0035B47B45DBB1AF710D ] C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
21:18:05.0468 3100 C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - ok
21:18:05.0468 3100 [ BFDEDA37DE512BDEE122F8339DBFE711 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll
21:18:05.0468 3100 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll - ok
21:18:05.0484 3100 [ 35ED37326421112206CAABC025FDCDAB ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
21:18:05.0484 3100 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
21:18:05.0500 3100 [ 860FAD57B4668A9F5F350A9D5444AE89 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
21:18:05.0500 3100 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
21:18:05.0500 3100 [ 781BF72F57CC9E5F85CB109C24D00FDC ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
21:18:05.0500 3100 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
21:18:05.0515 3100 [ 24291B61AB7A21CDEB3FAC7A03995BBE ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
21:18:05.0515 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll - ok
21:18:05.0531 3100 [ 0D572D08224DC6F65E686A522DC1F4DA ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
21:18:05.0531 3100 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll - ok
21:18:05.0546 3100 [ D773437CF8ACAD89D87A830B663FD225 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
21:18:05.0546 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll - ok
21:18:05.0546 3100 [ 3896F4277963C628A3FC5100B4F47ECF ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
21:18:05.0546 3100 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll - ok
21:18:05.0562 3100 [ 090F0C209849DF6BF42C4BC3A212ED24 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
21:18:05.0562 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll - ok
21:18:05.0578 3100 [ D00B879C3676A21AAA09CA322CE113F4 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
21:18:05.0578 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll - ok
21:18:05.0578 3100 [ 1AC6B36A1B773A7F7FB3FA3B732171C1 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
21:18:05.0578 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll - ok
21:18:05.0593 3100 [ 0E410EDC8D0527801B899CF29E60597C ] C:\Program Files\Java\jre6\bin\jqs.exe
21:18:05.0593 3100 C:\Program Files\Java\jre6\bin\jqs.exe - ok
21:18:05.0609 3100 [ BD1E2BB8C96105353078AD23FF5489D0 ] C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.DLL
21:18:05.0609 3100 C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.DLL - ok
21:18:05.0625 3100 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Java\jre6\bin\msvcr71.dll
21:18:05.0625 3100 C:\Program Files\Java\jre6\bin\msvcr71.dll - ok
21:18:05.0625 3100 [ 16F96C1496CBD0965285AB19A9271D02 ] C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
21:18:05.0625 3100 C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
21:18:05.0640 3100 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
21:18:05.0640 3100 C:\WINDOWS\system32\pdh.dll - ok
21:18:05.0640 3100 [ F054572A92573CA32D5F3AA8C15D2BAC ] C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
21:18:05.0640 3100 C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
21:18:05.0656 3100 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
21:18:05.0656 3100 C:\WINDOWS\system32\odbcbcp.dll - ok
21:18:05.0671 3100 [ 0EF54B7814EFA5C1364A7C6495BD1DBD ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
21:18:05.0671 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll - ok
21:18:05.0687 3100 [ 848449F41B6E9553FF5D5F864191B834 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.Common.dll
21:18:05.0687 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.Common.dll - ok
21:18:05.0687 3100 [ 36B31861AD1B53433E8C9D09035E23D1 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\v4.0_4.0.22.0__3ff6b78e2989595a\Intuit.Spc.Esd.Core.dll
21:18:05.0687 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\v4.0_4.0.22.0__3ff6b78e2989595a\Intuit.Spc.Esd.Core.dll - ok
21:18:05.0703 3100 [ EAD7F8749BB2B19EF7DA62E20E008D6B ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
21:18:05.0703 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll - ok
21:18:05.0718 3100 [ 04DE2774C2A6602DA45E9E76D46BC071 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
21:18:05.0718 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll - ok
21:18:05.0734 3100 [ E47FFCA0909871AC1BFF0D446FF63CA9 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
21:18:05.0734 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe - ok
21:18:05.0734 3100 [ 52F6F5D0174AF8020B22890520394CE0 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ushata.dll
21:18:05.0734 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ushata.dll - ok
21:18:05.0750 3100 [ 9631B15DB7C43C267636FF43C3075E07 ] C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
21:18:05.0750 3100 C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - ok
21:18:05.0765 3100 [ 97D73FEBEE83A8F0EB748270A55539C0 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
21:18:05.0765 3100 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll - ok
21:18:05.0781 3100 [ B8E0CBFB7C787683EC3002FF4CF69DBB ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
21:18:05.0781 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll - ok
21:18:05.0781 3100 [ 151375A2F276FBE67A31FC43C2799981 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
21:18:05.0781 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - ok
21:18:05.0796 3100 [ CDEC94C7C8E84FFFDF53C108BA9ADE99 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
21:18:05.0796 3100 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll - ok
21:18:05.0812 3100 [ 8C8E916E24FE1C0DD07554B34064F564 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avpinit.dll
21:18:05.0812 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avpinit.dll - ok
21:18:05.0812 3100 [ 2849F13593D2712CCB97FFBDD3C1232E ] C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
21:18:05.0812 3100 C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - ok
21:18:05.0828 3100 [ 05E959BC556FFF84CDA1474EC4F7F81D ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avpmain.dll
21:18:05.0828 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avpmain.dll - ok
21:18:05.0843 3100 [ 439A1A6796640284C82048B6A5379378 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
21:18:05.0843 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll - ok
21:18:05.0859 3100 [ E81AAFE1D1B682711BF6E974A1ABC446 ] C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
21:18:05.0859 3100 C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
21:18:05.0859 3100 [ 50D998B4B5549E95F8B9C790DB2F78C7 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\prremote.dll
21:18:05.0859 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\prremote.dll - ok
21:18:05.0875 3100 [ 8C53CCD787C381CD535D8DCCA12584D8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
21:18:05.0875 3100 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll - ok
21:18:05.0875 3100 [ CBDB42644849DC69D7D6169680272E1E ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Api.Net.dll
21:18:05.0875 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Api.Net.dll - ok
21:18:05.0890 3100 [ 3998A3FDB93A584EEB57D292439D3E1D ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\dumpwriter.dll
21:18:05.0890 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\dumpwriter.dll - ok
21:18:05.0906 3100 [ CA8F147526086A49D7B308C3CDF3FB28 ] C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
21:18:05.0906 3100 C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - ok
21:18:05.0921 3100 [ EC2E03CF0AAE54FCBE436CC89BE52A3A ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\prloader.dll
21:18:05.0921 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\prloader.dll - ok
21:18:05.0921 3100 [ DF150B1D8AC2BCD91BDE25E2E2AB4634 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.DataAccess.dll
21:18:05.0921 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.DataAccess.dll - ok
21:18:05.0937 3100 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
21:18:05.0937 3100 C:\WINDOWS\system32\srvsvc.dll - ok
21:18:05.0953 3100 [ E8F87E9951F1BA6CB6DB9CDA1B22F9A4 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.BusinessLogic.dll
21:18:05.0953 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.BusinessLogic.dll - ok
21:18:05.0968 3100 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
21:18:05.0968 3100 C:\WINDOWS\system32\netmsg.dll - ok
21:18:05.0968 3100 [ C5966E2813B92A5E37E95F33E8410E14 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\nfio.ppl
21:18:05.0968 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\nfio.ppl - ok
21:18:05.0984 3100 [ 2E29E9AA60C18CEC7A2B9AE1855567E0 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
21:18:05.0984 3100 C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
21:18:06.0000 3100 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
21:18:06.0000 3100 C:\WINDOWS\system32\drivers\srv.sys - ok
21:18:06.0000 3100 [ DED37DA67073115D370CB2634E53B793 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\fsdrvplg.ppl
21:18:06.0000 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\fsdrvplg.ppl - ok
21:18:06.0015 3100 [ FC4E79B2E5B7F19F688EDD9E5D3DC595 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\fssync.dll
21:18:06.0015 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\fssync.dll - ok
21:18:06.0031 3100 [ 0FEBE37DB6650FAA5965C00545009D1D ] C:\WINDOWS\system32\nvsvc32.exe
21:18:06.0031 3100 C:\WINDOWS\system32\nvsvc32.exe - ok
21:18:06.0046 3100 [ 650464CA12ED30AC31A8D4FE0353223C ] C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\System.Data.SqlServerCe.dll
21:18:06.0046 3100 C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\System.Data.SqlServerCe.dll - ok
21:18:06.0046 3100 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
21:18:06.0046 3100 C:\WINDOWS\system32\spoolss.dll - ok
21:18:06.0062 3100 [ E277949FB0F4E90509A6A208AB88559D ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\winreg.ppl
21:18:06.0062 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\winreg.ppl - ok
21:18:06.0078 3100 [ 7E1174E9A3D17855680E144AA5D130A1 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
21:18:06.0078 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll - ok
21:18:06.0078 3100 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
21:18:06.0078 3100 C:\WINDOWS\system32\powrprof.dll - ok
21:18:06.0093 3100 [ CA093AE88517317F97BD1A4ABE8623BA ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\service.dll
21:18:06.0093 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\service.dll - ok
21:18:06.0109 3100 [ 1A161A7CDB211E5D078F2D39CE70EE43 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
21:18:06.0109 3100 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll - ok
21:18:06.0125 3100 [ 932ED79E577C0D42AB9888287ED5C8D7 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\eka_meta.dll
21:18:06.0125 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\eka_meta.dll - ok
21:18:06.0125 3100 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\WINDOWS\system32\drivers\secdrv.sys
21:18:06.0125 3100 C:\WINDOWS\system32\drivers\secdrv.sys - ok
21:18:06.0140 3100 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
21:18:06.0140 3100 C:\WINDOWS\system32\ipsecsvc.dll - ok
21:18:06.0140 3100 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
21:18:06.0140 3100 C:\WINDOWS\system32\regsvc.dll - ok
21:18:06.0156 3100 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
21:18:06.0156 3100 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
21:18:06.0171 3100 [ C1EA489DD8B5E57B03E2FD5A1500621B ] C:\WINDOWS\system32\nvcpl.dll
21:18:06.0171 3100 C:\WINDOWS\system32\nvcpl.dll - ok
21:18:06.0187 3100 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
21:18:06.0187 3100 C:\WINDOWS\system32\seclogon.dll - ok
21:18:06.0187 3100 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
21:18:06.0187 3100 C:\WINDOWS\system32\sens.dll - ok
21:18:06.0203 3100 [ 50D2943D426BA91771AD87FDEC802AC3 ] C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
21:18:06.0203 3100 C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - ok
21:18:06.0218 3100 [ 549EA830A5D9EDD9CD14311126C2849B ] C:\WINDOWS\system32\SetupNT.sys
21:18:06.0218 3100 C:\WINDOWS\system32\SetupNT.sys - ok
21:18:06.0218 3100 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
21:18:06.0218 3100 C:\WINDOWS\system32\oakley.dll - ok
21:18:06.0234 3100 [ D6F5D2245D53B5F5D3939137A7EC97EC ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
21:18:06.0234 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll - ok
21:18:06.0250 3100 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
21:18:06.0250 3100 C:\WINDOWS\system32\ipnathlp.dll - ok
21:18:06.0265 3100 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
21:18:06.0265 3100 C:\WINDOWS\system32\localspl.dll - ok
21:18:06.0265 3100 [ A71A91C57D2832C5D6D3F1917830BEE8 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
21:18:06.0265 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll - ok
21:18:06.0281 3100 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
21:18:06.0281 3100 C:\WINDOWS\system32\ssdpsrv.dll - ok
21:18:06.0296 3100 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
21:18:06.0296 3100 C:\WINDOWS\system32\wiaservc.dll - ok
21:18:06.0296 3100 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
21:18:06.0296 3100 C:\WINDOWS\system32\cnbjmon.dll - ok
21:18:06.0312 3100 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
21:18:06.0312 3100 C:\WINDOWS\system32\winipsec.dll - ok
21:18:06.0328 3100 [ 68A84E7D86995088127F30E5D118C4E2 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
21:18:06.0328 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll - ok
21:18:06.0343 3100 [ B67B1C5A722A6EBF074903F9D96CF7A7 ] C:\WINDOWS\system32\hpinksts5912LM.dll
21:18:06.0343 3100 C:\WINDOWS\system32\hpinksts5912LM.dll - ok
21:18:06.0343 3100 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
21:18:06.0343 3100 C:\WINDOWS\system32\pstorsvc.dll - ok
21:18:06.0359 3100 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
21:18:06.0359 3100 C:\WINDOWS\system32\psbase.dll - ok
21:18:06.0375 3100 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] C:\WINDOWS\system32\upnphost.dll
21:18:06.0375 3100 C:\WINDOWS\system32\upnphost.dll - ok
21:18:06.0375 3100 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
21:18:06.0375 3100 C:\WINDOWS\system32\dssenh.dll - ok
21:18:06.0390 3100 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
21:18:06.0390 3100 C:\WINDOWS\system32\cfgmgr32.dll - ok
21:18:06.0390 3100 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
21:18:06.0390 3100 C:\WINDOWS\system32\mscms.dll - ok
21:18:06.0406 3100 [ 712FA98F6794152B349FD74A702F40F7 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
21:18:06.0406 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll - ok
21:18:06.0421 3100 [ 6B68B26AC0A47EA363211CDF153F44F4 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\log4net\cb360d948d3a415eed4a9924b14c98e5\log4net.ni.dll
21:18:06.0421 3100 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\log4net\cb360d948d3a415eed4a9924b14c98e5\log4net.ni.dll - ok
21:18:06.0437 3100 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
21:18:06.0437 3100 C:\WINDOWS\system32\ssdpapi.dll - ok
21:18:06.0437 3100 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
21:18:06.0437 3100 C:\WINDOWS\system32\wuauserv.dll - ok
21:18:06.0453 3100 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
21:18:06.0453 3100 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
21:18:06.0468 3100 [ 8623FCC3AFFE0A9D8C6165543D138C58 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\esmgr.dll
21:18:06.0468 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\esmgr.dll - ok
21:18:06.0468 3100 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
21:18:06.0468 3100 C:\WINDOWS\system32\vssapi.dll - ok
21:18:06.0484 3100 [ 2A845AA98E7F0BFD4B4D943DFB97599A ] C:\WINDOWS\system32\HPDiscoPM5912.dll
21:18:06.0484 3100 C:\WINDOWS\system32\HPDiscoPM5912.dll - ok
21:18:06.0500 3100 [ 021063A1F708BCCD0AF228DF924A40DE ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\pxstub.ppl
21:18:06.0500 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\pxstub.ppl - ok
21:18:06.0515 3100 [ 89EAFA4BC408233376A671415670812D ] C:\WINDOWS\system32\HPWia1_OJ8600.dll
21:18:06.0515 3100 C:\WINDOWS\system32\HPWia1_OJ8600.dll - ok
21:18:06.0515 3100 [ 8A5879791BF3398BDC2C7BD0CC95B47C ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\params.ppl
21:18:06.0515 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\params.ppl - ok
21:18:06.0531 3100 [ EAC557409471B44D3341DF9768B621BA ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\thpimpl.ppl
21:18:06.0531 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\thpimpl.ppl - ok
21:18:06.0546 3100 [ EFB9F55F43B2524E48FE792BEF0D384E ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\propmap.ppl
21:18:06.0546 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\propmap.ppl - ok
21:18:06.0546 3100 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
21:18:06.0546 3100 C:\WINDOWS\system32\wuaueng.dll - ok
21:18:06.0562 3100 [ B14946D70C2A2317243274A6E3736D3E ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\filemap.ppl
21:18:06.0562 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\filemap.ppl - ok
21:18:06.0578 3100 [ B89CB7F3F1A1E2807E708F5435DEB13D ] C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
21:18:06.0578 3100 C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll - ok
21:18:06.0593 3100 [ 3215F584BF98ACAC49DE9A86A1A98710 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\tm.ppl
21:18:06.0593 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\tm.ppl - ok
21:18:06.0593 3100 [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll
21:18:06.0593 3100 C:\WINDOWS\system32\wsnmp32.dll - ok
21:18:06.0609 3100 [ 632DA8D8158DEB133FF086FF7171B2F6 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\dtreg.ppl
21:18:06.0609 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\dtreg.ppl - ok
21:18:06.0625 3100 [ 233CB3C555D7B4C3E6CED6BA80FFAC9B ] C:\WINDOWS\system32\HPScanTRDrv_OJ8600.dll
21:18:06.0625 3100 C:\WINDOWS\system32\HPScanTRDrv_OJ8600.dll - ok
21:18:06.0625 3100 [ 510DA73C68221A732F0134A06AB23C07 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\bl.ppl
21:18:06.0625 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\bl.ppl - ok
21:18:06.0640 3100 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
21:18:06.0640 3100 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
21:18:06.0656 3100 [ 81D6FFDDD22663CA32F8BEF9F107889D ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\vercheck.ppl
21:18:06.0656 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\vercheck.ppl - ok
