Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

BSODs and boot.ini deleted after every reboot [Solved]


  • This topic is locked This topic is locked

#1
Quamble

Quamble

    Member

  • Member
  • PipPip
  • 45 posts
I'm posting in this forum, but I'm not sure if it's the right one. I've ran malwarebytes, it came up with a toolbar and deleted it, but it didn't help. Basically, I don't know if it's a virus or not. If it's not feel free to move this elsewhere. Alright, so here's a list of my problems. It started out with the boot.ini being deleted, then my screen started going black when I went to sites like Youtube, then it started blue screening. I'm not entirely sure what else you need, as I'm not familiar with posting on forums like this, so just let me know. I have all the dump files from the bsods too, in case anyone needs them.

The blue screens were for Memory management, Bad pool header, Driver IRQL not less or equal, Pen list corrupt, and then for memory management again. I'd provide other information but I'm not sure what's needed.
  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts
Hello Quamble,

Welcome to Geekstogo.

Just a couple of questions first.

What system do you have?

It started out with the boot.ini being deleted


How do you know that, did you do something or was there some error message?

You say you are getting BSODs etc. but are you still able to boot up to Windows even so?
  • 0

#3
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Hi, thanks for the help.

OS Name Microsoft Windows XP Home Edition
Version 5.1.2600 Service Pack 3 Build 2600
OS Manufacturer Microsoft Corporation
System Name HOME-46F4D09C66
System Manufacturer GBT___
System Model AWRDACPI
System Type X86-based PC
Processor x86 Family 15 Model 4 Stepping 1 GenuineIntel ~3014 Mhz
BIOS Version/Date Award Software International, Inc. F5, 8/19/2005
SMBIOS Version 2.3
Windows Directory C:\windows
System Directory C:\windows\system32
Boot Device \Device\HarddiskVolume1
Locale United States
Hardware Abstraction Layer Version = "5.1.2600.5512 (xpsp.080413-2111)"
User Name HOME-46F4D09C66\Ally
Time Zone Eastern Standard Time
Total Physical Memory 3,072.00 MB
Available Physical Memory 2.22 GB
Total Virtual Memory 2.00 GB
Available Virtual Memory 1.96 GB
Page File Space 4.85 GB
Page File C:\pagefile.sys

Is this what you need? If not let me know and I'll try to find what you need.

As for the boot.ini, when I start my computer it says "Invalid boot.ini file" and says it's booting off of C:\WINDOWS instead. I looked in the directory where the boot.ini file is supposed to be, but it's gone. I tried replacing it with the help of my windows disk, but it just gets deleted next time I boot up and the same message pops up. I also just started to get problems with my firewall as well. When I booted up last, it said there was a security error or something (I'm sorry; I'd have to reboot to see exactly what the message was.) and that it was terminating, and now Comodo isn't working; it boots up with the system but says it isn't functioning properly. Also, just so you know, the computer itself is pretty old. And yes, I'm able to boot up on windows still. The blue screens occur after I boot up and occur randomly. I could be using my browser, and it'll randomly blue screen.

Edit:
I've rebooted and the pop up states "The security information is invalid or has been modified. This program will be terminated." The box only gives the title of "Security", so I'm not sure what's being terminated.

Edited by Quamble, 18 February 2013 - 03:54 AM.

  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts
Hello Quamble,

Let's see what we can find out. If you have trouble downloading or running this tell me.

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

  • 0

#5
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
The only problem I had running it was it blue screened right before I was about to scan it. After that, everything seemed to be alright. I hope I'm posting this correctly.



OTL logfile created on: 2/18/2013 4:29:52 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ally\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.49 Gb Available Physical Memory | 82.92% Memory free
4.85 Gb Paging File | 4.51 Gb Available in Paging File | 92.99% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 277.82 Gb Free Space | 59.65% Space Free | Partition Type: NTFS
Drive D: | 931.50 Gb Total Space | 278.50 Gb Free Space | 29.90% Space Free | Partition Type: NTFS

Computer Name: HOME-46F4D09C66 | User Name: Ally | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ally\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AIM\aim.exe (AOL Inc.)
PRC - C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Ulead Systems, Inc.)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe (Wacom Technology, Corp.)
PRC - C:\WINDOWS\system32\Pen_Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\WINDOWS\system32\dlcxcoms.exe ( )
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\13021800\algo.dll ()
MOD - C:\WINDOWS\system32\quartz.dll ()
MOD - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\uvSmartProxyMgrRC.dll ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\uviplW7.dll ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\uvipl.dll ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\uplcpuinf.dll ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\Upfmgr.dll ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\uOverlay.dll ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\ULSCRUB.dll ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\ulDARMgr.dll ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\UFCVECOMM.dll ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\UFCCOLOR.dll ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\uBaseObject.dll ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\MSPEEffectFunc.dll ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\libmmd.dll ()
MOD - C:\Program Files\Corel\Corel VideoStudio 12\Dir12.dll ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll ()
MOD - C:\Program Files\Avi2Dvd\Programs\Filters\Haali media splitter\mmfinfo.dll ()
MOD - C:\Program Files\Avi2Dvd\Programs\Filters\Haali media splitter\mkunicode.dll ()