21:18:06.0656 3100 [ E43C3D10E560DBEACFBC12BF888703A7 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
21:18:06.0656 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll - ok
21:18:06.0671 3100 [ E2C0FE35108C95BBB5B7E9EE87D9EAA4 ] C:\WINDOWS\system32\MLMON__Q.DLL
21:18:06.0671 3100 C:\WINDOWS\system32\MLMON__Q.DLL - ok
21:18:06.0687 3100 [ A4D813B49057FCA29B16C1343424F79D ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\regmap.ppl
21:18:06.0687 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\regmap.ppl - ok
21:18:06.0703 3100 [ 77BE435238DC00551C80E09B4EC2D5C4 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\am_facade.dll
21:18:06.0703 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\am_facade.dll - ok
21:18:06.0703 3100 [ 05A449C44A3BDAB02EEB6EF958A24189 ] C:\WINDOWS\system32\MSPOOL_Q.DLL
21:18:06.0703 3100 C:\WINDOWS\system32\MSPOOL_Q.DLL - ok
21:18:06.0718 3100 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
21:18:06.0718 3100 C:\WINDOWS\system32\pjlmon.dll - ok
21:18:06.0734 3100 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
21:18:06.0734 3100 C:\WINDOWS\system32\tcpmon.dll - ok
21:18:06.0750 3100 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
21:18:06.0750 3100 C:\WINDOWS\system32\usbmon.dll - ok
21:18:06.0750 3100 [ 06FC73F0F460B8AE48DC764A1561AD44 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\MIMFPR_Q.DLL
21:18:06.0750 3100 C:\WINDOWS\system32\spool\prtprocs\w32x86\MIMFPR_Q.DLL - ok
21:18:06.0765 3100 [ 1EAC5415A2FDBF940CC87A0E35E41E37 ] C:\WINDOWS\system32\MIMF32_Q.DLL
21:18:06.0765 3100 C:\WINDOWS\system32\MIMF32_Q.DLL - ok
21:18:06.0781 3100 [ 14ADC7FFC52A8FAD518F79BA4D698BD8 ] C:\WINDOWS\system32\MTAG32_Q.DLL
21:18:06.0781 3100 C:\WINDOWS\system32\MTAG32_Q.DLL - ok
21:18:06.0781 3100 [ 8A8AB03962C9AEFC5D0471F629743338 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\metainfo.dll
21:18:06.0781 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\metainfo.dll - ok
21:18:06.0796 3100 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
21:18:06.0796 3100 C:\WINDOWS\system32\wsock32.dll - ok
21:18:06.0812 3100 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
21:18:06.0812 3100 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
21:18:06.0828 3100 [ CE652D887DE875B24BE66901C8C05F62 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
21:18:06.0828 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll - ok
21:18:06.0828 3100 [ 3B8CFDA90EFAA65901ECC2EDCAD4D1EF ] C:\WINDOWS\system32\wmpmde.dll
21:18:06.0828 3100 C:\WINDOWS\system32\wmpmde.dll - ok
21:18:06.0843 3100 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
21:18:06.0843 3100 C:\WINDOWS\system32\win32spl.dll - ok
21:18:06.0859 3100 [ 7B2C36D9CFECE5EA7B09FA627F5B3EAC ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
21:18:06.0859 3100 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll - ok
21:18:06.0875 3100 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
21:18:06.0875 3100 C:\WINDOWS\system32\netrap.dll - ok
21:18:06.0875 3100 [ 0C06A80DFFA51E0EB9C5CE3DF703BC46 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
21:18:06.0875 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll - ok
21:18:06.0890 3100 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
21:18:06.0890 3100 C:\WINDOWS\system32\inetpp.dll - ok
21:18:06.0890 3100 [ 7A136F1B080B1CC7A8E219054CCEB1B2 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\storage.dll
21:18:06.0890 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\storage.dll - ok
21:18:06.0906 3100 [ 937FBD23997A91AF923D5E89286126BD ] C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.DLL
21:18:06.0906 3100 C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.DLL - ok
21:18:06.0921 3100 [ 55C30168142479C602BD456AC4E230B0 ] C:\WINDOWS\system32\MFPLAT.dll
21:18:06.0921 3100 C:\WINDOWS\system32\MFPLAT.dll - ok
21:18:06.0921 3100 [ 0BABC17CECB996961BEDC74723D51741 ] C:\WINDOWS\system32\nvapi.dll
21:18:06.0921 3100 C:\WINDOWS\system32\nvapi.dll - ok
21:18:06.0937 3100 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
21:18:06.0937 3100 C:\WINDOWS\system32\faultrep.dll - ok
21:18:06.0953 3100 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
21:18:06.0953 3100 C:\WINDOWS\system32\upnp.dll - ok
21:18:06.0968 3100 [ 333244713F41C02DE8502061C0A11622 ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
21:18:06.0968 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll - ok
21:18:06.0968 3100 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
21:18:06.0968 3100 C:\WINDOWS\system32\mspatcha.dll - ok
21:18:06.0984 3100 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
21:18:06.0984 3100 C:\WINDOWS\system32\msi.dll - ok
21:18:07.0000 3100 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
21:18:07.0000 3100 C:\WINDOWS\system32\trkwks.dll - ok
21:18:07.0000 3100 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
21:18:07.0000 3100 C:\WINDOWS\system32\srsvc.dll - ok
21:18:07.0015 3100 [ BF84B8A80A002A0E6D7D6E3952569269 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ndetect.ppl
21:18:07.0015 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ndetect.ppl - ok
21:18:07.0031 3100 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
21:18:07.0031 3100 C:\WINDOWS\system32\browser.dll - ok
21:18:07.0046 3100 [ 5C36B5D824FB86BA812DA74A4C23424D ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\crpthlpr.ppl
21:18:07.0046 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\crpthlpr.ppl - ok
21:18:07.0046 3100 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
21:18:07.0046 3100 C:\WINDOWS\system32\actxprxy.dll - ok
21:18:07.0062 3100 [ 5217BA40DFEFFB00895EC279715EF9CB ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\report.ppl
21:18:07.0062 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\report.ppl - ok
21:18:07.0078 3100 [ A2F5B0B6010408B592FBE6BBD81A0D0A ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\schedule.ppl
21:18:07.0078 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\schedule.ppl - ok
21:18:07.0078 3100 [ B334FCA2F0878C2AF77826211DBE55BB ] C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
21:18:07.0078 3100 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll - ok
21:18:07.0093 3100 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
21:18:07.0093 3100 C:\WINDOWS\system32\wscsvc.dll - ok
21:18:07.0109 3100 [ 47B4B2467838828B2DDA43E2FD31606D ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\timer.ppl
21:18:07.0109 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\timer.ppl - ok
21:18:07.0125 3100 [ 1B72D757763C358130531DC837B586C6 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\reportdb.ppl
21:18:07.0125 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\reportdb.ppl - ok
21:18:07.0125 3100 [ D3709ADBBA6CF99D5DA4FC18072F5330 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\stat.ppl
21:18:07.0125 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\stat.ppl - ok
21:18:07.0140 3100 [ B5BEB279C54709F9E1DD9A7CADCF863A ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\threatsmanager.dll
21:18:07.0140 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\threatsmanager.dll - ok
21:18:07.0140 3100 [ 33740E38BE21BA07F7FBE3A4B61CB0D7 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qb.ppl
21:18:07.0140 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qb.ppl - ok
21:18:07.0156 3100 [ F79F4C73D4FFC0D199C1D27E29DB5B48 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ksnhelper.dll
21:18:07.0156 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ksnhelper.dll - ok
21:18:07.0171 3100 [ E7EE9E6E6CBC7929A5A3DB9F5CF095C0 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\packed_io.dll
21:18:07.0171 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\packed_io.dll - ok
21:18:07.0187 3100 [ 070AD442FA11A1FC4F695F7F93231825 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ksn_client.dll
21:18:07.0187 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ksn_client.dll - ok
21:18:07.0187 3100 [ 6A8661B0B63BDB4A5555AE2D906B96EA ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ksn_facade.dll
21:18:07.0187 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ksn_facade.dll - ok
21:18:07.0203 3100 [ A3209E8D70456D01DD2BB0C624C2AB12 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\transport_provider.dll
21:18:07.0203 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\transport_provider.dll - ok
21:18:07.0218 3100 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
21:18:07.0218 3100 C:\WINDOWS\system32\wups.dll - ok
21:18:07.0218 3100 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
21:18:07.0234 3100 C:\WINDOWS\system32\wups2.dll - ok
21:18:07.0234 3100 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
21:18:07.0234 3100 C:\WINDOWS\system32\comsvcs.dll - ok
21:18:07.0250 3100 [ 29B86B3C8253280151EEBE843A9648CD ] C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
21:18:07.0250 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
21:18:07.0265 3100 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
21:18:07.0265 3100 C:\WINDOWS\system32\colbact.dll - ok
21:18:07.0265 3100 [ 374F45E5A2C2632134AF67C2BC5C72C4 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\cryptostaticprovider.dll
21:18:07.0265 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\cryptostaticprovider.dll - ok
21:18:07.0281 3100 [ 77B4BE0C9AA0AC78884D8E7CFB315463 ] C:\WINDOWS\system32\wmp.dll
21:18:07.0281 3100 C:\WINDOWS\system32\wmp.dll - ok
21:18:07.0296 3100 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
21:18:07.0296 3100 C:\WINDOWS\system32\mtxclu.dll - ok
21:18:07.0296 3100 [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll
21:18:07.0296 3100 C:\WINDOWS\system32\msvfw32.dll - ok
21:18:07.0312 3100 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
21:18:07.0312 3100 C:\WINDOWS\system32\clusapi.dll - ok
21:18:07.0328 3100 [ CCE1839C52D74A113FF5BAC6E1FC0495 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avs.ppl
21:18:07.0328 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avs.ppl - ok
21:18:07.0343 3100 [ D0DA54A7E3D3922BC96B2DCD6044F0F7 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll
21:18:07.0343 3100 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll - ok
21:18:07.0343 3100 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
21:18:07.0343 3100 C:\WINDOWS\system32\dbghelp.dll - ok
21:18:07.0359 3100 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
21:18:07.0359 3100 C:\WINDOWS\system32\resutils.dll - ok
21:18:07.0375 3100 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
21:18:07.0375 3100 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
21:18:07.0375 3100 [ 41962D5E18E9874390BC1F074571A6BB ] C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
21:18:07.0375 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
21:18:07.0390 3100 [ AF8B7EE63077AF38B0AE3A91C372043B ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\procmon.ppl
21:18:07.0390 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\procmon.ppl - ok
21:18:07.0406 3100 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
21:18:07.0406 3100 C:\WINDOWS\system32\wbem\esscli.dll - ok
21:18:07.0406 3100 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
21:18:07.0406 3100 C:\WINDOWS\system32\wbem\fastprox.dll - ok
21:18:07.0421 3100 [ E8885A533A3D46209851433E3B9B3BC4 ] C:\WINDOWS\system32\wmploc.dll
21:18:07.0421 3100 C:\WINDOWS\system32\wmploc.dll - ok
21:18:07.0437 3100 [ F0758B13102C4120AE40E55242899EB5 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\dmap.ppl
21:18:07.0437 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\dmap.ppl - ok
21:18:07.0437 3100 [ 484E37FF77E377C4B8D3A439F4D2D173 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.Reporter.dll
21:18:07.0437 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.Reporter.dll - ok
21:18:07.0453 3100 [ 376FBDA340404E04115B8F5210CD81DA ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\memmon.dll
21:18:07.0453 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\memmon.dll - ok
21:18:07.0468 3100 [ F2163DEE022F71C2523F42C980A5769E ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\excludemanager.dll
21:18:07.0468 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\excludemanager.dll - ok
21:18:07.0484 3100 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
21:18:07.0484 3100 C:\WINDOWS\system32\perfos.dll - ok
21:18:07.0484 3100 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
21:18:07.0484 3100 C:\WINDOWS\system32\perfdisk.dll - ok
21:18:07.0500 3100 [ FDFF7984838441BE3D458C8B4F106C23 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ichecker.dll
21:18:07.0500 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ichecker.dll - ok
21:18:07.0515 3100 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
21:18:07.0515 3100 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
21:18:07.0531 3100 [ CC7A567E299A103B794D5D77B51810AF ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\proxydet.ppl
21:18:07.0531 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\proxydet.ppl - ok
21:18:07.0531 3100 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
21:18:07.0531 3100 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
21:18:07.0546 3100 [ 0B219909E597679290E7C00230D3D2F0 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\updater.dll
21:18:07.0546 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\updater.dll - ok
21:18:07.0562 3100 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
21:18:07.0562 3100 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
21:18:07.0562 3100 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
21:18:07.0562 3100 C:\WINDOWS\system32\cryptnet.dll - ok
21:18:07.0578 3100 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
21:18:07.0578 3100 C:\WINDOWS\system32\wuauclt.exe - ok
21:18:07.0593 3100 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
21:18:07.0593 3100 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
21:18:07.0609 3100 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
21:18:07.0609 3100 C:\WINDOWS\system32\sensapi.dll - ok
21:18:07.0609 3100 [ 4BF940A921BFAC209EC6CF31E091EA05 ] C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceme40.dll
21:18:07.0609 3100 C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceme40.dll - ok
21:18:07.0625 3100 [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\Microsoft.VC90.CRT\msvcr90.dll
21:18:07.0625 3100 C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\Microsoft.VC90.CRT\msvcr90.dll - ok
21:18:07.0625 3100 [ A836803227004B6F513C825B25665E73 ] C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceer40EN.dll
21:18:07.0625 3100 C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceer40EN.dll - ok
21:18:07.0640 3100 [ EC133C3E2A97AA6FBC276DCCCD0645BF ] C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlcese40.dll
21:18:07.0640 3100 C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlcese40.dll - ok
21:18:07.0656 3100 [ 1D83A60ECA0C8142F8A280E9AE6667B5 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\diffs.dll
21:18:07.0656 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\diffs.dll - ok
21:18:07.0671 3100 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
21:18:07.0671 3100 C:\WINDOWS\system32\wbem\wbemess.dll - ok
21:18:07.0671 3100 [ AB97D171A77B5F4BAFB033BF539BED42 ] C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceqp40.dll
21:18:07.0671 3100 C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceqp40.dll - ok
21:18:07.0687 3100 [ 070EAD77219F8A97E6EA02FDF7397607 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\klifpp.dll
21:18:07.0687 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\klifpp.dll - ok
21:18:07.0703 3100 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
21:18:07.0703 3100 C:\WINDOWS\system32\wuapi.dll - ok
21:18:07.0718 3100 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
21:18:07.0718 3100 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
21:18:07.0718 3100 [ 2BFB83BA5B2CED8B5720C4692D7C047A ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll
21:18:07.0718 3100 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll - ok
21:18:07.0734 3100 [ 7B31486002DA3DCC1D2FBE980A49667B ] C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\avengine.dll.7b31486002da3dcc1d2fbe980a49667b
21:18:07.0734 3100 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\avengine.dll.7b31486002da3dcc1d2fbe980a49667b - ok
21:18:07.0750 3100 [ 1A46113F3B43DBD04D5A33B60B73074D ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\hashmd5.ppl
21:18:07.0750 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\hashmd5.ppl - ok
21:18:07.0765 3100 [ F8C1508FAF0DD3CC9A61A02BF0CEC2B6 ] C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
21:18:07.0765 3100 C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll - ok
21:18:07.0765 3100 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
21:18:07.0765 3100 C:\WINDOWS\system32\wbem\ncprov.dll - ok
21:18:07.0781 3100 [ 3CD596E244611C75A6E7AAA354CFE616 ] C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kavbase.kdl.3cd596e244611c75a6e7aaa354cfe616
21:18:07.0781 3100 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kavbase.kdl.3cd596e244611c75a6e7aaa354cfe616 - ok
21:18:07.0796 3100 [ 5CCB54A9CF8FC5E3251374E0DC9C45BB ] C:\WINDOWS\system32\wmpps.dll
21:18:07.0796 3100 C:\WINDOWS\system32\wmpps.dll - ok
21:18:07.0796 3100 [ 69D2B6F54B8D3AAE15E8112FAAC7979F ] C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\dns_client.dll.69d2b6f54b8d3aae15e8112faac7979f
21:18:07.0796 3100 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\dns_client.dll.69d2b6f54b8d3aae15e8112faac7979f - ok
21:18:07.0812 3100 [ 2DE8B3750F5E699CB8E6C10DD3970437 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\acassembler.dll
21:18:07.0812 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\acassembler.dll - ok
21:18:07.0828 3100 [ C755E17BAC396F9A9F468320B3F6CF46 ] C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
21:18:07.0828 3100 C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll - ok
21:18:07.0843 3100 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
21:18:07.0843 3100 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
21:18:07.0843 3100 [ 915F6694F918DC272BDEA73A2DAE812F ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\format_recognizer.dll
21:18:07.0843 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\format_recognizer.dll - ok
21:18:07.0859 3100 [ A6720B2881C5B66257DD9B6DD954887D ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\processmonitor.dll
21:18:07.0859 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\processmonitor.dll - ok
21:18:07.0875 3100 [ 0030BAED4DB4862A4F4D01FC567D0595 ] C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\klavemu.kdl.0030baed4db4862a4f4d01fc567d0595
21:18:07.0875 3100 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\klavemu.kdl.0030baed4db4862a4f4d01fc567d0595 - ok
21:18:07.0875 3100 [ 4DD480380B2DC9171DCE5A0E74BFB277 ] C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kjim.kdl.4dd480380b2dc9171dce5a0e74bfb277
21:18:07.0875 3100 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kjim.kdl.4dd480380b2dc9171dce5a0e74bfb277 - ok
21:18:07.0890 3100 [ 317DF7C0EFF0939E6289F5C72F65BA51 ] C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\vlns.kdl.317df7c0eff0939e6289f5c72f65ba51
21:18:07.0890 3100 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\vlns.kdl.317df7c0eff0939e6289f5c72f65ba51 - ok
21:18:07.0906 3100 [ 0C9AF1CCE509670F09C0A3F7B9E9F3B9 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
21:18:07.0906 3100 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll - ok
21:18:07.0906 3100 [ ED6463919045F584C9696D4876F65DDE ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
21:18:07.0906 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - ok
21:18:07.0921 3100 [ B3961D83F37B9D7F36D52107AA121BA1 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
21:18:07.0921 3100 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll - ok
21:18:07.0937 3100 [ 8FA6F55A960E5A2B6C30C33103CF8628 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
21:18:07.0937 3100 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll - ok
21:18:07.0937 3100 [ 6589179CE0739C9AAA29DC7D214AC37F ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
21:18:07.0937 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - ok
21:18:07.0953 3100 [ 1FA14DD3668EE4127260FFF495D85551 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
21:18:07.0953 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
21:18:07.0968 3100 [ A2B8786FB2DD8EABC46D4B1666305DCE ] C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\qscan.kdl.a2b8786fb2dd8eabc46d4b1666305dce
21:18:07.0968 3100 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\qscan.kdl.a2b8786fb2dd8eabc46d4b1666305dce - ok
21:18:07.0984 3100 [ 7FC520E215B0B2B41FA2E224FE8F6030 ] C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\pbs.kdl.7fc520e215b0b2b41fa2e224fe8f6030
21:18:07.0984 3100 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\pbs.kdl.7fc520e215b0b2b41fa2e224fe8f6030 - ok
21:18:07.0984 3100 [ CF6041854E73301B7FCE3390D34BDEC8 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_32\Intuit.Spc.Map.WindowsFirewallUtilities\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.WindowsFirewallUtilities.dll
21:18:07.0984 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_32\Intuit.Spc.Map.WindowsFirewallUtilities\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.WindowsFirewallUtilities.dll - ok
21:18:08.0000 3100 [ 24AF833D9DD4D2DC9DA9475CA380185B ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
21:18:08.0000 3100 C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - ok
21:18:08.0015 3100 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
21:18:08.0015 3100 C:\WINDOWS\system32\termsrv.dll - ok
21:18:08.0031 3100 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
21:18:08.0031 3100 C:\WINDOWS\system32\icaapi.dll - ok
21:18:08.0031 3100 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
21:18:08.0031 3100 C:\WINDOWS\system32\mstlsapi.dll - ok
21:18:08.0046 3100 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
21:18:08.0046 3100 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
21:18:08.0062 3100 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
21:18:08.0062 3100 C:\WINDOWS\system32\cscui.dll - ok
21:18:08.0062 3100 [ A69630D039C38018689190234F866D77 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0CD7AFEF-0E81-46EC-88C5-83958D59ABEB}\MpKsl31db59c8.sys
21:18:08.0062 3100 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0CD7AFEF-0E81-46EC-88C5-83958D59ABEB}\MpKsl31db59c8.sys - ok
21:18:08.0078 3100 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
21:18:08.0078 3100 C:\WINDOWS\system32\dpcdll.dll - ok
21:18:08.0093 3100 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
21:18:08.0093 3100 C:\WINDOWS\system32\wdmaud.drv - ok
21:18:08.0109 3100 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
21:18:08.0109 3100 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
21:18:08.0109 3100 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
21:18:08.0109 3100 C:\WINDOWS\system32\alg.exe - ok
21:18:08.0125 3100 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
21:18:08.0125 3100 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
21:18:08.0125 3100 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
21:18:08.0125 3100 C:\WINDOWS\system32\drivers\splitter.sys - ok
21:18:08.0140 3100 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
21:18:08.0140 3100 C:\WINDOWS\system32\drivers\aec.sys - ok
21:18:08.0156 3100 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
21:18:08.0156 3100 C:\WINDOWS\system32\userinit.exe - ok
21:18:08.0171 3100 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
21:18:08.0171 3100 C:\WINDOWS\system32\drivers\swmidi.sys - ok
21:18:08.0171 3100 [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
21:18:08.0171 3100 C:\WINDOWS\system32\WgaTray.exe - ok
21:18:08.0187 3100 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
21:18:08.0187 3100 C:\WINDOWS\system32\drivers\dmusic.sys - ok
21:18:08.0203 3100 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
21:18:08.0203 3100 C:\WINDOWS\system32\drivers\kmixer.sys - ok
21:18:08.0218 3100 [ E4DC1B9579C849E18472B9A852607173 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avzkrnl.dll
21:18:08.0218 3100 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avzkrnl.dll - ok
21:18:08.0218 3100 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
21:18:08.0218 3100 C:\WINDOWS\system32\licwmi.dll - ok
21:18:08.0234 3100 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
21:18:08.0234 3100 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
21:18:08.0250 3100 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
21:18:08.0250 3100 C:\WINDOWS\system32\wbem\framedyn.dll - ok
21:18:08.0250 3100 [ 4C6785E3D2E45EE87CB995190A0C7737 ] C:\WINDOWS\system32\control.exe
21:18:08.0250 3100 C:\WINDOWS\system32\control.exe - ok
21:18:08.0265 3100 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
21:18:08.0265 3100 C:\WINDOWS\system32\licdll.dll - ok
21:18:08.0281 3100 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
21:18:08.0281 3100 C:\WINDOWS\system32\msacm32.drv - ok
21:18:08.0281 3100 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
21:18:08.0281 3100 C:\WINDOWS\system32\midimap.dll - ok
21:18:08.0296 3100 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
21:18:08.0296 3100 C:\WINDOWS\system32\netcfgx.dll - ok
21:18:08.0312 3100 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
21:18:08.0312 3100 C:\WINDOWS\explorer.exe - ok
21:18:08.0328 3100 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
21:18:08.0328 3100 C:\WINDOWS\system32\verclsid.exe - ok
21:18:08.0328 3100 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
21:18:08.0328 3100 C:\WINDOWS\system32\rasmans.dll - ok
21:18:08.0343 3100 [ D573DEB87CB2DF4E5116D2A4E284EAB4 ] C:\WINDOWS\system32\ieframe.dll
21:18:08.0343 3100 C:\WINDOWS\system32\ieframe.dll - ok
21:18:08.0359 3100 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
21:18:08.0359 3100 C:\WINDOWS\system32\tapisrv.dll - ok
21:18:08.0359 3100 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
21:18:08.0359 3100 C:\WINDOWS\system32\rastapi.dll - ok
21:18:08.0375 3100 [ 7B53984BB934E599A4E3668B2F678D48 ] C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kavsys.kdl.7b53984bb934e599a4e3668b2f678d48
21:18:08.0375 3100 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kavsys.kdl.7b53984bb934e599a4e3668b2f678d48 - ok
21:18:08.0390 3100 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
21:18:08.0390 3100 C:\WINDOWS\system32\unimdm.tsp - ok
21:18:08.0390 3100 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
21:18:08.0390 3100 C:\WINDOWS\system32\uniplat.dll - ok
21:18:08.0406 3100 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
21:18:08.0406 3100 C:\WINDOWS\system32\kmddsp.tsp - ok
21:18:08.0421 3100 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
21:18:08.0421 3100 C:\WINDOWS\system32\ndptsp.tsp - ok
21:18:08.0421 3100 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
21:18:08.0421 3100 C:\WINDOWS\system32\ipconf.tsp - ok
21:18:08.0437 3100 [ 92DFF4EE3F31D4A8028788006D921D26 ] C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\uds.dll.92dff4ee3f31d4a8028788006d921d26
21:18:08.0437 3100 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\uds.dll.92dff4ee3f31d4a8028788006d921d26 - ok
21:18:08.0453 3100 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
21:18:08.0453 3100 C:\WINDOWS\system32\h323.tsp - ok
21:18:08.0468 3100 [ 9435C1C2D2111573111367F92F208C1F ] C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE
21:18:08.0468 3100 C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE - ok
21:18:08.0468 3100 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
21:18:08.0468 3100 C:\WINDOWS\system32\hidphone.tsp - ok
21:18:08.0484 3100 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
21:18:08.0484 3100 C:\WINDOWS\system32\hid.dll - ok
21:18:08.0500 3100 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
21:18:08.0500 3100 C:\WINDOWS\system32\rasppp.dll - ok
21:18:08.0500 3100 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
21:18:08.0500 3100 C:\WINDOWS\system32\ntlsapi.dll - ok
21:18:08.0515 3100 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
21:18:08.0515 3100 C:\WINDOWS\system32\rasqec.dll - ok
21:18:08.0531 3100 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
21:18:08.0531 3100 C:\WINDOWS\system32\rundll32.exe - ok
21:18:08.0546 3100 [ 254D6FA37C3C1884CF41562715F49331 ] C:\WINDOWS\system32\wscui.cpl
21:18:08.0546 3100 C:\WINDOWS\system32\wscui.cpl - ok
21:18:08.0546 3100 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
21:18:08.0546 3100 C:\WINDOWS\system32\browseui.dll - ok
21:18:08.0562 3100 [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
21:18:08.0562 3100 C:\WINDOWS\system32\shdocvw.dll - ok
21:18:08.0578 3100 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
21:18:08.0578 3100 C:\WINDOWS\system32\desk.cpl - ok
21:18:08.0578 3100 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
21:18:08.0578 3100 C:\WINDOWS\system32\themeui.dll - ok
21:18:08.0593 3100 [ CC26451A90025F6C55F64146C333DEA5 ] C:\WINDOWS\system32\LegitCheckControl.dll
21:18:08.0593 3100 C:\WINDOWS\system32\LegitCheckControl.dll - ok
21:18:08.0609 3100 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
21:18:08.0609 3100 C:\WINDOWS\system32\cmd.exe - ok
21:18:08.0625 3100 [ A0AE7F043497C9971E9D7FE291099D40 ] C:\WINDOWS\system32\msxml6.dll
21:18:08.0625 3100 C:\WINDOWS\system32\msxml6.dll - ok
21:18:08.0625 3100 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
21:18:08.0625 3100 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
21:18:08.0640 3100 [ 841FB340ABC439B4557FBDD32B7BA11D ] C:\WINDOWS\system32\access.cpl
21:18:08.0640 3100 C:\WINDOWS\system32\access.cpl - ok
21:18:08.0640 3100 [ 7E43E181ABDC1F304251B597DA600D10 ] C:\WINDOWS\system32\appwiz.cpl
21:18:08.0640 3100 C:\WINDOWS\system32\appwiz.cpl - ok
21:18:08.0656 3100 [ 80AA4214C5BC0A355151BD115017313F ] C:\WINDOWS\system32\bthprops.cpl
21:18:08.0656 3100 C:\WINDOWS\system32\bthprops.cpl - ok
21:18:08.0671 3100 [ B1762156256B0238C21BAA4C06CEF727 ] C:\WINDOWS\system32\devmgr.dll
21:18:08.0671 3100 C:\WINDOWS\system32\devmgr.dll - ok
21:18:08.0687 3100 [ 76784DE29C64E52F948B0D02D52BB72D ] C:\WINDOWS\system32\CTDetect.cpl
21:18:08.0687 3100 C:\WINDOWS\system32\CTDetect.cpl - ok
21:18:08.0687 3100 [ 19E3C104D2BB0EB1C5D947A40F5C77E0 ] C:\WINDOWS\system32\CTDetres.dll
21:18:08.0687 3100 C:\WINDOWS\system32\CTDetres.dll - ok
21:18:08.0703 3100 [ 2DA9B2B1CE97A115BD0C178C0FF4791F ] C:\WINDOWS\system32\firewall.cpl
21:18:08.0703 3100 C:\WINDOWS\system32\firewall.cpl - ok
21:18:08.0718 3100 [ 947414E8F3866EE69245382521C1939E ] C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
21:18:08.0718 3100 C:\WINDOWS\system32\FlashPlayerCPLApp.cpl - ok
21:18:08.0734 3100 [ DAF5D86EB3EC52D6F79815F69E237F3D ] C:\WINDOWS\system32\hdwwiz.cpl
21:18:08.0734 3100 C:\WINDOWS\system32\hdwwiz.cpl - ok
21:18:08.0734 3100 [ 40C13456A0D7C41CB2C5B816F8B5EDF8 ] C:\WINDOWS\system32\inetcpl.cpl
21:18:08.0734 3100 C:\WINDOWS\system32\inetcpl.cpl - ok
21:18:08.0750 3100 [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll
21:18:08.0750 3100 C:\WINDOWS\system32\advpack.dll - ok
21:18:08.0765 3100 [ DF3C3CA94CBC9DE07AC3EB49440A8D45 ] C:\WINDOWS\system32\mshtml.dll
21:18:08.0765 3100 C:\WINDOWS\system32\mshtml.dll - ok
21:18:08.0765 3100 [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] C:\WINDOWS\system32\msls31.dll
21:18:08.0765 3100 C:\WINDOWS\system32\msls31.dll - ok
21:18:08.0781 3100 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
21:18:08.0781 3100 C:\WINDOWS\system32\rasdlg.dll - ok
21:18:08.0796 3100 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
21:18:08.0796 3100 C:\WINDOWS\system32\mlang.dll - ok
21:18:08.0812 3100 [ 13BB14031A0BB63B2FF301CB777FABC5 ] C:\WINDOWS\system32\intl.cpl
21:18:08.0812 3100 C:\WINDOWS\system32\intl.cpl - ok
21:18:08.0812 3100 [ 72174586311092393977B3BF13ADA779 ] C:\WINDOWS\system32\syssetup.dll
21:18:08.0812 3100 C:\WINDOWS\system32\syssetup.dll - ok
21:18:08.0828 3100 [ 524FFBC40A38208E68AAA095D28D0455 ] C:\WINDOWS\system32\irprops.cpl
21:18:08.0828 3100 C:\WINDOWS\system32\irprops.cpl - ok
21:18:08.0843 3100 [ 5D79FE3EB2B66B4A084E67130C678BBC ] C:\WINDOWS\system32\javacpl.cpl
21:18:08.0843 3100 C:\WINDOWS\system32\javacpl.cpl - ok
21:18:08.0843 3100 [ 3334A50EFB6C39AC9FAA89612BC2CA3F ] C:\WINDOWS\system32\joy.cpl
21:18:08.0843 3100 C:\WINDOWS\system32\joy.cpl - ok
21:18:08.0859 3100 [ AA0507F0516A4DFF1B1279AB4A2ABB37 ] C:\WINDOWS\system32\dinput8.dll
21:18:08.0859 3100 C:\WINDOWS\system32\dinput8.dll - ok
21:18:08.0875 3100 [ A739D74FAD1F72A3B251EBAC3480E4EB ] C:\WINDOWS\system32\main.cpl
21:18:08.0875 3100 C:\WINDOWS\system32\main.cpl - ok
21:18:08.0875 3100 [ 0F93F0A941DC94B83BE820F51174695D ] C:\WINDOWS\system32\mmsys.cpl
21:18:08.0875 3100 C:\WINDOWS\system32\mmsys.cpl - ok
21:18:08.0890 3100 [ 2073E759F5458A8432B088F047E430D5 ] C:\WINDOWS\system32\netsetup.cpl
21:18:08.0890 3100 C:\WINDOWS\system32\netsetup.cpl - ok
21:18:08.0906 3100 [ 8389C89722B4381D34B3AB26F3A7BF1E ] C:\WINDOWS\system32\nusrmgr.cpl
21:18:08.0906 3100 C:\WINDOWS\system32\nusrmgr.cpl - ok
21:18:08.0906 3100 [ 8DBA4EBFD075D7AB66D2EF0A025A1D1E ] C:\WINDOWS\system32\nvcpl.cpl
21:18:08.0906 3100 C:\WINDOWS\system32\nvcpl.cpl - ok
21:18:08.0921 3100 [ 3615632C913C14E0B40F0DAA3D5E2C0D ] C:\WINDOWS\system32\nvcpluir.dll
21:18:08.0921 3100 C:\WINDOWS\system32\nvcpluir.dll - ok
21:18:08.0937 3100 [ 3C1192DB57135120AEA6C7CC569DB210 ] C:\WINDOWS\system32\nvcplui.exe
21:18:08.0937 3100 C:\WINDOWS\system32\nvcplui.exe - ok
21:18:08.0953 3100 [ 3D519C8557F75F3DACBFC850D4CF7B58 ] C:\WINDOWS\system32\nvtuicpl.cpl
21:18:08.0953 3100 C:\WINDOWS\system32\nvtuicpl.cpl - ok
21:18:08.0953 3100 [ D5B7F5185B117AA90A472C7627B55CE9 ] C:\WINDOWS\system32\nwc.cpl
21:18:08.0953 3100 C:\WINDOWS\system32\nwc.cpl - ok
21:18:08.0968 3100 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
21:18:08.0968 3100 C:\WINDOWS\system32\netui0.dll - ok
21:18:08.0984 3100 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
21:18:08.0984 3100 C:\WINDOWS\system32\netui1.dll - ok
21:18:08.0984 3100 [ 1414E666316CA7D9823DBD2D4ADA5971 ] C:\WINDOWS\system32\netui2.dll
21:18:08.0984 3100 C:\WINDOWS\system32\netui2.dll - ok
21:18:09.0000 3100 [ 06E587F41466569F32BEAAC7260E8AEC ] C:\WINDOWS\system32\nwprovau.dll
21:18:09.0000 3100 C:\WINDOWS\system32\nwprovau.dll - ok
21:18:09.0015 3100 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
21:18:09.0015 3100 C:\WINDOWS\system32\batmeter.dll - ok
21:18:09.0031 3100 [ E49F2B510A4309DD3FCB437C5B8024B2 ] C:\WINDOWS\system32\powercfg.cpl
21:18:09.0031 3100 C:\WINDOWS\system32\powercfg.cpl - ok
21:18:09.0031 3100 [ 9A5496DF5169B22DD7A0450C5026739E ] C:\WINDOWS\system32\sscpl.cpl
21:18:09.0031 3100 C:\WINDOWS\system32\sscpl.cpl - ok
21:18:09.0046 3100 [ C504A9FE17F997F8B1F8561D0A68DE52 ] C:\WINDOWS\system32\sysdm.cpl
21:18:09.0046 3100 C:\WINDOWS\system32\sysdm.cpl - ok
21:18:09.0062 3100 [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
21:18:09.0062 3100 C:\WINDOWS\system32\usp10.dll - ok
21:18:09.0062 3100 [ 56062C7CF2C8AD68D30925127AE2CD35 ] C:\WINDOWS\system32\telephon.cpl
21:18:09.0062 3100 C:\WINDOWS\system32\telephon.cpl - ok
21:18:09.0078 3100 [ 53D82396CD8241AF6182A4CDD120F14F ] C:\WINDOWS\system32\timedate.cpl
21:18:09.0078 3100 C:\WINDOWS\system32\timedate.cpl - ok
21:18:09.0093 3100 [ C31DD4CEC06D2908AE5F212A0B13805B ] C:\WINDOWS\system32\wuaucpl.cpl
21:18:09.0093 3100 C:\WINDOWS\system32\wuaucpl.cpl - ok
21:18:09.0093 3100 [ 1A56EB64786813F639A2CCAA7BB05821 ] C:\Program Files\Common Files\Microsoft Shared\Speech\sapi.cpl
21:18:09.0109 3100 C:\Program Files\Common Files\Microsoft Shared\Speech\sapi.cpl - ok
21:18:09.0109 3100 [ 199426124B4F376351B96E7B5F13EC55 ] C:\Program Files\Windows Media Connect\mswmccpl.dll
21:18:09.0109 3100 C:\Program Files\Windows Media Connect\mswmccpl.dll - ok
21:18:09.0125 3100 [ E47840A82A9276840BDE70930E412C9B ] C:\Program Files\QuickTime\QTSystem\QuickTime.cpl
21:18:09.0125 3100 C:\Program Files\QuickTime\QTSystem\QuickTime.cpl - ok
21:18:09.0125 3100 [ F1DAC7969C1337AF790BD1D981AA780C ] C:\WINDOWS\system32\qmgrprxy.dll
21:18:09.0125 3100 C:\WINDOWS\system32\qmgrprxy.dll - ok
21:18:09.0140 3100 [ D8B91D94ECB123862B390FDE3250D3BB ] C:\WINDOWS\system32\dciman32.dll
21:18:09.0140 3100 C:\WINDOWS\system32\dciman32.dll - ok
21:18:09.0156 3100 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
21:18:09.0156 3100 C:\WINDOWS\system32\security.dll - ok
21:18:09.0156 3100 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
21:18:09.0156 3100 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
21:18:09.0171 3100 [ 3A237B4A914C20292BA0D7B8CBB72708 ] C:\Program Files\Java\jre6\bin\awt.dll
21:18:09.0171 3100 C:\Program Files\Java\jre6\bin\awt.dll - ok
21:18:09.0187 3100 [ 4968722C231761E5B2796FAFC22BD044 ] C:\Program Files\Java\jre6\bin\client\jvm.dll
21:18:09.0187 3100 C:\Program Files\Java\jre6\bin\client\jvm.dll - ok
21:18:09.0203 3100 [ 10AB27A74C4CFBB7BA2E990D29D190C5 ] C:\Program Files\Java\jre6\bin\dcpr.dll
21:18:09.0203 3100 C:\Program Files\Java\jre6\bin\dcpr.dll - ok
21:18:09.0203 3100 [ 0258384C1B92AA80A4D986E1E8C170AA ] C:\Program Files\Java\jre6\bin\deploy.dll
21:18:09.0203 3100 C:\Program Files\Java\jre6\bin\deploy.dll - ok
21:18:09.0218 3100 [ B924C303BDD0575CB62CA427FA99F4F9 ] C:\Program Files\Java\jre6\bin\fontmanager.dll
21:18:09.0218 3100 C:\Program Files\Java\jre6\bin\fontmanager.dll - ok
21:18:09.0234 3100 [ CCEB1B17C1D2B8512D5C94F0A407C6B2 ] C:\Program Files\Java\jre6\bin\hpi.dll