========== Services (SafeList) ==========

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (npggsvc) -- C:\WINDOWS\system32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (STacSV) -- c:\Program Files\IDT\IntelXPV_v103\WDM\stacsv.exe (IDT, Inc.)
SRV - (NMSAccessU) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TabletServicePen) -- C:\WINDOWS\system32\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (dlcx_device) -- C:\WINDOWS\system32\dlcxcoms.exe ( )


========== Driver Services (SafeList) ==========

DRV - (XDva279) -- C:\windows\system32\XDva279.sys File not found
DRV - (XDva225) -- C:\WINDOWS\system32\XDva225.sys File not found
DRV - (WDICA) -- File not found
DRV - (TVICHW32) -- C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS File not found
DRV - (sfng32) -- system32\drivers\sfng32.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (EagleNT) -- C:\WINDOWS\system32\drivers\EagleNT.sys File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOCUME~1\Ally\LOCALS~1\Temp\catchme.sys File not found
DRV - (ak4ja6v1) -- File not found
DRV - (aswSnx) -- C:\windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\windows\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- C:\windows\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (BANTExt) -- C:\WINDOWS\system32\drivers\BANTExt.sys ()
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (wacommousefilter) -- C:\WINDOWS\system32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (wacomvhid) -- C:\WINDOWS\system32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (WacomVKHid) -- C:\WINDOWS\system32\drivers\WacomVKHid.sys (Wacom Technology)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\SearchScopes,DefaultScope = {0B4A10D1-FBD6-451d-BFDA-F03252B05984}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect...e=tb50winampie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.netgame.com
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKCU\..\SearchScopes\{8F98310E-C4DA-4800-BC84-B368D6D0FECE}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2269050
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect...e=tb50winampie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://www.greatsear...D295C5}&query="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=966134"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.condui...earchSource=13"
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.5.1
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.8.0552
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.2
FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:1.5.41.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.3
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\PROGRA~1\SONYON~1\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/01 21:12:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/03/16 16:06:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/02/16 21:06:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/13 08:18:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/13 08:18:47 | 000,000,000 | ---D | M]