21:18:09.0234 3100 C:\Program Files\Java\jre6\bin\hpi.dll - ok
21:18:09.0234 3100 [ 8F437CB2F38A637CCE1BF624640F943D ] C:\Program Files\Java\jre6\bin\java.dll
21:18:09.0234 3100 C:\Program Files\Java\jre6\bin\java.dll - ok
21:18:09.0250 3100 [ 678A869DCD7BB901DAB7C83BC1693B43 ] C:\Program Files\Java\jre6\bin\javaw.exe
21:18:09.0250 3100 C:\Program Files\Java\jre6\bin\javaw.exe - ok
21:18:09.0265 3100 [ 9EE6B57E185ABC3D8E88CA34F45DF678 ] C:\Program Files\Java\jre6\bin\jp2native.dll
21:18:09.0265 3100 C:\Program Files\Java\jre6\bin\jp2native.dll - ok
21:18:09.0281 3100 [ 7BFCD81F9910A83A19DAF793D37665E8 ] C:\Program Files\Java\jre6\bin\jpeg.dll
21:18:09.0281 3100 C:\Program Files\Java\jre6\bin\jpeg.dll - ok
21:18:09.0281 3100 [ 4F6D34C29E3746C52CCC5A095422A866 ] C:\Program Files\Java\jre6\bin\net.dll
21:18:09.0281 3100 C:\Program Files\Java\jre6\bin\net.dll - ok
21:18:09.0296 3100 [ 84BB245D3AA3BA955DCEE8D8E736DBED ] C:\Program Files\Java\jre6\bin\nio.dll
21:18:09.0296 3100 C:\Program Files\Java\jre6\bin\nio.dll - ok
21:18:09.0312 3100 [ E814C5CF8FC49C44F272D3E28EAFCC6E ] C:\Program Files\Java\jre6\bin\regutils.dll
21:18:09.0312 3100 C:\Program Files\Java\jre6\bin\regutils.dll - ok
21:18:09.0312 3100 [ 65E41A57F996DF49333D5B8B89691CA1 ] C:\Program Files\Java\jre6\bin\verify.dll
21:18:09.0312 3100 C:\Program Files\Java\jre6\bin\verify.dll - ok
21:18:09.0328 3100 [ 0431F72308EA427DB50341E15594FFF4 ] C:\Program Files\Java\jre6\bin\zip.dll
21:18:09.0328 3100 C:\Program Files\Java\jre6\bin\zip.dll - ok
21:18:09.0343 3100 [ 9ED9F21D73F9D71E30EAB71835E656EB ] C:\DOCUME~1\Aaron\LOCALS~1\temp\B236356F-AF9D-45EE-A3AB-43F8A6440DD5.exe
21:18:09.0343 3100 C:\DOCUME~1\Aaron\LOCALS~1\temp\B236356F-AF9D-45EE-A3AB-43F8A6440DD5.exe - ok
21:18:09.0359 3100 [ B5A5231BBB443092AFB8A33EF7AEAEB2 ] C:\WINDOWS\system32\shdoclc.dll
21:18:09.0359 3100 C:\WINDOWS\system32\shdoclc.dll - ok
21:18:09.0359 3100 [ 06A0D051B6937CDA3E38702494BBFC2A ] C:\WINDOWS\system32\ieudinit.exe
21:18:09.0359 3100 C:\WINDOWS\system32\ieudinit.exe - ok
21:18:09.0375 3100 [ 91131A88C0581BC758804E5276FFE5B3 ] C:\WINDOWS\system32\ie4uinit.exe
21:18:09.0375 3100 C:\WINDOWS\system32\ie4uinit.exe - ok
21:18:09.0375 3100 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
21:18:09.0375 3100 C:\WINDOWS\system32\mydocs.dll - ok
21:18:09.0390 3100 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
21:18:09.0390 3100 C:\WINDOWS\system32\linkinfo.dll - ok
21:18:09.0406 3100 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
21:18:09.0406 3100 C:\WINDOWS\system32\ntshrui.dll - ok
21:18:09.0421 3100 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\84726390.sys
21:18:09.0421 3100 C:\WINDOWS\system32\drivers\84726390.sys - ok
21:18:09.0421 3100 [ 1B6FF5B9A21DE2E89BB014932A414E7E ] C:\WINDOWS\system32\iesetup.dll
21:18:09.0421 3100 C:\WINDOWS\system32\iesetup.dll - ok
21:18:09.0437 3100 [ FBDB9D0935B9907B809B381FDDF1627F ] C:\WINDOWS\system32\regsvr32.exe
21:18:09.0437 3100 C:\WINDOWS\system32\regsvr32.exe - ok
21:18:09.0453 3100 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
21:18:09.0453 3100 C:\WINDOWS\system32\webcheck.dll - ok
21:18:09.0453 3100 [ A14D324C50EB71FB480DDD60481D0C04 ] C:\WINDOWS\system32\pstorec.dll
21:18:09.0453 3100 C:\WINDOWS\system32\pstorec.dll - ok
21:18:09.0468 3100 [ D17918709F510B4EF2E98D89EBD1F74D ] C:\WINDOWS\system32\mobsync.dll
21:18:09.0468 3100 C:\WINDOWS\system32\mobsync.dll - ok
21:18:09.0484 3100 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
21:18:09.0484 3100 C:\WINDOWS\system32\mstask.dll - ok
21:18:09.0500 3100 [ EC4857574F466CB8E8D7AF92D7830A56 ] C:\WINDOWS\system32\wmpshell.dll
21:18:09.0500 3100 C:\WINDOWS\system32\wmpshell.dll - ok
21:18:09.0500 3100 [ 8058C01E0B96EC2F74FF764BE1B67D7F ] C:\Program Files\Outlook Express\setup50.exe
21:18:09.0500 3100 C:\Program Files\Outlook Express\setup50.exe - ok
21:18:09.0515 3100 [ 85AC5F11D4759D13674B3E92EAC3F140 ] C:\WINDOWS\system32\msident.dll
21:18:09.0515 3100 C:\WINDOWS\system32\msident.dll - ok
21:18:09.0531 3100 [ 7ED041C7F82A381417AA3F43AB55F95A ] C:\WINDOWS\system32\msidntld.dll
21:18:09.0531 3100 C:\WINDOWS\system32\msidntld.dll - ok
21:18:09.0531 3100 [ 2B86C9EEE08AF3B536203F1A13B464B5 ] C:\WINDOWS\system32\shmgrate.exe
21:18:09.0531 3100 C:\WINDOWS\system32\shmgrate.exe - ok
21:18:09.0546 3100 [ 29F3ECD623330AD06005482A84C2A741 ] C:\WINDOWS\system32\xpsp1res.dll
21:18:09.0546 3100 C:\WINDOWS\system32\xpsp1res.dll - ok
21:18:09.0562 3100 [ D0CB8DEAF008D7CDC794EF6A37EC8134 ] C:\WINDOWS\inf\unregmp2.exe
21:18:09.0562 3100 C:\WINDOWS\inf\unregmp2.exe - ok
21:18:09.0578 3100 [ 84B68C6EC17C99943F0EA68215BB2238 ] C:\WINDOWS\system32\wmdrmsdk.dll
21:18:09.0578 3100 C:\WINDOWS\system32\wmdrmsdk.dll - ok
21:18:09.0578 3100 [ E6793F1DBB5855B32794A81A530FADFC ] C:\Program Files\Windows Media Player\wmdbexport.exe
21:18:09.0578 3100 C:\Program Files\Windows Media Player\wmdbexport.exe - ok
21:18:09.0593 3100 [ DFFEC6479C5E00A103A44AC33A1058AA ] C:\WINDOWS\system32\WMVCore.dll
21:18:09.0593 3100 C:\WINDOWS\system32\WMVCore.dll - ok
21:18:09.0609 3100 [ 7365B5CA9747C84178D42CCA72486277 ] C:\WINDOWS\system32\wmasf.dll
21:18:09.0609 3100 C:\WINDOWS\system32\wmasf.dll - ok
21:18:09.0609 3100 [ 5879D691E842574A20FE63817CB76DF9 ] C:\WINDOWS\system32\msiexec.exe
21:18:09.0609 3100 C:\WINDOWS\system32\msiexec.exe - ok
21:18:09.0625 3100 [ 4EE2A4B37555865CA58011B83DF40245 ] C:\WINDOWS\system32\mscories.dll
21:18:09.0625 3100 C:\WINDOWS\system32\mscories.dll - ok
21:18:09.0625 3100 [ 681A98D6790A9EED81F3A03868FCAF2C ] C:\WINDOWS\system32\iedkcs32.dll
21:18:09.0625 3100 C:\WINDOWS\system32\iedkcs32.dll - ok
21:18:09.0640 3100 [ 7473FECBCC12090389DF7C60191EC09F ] C:\WINDOWS\system32\msfeeds.dll
21:18:09.0640 3100 C:\WINDOWS\system32\msfeeds.dll - ok
21:18:09.0656 3100 [ F554A8C20994A68D327ED6F26BC0EB9A ] C:\WINDOWS\system32\msfeedsbs.dll
21:18:09.0656 3100 C:\WINDOWS\system32\msfeedsbs.dll - ok
21:18:09.0671 3100 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
21:18:09.0671 3100 C:\WINDOWS\system32\stobject.dll - ok
21:18:09.0671 3100 [ 2220B05C81865B5531D8686B851F8C5E ] C:\Program Files\Creative\ShareDLL\CTNotify.exe
21:18:09.0671 3100 C:\Program Files\Creative\ShareDLL\CTNotify.exe - ok
21:18:09.0687 3100 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
21:18:09.0687 3100 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
21:18:09.0703 3100 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
21:18:09.0703 3100 C:\WINDOWS\system32\imapi.exe - ok
21:18:09.0718 3100 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
21:18:09.0718 3100 C:\WINDOWS\system32\oledlg.dll - ok
21:18:09.0718 3100 [ 927D803997BDA7A450B743E378EA47D0 ] C:\Program Files\Creative\ShareDLL\CTCDPwr.dll
21:18:09.0718 3100 C:\Program Files\Creative\ShareDLL\CTCDPwr.dll - ok
21:18:09.0734 3100 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
21:18:09.0734 3100 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
21:18:09.0750 3100 [ D2A2ACF673692C6B4A6B8A1E794F8B2B ] C:\Program Files\Creative\ShareDLL\Mediadet.exe
21:18:09.0750 3100 C:\Program Files\Creative\ShareDLL\Mediadet.exe - ok
21:18:09.0765 3100 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
21:18:09.0765 3100 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
21:18:09.0765 3100 [ 68C91658A3CB6773EC79C90CC0EE6BC1 ] C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
21:18:09.0765 3100 C:\Program Files\VERITAS Software\Update Manager\sgtray.exe - ok
21:18:09.0781 3100 [ 3093ED3F54E96FB5BEE864436D8FE76C ] C:\WINDOWS\system32\dla\tfswctrl.exe
21:18:09.0781 3100 C:\WINDOWS\system32\dla\tfswctrl.exe - ok
21:18:09.0796 3100 [ DB3B52E3F36D9D5469E6BBBCD0BB984D ] C:\WINDOWS\essspk.exe
21:18:09.0796 3100 C:\WINDOWS\essspk.exe - ok
21:18:09.0796 3100 [ EF5FE31EF2A0C741DE3C5650DE0F5E91 ] C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
21:18:09.0796 3100 C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE - ok
21:18:09.0812 3100 [ 47F4C8707DE00F5F18F6CD524DF02879 ] C:\WINDOWS\LOGI_MWX.EXE
21:18:09.0812 3100 C:\WINDOWS\LOGI_MWX.EXE - ok
21:18:09.0828 3100 [ 4CF789D27533DB80B7B8DC0038588756 ] C:\WINDOWS\system32\sstray.exe
21:18:09.0828 3100 C:\WINDOWS\system32\sstray.exe - ok
21:18:09.0843 3100 [ 3E4C03CEFAD8DE135263236B61A49C90 ] C:\WINDOWS\system32\NeroCheck.exe
21:18:09.0843 3100 C:\WINDOWS\system32\NeroCheck.exe - ok
21:18:09.0843 3100 [ 8B9145D229D4E89D15ACB820D4A3A90F ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
21:18:09.0843 3100 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok
21:18:09.0859 3100 [ 7E1B0C85B7347D9391FE60F6DADFDDF0 ] C:\Program Files\Microsoft Security Client\msseces.exe
21:18:09.0859 3100 C:\Program Files\Microsoft Security Client\msseces.exe - ok
21:18:09.0875 3100 [ 98A078F838A70F84E1BD490D7C7675F4 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
21:18:09.0875 3100 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
21:18:09.0875 3100 [ 3C34D0AD611938D1C56B8E12A15620CB ] C:\WINDOWS\system32\tfswapi.dll
21:18:09.0875 3100 C:\WINDOWS\system32\tfswapi.dll - ok
21:18:09.0890 3100 [ C637FC4638A96165256B28D38DE7B953 ] C:\Program Files\HP\HP Software Update\hpwuschd2.exe
21:18:09.0890 3100 C:\Program Files\HP\HP Software Update\hpwuschd2.exe - ok
21:18:09.0906 3100 [ 579676D624DB80680BC1D53F95F66B4F ] C:\WINDOWS\system32\dla\tfswcres.dll
21:18:09.0906 3100 C:\WINDOWS\system32\dla\tfswcres.dll - ok
21:18:09.0906 3100 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
21:18:09.0906 3100 C:\WINDOWS\system32\msisip.dll - ok
21:18:09.0921 3100 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
21:18:09.0921 3100 C:\WINDOWS\system32\wshext.dll - ok
21:18:09.0937 3100 [ F32B2781B3FA0630A1808E23B805D70E ] C:\PROGRA~1\TEXTBR~1.0\Bin\CSH.DLL
21:18:09.0937 3100 C:\PROGRA~1\TEXTBR~1.0\Bin\CSH.DLL - ok
21:18:09.0953 3100 [ F3AD8EA144F411A6292775FA2B230DE5 ] C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll
21:18:09.0953 3100 C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll - ok
21:18:09.0953 3100 [ 2ECE5B77BC5271393AC6A8BAFD51F79F ] C:\PROGRA~1\TEXTBR~1.0\Bin\Tbmhook.dll
21:18:09.0953 3100 C:\PROGRA~1\TEXTBR~1.0\Bin\Tbmhook.dll - ok
21:18:09.0968 3100 [ 22D12B4CD5A7BA200C589B395AFC81C3 ] C:\PROGRA~1\TEXTBR~1.0\Bin\OfficeAccess.dll
21:18:09.0968 3100 C:\PROGRA~1\TEXTBR~1.0\Bin\OfficeAccess.dll - ok
21:18:09.0984 3100 [ CDA4DCD608C0E3C8B25CAFA5F675DD35 ] C:\PROGRA~1\TEXTBR~1.0\Bin\REGDATA.DLL
21:18:09.0984 3100 C:\PROGRA~1\TEXTBR~1.0\Bin\REGDATA.DLL - ok
21:18:09.0984 3100 [ EA2DB0300AE4C1A7836589B18433FCA6 ] C:\PROGRA~1\TEXTBR~1.0\Bin\WordAccess.dll
21:18:09.0984 3100 C:\PROGRA~1\TEXTBR~1.0\Bin\WordAccess.dll - ok
21:18:10.0000 3100 [ 3B10475B83EC95B6E913B7575886C652 ] C:\PROGRA~1\TEXTBR~1.0\Bin\MSAppAccess.dll
21:18:10.0000 3100 C:\PROGRA~1\TEXTBR~1.0\Bin\MSAppAccess.dll - ok
21:18:10.0015 3100 [ 559D9CBFC29DEE2773B28D38851683BA ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
21:18:10.0015 3100 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
21:18:10.0031 3100 [ B512180B233A7C441A91B5033EAA419A ] C:\Program Files\VERITAS Software\Update Manager\sus.dll
21:18:10.0031 3100 C:\Program Files\VERITAS Software\Update Manager\sus.dll - ok
21:18:10.0031 3100 [ 62742C53A41BF972274BA51AE39945C4 ] C:\Program Files\VERITAS Software\Update Manager\sfcwall31.dll
21:18:10.0031 3100 C:\Program Files\VERITAS Software\Update Manager\sfcwall31.dll - ok
21:18:10.0046 3100 [ 23FC17471DE7883DCC8646F0FEEE3899 ] C:\Program Files\VERITAS Software\Update Manager\vxhttp.dll
21:18:10.0046 3100 C:\Program Files\VERITAS Software\Update Manager\vxhttp.dll - ok
21:18:10.0062 3100 [ 7C50C763830BAE5E4C87E7754BF8833B ] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
21:18:10.0062 3100 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe - ok
21:18:10.0062 3100 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
21:18:10.0062 3100 C:\WINDOWS\system32\mfc42.dll - ok
21:18:10.0078 3100 [ 14C173D1F42FBEF1763B10BE34F31A56 ] C:\PROGRA~1\TEXTBR~1.0\Bin\ExcelAccess.dll
21:18:10.0078 3100 C:\PROGRA~1\TEXTBR~1.0\Bin\ExcelAccess.dll - ok
21:18:10.0093 3100 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
21:18:10.0093 3100 C:\WINDOWS\system32\olepro32.dll - ok
21:18:10.0109 3100 [ F885EC5CFD7FE4DB8CF0DCC1211B61BA ] C:\PROGRA~1\TEXTBR~1.0\Bin\IAResENG.dll
21:18:10.0109 3100 C:\PROGRA~1\TEXTBR~1.0\Bin\IAResENG.dll - ok
21:18:10.0109 3100 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
21:18:10.0109 3100 C:\WINDOWS\system32\riched32.dll - ok
21:18:10.0125 3100 [ 0DBEE38060475A4C3E04D3B908AEC0B9 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
21:18:10.0125 3100 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
21:18:10.0125 3100 [ 803EC555F2DB81366FDA9EBD4C5160E3 ] C:\Program Files\VERITAS Software\Update Manager\trayrenu.dll
21:18:10.0125 3100 C:\Program Files\VERITAS Software\Update Manager\trayrenu.dll - ok
21:18:10.0140 3100 [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
21:18:10.0140 3100 C:\WINDOWS\system32\msftedit.dll - ok
21:18:10.0156 3100 [ 82DB197FDB87A8688B2E959819E54FC7 ] C:\WINDOWS\system32\vxblock.dll
21:18:10.0156 3100 C:\WINDOWS\system32\vxblock.dll - ok
21:18:10.0156 3100 [ 3678463D8ECB6CF3C25AC2F085711461 ] C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
21:18:10.0156 3100 C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE - ok
21:18:10.0171 3100 [ CC374BD2AB88E3100896D579A0CEC919 ] C:\Program Files\Logitech\MouseWare\system\EVENTEX.DLL
21:18:10.0171 3100 C:\Program Files\Logitech\MouseWare\system\EVENTEX.DLL - ok
21:18:10.0187 3100 [ AB41A5FA14B0E14E17B48143F49DB19E ] C:\WINDOWS\system32\COMNCTR.DLL
21:18:10.0187 3100 C:\WINDOWS\system32\COMNCTR.DLL - ok
21:18:10.0203 3100 [ C103B3C59145A54FD00EA642B023D12E ] C:\WINDOWS\system32\vxdmdbtn.ocx
21:18:10.0203 3100 C:\WINDOWS\system32\vxdmdbtn.ocx - ok
21:18:10.0203 3100 [ 4BCAEDAE375B0BA502F3D012969B3F6A ] C:\Program Files\VERITAS Software\Update Manager\dimpls\dmdimpls.dll
21:18:10.0203 3100 C:\Program Files\VERITAS Software\Update Manager\dimpls\dmdimpls.dll - ok
21:18:10.0218 3100 [ A430FAAE0A4DB973500B6C882F8848E5 ] C:\Program Files\Logitech\MouseWare\system\MFC42.DLL
21:18:10.0218 3100 C:\Program Files\Logitech\MouseWare\system\MFC42.DLL - ok
21:18:10.0234 3100 [ D599E01A955EB82988113E7A4FCD87F7 ] C:\Program Files\SystemControl\SystemControl\SystemControl.exe
21:18:10.0234 3100 C:\Program Files\SystemControl\SystemControl\SystemControl.exe - ok
21:18:10.0250 3100 [ C276381C27F77C2EBD7A40D4A5628286 ] C:\Program Files\Logitech\MouseWare\system\ccresrce.dll
21:18:10.0250 3100 C:\Program Files\Logitech\MouseWare\system\ccresrce.dll - ok
21:18:10.0250 3100 [ 66B223029BA6EF3E3B3351763CB3AD0C ] C:\Program Files\Logitech\MouseWare\system\GlbResLt.dll
21:18:10.0250 3100 C:\Program Files\Logitech\MouseWare\system\GlbResLt.dll - ok
21:18:10.0265 3100 [ 06CA25E522E43426C7DC966B9EFA3361 ] C:\Program Files\Common Files\Logitech\Scrolling\LGMSGHK.DLL
21:18:10.0265 3100 C:\Program Files\Common Files\Logitech\Scrolling\LGMSGHK.DLL - ok
21:18:10.0281 3100 [ 0E554A5D7995DDCAA2900ACA5B7E39F1 ] C:\Program Files\Logitech\MouseWare\system\DEVICES.DLL
21:18:10.0281 3100 C:\Program Files\Logitech\MouseWare\system\DEVICES.DLL - ok
21:18:10.0281 3100 [ B97967B2DF6954B9BE621806975324EF ] C:\Program Files\Logitech\MouseWare\system\CCSTMGLB.DLL
21:18:10.0281 3100 C:\Program Files\Logitech\MouseWare\system\CCSTMGLB.DLL - ok
21:18:10.0296 3100 [ 85A757167F5ECB0D8A4741D0F5C689CF ] C:\Program Files\Logitech\MouseWare\system\CCUSTOM.DLL
21:18:10.0296 3100 C:\Program Files\Logitech\MouseWare\system\CCUSTOM.DLL - ok
21:18:10.0312 3100 [ 279D3F3C849D6ABD4367D75AAAF264EA ] C:\Program Files\Logitech\MouseWare\system\CCMSGHK.DLL
21:18:10.0312 3100 C:\Program Files\Logitech\MouseWare\system\CCMSGHK.DLL - ok
21:18:10.0328 3100 [ 253D8DCADAC95B9E524398AA5A44E8CD ] C:\Program Files\Logitech\MouseWare\system\CCRESGLB.DLL
21:18:10.0328 3100 C:\Program Files\Logitech\MouseWare\system\CCRESGLB.DLL - ok
21:18:10.0328 3100 [ B18A08A8A228173BC00A5E5239E42C04 ] C:\Program Files\Logitech\MouseWare\system\LgWndHk.dll
21:18:10.0328 3100 C:\Program Files\Logitech\MouseWare\system\LgWndHk.dll - ok
21:18:10.0343 3100 [ D3ABDEB231532BF764E8A436C3A5FE52 ] C:\Program Files\Logitech\MouseWare\system\CMOUSECC.DLL
21:18:10.0343 3100 C:\Program Files\Logitech\MouseWare\system\CMOUSECC.DLL - ok
21:18:10.0359 3100 [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll
21:18:10.0359 3100 C:\WINDOWS\system32\mmcshext.dll - ok
21:18:10.0359 3100 [ 9E01C220E06737ADC852B310BD2A8D11 ] C:\Program Files\Logitech\MouseWare\system\BASIC.DLL
21:18:10.0359 3100 C:\Program Files\Logitech\MouseWare\system\BASIC.DLL - ok
21:18:10.0375 3100 [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll
21:18:10.0375 3100 C:\WINDOWS\system32\hhsetup.dll - ok
21:18:10.0375 3100 [ B5983289DA927799A434BD8D197B7B9F ] C:\WINDOWS\system32\LGUICOM.DLL
21:18:10.0375 3100 C:\WINDOWS\system32\LGUICOM.DLL - ok
21:18:10.0390 3100 [ 1601DC722FE516C2195749E93EE86302 ] C:\Program Files\Logitech\MouseWare\system\lffmouse.dll
21:18:10.0390 3100 C:\Program Files\Logitech\MouseWare\system\lffmouse.dll - ok
21:18:10.0406 3100 [ 7B4E79AC7C7C4EC8C5AE44B66F5D26B0 ] C:\Program Files\Logitech\MouseWare\system\LGCORDLS.DLL
21:18:10.0406 3100 C:\Program Files\Logitech\MouseWare\system\LGCORDLS.DLL - ok
21:18:10.0421 3100 [ 165AE7A443F2139DD2C078AD87699F91 ] C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL
21:18:10.0421 3100 C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL - ok
21:18:10.0421 3100 [ 3473E58AD01E0BFFEF178A1E3C1F080A ] C:\Program Files\Microsoft Security Client\MsMpCom.dll
21:18:10.0421 3100 C:\Program Files\Microsoft Security Client\MsMpCom.dll - ok
21:18:10.0437 3100 [ A602E56B9043EAA4A4BC52586EEDD023 ] C:\PROGRA~1\COMMON~1\MICROS~1\DW\DW20.EXE
21:18:10.0437 3100 C:\PROGRA~1\COMMON~1\MICROS~1\DW\DW20.EXE - ok
21:18:10.0453 3100 [ 989008BE5732EE891682E0631E6D1B4A ] C:\PROGRA~1\COMMON~1\MICROS~1\DW\1033\DWINTL20.DLL
21:18:10.0453 3100 C:\PROGRA~1\COMMON~1\MICROS~1\DW\1033\DWINTL20.DLL - ok
21:18:10.0468 3100 [ F92E1076C42FCD6DB3D72D8CFE9816D5 ] C:\WINDOWS\system32\wscntfy.exe
21:18:10.0468 3100 C:\WINDOWS\system32\wscntfy.exe - ok
21:18:10.0468 3100 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
21:18:10.0468 3100 C:\WINDOWS\system32\drprov.dll - ok
21:18:10.0484 3100 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
21:18:10.0484 3100 C:\WINDOWS\system32\ntlanman.dll - ok
21:18:10.0500 3100 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
21:18:10.0500 3100 C:\WINDOWS\system32\davclnt.dll - ok
21:18:10.0500 3100 ============================================================
21:18:10.0500 3100 Scan finished
21:18:10.0500 3100 ============================================================
21:18:10.0531 1932 Detected object count: 0
21:18:10.0531 1932 Actual detected object count: 0
21:18:15.0328 3924 Deinitialize success

Thanks

#5
maliprog

Posted 01 October 2012 - 11:09 PM

Trusted Helper

Malware Removal
6,172 posts

Good job. We still have work to do...

Step 1

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it
Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post aswMBR.txt in your next reply
Also, aswMBR will save additional file named MBR.dat. Attach it to your next reply

Step 2

Run OTL again

Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator"). Make sure all other windows are closed and to let it run uninterrupted.

Under the Custom Scan/Fixes box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
services.exe
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open OTL.txt. This file is also saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it here to me

Step 3

Please don't forget to include these items in your reply:

aswMBR log
OTL log

It would be helpful if you could post each log in separate post using "Add Reply" button

#6
Cardoctork

Posted 02 October 2012 - 06:54 PM

Member

Topic Starter
Member
39 posts

Here is the otl log

OTL logfile created on: 10/2/2012 8:17:36 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Aaron\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 598.28 Mb Available Physical Memory | 58.46% Memory free
1.61 Gb Paging File | 1.18 Gb Available in Paging File | 73.22% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.33 Gb Total Space | 42.43 Gb Free Space | 55.59% Space Free | Partition Type: NTFS

Computer Name: RAINBOW-ACRES | User Name: Aaron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/30 21:41:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL.scr
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
PRC - [2011/09/09 16:01:16 | 001,804,648 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/11/14 10:50:00 | 000,037,888 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
PRC - [2003/06/19 23:36:22 | 001,163,264 | ---- | M] () -- C:\Program Files\SystemControl\SystemControl\SystemControl.exe
PRC - [2002/12/05 00:23:26 | 000,073,728 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\sstray.exe
PRC - [2002/05/31 11:34:36 | 000,167,936 | ---- | M] () -- C:\WINDOWS\essspk.exe
PRC - [2001/08/01 03:00:00 | 000,191,488 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\ShareDLL\CTNotify.exe
PRC - [2001/08/01 03:00:00 | 000,166,912 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\ShareDLL\Mediadet.exe
PRC - [1998/12/10 14:57:12 | 000,037,376 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\InstantAccess.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/11 08:22:51 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
MOD - [2012/08/11 08:19:39 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012/08/11 08:08:49 | 003,186,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/08/11 08:08:47 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/08/11 08:08:46 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2012/08/11 08:08:41 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/08/11 08:08:41 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/08/11 08:08:40 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2012/08/11 08:08:39 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012/08/11 08:08:38 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2012/08/11 08:08:36 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2012/08/11 08:08:31 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/08/11 08:04:59 | 013,198,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012/06/24 09:52:09 | 001,666,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012/06/03 16:15:33 | 000,762,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
MOD - [2012/06/03 16:15:27 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll
MOD - [2012/06/03 16:15:25 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll
MOD - [2012/06/03 16:01:09 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/06/03 16:00:51 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/06/03 15:42:12 | 006,815,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
MOD - [2012/06/03 15:40:53 | 005,617,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/06/03 15:40:44 | 000,982,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012/06/03 15:40:33 | 007,069,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/06/03 15:39:43 | 009,091,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/06/03 15:39:27 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/04/25 19:52:28 | 001,270,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll
MOD - [2012/04/25 19:52:26 | 007,422,352 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll
MOD - [2012/04/25 19:52:24 | 000,795,024 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll
MOD - [2012/04/25 19:52:24 | 000,192,912 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll
MOD - [2012/04/25 19:52:22 | 002,453,904 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll
MOD - [2012/04/25 19:52:22 | 002,126,224 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll
MOD - [2011/02/13 22:32:51 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
MOD - [2011/02/13 22:32:51 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
MOD - [2010/02/01 20:35:28 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2010/02/01 20:35:27 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2010/02/01 20:35:27 | 000,403,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2010/02/01 20:35:26 | 000,046,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2010/02/01 20:35:25 | 000,419,616 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2010/02/01 20:35:25 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2010/02/01 20:35:24 | 000,270,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2010/02/01 20:35:24 | 000,120,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2010/02/01 20:35:23 | 000,070,432 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2010/02/01 20:35:22 | 000,121,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/03/01 17:23:56 | 001,058,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2009/03/01 17:23:55 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2009/03/01 17:23:54 | 000,402,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2009/03/01 17:23:54 | 000,238,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2009/03/01 17:23:54 | 000,047,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2009/03/01 17:23:54 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2009/03/01 17:23:53 | 000,130,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/03/01 17:23:53 | 000,120,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2009/03/01 17:23:53 | 000,072,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2009/03/01 17:00:38 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
MOD - [2009/03/01 17:00:36 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2009/03/01 17:00:34 | 000,458,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll
MOD - [2009/03/01 17:00:34 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll
MOD - [2009/03/01 17:00:33 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll
MOD - [2009/03/01 17:00:33 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll
MOD - [2003/06/19 23:36:22 | 001,163,264 | ---- | M] () -- C:\Program Files\SystemControl\SystemControl\SystemControl.exe
MOD - [2002/05/31 11:34:36 | 000,167,936 | ---- | M] () -- C:\WINDOWS\essspk.exe
MOD - [1998/12/10 14:57:12 | 000,037,376 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\InstantAccess.exe
MOD - [1998/12/10 14:54:12 | 000,034,304 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\OfficeAccess.dll
MOD - [1998/12/10 14:53:10 | 000,034,304 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\ExcelAccess.dll
MOD - [1998/12/10 14:50:30 | 000,045,568 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\WordAccess.dll
MOD - [1998/12/10 14:47:54 | 000,008,704 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\MSAppAccess.dll
MOD - [1998/12/10 14:47:12 | 000,130,560 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\IAResENG.dll
MOD - [1998/12/10 14:43:04 | 000,022,016 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\REGDATA.DLL
MOD - [1998/12/10 14:40:10 | 000,119,808 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\Tbmhook.dll
MOD - [1998/12/10 13:57:08 | 000,034,304 | ---- | M] () -- C:\Program Files\Common Files\Xerox Shared\VGFILE.DLL
MOD - [1998/12/10 13:57:00 | 000,163,328 | ---- | M] () -- C:\Program Files\Common Files\Xerox Shared\EASYTB32.DLL

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe -- (VETMSGNT)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe -- (PPCtlPriv)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/09/06 22:47:53 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/23 21:23:56 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2005/03/30 17:46:56 | 000,411,920 | ---- | M] (Eastman Kodak Company) [On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - [2004/08/11 01:46:56 | 000,483,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Windows Media Connect\mswmccds.exe -- (WmcCds)
SRV - [2004/08/10 22:50:42 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect\mswmcls.exe -- (WmcCdsLs)
SRV - [2002/01/20 19:02:56 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\system32\drivers\papyjoy.sys -- (papyjoy)
SRV - [2002/01/20 19:02:54 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\system32\drivers\papycpu2.sys -- (papycpu2)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Aaron\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Aaron\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - [2008/08/20 05:42:14 | 000,108,288 | ---- | M] (Computer Associates International, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\veteboot.sys -- (VETEBOOT)
DRV - [2008/08/20 05:42:12 | 000,026,352 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vet-filt.sys -- (VET-FILT)
DRV - [2008/08/20 05:42:08 | 000,879,760 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vetefile.sys -- (VETEFILE)
DRV - [2008/08/20 05:42:08 | 000,032,240 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vetmonnt.sys -- (VETMONNT)
DRV - [2008/08/20 05:42:08 | 000,021,488 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vetfddnt.sys -- (VETFDDNT)
DRV - [2008/08/20 05:42:08 | 000,021,104 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vet-rec.sys -- (VET-REC)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/09/13 21:41:28 | 000,051,608 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2007/09/13 21:41:20 | 000,014,744 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2007/09/13 21:41:12 | 000,029,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2007/09/13 21:41:02 | 000,029,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2007/09/13 21:40:54 | 000,019,352 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2005/06/16 15:41:02 | 000,037,150 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)
DRV - [2005/03/31 09:00:08 | 000,152,081 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
DRV - [2005/03/31 08:47:56 | 000,070,262 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
DRV - [2005/03/31 08:47:50 | 000,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
DRV - [2005/03/31 08:47:48 | 000,038,673 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
DRV - [2005/03/31 08:47:42 | 000,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
DRV - [2004/10/30 21:24:57 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2004/05/13 09:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/05/13 07:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003/12/01 11:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/11/07 05:50:00 | 000,070,798 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/11/07 05:50:00 | 000,051,486 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042pr2.Sys -- (L8042pr2)
DRV - [2003/11/07 05:50:00 | 000,025,502 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHIDFLT2.SYS -- (LHidFlt2)
DRV - [2003/07/22 03:44:18 | 000,018,848 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\MLPTDR_Q.SYS -- (MLPTDR_Q)
DRV - [2003/05/26 23:19:00 | 000,284,800 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce)
DRV - [2003/05/26 23:19:00 | 000,029,952 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax)
DRV - [2003/03/21 13:34:08 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/02/21 10:29:16 | 000,005,120 | ---- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys -- (BS_I2cIo)
DRV - [2002/11/27 07:52:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002/11/13 03:10:00 | 000,020,224 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvidesm.sys -- (nvidesm)
DRV - [2002/10/18 18:06:28 | 000,842,128 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winachcf.sys -- (Winachcf)
DRV - [2002/09/05 23:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2002/01/20 19:02:56 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\WINDOWS\system32\drivers\papyjoy.sys -- (papyjoy)
DRV - [2002/01/20 19:02:54 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\WINDOWS\system32\drivers\papycpu2.sys -- (papycpu2)
DRV - [2001/08/17 10:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 09:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT)
DRV - [2001/08/15 15:21:28 | 000,023,200 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ppsio2.sys -- (ppsio2)
DRV - [2000/10/25 08:27:24 | 000,003,000 | R--- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\SetupNT.sys -- (SetupNT)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.autopart...rtal/login.html
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "eBay"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co...en-US:official"
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Aaron\Application Data\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{e9259cba-e7ad-4f74-863f-ef9fe935394d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/06 22:47:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/06 22:46:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.7\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2008/03/16 17:30:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.7\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/06/24 09:36:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2008/09/06 13:48:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.1\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/09/06 13:48:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/09/01 12:34:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.2\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/09/06 13:48:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.2\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/09/01 12:34:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\Firefox
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.1\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/09/06 13:48:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/09/01 12:34:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.2\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/09/06 13:48:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.2\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/09/01 12:34:21 | 000,000,000 | ---D | M]

[2010/09/25 19:16:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Extensions
[2010/09/25 19:16:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/05/01 22:38:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\extensions
[2008/03/16 17:31:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Sunbird\Profiles\d3ncou2h.default\extensions
[2012/09/26 20:07:32 | 000,001,243 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\a9.xml
[2008/06/20 22:19:14 | 000,001,712 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\ask.xml
[2011/01/09 22:08:47 | 000,001,279 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\ebay-us-completed-listings.xml
[2012/09/26 20:07:33 | 000,002,585 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\ebay-us-worldwide.xml
[2012/09/26 20:07:33 | 000,002,125 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\flickr-tags.xml
[2010/04/02 18:48:29 | 000,005,511 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\foodtv.xml
[2010/02/01 20:41:47 | 000,001,253 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\froogle.xml
[2010/06/15 18:29:38 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\usatoday.xml
[2012/09/26 20:07:33 | 000,001,835 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\weather.xml
[2008/06/20 22:19:20 | 000,001,108 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\wikipedia.xml
[2012/09/06 22:45:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/06 22:45:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/06 22:45:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/09/06 22:47:54 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2005/09/10 01:04:37 | 000,053,248 | ---- | M] (Microsoft Corp.) -- C:\Program Files\mozilla firefox\plugins\NPPGWrap.dll
[2012/08/30 19:44:01 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/08/30 19:44:01 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/10/01 20:52:18 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
O4 - HKLM..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CTNotify.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [dvHighMem] C:\WINDOWS\cfgmng32.exe File not found
O4 - HKLM..\Run: [EssSpkPhone] C:\WINDOWS\essspk.exe ()
O4 - HKLM..\Run: [InstantAccess] C:\Program Files\TextBridge Pro 8.0\Bin\InstantAccess.exe ()
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [nForce Tray Options] C:\WINDOWS\System32\sstray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE File not found
O4 - HKLM..\Run: [StorageGuard] C:\Program Files\VERITAS Software\Update Manager\sgtray.exe (VERITAS Software, Inc.)
O4 - HKCU..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [KSS] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SystemControl.lnk = C:\Program Files\SystemControl\SystemControl\SystemControl.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1349031222140 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1349031764031 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} http://chat.msn.com/bin/msnchat45.cab (MSN Chat Control 4.5)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1B8A536-023C-4D8E-A83D-0CCEDEAC3DE9}: NameServer = 208.67.222.222,208.67.220.220,12.213.112.61
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {1869181A-9F50-4FCF-8BFF-1B8588ECB85C} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/12/06 16:31:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/10/02 18:02:06 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Aaron\Desktop\aswMBR.exe
[2012/10/01 21:05:39 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Aaron\Desktop\tdsskiller(1).exe
[2012/10/01 20:40:14 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/10/01 20:31:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/10/01 20:31:54 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/10/01 20:31:54 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/10/01 20:31:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/10/01 20:31:44 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/10/01 20:30:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/01 20:29:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aaron\Start Menu\Programs\Administrative Tools
[2012/10/01 20:29:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/10/01 20:20:36 | 004,759,381 | R--- | C] (Swearware) -- C:\Documents and Settings\Aaron\Desktop\ComboFix.exe
[2012/09/30 21:40:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL.scr
[2012/09/30 21:37:36 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL(1).exe
[2012/09/30 20:50:30 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/09/30 20:50:29 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/09/30 20:50:27 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2012/09/30 20:50:12 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/09/30 20:50:09 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/09/30 20:50:07 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2012/09/30 20:50:02 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2012/09/30 20:50:00 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2012/09/30 20:49:39 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys
[2012/09/30 20:49:35 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/09/30 20:49:35 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/09/30 20:49:26 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/09/30 20:49:23 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2012/09/30 20:49:19 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2012/09/30 20:49:18 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2012/09/30 20:49:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2012/09/30 20:49:16 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/09/30 20:49:13 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2012/09/30 20:49:11 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2012/09/30 20:49:10 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2012/09/30 20:49:07 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2012/09/30 20:49:05 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2012/09/30 20:49:04 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2012/09/30 20:49:03 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/09/30 20:49:02 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/09/30 20:49:02 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/09/30 20:48:53 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/09/30 20:48:52 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/09/30 20:48:50 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/09/30 20:48:49 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/09/30 20:48:48 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2012/09/30 20:48:47 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys
[2012/09/30 20:48:44 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2012/09/30 20:48:42 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2012/09/30 20:48:41 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/09/30 20:48:40 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2012/09/30 20:48:39 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2012/09/30 20:48:37 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/09/30 20:48:37 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2012/09/30 20:48:36 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/09/30 20:48:36 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/09/30 20:48:33 | 000,020,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys
[2012/09/30 20:48:32 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2012/09/30 20:48:30 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2012/09/30 20:48:28 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2012/09/30 20:48:26 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/09/30 20:48:23 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2012/09/30 20:48:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2012/09/30 20:48:22 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2012/09/30 20:48:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2012/09/30 20:48:20 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/09/30 20:48:20 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2012/09/30 20:48:19 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2012/09/30 20:48:19 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2012/09/30 20:48:18 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/09/30 20:48:17 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/09/30 20:48:17 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys
[2012/09/30 20:48:15 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2012/09/30 20:48:09 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/09/30 20:48:08 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/09/30 20:48:08 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/09/30 20:48:07 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/09/30 20:48:07 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/09/30 20:48:06 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/09/30 20:48:05 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2012/09/30 20:48:04 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2012/09/30 20:48:03 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2012/09/30 20:48:02 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2012/09/30 20:47:59 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2012/09/30 20:47:59 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2012/09/30 20:47:58 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2012/09/30 20:47:57 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2012/09/30 20:47:55 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/09/30 20:47:51 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/09/30 20:47:51 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/09/30 20:47:49 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/09/30 20:47:47 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/09/30 20:47:46 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/09/30 20:47:43 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2012/09/30 20:47:40 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2012/09/30 20:47:39 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/09/30 20:47:38 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/09/30 20:47:33 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys
[2012/09/30 20:47:32 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys
[2012/09/30 20:47:32 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys
[2012/09/30 20:47:31 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys
[2012/09/30 20:47:30 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2012/09/30 20:47:30 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2012/09/30 20:47:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2012/09/30 20:47:29 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2012/09/30 20:47:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2012/09/30 20:47:27 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2012/09/30 20:47:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2012/09/30 20:47:22 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/09/30 20:47:22 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/09/30 20:47:21 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/09/30 20:47:19 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/09/30 20:47:14 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/09/30 20:47:13 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2012/09/30 20:47:09 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2012/09/30 20:47:06 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2012/09/30 20:47:05 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2012/09/30 20:47:04 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2012/09/30 20:47:03 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2012/09/30 20:47:03 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2012/09/30 20:47:02 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2012/09/30 20:47:01 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2012/09/30 20:47:01 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2012/09/30 20:46:59 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2012/09/30 20:46:57 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2012/09/30 20:46:50 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/09/30 20:46:48 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/09/30 20:46:47 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/09/30 20:46:46 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/09/30 20:46:45 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/09/30 20:46:44 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2012/09/30 20:46:43 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2012/09/30 20:46:42 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2012/09/30 20:46:40 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2012/09/30 20:46:40 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2012/09/30 20:46:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2012/09/30 20:46:36 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2012/09/30 20:46:28 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/09/30 20:46:27 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/09/30 20:46:26 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2012/09/30 20:46:26 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/09/30 20:46:25 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2012/09/30 20:46:23 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2012/09/30 20:46:23 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/09/30 20:46:22 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2012/09/30 20:46:22 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2012/09/30 20:46:21 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2012/09/30 20:46:21 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2012/09/30 20:46:20 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2012/09/30 20:46:12 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/09/30 20:46:12 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/09/30 20:46:11 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/09/30 20:46:11 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/09/30 20:46:10 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2012/09/30 20:46:06 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2012/09/30 20:46:03 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2012/09/30 20:46:02 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2012/09/30 20:46:01 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2012/09/30 20:45:59 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/09/30 20:45:58 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2012/09/30 20:45:57 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/09/30 20:45:56 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/09/30 20:45:54 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2012/09/30 20:45:53 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2012/09/30 20:45:51 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2012/09/30 20:45:51 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2012/09/30 20:45:50 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/09/30 20:45:49 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/09/30 20:45:49 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/09/30 20:45:48 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/09/30 20:45:48 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/09/30 20:45:47 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/09/30 20:45:46 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/09/30 20:45:46 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/09/30 20:45:45 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/09/30 20:45:45 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2012/09/30 20:45:44 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/09/30 20:45:43 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/09/30 20:45:40 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/09/30 20:45:39 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/09/30 20:45:36 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2012/09/30 20:45:35 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2012/09/30 20:45:35 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2012/09/30 20:45:32 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/09/30 20:45:31 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2012/09/30 20:45:27 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/09/30 20:45:26 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/09/30 20:45:25 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/09/30 20:45:15 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2012/09/30 20:45:12 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/09/30 20:45:12 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/09/30 20:45:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2012/09/30 20:45:10 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2012/09/30 20:45:06 | 000,049,024 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1280.sys
[2012/09/30 20:45:05 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys
[2012/09/30 20:45:05 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2012/09/30 20:45:04 | 000,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2012/09/30 20:45:03 | 000,040,320 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1080.sys
[2012/09/30 20:45:02 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2012/09/30 20:45:00 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/09/30 20:44:59 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/09/30 20:44:59 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/09/30 20:44:57 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2012/09/30 20:44:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2012/09/30 20:44:56 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2012/09/30 20:44:55 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/09/30 20:44:50 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2012/09/30 20:44:50 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2012/09/30 20:44:49 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2012/09/30 20:44:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2012/09/30 20:44:40 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2012/09/30 20:44:39 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2012/09/30 20:44:39 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2012/09/30 20:44:38 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2012/09/30 20:44:37 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2012/09/30 20:44:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2012/09/30 20:44:36 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2012/09/30 20:44:34 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2012/09/30 20:44:33 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2012/09/30 20:44:32 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2012/09/30 20:44:31 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2012/09/30 20:44:29 | 000,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys
[2012/09/30 20:44:29 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2012/09/30 20:44:27 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2012/09/30 20:44:26 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/09/30 20:44:26 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2012/09/30 20:44:25 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2012/09/30 20:44:24 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2012/09/30 20:44:24 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/09/30 20:44:19 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/09/30 20:44:19 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/09/30 20:44:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2012/09/30 20:44:10 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2012/09/30 20:44:10 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2012/09/30 20:44:09 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2012/09/30 20:44:08 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2012/09/30 20:44:08 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2012/09/30 20:44:07 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2012/09/30 20:44:07 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2012/09/30 20:44:06 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2012/09/30 20:44:06 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2012/09/30 20:44:05 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2012/09/30 20:44:04 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/09/30 20:44:04 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/09/30 20:44:03 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/09/30 20:44:02 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/09/30 20:43:34 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2012/09/30 20:43:33 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2012/09/30 20:43:28 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/09/30 20:43:26 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2012/09/30 20:43:25 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2012/09/30 20:43:24 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2012/09/30 20:43:21 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/09/30 20:43:20 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/09/30 20:43:18 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2012/09/30 20:43:16 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/09/30 20:43:10 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2012/09/30 20:43:09 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/09/30 20:43:08 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/09/30 20:43:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2012/09/30 20:43:04 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/09/30 20:43:03 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/09/30 20:43:03 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/09/30 20:43:02 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/09/30 20:43:01 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/09/30 20:43:01 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/09/30 20:43:00 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2012/09/30 20:42:59 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2012/09/30 20:42:58 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/09/30 20:42:58 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/09/30 20:42:57 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/09/30 20:42:56 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/09/30 20:42:56 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/09/30 20:42:54 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2012/09/30 20:42:42 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2012/09/30 20:42:39 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2012/09/30 20:42:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2012/09/30 20:42:23 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2012/09/30 20:42:22 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2012/09/30 20:42:16 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2012/09/30 20:42:03 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2012/09/30 20:41:59 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2012/09/30 20:41:59 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2012/09/30 20:41:56 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2012/09/30 20:41:56 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2012/09/30 20:41:55 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2012/09/30 20:41:53 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/09/30 20:41:50 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2012/09/30 20:41:48 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2012/09/30 20:41:48 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2012/09/30 20:41:47 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2012/09/30 20:41:46 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2012/09/30 20:41:45 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2012/09/30 20:41:44 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/09/30 20:41:43 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2012/09/30 20:41:43 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2012/09/30 20:41:42 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/09/30 20:41:41 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/09/30 20:41:40 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/09/30 20:41:40 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/09/30 20:41:38 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2012/09/30 20:41:34 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/09/30 20:41:33 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/09/30 20:41:32 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/09/30 20:41:32 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/09/30 20:41:30 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2012/09/30 20:41:29 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/09/30 20:41:28 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/09/30 20:41:26 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2012/09/30 20:41:22 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2012/09/30 20:41:21 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2012/09/30 20:41:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2012/09/30 20:41:10 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2012/09/30 20:40:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2012/09/30 20:40:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2012/09/30 20:40:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2012/09/30 20:40:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2012/09/30 20:40:49 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2012/09/30 20:40:49 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2012/09/30 20:40:48 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2012/09/30 20:40:48 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/09/30 20:40:47 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2012/09/30 20:40:46 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2012/09/30 20:40:41 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2012/09/30 20:40:41 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2012/09/30 20:40:40 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2012/09/30 20:40:39 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys
[2012/09/30 20:40:38 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys
[2012/09/30 20:40:38 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2012/09/30 20:40:05 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/09/30 20:40:04 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2012/09/30 20:40:04 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2012/09/30 20:40:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2012/09/30 20:40:02 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2012/09/30 20:40:02 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2012/09/30 20:40:01 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2012/09/30 20:40:00 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2012/09/30 20:40:00 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2012/09/30 20:39:59 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2012/09/30 20:39:58 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2012/09/30 20:39:58 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2012/09/30 20:39:57 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2012/09/30 20:39:57 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2012/09/30 20:39:54 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2012/09/30 20:39:53 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2012/09/30 20:39:53 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2012/09/30 20:39:52 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2012/09/30 20:39:51 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2012/09/30 20:39:50 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2012/09/30 20:39:34 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2012/09/30 20:39:34 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2012/09/30 20:39:33 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2012/09/30 20:39:32 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2012/09/30 20:39:32 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2012/09/30 20:39:31 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2012/09/30 20:39:30 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2012/09/30 20:39:30 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2012/09/30 20:39:29 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2012/09/30 20:39:28 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2012/09/30 20:39:28 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2012/09/30 20:39:27 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2012/09/30 20:39:27 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2012/09/30 20:39:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2012/09/30 20:39:25 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2012/09/30 20:39:24 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2012/09/30 20:39:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2012/09/30 20:39:23 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2012/09/30 20:39:22 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/09/30 20:39:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2012/09/30 20:39:21 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2012/09/30 20:39:20 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/09/30 20:39:18 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2012/09/30 20:39:17 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2012/09/30 20:39:15 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2012/09/30 20:39:13 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2012/09/30 20:39:12 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2012/09/30 20:39:11 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2012/09/30 20:39:11 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2012/09/30 20:39:06 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/09/30 20:39:05 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/09/30 20:39:04 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/09/30 20:39:01 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2012/09/30 20:39:00 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2012/09/30 20:39:00 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2012/09/30 20:38:59 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2012/09/30 20:38:58 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2012/09/30 20:38:57 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/09/30 20:38:47 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2012/09/30 20:38:46 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/09/30 20:38:45 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/09/30 20:38:40 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/09/30 20:38:39 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/09/30 20:38:38 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/09/30 20:38:37 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/09/30 20:38:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2012/09/30 20:38:33 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2012/09/30 20:38:31 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2012/09/30 20:38:29 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/09/30 20:38:28 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2012/09/30 20:38:27 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/09/30 20:38:26 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/09/30 20:38:24 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2012/09/30 20:38:23 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2012/09/30 20:38:19 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2012/09/30 20:38:18 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2012/09/30 20:38:17 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2012/09/30 20:38:15 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2012/09/30 20:38:15 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2012/09/30 20:38:14 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2012/09/30 20:38:12 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2012/09/30 20:38:11 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2012/09/30 20:38:11 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2012/09/30 20:38:10 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2012/09/30 20:38:09 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2012/09/30 20:38:09 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2012/09/30 20:38:07 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2012/09/30 20:38:07 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2012/09/30 20:38:06 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2012/09/30 20:38:05 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2012/09/30 20:38:04 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2012/09/30 20:38:04 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2012/09/30 20:38:03 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2012/09/30 20:38:02 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2012/09/30 20:38:00 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2012/09/30 20:37:59 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2012/09/30 20:37:59 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2012/09/30 20:37:58 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2012/09/30 20:37:57 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2012/09/30 20:37:57 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2012/09/30 20:37:56 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2012/09/30 20:37:55 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2012/09/30 20:37:54 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2012/09/30 20:37:53 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2012/09/30 20:37:52 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2012/09/30 20:37:52 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2012/09/30 20:37:51 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2012/09/30 20:37:50 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2012/09/30 20:37:49 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2012/09/30 20:37:48 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2012/09/30 20:37:47 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2012/09/30 20:37:43 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2012/09/30 20:37:43 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2012/09/30 20:37:42 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2012/09/30 20:37:37 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2012/09/30 20:37:36 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/09/30 20:37:33 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2012/09/30 20:37:31 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/09/30 20:37:30 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2012/09/30 20:37:29 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2012/09/30 20:37:28 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2012/09/30 20:37:27 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2012/09/30 20:37:21 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/09/30 20:37:21 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2012/09/30 20:37:20 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/09/30 20:37:19 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/09/30 20:37:16 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/09/30 20:37:15 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/09/30 20:37:15 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/09/30 20:37:14 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/09/30 20:37:12 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/09/30 20:37:11 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2012/09/30 20:37:10 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2012/09/30 20:37:09 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2012/09/30 20:37:09 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2012/09/30 20:37:08 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2012/09/30 20:37:07 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2012/09/30 20:37:06 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2012/09/30 20:37:06 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2012/09/30 20:37:05 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2012/09/30 20:37:04 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2012/09/30 20:37:03 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2012/09/30 20:37:03 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2012/09/30 20:37:02 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2012/09/30 20:36:59 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2012/09/30 20:36:58 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2012/09/30 20:36:57 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/09/30 20:36:56 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/09/30 20:36:55 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2012/09/30 20:36:54 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2012/09/30 20:36:53 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/09/30 20:36:52 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2012/09/30 20:36:51 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2012/09/30 20:36:50 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2012/09/30 20:36:49 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2012/09/30 20:36:49 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2012/09/30 20:36:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2012/09/30 20:36:44 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2012/09/30 20:36:44 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2012/09/30 20:36:41 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2012/09/30 20:36:40 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2012/09/30 20:36:40 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2012/09/30 20:36:39 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2012/09/30 20:36:38 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2012/09/30 20:36:38 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2012/09/30 20:36:37 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2012/09/30 20:36:36 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2012/09/30 20:36:35 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/09/30 20:36:35 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2012/09/30 20:36:34 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/09/30 20:36:33 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/09/30 20:36:32 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/09/30 20:36:31 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/09/30 20:36:31 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/09/30 20:36:30 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/09/30 20:36:29 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2012/09/30 20:36:28 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/09/30 20:36:27 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2012/09/30 20:36:26 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2012/09/30 20:36:26 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2012/09/30 20:36:23 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2012/09/30 20:36:22 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/09/30 20:36:21 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2012/09/30 20:36:20 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2012/09/30 20:36:19 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2012/09/30 20:36:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2012/09/30 20:36:10 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2012/09/30 20:36:09 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2012/09/30 20:36:07 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2012/09/30 20:36:05 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/09/30 20:36:04 | 000,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys
[2012/09/30 20:36:03 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2012/09/30 20:36:02 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2012/09/30 20:36:01 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2012/09/30 20:36:00 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2012/09/30 20:35:59 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2012/09/30 20:35:56 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2012/09/30 20:35:55 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/09/30 20:35:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2012/09/30 20:35:43 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/09/30 20:35:42 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/09/30 20:35:41 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/09/30 20:35:41 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/09/30 20:35:40 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/09/30 20:35:38 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2012/09/30 20:35:37 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/09/30 20:35:36 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/09/30 20:35:35 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/09/30 20:35:34 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/09/30 20:35:33 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/09/30 20:35:32 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/09/30 20:35:30 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2012/09/30 20:35:29 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2012/09/30 20:35:29 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2012/09/30 20:35:28 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2012/09/30 20:35:27 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2012/09/30 20:35:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2012/09/30 20:35:25 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2012/09/30 20:35:25 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2012/09/30 20:35:24 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2012/09/30 20:34:41 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2012/09/30 20:34:39 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/09/30 20:34:39 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/09/30 20:34:38 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/09/30 20:34:37 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/09/30 20:34:37 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/09/30 20:34:36 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/09/30 20:34:35 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/09/30 20:34:34 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/09/30 20:34:32 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/09/30 20:34:31 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/09/30 20:34:30 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/09/30 20:34:29 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2012/09/30 20:34:29 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/09/30 20:34:28 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/09/30 20:34:27 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/09/30 20:34:26 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/09/30 20:34:25 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/09/30 20:34:25 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/09/30 20:34:24 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/09/30 20:34:21 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2012/09/30 20:34:19 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/09/30 20:34:19 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2012/09/30 20:34:18 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2012/09/30 20:34:17 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2012/09/30 20:34:16 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys
[2012/09/30 20:34:15 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/09/30 20:34:14 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/09/30 20:34:13 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2012/09/30 20:34:12 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/09/30 20:34:11 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/09/30 20:34:10 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/09/30 20:34:10 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/09/30 20:34:09 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/09/30 20:34:07 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2012/09/30 20:34:06 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2012/09/30 20:34:06 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2012/09/30 20:33:55 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2012/09/30 20:33:54 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2012/09/30 20:33:51 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2012/09/30 20:33:51 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2012/09/30 20:33:50 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2012/09/30 20:33:49 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2012/09/30 20:33:48 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2012/09/30 20:33:47 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2012/09/30 20:33:47 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2012/09/30 20:33:43 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2012/09/30 20:33:42 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2012/09/30 20:33:39 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/09/30 20:33:38 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys
[2012/09/30 20:33:37 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2012/09/30 20:33:36 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys
[2012/09/30 20:33:33 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2012/09/30 20:33:32 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2012/09/30 20:33:32 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2012/09/30 20:33:31 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/09/30 20:33:30 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys
[2012/09/30 20:33:29 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2012/09/30 20:33:29 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2012/09/30 20:33:28 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2012/09/30 20:33:27 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2012/09/30 20:33:26 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2012/09/30 20:33:21 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2012/09/30 20:33:17 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2012/09/30 20:33:16 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/09/30 20:33:12 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/09/30 20:33:11 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/09/30 20:33:11 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/09/30 20:33:10 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/09/30 20:33:09 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2012/09/30 20:33:09 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2012/09/30 20:33:07 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/09/30 20:33:06 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2012/09/30 20:33:05 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2012/09/30 20:33:05 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2012/09/30 20:33:04 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2012/09/30 20:33:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2012/09/30 20:33:03 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/09/30 20:33:02 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2012/09/30 20:33:01 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2012/09/30 20:33:01 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2012/09/30 20:33:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2012/09/30 20:32:59 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/09/30 20:32:59 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/09/30 20:32:58 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/09/30 20:32:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2012/09/30 20:32:26 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2012/09/30 14:47:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron\Local Settings\Application Data\FixItCenter
[2012/09/30 14:42:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2012/09/30 14:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2012/09/30 14:36:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron\Application Data\ElevatedDiagnostics
[2012/09/30 14:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2012/09/30 14:34:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2012/09/30 14:27:13 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/09/30 09:41:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron\Start Menu\Programs\Kaspersky Security Scan
[2012/09/30 09:40:20 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2012/09/30 09:40:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2012/09/29 22:42:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/09/17 18:06:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron\Local Settings\Application Data\PCHealth
[2012/09/06 22:45:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/02/14 21:06:28 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Aaron\DesktopWinsockxpFix.exe
[2011/02/14 21:05:22 | 000,186,368 | ---- | C] (CEXX.ORG) -- C:\Documents and Settings\Aaron\DesktopLSPFix.exe
[2011/02/14 21:04:58 | 000,036,864 | ---- | C] (Rock Systems & Development) -- C:\Documents and Settings\Aaron\DesktopSafeMSI.exe
[2002/03/25 11:03:34 | 000,638,976 | ---- | C] (HMP - Hard- & Software GmbH) -- C:\Documents and Settings\Aaron\NPSI2KVW.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/02 20:23:28 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/10/02 20:16:18 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Aaron\Desktop\MBR.dat
[2012/10/02 18:07:35 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/10/02 18:05:34 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Aaron\Desktop\aswMBR.exe
[2012/10/02 17:58:22 | 000,013,740 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/02 17:57:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/01 21:20:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012/10/01 21:09:30 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Aaron\Desktop\tdsskiller(1).exe
[2012/10/01 20:52:18 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/10/01 20:40:17 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/10/01 20:26:56 | 004,759,381 | R--- | M] (Swearware) -- C:\Documents and Settings\Aaron\Desktop\ComboFix.exe
[2012/09/30 21:41:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL.scr
[2012/09/30 21:38:05 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL(1).exe
[2012/09/30 20:40:05 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012/09/30 15:11:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/09/30 14:42:08 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/09/30 14:00:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012/09/30 09:41:11 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\Aaron\Desktop\Kaspersky Security Scan.lnk
[2012/09/29 23:06:29 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/09/29 22:35:24 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/23 14:32:10 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/09/19 22:28:01 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/09/16 10:10:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/09/12 18:38:04 | 011,611,915 | ---- | M] () -- C:\Documents and Settings\Aaron\My Documents\COMPLETE OPE CATALOG 2.19.09.pdf
[2012/09/09 09:15:16 | 000,169,896 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/09/04 20:53:58 | 000,254,873 | ---- | M] () -- C:\Documents and Settings\Aaron\Desktop\healthcard.pdf
[2012/09/04 20:51:23 | 000,254,873 | ---- | M] () -- C:\Documents and Settings\Aaron\My Documents\Scan0010.pdf
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/02 20:16:18 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Aaron\Desktop\MBR.dat
[2012/10/01 20:40:17 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/10/01 20:40:15 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/10/01 20:31:54 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/10/01 20:31:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/10/01 20:31:54 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/10/01 20:31:54 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/10/01 20:31:54 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/09/30 20:50:28 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/09/30 20:50:27 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/09/30 20:39:21 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/09/30 20:39:20 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/09/30 20:39:19 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/09/30 20:39:18 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/09/30 20:39:16 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/09/30 20:37:18 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/09/30 20:37:18 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/09/30 20:37:17 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/09/30 20:34:01 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/09/30 20:34:00 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/09/30 20:33:59 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/09/30 20:33:59 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/09/30 20:33:58 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/09/30 20:33:57 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/09/30 20:33:56 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/09/30 20:33:56 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/09/30 20:33:53 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/09/30 20:33:46 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/09/30 14:42:08 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/09/30 14:42:08 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/09/30 09:41:17 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\Aaron\Desktop\Kaspersky Security Scan.lnk
[2012/09/29 23:16:18 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/09/12 18:38:04 | 011,611,915 | ---- | C] () -- C:\Documents and Settings\Aaron\My Documents\COMPLETE OPE CATALOG 2.19.09.pdf
[2012/09/04 20:53:58 | 000,254,873 | ---- | C] () -- C:\Documents and Settings\Aaron\Desktop\healthcard.pdf
[2012/09/04 20:51:22 | 000,254,873 | ---- | C] () -- C:\Documents and Settings\Aaron\My Documents\Scan0010.pdf
[2012/06/03 15:02:52 | 000,292,700 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/06/03 15:02:51 | 000,292,700 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/06/03 15:02:51 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/04/09 21:17:03 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini
[2012/03/11 01:24:01 | 000,946,356 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1801674531-1284227242-725345543-1003-0.dat
[2012/03/11 01:23:59 | 000,148,982 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/03/10 20:34:02 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2012/02/09 22:40:00 | 002,783,770 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2007/05/25 18:08:01 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/03/20 17:41:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Aaron\core
[2005/02/25 20:19:05 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Aaron\Local Settings\Application Data\fusioncache.dat
[2003/12/18 23:26:17 | 000,000,711 | ---- | C] () -- C:\Documents and Settings\Aaron\.plugin141_02.trace
[2003/12/15 21:33:25 | 000,001,244 | ---- | C] () -- C:\Documents and Settings\Aaron\OOo_dictionary_list.dat
[2003/12/15 21:16:37 | 000,000,083 | ---- | C] () -- C:\Documents and Settings\Aaron\Application Data\sversion.ini
[2003/12/13 22:11:27 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\Aaron\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2005/02/25 20:13:01 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 01:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: SERVICES.EXE >
[2009/02/06 07:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 20:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/13 20:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\erdnt\cache\services.exe
[2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2004/08/04 01:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2004/08/04 01:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 01:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 01:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

< End of report >

#7
Cardoctork

Posted 02 October 2012 - 06:57 PM

Member

Topic Starter
Member
39 posts

Here are the other two, i was not sure this scan completed did not say it was done.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-02 18:09:47
-----------------------------
18:09:47.171 OS Version: Windows 5.1.2600 Service Pack 3
18:09:47.171 Number of processors: 1 586 0xA00
18:09:47.171 ComputerName: RAINBOW-ACRES UserName: Aaron
18:09:48.328 Initialize success
18:49:01.828 AVAST engine defs: 12100200
18:49:46.734 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\nvidesm1Port0Path0Target0Lun0
18:49:46.734 Disk 0 Vendor: Maxtor_6 YAR4 Size: 78167MB BusType: 1
18:49:46.750 Disk 0 MBR read successfully
18:49:46.750 Disk 0 MBR scan
18:49:46.843 Disk 0 Windows XP default MBR code
18:49:46.843 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 78159 MB offset 63
18:49:46.843 Disk 0 scanning sectors +160071660
18:49:46.890 Disk 0 scanning C:\WINDOWS\system32\drivers
18:50:00.703 Service scanning
18:50:18.171 Modules scanning
18:50:18.343 Module: C:\WINDOWS\system32\hal.dll **SUSPICIOUS**
18:50:18.484 Module: C:\WINDOWS\System32\Drivers\ACPI.sys **SUSPICIOUS**
18:50:18.734 Module: C:\WINDOWS\System32\Drivers\ftdisk.sys **SUSPICIOUS**
18:50:18.781 Module: C:\WINDOWS\System32\Drivers\dmio.sys **SUSPICIOUS**
18:50:18.812 Module: C:\WINDOWS\System32\Drivers\atapi.sys **SUSPICIOUS**
18:50:18.859 Module: C:\WINDOWS\system32\drivers\SCSIPORT.SYS **SUSPICIOUS**
18:50:18.921 Module: C:\WINDOWS\System32\Drivers\fltmgr.sys **SUSPICIOUS**
18:50:19.187 Module: C:\WINDOWS\System32\Drivers\MpFilter.sys **SUSPICIOUS**
18:50:19.281 Module: C:\WINDOWS\System32\Drivers\KSecDD.sys **SUSPICIOUS**
18:50:19.375 Module: C:\WINDOWS\System32\Drivers\Ntfs.sys **SUSPICIOUS**
18:50:19.406 Module: C:\WINDOWS\System32\Drivers\NDIS.sys **SUSPICIOUS**
18:50:19.500 Module: C:\WINDOWS\System32\Drivers\Mup.sys **SUSPICIOUS**
18:50:19.640 Module: C:\WINDOWS\System32\DRIVERS\USBPORT.SYS **SUSPICIOUS**
18:50:19.953 Module: C:\WINDOWS\System32\DRIVERS\ks.sys **SUSPICIOUS**
18:50:20.843 Module: C:\WINDOWS\System32\DRIVERS\nv4_mini.sys **SUSPICIOUS**
18:50:21.000 Module: C:\WINDOWS\System32\DRIVERS\parport.sys **SUSPICIOUS**
18:50:21.281 Module: C:\WINDOWS\System32\DRIVERS\rdpdr.sys **SUSPICIOUS**
18:50:21.500 Module: C:\WINDOWS\system32\drivers\nvapu.sys **SUSPICIOUS**
18:50:21.562 Module: C:\WINDOWS\system32\drivers\portcls.sys **SUSPICIOUS**
18:50:21.734 Module: C:\WINDOWS\system32\drivers\nvmcp.sys **SUSPICIOUS**
20:16:18.843 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Aaron\Desktop\MBR.dat"
20:16:18.890 The log file has been saved successfully to "C:\Documents and Settings\Aaron\Desktop\aswMBR.txt"

3ÀŽÐ¼ |ûPPü¾|¿PW¹åó¤Ë½¾±8n | uƒÅâôÍ‹õƒÆIt8,tö µ´‹ð¬< tü» ´ÍëòˆNèF s*þF€~t€~ t ¶uÒ€FƒFƒV
è! s ¶ë¼>þ}Uªt€~ tÈ ·ë©‹üW‹õË¿ ŠV ´Ír#ŠÁ$?˜ŠÞŠüC÷ã‹Ñ†Ö±ÒîB÷â9V
w#r9Fs¸» |‹N‹V ÍsQOtN2äŠV ÍëäŠV `»ªU´AÍr6ûUªu0öÁt+a`j j ÿv
ÿvj h |jj´B‹ôÍaasOt2äŠV ÍëÖaùÃInvalid partition table Error loading operating system Missing operating system ,Dcò7ò7 € þÿÿ? Š Uª

#8
maliprog

Posted 02 October 2012 - 11:19 PM

Trusted Helper

Malware Removal
6,172 posts

Hi Cardoctork,

Step 1

NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!

Please close all running programs and Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL

:Files
C:\WINDOWS\tasks\At*.job /s

:Commands
Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

Step 2

Download Virus Removal Tool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow Virus Removal Tool to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post

Step 3

Please don't forget to include these items in your reply:

OTL fix log
VRT log

It would be helpful if you could post each log in separate post using "Add Reply" button

#9
Cardoctork

Posted 03 October 2012 - 04:06 PM

Member

Topic Starter
Member
39 posts

otlfix log

OTL logfile created on: 10/3/2012 5:53:08 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Aaron\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 368.36 Mb Available Physical Memory | 35.99% Memory free
1.61 Gb Paging File | 0.99 Gb Available in Paging File | 61.66% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.33 Gb Total Space | 42.35 Gb Free Space | 55.48% Space Free | Partition Type: NTFS

Computer Name: RAINBOW-ACRES | User Name: Aaron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/30 21:41:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL.scr
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
PRC - [2011/09/09 16:01:16 | 001,804,648 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2008/04/13 20:12:33 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\savedump.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/11/14 10:50:00 | 000,037,888 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
PRC - [2003/06/19 23:36:22 | 001,163,264 | ---- | M] () -- C:\Program Files\SystemControl\SystemControl\SystemControl.exe
PRC - [2002/12/05 00:23:26 | 000,073,728 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\sstray.exe
PRC - [2001/08/01 03:00:00 | 000,191,488 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\ShareDLL\CTNotify.exe
PRC - [2001/08/01 03:00:00 | 000,166,912 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\ShareDLL\Mediadet.exe
PRC - [1998/12/10 14:57:12 | 000,037,376 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\InstantAccess.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/11 08:22:51 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
MOD - [2012/08/11 08:19:39 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012/08/11 08:08:49 | 003,186,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/08/11 08:08:47 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/08/11 08:08:46 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2012/08/11 08:08:41 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/08/11 08:08:41 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/08/11 08:08:40 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2012/08/11 08:08:39 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012/08/11 08:08:38 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2012/08/11 08:08:36 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2012/08/11 08:08:31 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/08/11 08:04:59 | 013,198,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012/06/24 09:52:09 | 001,666,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012/06/03 16:15:33 | 000,762,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
MOD - [2012/06/03 16:15:27 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll
MOD - [2012/06/03 16:15:25 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll
MOD - [2012/06/03 16:01:09 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/06/03 16:00:51 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/06/03 15:42:12 | 006,815,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
MOD - [2012/06/03 15:40:53 | 005,617,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/06/03 15:40:44 | 000,982,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012/06/03 15:40:33 | 007,069,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/06/03 15:39:43 | 009,091,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/06/03 15:39:27 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/04/25 19:52:28 | 001,270,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll
MOD - [2012/04/25 19:52:26 | 007,422,352 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll
MOD - [2012/04/25 19:52:24 | 000,795,024 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll
MOD - [2012/04/25 19:52:24 | 000,192,912 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll
MOD - [2012/04/25 19:52:22 | 002,453,904 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll
MOD - [2012/04/25 19:52:22 | 002,126,224 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll
MOD - [2011/02/13 22:32:51 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
MOD - [2011/02/13 22:32:51 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
MOD - [2010/02/01 20:35:28 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2010/02/01 20:35:27 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2010/02/01 20:35:27 | 000,403,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2010/02/01 20:35:26 | 000,046,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2010/02/01 20:35:25 | 000,419,616 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2010/02/01 20:35:25 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2010/02/01 20:35:24 | 000,270,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2010/02/01 20:35:24 | 000,120,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2010/02/01 20:35:23 | 000,070,432 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2010/02/01 20:35:22 | 000,121,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/03/01 17:23:56 | 001,058,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2009/03/01 17:23:55 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2009/03/01 17:23:54 | 000,402,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2009/03/01 17:23:54 | 000,238,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2009/03/01 17:23:54 | 000,047,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2009/03/01 17:23:54 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2009/03/01 17:23:53 | 000,130,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/03/01 17:23:53 | 000,120,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2009/03/01 17:23:53 | 000,072,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2009/03/01 17:00:38 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
MOD - [2009/03/01 17:00:36 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2009/03/01 17:00:34 | 000,458,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll
MOD - [2009/03/01 17:00:34 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll
MOD - [2009/03/01 17:00:33 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll
MOD - [2009/03/01 17:00:33 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll
MOD - [2003/06/19 23:36:22 | 001,163,264 | ---- | M] () -- C:\Program Files\SystemControl\SystemControl\SystemControl.exe
MOD - [1998/12/10 14:57:12 | 000,037,376 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\InstantAccess.exe
MOD - [1998/12/10 14:54:12 | 000,034,304 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\OfficeAccess.dll
MOD - [1998/12/10 14:53:10 | 000,034,304 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\ExcelAccess.dll
MOD - [1998/12/10 14:50:30 | 000,045,568 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\WordAccess.dll
MOD - [1998/12/10 14:47:54 | 000,008,704 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\MSAppAccess.dll
MOD - [1998/12/10 14:47:12 | 000,130,560 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\IAResENG.dll
MOD - [1998/12/10 14:43:04 | 000,022,016 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\REGDATA.DLL
MOD - [1998/12/10 14:40:10 | 000,119,808 | ---- | M] () -- C:\Program Files\TextBridge Pro 8.0\Bin\Tbmhook.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe -- (VETMSGNT)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe -- (PPCtlPriv)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/09/06 22:47:53 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/23 21:23:56 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2005/03/30 17:46:56 | 000,411,920 | ---- | M] (Eastman Kodak Company) [On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - [2004/08/11 01:46:56 | 000,483,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Windows Media Connect\mswmccds.exe -- (WmcCds)
SRV - [2004/08/10 22:50:42 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect\mswmcls.exe -- (WmcCdsLs)
SRV - [2002/01/20 19:02:56 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\system32\drivers\papyjoy.sys -- (papyjoy)
SRV - [2002/01/20 19:02:54 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\system32\drivers\papycpu2.sys -- (papycpu2)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Aaron\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2008/08/20 05:42:14 | 000,108,288 | ---- | M] (Computer Associates International, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\veteboot.sys -- (VETEBOOT)
DRV - [2008/08/20 05:42:12 | 000,026,352 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vet-filt.sys -- (VET-FILT)
DRV - [2008/08/20 05:42:08 | 000,879,760 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vetefile.sys -- (VETEFILE)
DRV - [2008/08/20 05:42:08 | 000,032,240 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vetmonnt.sys -- (VETMONNT)
DRV - [2008/08/20 05:42:08 | 000,021,488 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vetfddnt.sys -- (VETFDDNT)
DRV - [2008/08/20 05:42:08 | 000,021,104 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vet-rec.sys -- (VET-REC)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/09/13 21:41:28 | 000,051,608 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2007/09/13 21:41:20 | 000,014,744 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2007/09/13 21:41:12 | 000,029,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2007/09/13 21:41:02 | 000,029,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2007/09/13 21:40:54 | 000,019,352 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2005/06/16 15:41:02 | 000,037,150 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)
DRV - [2005/03/31 09:00:08 | 000,152,081 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
DRV - [2005/03/31 08:47:56 | 000,070,262 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
DRV - [2005/03/31 08:47:50 | 000,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
DRV - [2005/03/31 08:47:48 | 000,038,673 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
DRV - [2005/03/31 08:47:42 | 000,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
DRV - [2004/10/30 21:24:57 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2004/05/13 09:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/05/13 07:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003/12/01 11:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/11/07 05:50:00 | 000,070,798 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/11/07 05:50:00 | 000,051,486 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042pr2.Sys -- (L8042pr2)
DRV - [2003/11/07 05:50:00 | 000,025,502 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHIDFLT2.SYS -- (LHidFlt2)
DRV - [2003/07/22 03:44:18 | 000,018,848 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\MLPTDR_Q.SYS -- (MLPTDR_Q)
DRV - [2003/05/26 23:19:00 | 000,284,800 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce)
DRV - [2003/05/26 23:19:00 | 000,029,952 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax)
DRV - [2003/03/21 13:34:08 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/02/21 10:29:16 | 000,005,120 | ---- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys -- (BS_I2cIo)
DRV - [2002/11/27 07:52:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002/11/13 03:10:00 | 000,020,224 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvidesm.sys -- (nvidesm)
DRV - [2002/10/18 18:06:28 | 000,842,128 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winachcf.sys -- (Winachcf)
DRV - [2002/09/05 23:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2002/01/20 19:02:56 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\WINDOWS\system32\drivers\papyjoy.sys -- (papyjoy)
DRV - [2002/01/20 19:02:54 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\WINDOWS\system32\drivers\papycpu2.sys -- (papycpu2)
DRV - [2001/08/17 10:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 09:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT)
DRV - [2001/08/15 15:21:28 | 000,023,200 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ppsio2.sys -- (ppsio2)
DRV - [2000/10/25 08:27:24 | 000,003,000 | R--- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\SetupNT.sys -- (SetupNT)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.autopart...rtal/login.html
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "eBay"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co...en-US:official"
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Aaron\Application Data\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{e9259cba-e7ad-4f74-863f-ef9fe935394d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/06 22:47:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/06 22:46:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.7\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2008/03/16 17:30:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.7\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/06/24 09:36:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2008/09/06 13:48:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.1\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/09/06 13:48:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/09/01 12:34:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.2\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/09/06 13:48:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.2\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/09/01 12:34:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\Firefox
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.1\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/09/06 13:48:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/09/01 12:34:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.2\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2008/09/06 13:48:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.2\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/09/01 12:34:21 | 000,000,000 | ---D | M]

[2010/09/25 19:16:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Extensions
[2010/09/25 19:16:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/05/01 22:38:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\extensions
[2008/03/16 17:31:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Sunbird\Profiles\d3ncou2h.default\extensions
[2012/09/26 20:07:32 | 000,001,243 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\a9.xml
[2008/06/20 22:19:14 | 000,001,712 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\ask.xml
[2011/01/09 22:08:47 | 000,001,279 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\ebay-us-completed-listings.xml
[2012/09/26 20:07:33 | 000,002,585 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\ebay-us-worldwide.xml
[2012/09/26 20:07:33 | 000,002,125 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\flickr-tags.xml
[2010/04/02 18:48:29 | 000,005,511 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\foodtv.xml
[2010/02/01 20:41:47 | 000,001,253 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\froogle.xml
[2010/06/15 18:29:38 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\usatoday.xml
[2012/09/26 20:07:33 | 000,001,835 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\weather.xml
[2008/06/20 22:19:20 | 000,001,108 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Mozilla\Firefox\Profiles\ig3ifr9t.default\searchplugins\wikipedia.xml
[2012/09/06 22:45:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/06 22:45:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/06 22:45:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/09/06 22:47:54 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2005/09/10 01:04:37 | 000,053,248 | ---- | M] (Microsoft Corp.) -- C:\Program Files\mozilla firefox\plugins\NPPGWrap.dll
[2012/08/30 19:44:01 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/08/30 19:44:01 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/10/01 20:52:18 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
O4 - HKLM..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CTNotify.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [dvHighMem] C:\WINDOWS\cfgmng32.exe File not found
O4 - HKLM..\Run: [EssSpkPhone] C:\WINDOWS\essspk.exe ()
O4 - HKLM..\Run: [InstantAccess] C:\Program Files\TextBridge Pro 8.0\Bin\InstantAccess.exe ()
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [nForce Tray Options] C:\WINDOWS\System32\sstray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE File not found
O4 - HKLM..\Run: [StorageGuard] C:\Program Files\VERITAS Software\Update Manager\sgtray.exe (VERITAS Software, Inc.)
O4 - HKCU..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [KSS] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SystemControl.lnk = C:\Program Files\SystemControl\SystemControl\SystemControl.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1349031222140 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1349031764031 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} http://chat.msn.com/bin/msnchat45.cab (MSN Chat Control 4.5)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1B8A536-023C-4D8E-A83D-0CCEDEAC3DE9}: NameServer = 208.67.222.222,208.67.220.220,12.213.112.61
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {1869181A-9F50-4FCF-8BFF-1B8588ECB85C} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/12/06 16:31:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/02 18:02:06 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Aaron\Desktop\aswMBR.exe
[2012/10/01 21:05:39 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Aaron\Desktop\tdsskiller(1).exe
[2012/10/01 20:40:14 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/10/01 20:31:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/10/01 20:31:54 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/10/01 20:31:54 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/10/01 20:31:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/10/01 20:31:44 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/10/01 20:30:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/01 20:29:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aaron\Start Menu\Programs\Administrative Tools
[2012/10/01 20:29:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/10/01 20:20:36 | 004,759,381 | R--- | C] (Swearware) -- C:\Documents and Settings\Aaron\Desktop\ComboFix.exe
[2012/09/30 21:40:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL.scr
[2012/09/30 21:37:36 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL(1).exe
[2012/09/30 20:50:30 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/09/30 20:50:29 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/09/30 20:50:27 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2012/09/30 20:50:12 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/09/30 20:50:09 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/09/30 20:50:07 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2012/09/30 20:50:02 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2012/09/30 20:50:00 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2012/09/30 20:49:39 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys
[2012/09/30 20:49:35 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/09/30 20:49:35 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/09/30 20:49:26 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/09/30 20:49:23 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2012/09/30 20:49:19 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2012/09/30 20:49:18 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2012/09/30 20:49:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2012/09/30 20:49:16 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/09/30 20:49:13 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2012/09/30 20:49:11 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2012/09/30 20:49:10 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2012/09/30 20:49:07 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2012/09/30 20:49:05 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2012/09/30 20:49:04 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2012/09/30 20:49:03 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/09/30 20:49:02 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/09/30 20:49:02 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/09/30 20:48:53 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/09/30 20:48:52 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/09/30 20:48:50 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/09/30 20:48:49 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/09/30 20:48:48 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2012/09/30 20:48:47 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys
[2012/09/30 20:48:44 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2012/09/30 20:48:42 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2012/09/30 20:48:41 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/09/30 20:48:40 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2012/09/30 20:48:39 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2012/09/30 20:48:37 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/09/30 20:48:37 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2012/09/30 20:48:36 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/09/30 20:48:36 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/09/30 20:48:33 | 000,020,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys
[2012/09/30 20:48:32 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2012/09/30 20:48:30 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2012/09/30 20:48:28 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2012/09/30 20:48:26 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/09/30 20:48:23 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2012/09/30 20:48:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2012/09/30 20:48:22 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2012/09/30 20:48:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2012/09/30 20:48:20 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/09/30 20:48:20 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2012/09/30 20:48:19 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2012/09/30 20:48:19 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2012/09/30 20:48:18 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/09/30 20:48:17 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/09/30 20:48:17 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys
[2012/09/30 20:48:15 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2012/09/30 20:48:09 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/09/30 20:48:08 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/09/30 20:48:08 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/09/30 20:48:07 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/09/30 20:48:07 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/09/30 20:48:06 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/09/30 20:48:05 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2012/09/30 20:48:04 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2012/09/30 20:48:03 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2012/09/30 20:48:02 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2012/09/30 20:47:59 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2012/09/30 20:47:59 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2012/09/30 20:47:58 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2012/09/30 20:47:57 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2012/09/30 20:47:55 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/09/30 20:47:51 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/09/30 20:47:51 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/09/30 20:47:49 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/09/30 20:47:47 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/09/30 20:47:46 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/09/30 20:47:43 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2012/09/30 20:47:40 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2012/09/30 20:47:39 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/09/30 20:47:38 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/09/30 20:47:33 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys
[2012/09/30 20:47:32 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys
[2012/09/30 20:47:32 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys
[2012/09/30 20:47:31 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys
[2012/09/30 20:47:30 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2012/09/30 20:47:30 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2012/09/30 20:47:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2012/09/30 20:47:29 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2012/09/30 20:47:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2012/09/30 20:47:27 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2012/09/30 20:47:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2012/09/30 20:47:22 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/09/30 20:47:22 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/09/30 20:47:21 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/09/30 20:47:19 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/09/30 20:47:14 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/09/30 20:47:13 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2012/09/30 20:47:09 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2012/09/30 20:47:06 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2012/09/30 20:47:05 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2012/09/30 20:47:04 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2012/09/30 20:47:03 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2012/09/30 20:47:03 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2012/09/30 20:47:02 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2012/09/30 20:47:01 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2012/09/30 20:47:01 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2012/09/30 20:46:59 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2012/09/30 20:46:57 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2012/09/30 20:46:50 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/09/30 20:46:48 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/09/30 20:46:47 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/09/30 20:46:46 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/09/30 20:46:45 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/09/30 20:46:44 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2012/09/30 20:46:43 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2012/09/30 20:46:42 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2012/09/30 20:46:40 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2012/09/30 20:46:40 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2012/09/30 20:46:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2012/09/30 20:46:36 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2012/09/30 20:46:28 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/09/30 20:46:27 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/09/30 20:46:26 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2012/09/30 20:46:26 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/09/30 20:46:25 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2012/09/30 20:46:23 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2012/09/30 20:46:23 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/09/30 20:46:22 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2012/09/30 20:46:22 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2012/09/30 20:46:21 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2012/09/30 20:46:21 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2012/09/30 20:46:20 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2012/09/30 20:46:12 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/09/30 20:46:12 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/09/30 20:46:11 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/09/30 20:46:11 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/09/30 20:46:10 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2012/09/30 20:46:06 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2012/09/30 20:46:03 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2012/09/30 20:46:02 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2012/09/30 20:46:01 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2012/09/30 20:45:59 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/09/30 20:45:58 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2012/09/30 20:45:57 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/09/30 20:45:56 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/09/30 20:45:54 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2012/09/30 20:45:53 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2012/09/30 20:45:51 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2012/09/30 20:45:51 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2012/09/30 20:45:50 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/09/30 20:45:49 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/09/30 20:45:49 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/09/30 20:45:48 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/09/30 20:45:48 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/09/30 20:45:47 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/09/30 20:45:46 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/09/30 20:45:46 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/09/30 20:45:45 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/09/30 20:45:45 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2012/09/30 20:45:44 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/09/30 20:45:43 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/09/30 20:45:40 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/09/30 20:45:39 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/09/30 20:45:36 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2012/09/30 20:45:35 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2012/09/30 20:45:35 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2012/09/30 20:45:32 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/09/30 20:45:31 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2012/09/30 20:45:27 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/09/30 20:45:26 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/09/30 20:45:25 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/09/30 20:45:15 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2012/09/30 20:45:12 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/09/30 20:45:12 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/09/30 20:45:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2012/09/30 20:45:10 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2012/09/30 20:45:06 | 000,049,024 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1280.sys
[2012/09/30 20:45:05 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys
[2012/09/30 20:45:05 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2012/09/30 20:45:04 | 000,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2012/09/30 20:45:03 | 000,040,320 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1080.sys
[2012/09/30 20:45:02 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2012/09/30 20:45:00 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/09/30 20:44:59 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/09/30 20:44:59 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/09/30 20:44:57 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2012/09/30 20:44:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2012/09/30 20:44:56 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2012/09/30 20:44:55 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/09/30 20:44:50 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2012/09/30 20:44:50 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2012/09/30 20:44:49 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2012/09/30 20:44:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2012/09/30 20:44:40 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2012/09/30 20:44:39 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2012/09/30 20:44:39 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2012/09/30 20:44:38 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2012/09/30 20:44:37 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2012/09/30 20:44:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2012/09/30 20:44:36 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2012/09/30 20:44:34 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2012/09/30 20:44:33 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2012/09/30 20:44:32 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2012/09/30 20:44:31 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2012/09/30 20:44:29 | 000,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys
[2012/09/30 20:44:29 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2012/09/30 20:44:27 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2012/09/30 20:44:26 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/09/30 20:44:26 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2012/09/30 20:44:25 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2012/09/30 20:44:24 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2012/09/30 20:44:24 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/09/30 20:44:19 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/09/30 20:44:19 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/09/30 20:44:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2012/09/30 20:44:10 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2012/09/30 20:44:10 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2012/09/30 20:44:09 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2012/09/30 20:44:08 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2012/09/30 20:44:08 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2012/09/30 20:44:07 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2012/09/30 20:44:07 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2012/09/30 20:44:06 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2012/09/30 20:44:06 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2012/09/30 20:44:05 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2012/09/30 20:44:04 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/09/30 20:44:04 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/09/30 20:44:03 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/09/30 20:44:02 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/09/30 20:43:34 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2012/09/30 20:43:33 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2012/09/30 20:43:28 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/09/30 20:43:26 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2012/09/30 20:43:25 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2012/09/30 20:43:24 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2012/09/30 20:43:21 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/09/30 20:43:20 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/09/30 20:43:18 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2012/09/30 20:43:16 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/09/30 20:43:10 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2012/09/30 20:43:09 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/09/30 20:43:08 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/09/30 20:43:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2012/09/30 20:43:04 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/09/30 20:43:03 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/09/30 20:43:03 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/09/30 20:43:02 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/09/30 20:43:01 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/09/30 20:43:01 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/09/30 20:43:00 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2012/09/30 20:42:59 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2012/09/30 20:42:58 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/09/30 20:42:58 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/09/30 20:42:57 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/09/30 20:42:56 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/09/30 20:42:56 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/09/30 20:42:54 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2012/09/30 20:42:42 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2012/09/30 20:42:39 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2012/09/30 20:42:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2012/09/30 20:42:23 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2012/09/30 20:42:22 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2012/09/30 20:42:16 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2012/09/30 20:42:03 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2012/09/30 20:41:59 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2012/09/30 20:41:59 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2012/09/30 20:41:56 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2012/09/30 20:41:56 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2012/09/30 20:41:55 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2012/09/30 20:41:53 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/09/30 20:41:50 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2012/09/30 20:41:48 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2012/09/30 20:41:48 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2012/09/30 20:41:47 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2012/09/30 20:41:46 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2012/09/30 20:41:45 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2012/09/30 20:41:44 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/09/30 20:41:43 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2012/09/30 20:41:43 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2012/09/30 20:41:42 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/09/30 20:41:41 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/09/30 20:41:40 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/09/30 20:41:40 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/09/30 20:41:38 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2012/09/30 20:41:34 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/09/30 20:41:33 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/09/30 20:41:32 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/09/30 20:41:32 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/09/30 20:41:30 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2012/09/30 20:41:29 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/09/30 20:41:28 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/09/30 20:41:26 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2012/09/30 20:41:22 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2012/09/30 20:41:21 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2012/09/30 20:41:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2012/09/30 20:41:10 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2012/09/30 20:40:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2012/09/30 20:40:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2012/09/30 20:40:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2012/09/30 20:40:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2012/09/30 20:40:49 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2012/09/30 20:40:49 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2012/09/30 20:40:48 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2012/09/30 20:40:48 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/09/30 20:40:47 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2012/09/30 20:40:46 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2012/09/30 20:40:41 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2012/09/30 20:40:41 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2012/09/30 20:40:40 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2012/09/30 20:40:39 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys
[2012/09/30 20:40:38 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys
[2012/09/30 20:40:38 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2012/09/30 20:40:05 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/09/30 20:40:04 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2012/09/30 20:40:04 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2012/09/30 20:40:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2012/09/30 20:40:02 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2012/09/30 20:40:02 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2012/09/30 20:40:01 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2012/09/30 20:40:00 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2012/09/30 20:40:00 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2012/09/30 20:39:59 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2012/09/30 20:39:58 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2012/09/30 20:39:58 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2012/09/30 20:39:57 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2012/09/30 20:39:57 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2012/09/30 20:39:54 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2012/09/30 20:39:53 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2012/09/30 20:39:53 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2012/09/30 20:39:52 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2012/09/30 20:39:51 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2012/09/30 20:39:50 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2012/09/30 20:39:34 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2012/09/30 20:39:34 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2012/09/30 20:39:33 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2012/09/30 20:39:32 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2012/09/30 20:39:32 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2012/09/30 20:39:31 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2012/09/30 20:39:30 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2012/09/30 20:39:30 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2012/09/30 20:39:29 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2012/09/30 20:39:28 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2012/09/30 20:39:28 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2012/09/30 20:39:27 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2012/09/30 20:39:27 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2012/09/30 20:39:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2012/09/30 20:39:25 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2012/09/30 20:39:24 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2012/09/30 20:39:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2012/09/30 20:39:23 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2012/09/30 20:39:22 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/09/30 20:39:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2012/09/30 20:39:21 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2012/09/30 20:39:20 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/09/30 20:39:18 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2012/09/30 20:39:17 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2012/09/30 20:39:15 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2012/09/30 20:39:13 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2012/09/30 20:39:12 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2012/09/30 20:39:11 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2012/09/30 20:39:11 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2012/09/30 20:39:06 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/09/30 20:39:05 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/09/30 20:39:04 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/09/30 20:39:01 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2012/09/30 20:39:00 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2012/09/30 20:39:00 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2012/09/30 20:38:59 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2012/09/30 20:38:58 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2012/09/30 20:38:57 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/09/30 20:38:47 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2012/09/30 20:38:46 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/09/30 20:38:45 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/09/30 20:38:40 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/09/30 20:38:39 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/09/30 20:38:38 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/09/30 20:38:37 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/09/30 20:38:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2012/09/30 20:38:33 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2012/09/30 20:38:31 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2012/09/30 20:38:29 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/09/30 20:38:28 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2012/09/30 20:38:27 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/09/30 20:38:26 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/09/30 20:38:24 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2012/09/30 20:38:23 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2012/09/30 20:38:19 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2012/09/30 20:38:18 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2012/09/30 20:38:17 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2012/09/30 20:38:15 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2012/09/30 20:38:15 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2012/09/30 20:38:14 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2012/09/30 20:38:12 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2012/09/30 20:38:11 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2012/09/30 20:38:11 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2012/09/30 20:38:10 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2012/09/30 20:38:09 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2012/09/30 20:38:09 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2012/09/30 20:38:07 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2012/09/30 20:38:07 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2012/09/30 20:38:06 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2012/09/30 20:38:05 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2012/09/30 20:38:04 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2012/09/30 20:38:04 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2012/09/30 20:38:03 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2012/09/30 20:38:02 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2012/09/30 20:38:00 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2012/09/30 20:37:59 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2012/09/30 20:37:59 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2012/09/30 20:37:58 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2012/09/30 20:37:57 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2012/09/30 20:37:57 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2012/09/30 20:37:56 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2012/09/30 20:37:55 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2012/09/30 20:37:54 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2012/09/30 20:37:53 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2012/09/30 20:37:52 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2012/09/30 20:37:52 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2012/09/30 20:37:51 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2012/09/30 20:37:50 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2012/09/30 20:37:49 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2012/09/30 20:37:48 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2012/09/30 20:37:47 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2012/09/30 20:37:43 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2012/09/30 20:37:43 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2012/09/30 20:37:42 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2012/09/30 20:37:37 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2012/09/30 20:37:36 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/09/30 20:37:33 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2012/09/30 20:37:31 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/09/30 20:37:30 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2012/09/30 20:37:29 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2012/09/30 20:37:28 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2012/09/30 20:37:27 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2012/09/30 20:37:21 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/09/30 20:37:21 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2012/09/30 20:37:20 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/09/30 20:37:19 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/09/30 20:37:16 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/09/30 20:37:15 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/09/30 20:37:15 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/09/30 20:37:14 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/09/30 20:37:12 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/09/30 20:37:11 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2012/09/30 20:37:10 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2012/09/30 20:37:09 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2012/09/30 20:37:09 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2012/09/30 20:37:08 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2012/09/30 20:37:07 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2012/09/30 20:37:06 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2012/09/30 20:37:06 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2012/09/30 20:37:05 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2012/09/30 20:37:04 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2012/09/30 20:37:03 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2012/09/30 20:37:03 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2012/09/30 20:37:02 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2012/09/30 20:36:59 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2012/09/30 20:36:58 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2012/09/30 20:36:57 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/09/30 20:36:56 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/09/30 20:36:55 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2012/09/30 20:36:54 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2012/09/30 20:36:53 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/09/30 20:36:52 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2012/09/30 20:36:51 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2012/09/30 20:36:50 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2012/09/30 20:36:49 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2012/09/30 20:36:49 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2012/09/30 20:36:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2012/09/30 20:36:44 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2012/09/30 20:36:44 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2012/09/30 20:36:41 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2012/09/30 20:36:40 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2012/09/30 20:36:40 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2012/09/30 20:36:39 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2012/09/30 20:36:38 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2012/09/30 20:36:38 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2012/09/30 20:36:37 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2012/09/30 20:36:36 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2012/09/30 20:36:35 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/09/30 20:36:35 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2012/09/30 20:36:34 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/09/30 20:36:33 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/09/30 20:36:32 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/09/30 20:36:31 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/09/30 20:36:31 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/09/30 20:36:30 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/09/30 20:36:29 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2012/09/30 20:36:28 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/09/30 20:36:27 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2012/09/30 20:36:26 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2012/09/30 20:36:26 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2012/09/30 20:36:23 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2012/09/30 20:36:22 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/09/30 20:36:21 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2012/09/30 20:36:20 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2012/09/30 20:36:19 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2012/09/30 20:36:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2012/09/30 20:36:10 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2012/09/30 20:36:09 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2012/09/30 20:36:07 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2012/09/30 20:36:05 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/09/30 20:36:04 | 000,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys
[2012/09/30 20:36:03 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2012/09/30 20:36:02 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2012/09/30 20:36:01 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2012/09/30 20:36:00 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2012/09/30 20:35:59 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2012/09/30 20:35:56 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2012/09/30 20:35:55 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/09/30 20:35:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2012/09/30 20:35:43 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/09/30 20:35:42 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/09/30 20:35:41 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/09/30 20:35:41 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/09/30 20:35:40 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/09/30 20:35:38 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2012/09/30 20:35:37 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/09/30 20:35:36 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/09/30 20:35:35 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/09/30 20:35:34 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/09/30 20:35:33 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/09/30 20:35:32 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/09/30 20:35:30 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2012/09/30 20:35:29 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2012/09/30 20:35:29 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2012/09/30 20:35:28 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2012/09/30 20:35:27 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2012/09/30 20:35:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2012/09/30 20:35:25 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2012/09/30 20:35:25 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2012/09/30 20:35:24 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2012/09/30 20:34:41 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2012/09/30 20:34:39 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/09/30 20:34:39 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/09/30 20:34:38 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/09/30 20:34:37 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/09/30 20:34:37 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/09/30 20:34:36 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/09/30 20:34:35 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/09/30 20:34:34 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/09/30 20:34:32 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/09/30 20:34:31 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/09/30 20:34:30 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/09/30 20:34:29 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2012/09/30 20:34:29 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/09/30 20:34:28 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/09/30 20:34:27 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/09/30 20:34:26 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/09/30 20:34:25 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/09/30 20:34:25 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/09/30 20:34:24 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/09/30 20:34:21 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2012/09/30 20:34:19 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/09/30 20:34:19 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2012/09/30 20:34:18 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2012/09/30 20:34:17 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2012/09/30 20:34:16 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys
[2012/09/30 20:34:15 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/09/30 20:34:14 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/09/30 20:34:13 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2012/09/30 20:34:12 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/09/30 20:34:11 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/09/30 20:34:10 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/09/30 20:34:10 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/09/30 20:34:09 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/09/30 20:34:07 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2012/09/30 20:34:06 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2012/09/30 20:34:06 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2012/09/30 20:33:55 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2012/09/30 20:33:54 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2012/09/30 20:33:51 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2012/09/30 20:33:51 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2012/09/30 20:33:50 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2012/09/30 20:33:49 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2012/09/30 20:33:48 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2012/09/30 20:33:47 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2012/09/30 20:33:47 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2012/09/30 20:33:43 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2012/09/30 20:33:42 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2012/09/30 20:33:39 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/09/30 20:33:38 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys
[2012/09/30 20:33:37 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2012/09/30 20:33:36 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys
[2012/09/30 20:33:33 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2012/09/30 20:33:32 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2012/09/30 20:33:32 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2012/09/30 20:33:31 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/09/30 20:33:30 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys
[2012/09/30 20:33:29 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2012/09/30 20:33:29 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2012/09/30 20:33:28 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2012/09/30 20:33:27 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2012/09/30 20:33:26 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2012/09/30 20:33:21 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2012/09/30 20:33:17 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2012/09/30 20:33:16 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/09/30 20:33:12 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/09/30 20:33:11 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/09/30 20:33:11 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/09/30 20:33:10 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/09/30 20:33:09 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2012/09/30 20:33:09 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2012/09/30 20:33:07 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/09/30 20:33:06 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2012/09/30 20:33:05 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2012/09/30 20:33:05 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2012/09/30 20:33:04 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2012/09/30 20:33:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2012/09/30 20:33:03 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/09/30 20:33:02 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2012/09/30 20:33:01 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2012/09/30 20:33:01 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2012/09/30 20:33:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2012/09/30 20:32:59 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/09/30 20:32:59 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/09/30 20:32:58 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/09/30 20:32:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2012/09/30 20:32:26 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2012/09/30 14:47:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron\Local Settings\Application Data\FixItCenter
[2012/09/30 14:42:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2012/09/30 14:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2012/09/30 14:36:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron\Application Data\ElevatedDiagnostics
[2012/09/30 14:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2012/09/30 14:34:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2012/09/30 14:27:13 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/09/30 09:41:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron\Start Menu\Programs\Kaspersky Security Scan
[2012/09/30 09:40:20 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2012/09/30 09:40:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2012/09/29 22:42:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/09/17 18:06:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron\Local Settings\Application Data\PCHealth
[2012/09/06 22:45:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/02/14 21:06:28 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Aaron\DesktopWinsockxpFix.exe
[2011/02/14 21:05:22 | 000,186,368 | ---- | C] (CEXX.ORG) -- C:\Documents and Settings\Aaron\DesktopLSPFix.exe
[2011/02/14 21:04:58 | 000,036,864 | ---- | C] (Rock Systems & Development) -- C:\Documents and Settings\Aaron\DesktopSafeMSI.exe
[2002/03/25 11:03:34 | 000,638,976 | ---- | C] (HMP - Hard- & Software GmbH) -- C:\Documents and Settings\Aaron\NPSI2KVW.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/03 17:59:37 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/10/03 17:49:58 | 000,013,740 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/03 17:49:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/02 20:40:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012/10/02 20:23:28 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/10/02 20:16:18 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Aaron\Desktop\MBR.dat
[2012/10/02 18:05:34 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Aaron\Desktop\aswMBR.exe
[2012/10/01 21:20:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012/10/01 21:09:30 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Aaron\Desktop\tdsskiller(1).exe
[2012/10/01 20:52:18 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/10/01 20:40:17 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/10/01 20:26:56 | 004,759,381 | R--- | M] (Swearware) -- C:\Documents and Settings\Aaron\Desktop\ComboFix.exe
[2012/09/30 21:41:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL.scr
[2012/09/30 21:38:05 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aaron\Desktop\OTL(1).exe
[2012/09/30 15:11:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/09/30 14:42:08 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/09/30 14:00:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012/09/30 09:41:11 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\Aaron\Desktop\Kaspersky Security Scan.lnk
[2012/09/29 23:06:29 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/09/29 22:35:24 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/23 14:32:10 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/09/19 22:28:01 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/09/16 10:10:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/09/12 18:38:04 | 011,611,915 | ---- | M] () -- C:\Documents and Settings\Aaron\My Documents\COMPLETE OPE CATALOG 2.19.09.pdf
[2012/09/09 09:15:16 | 000,169,896 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/09/04 20:53:58 | 000,254,873 | ---- | M] () -- C:\Documents and Settings\Aaron\Desktop\healthcard.pdf
[2012/09/04 20:51:23 | 000,254,873 | ---- | M] () -- C:\Documents and Settings\Aaron\My Documents\Scan0010.pdf
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/02 20:16:18 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Aaron\Desktop\MBR.dat
[2012/10/01 20:40:17 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/10/01 20:40:15 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/10/01 20:31:54 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/10/01 20:31:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/10/01 20:31:54 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/10/01 20:31:54 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/10/01 20:31:54 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/09/30 20:50:28 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/09/30 20:50:27 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/09/30 20:39:21 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/09/30 20:39:20 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/09/30 20:39:19 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/09/30 20:39:18 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/09/30 20:39:16 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/09/30 20:37:18 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/09/30 20:37:18 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/09/30 20:37:17 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/09/30 20:34:01 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/09/30 20:34:00 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/09/30 20:33:59 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/09/30 20:33:59 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/09/30 20:33:58 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/09/30 20:33:57 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/09/30 20:33:56 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/09/30 20:33:56 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/09/30 20:33:53 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/09/30 20:33:46 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/09/30 14:42:08 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/09/30 14:42:08 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/09/30 09:41:17 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\Aaron\Desktop\Kaspersky Security Scan.lnk
[2012/09/29 23:16:18 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/09/12 18:38:04 | 011,611,915 | ---- | C] () -- C:\Documents and Settings\Aaron\My Documents\COMPLETE OPE CATALOG 2.19.09.pdf
[2012/09/04 20:53:58 | 000,254,873 | ---- | C] () -- C:\Documents and Settings\Aaron\Desktop\healthcard.pdf
[2012/09/04 20:51:22 | 000,254,873 | ---- | C] () -- C:\Documents and Settings\Aaron\My Documents\Scan0010.pdf
[2012/06/03 15:02:52 | 000,292,700 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/06/03 15:02:51 | 000,292,700 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/06/03 15:02:51 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/04/09 21:17:03 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini
[2012/03/11 01:24:01 | 000,946,356 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1801674531-1284227242-725345543-1003-0.dat
[2012/03/11 01:23:59 | 000,148,982 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/03/10 20:34:02 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2012/02/09 22:40:00 | 002,783,770 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2007/05/25 18:08:01 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/03/20 17:41:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Aaron\core
[2005/02/25 20:19:05 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Aaron\Local Settings\Application Data\fusioncache.dat
[2003/12/18 23:26:17 | 000,000,711 | ---- | C] () -- C:\Documents and Settings\Aaron\.plugin141_02.trace
[2003/12/15 21:33:25 | 000,001,244 | ---- | C] () -- C:\Documents and Settings\Aaron\OOo_dictionary_list.dat
[2003/12/15 21:16:37 | 000,000,083 | ---- | C] () -- C:\Documents and Settings\Aaron\Application Data\sversion.ini
[2003/12/13 22:11:27 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\Aaron\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2005/02/25 20:13:01 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< :OTL >

< >

< :Files >

< C:\WINDOWS\tasks\At*.job /s >
[2012/09/16 10:10:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/10/02 20:40:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012/10/01 21:20:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012/09/30 14:00:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\At4.job

< >

< :Commands >

< End of report >

#10
Cardoctork

Posted 03 October 2012 - 08:19 PM

Member

Topic Starter
Member
39 posts

Did not get virus removal done. At 48% and no threat it encountered an error and had to close. When I clicked to submit error report pc froze. I will try again tomorrow.

#11
maliprog

Posted 03 October 2012 - 11:46 PM

Trusted Helper

Malware Removal
6,172 posts

OK. Please try it again and let me know results.

#12
Cardoctork

Posted 04 October 2012 - 06:55 PM

Member

Topic Starter
Member
39 posts

Got vrt to run to 100% no threats detected just as it finished blue screen PFN_List_Corrupt The complete scan file was 59mb

Edited by Cardoctork, 04 October 2012 - 07:01 PM.

#13
maliprog

Posted 04 October 2012 - 11:08 PM

Trusted Helper

Malware Removal
6,172 posts

Last time you run OTL you clicked wrong button. Please this time make sure to click Run Fix.

NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!

Please close all running programs and Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL

:Files
C:\WINDOWS\tasks\At*.job

:Commands
Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

#14
Cardoctork

Posted 05 October 2012 - 04:31 PM

Member

Topic Starter
Member
39 posts

Sorry about that.

========== OTL ==========
========== FILES ==========
C:\WINDOWS\tasks\At1.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 10052012_182409