[2009/02/15 17:30:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Extensions
[2009/11/24 13:17:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013/02/17 22:56:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions
[2009/06/17 11:34:53 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/12/08 15:29:47 | 000,000,000 | ---D | M] ("tektek.org GaiaOnline Toolbar 2.1") -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{0df7b3bb-9581-44bb-835f-061a29ec8a46}
[2009/04/23 14:40:39 | 000,000,000 | ---D | M] (Freecorder Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2009/12/26 14:51:33 | 000,000,000 | ---D | M] (FaceFun) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
[2009/09/02 12:18:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/10 11:33:31 | 000,000,000 | ---D | M] (Gaia Online Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{2e768a0b-9ee3-4e60-babc-9ff4bc4aacfb}
[2009/02/22 14:35:01 | 000,000,000 | ---D | M] (Meez Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{6260b5bb-930d-477c-83a9-ff91c6dc8a29}
[2009/11/24 13:19:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/11/26 20:56:41 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/07/08 12:37:15 | 000,000,000 | ---D | M] (The Pirate Bay Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{a33fa729-d155-4b23-842b-2c665ecabdb6}
[2009/05/30 17:58:11 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/10/04 09:36:19 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/12/07 15:01:01 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/06/17 11:34:56 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/11/29 18:08:25 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2009/04/25 14:25:55 | 000,000,000 | ---D | M] (DriverAgent Plugin for Firefox and Opera) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}
[2010/01/20 18:24:37 | 000,000,000 | ---D | M] (Illimitux) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/04/09 17:52:06 | 000,000,000 | ---D | M] (Personas for Firefox) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/06/09 21:16:44 | 000,000,000 | ---D | M] (translator) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/09/01 16:07:37 | 000,000,000 | ---D | M] (translator (fixed)) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/10/04 09:36:36 | 000,004,546 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\aim-search.xml
[2009/11/29 18:14:38 | 000,000,881 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\conduit.xml
[2009/05/04 18:01:14 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\daemon-search.xml
[2009/05/03 08:31:35 | 000,007,992 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\do-great-good.xml
[2009/03/15 20:01:54 | 000,002,269 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\dogpile---search-and-rescue.xml
[2009/03/21 19:52:20 | 000,002,014 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\dogpile.xml
[2009/04/21 11:53:14 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\live-search.xml
[2010/03/06 03:20:48 | 000,002,373 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\search-the-web.xml
[2009/07/14 12:00:21 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\winamp-search.xml
[2009/10/10 15:18:10 | 000,000,872 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\yahoo.gif
[2009/10/10 15:18:10 | 000,000,464 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\yahoo.src
[2009/10/10 15:18:06 | 000,001,765 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\yahoo.xml
[2013/02/16 20:57:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/03/13 08:18:47 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/16 16:06:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/16 20:14:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/11/25 19:54:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALLY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\IYM1YXEH.DEFAULT\EXTENSIONS\{E9A1DEE0-C623-4439-8932-001E7D17607D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALLY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\IYM1YXEH.DEFAULT\EXTENSIONS\[email protected]
File not found (No name found) -- C:\PROGRAM FILES\DEALIO TOOLBAR\FF
File not found (No name found) -- C:\PROGRAM FILES\DEALIO TOOLBAR\SSFF
[2009/03/16 16:06:00 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/03/13 08:18:33 | 000,023,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2010/03/13 08:18:34 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/10/11 04:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/07/07 16:20:42 | 000,061,440 | ---- | M] (AOL LLC) -- C:\Program Files\mozilla firefox\plugins\npdnu.dll
[2009/07/07 16:20:42 | 000,065,536 | ---- | M] (AOL LLC) -- C:\Program Files\mozilla firefox\plugins\npdnupdater2.dll
[2008/08/19 15:31:28 | 000,098,304 | ---- | M] (ASP) -- C:\Program Files\mozilla firefox\plugins\NPHoldemFireLauncher.dll
[2009/01/28 22:08:04 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiCHPlugin.dll
[2008/09/10 02:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\mozilla firefox\plugins\npijjiFFPlugin1.dll
[2009/02/06 12:44:28 | 001,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/11/09 20:30:56 | 000,189,592 | ---- | M] (MGame) -- C:\Program Files\mozilla firefox\plugins\NPMFireLauncher.dll
[2010/03/13 08:18:38 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2010/01/28 14:08:16 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2009/02/27 11:13:42 | 000,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/04/25 10:43:07 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/04/25 10:43:07 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/04/25 10:43:07 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/04/25 10:43:07 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/04/25 10:43:07 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/04/25 10:43:07 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/04/25 10:43:07 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2010/03/13 08:18:41 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2010/03/13 08:18:41 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2010/03/13 08:18:41 | 000,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2010/03/13 08:18:41 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2010/03/13 08:18:41 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2010/03/13 08:18:41 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2010/03/13 08:18:41 | 000,001,096 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: HoldemFireLauncher (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPHoldemFireLauncher.dll
CHR - plugin: ijji plugin for channeling games. (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
CHR - plugin: npijjiFFPlugin1 for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: MFireLauncher (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPMFireLauncher.dll
CHR - plugin: Pando Web Installer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Free Realms Installer (Enabled) = C:\PROGRA~1\SONYON~1\npsoe.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Marlies Dekkers = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm\2_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.60_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/02/17 22:19:58 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (Fast Browser Search Toolbar Helper) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DLCXCATS] C:\windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL ()
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [PC Pitstop Optimize Scheduler] C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe (PC Pitstop, LLC.)
O4 - HKLM..\Run: [SoundMan] C:\windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://www.netgame.c...ch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15D2CD05-3B7B-46ED-A6B3-2E4BE1EDD31D}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84F6238C-AC6E-456E-8A36-8A4D2EE5FCD2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\windows\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\windows\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\windows\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\windows\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\windows\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\windows\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\windows\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\windows\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\windows\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\windows\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\windows\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Ally\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ally\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\windows\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\windows\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\windows\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\windows\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\windows\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\windows\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/18 20:57:37 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/17 23:52:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO
[2013/02/17 23:49:21 | 000,097,504 | ---- | C] (COMODO) -- C:\windows\System32\drivers\inspect.sys
[2013/02/17 23:44:59 | 000,281,808 | ---- | C] (Igor Pavlov) -- C:\7za.dll
[2013/02/17 23:44:59 | 000,000,000 | ---D | C] -- C:\themes
[2013/02/17 23:44:58 | 003,360,976 | ---- | C] (Terra Informatica Software, Inc.) -- C:\cmdhtml.dll
[2013/02/17 23:44:58 | 000,000,000 | ---D | C] -- C:\cis
[2013/02/17 23:44:57 | 018,980,560 | ---- | C] (COMODO) -- C:\cmdinstall.exe
[2013/02/17 23:40:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Local Settings\Application Data\COMODO
[2013/02/17 23:14:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Start Menu\Programs\NirSoft BlueScreenView
[2013/02/17 23:14:12 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2013/02/17 22:55:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/02/17 21:59:28 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/02/17 21:57:55 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013/02/17 21:57:55 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013/02/17 21:57:55 | 000,212,480 | ---- | C] (SteelWerX) -- C:\windows\SWXCACLS.exe
[2013/02/17 21:57:55 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013/02/17 21:33:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Application Data\Malwarebytes
[2013/02/17 21:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/17 21:32:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/02/17 21:32:40 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2013/02/17 21:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/02/17 21:00:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/02/17 21:00:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ally\My Documents\My Music
[2013/02/17 21:00:40 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/02/17 20:59:32 | 005,033,715 | R--- | C] (Swearware) -- C:\Documents and Settings\Ally\Desktop\ComboFix.exe
[2013/02/17 03:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2013/02/17 01:05:01 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\mfc40u.dll
[2013/02/17 01:02:19 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ndproxy.sys
[2013/02/17 01:02:07 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\comctl32.dll
[2013/02/17 01:01:16 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\helpsvc.exe
[2013/02/17 01:00:56 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\mup.sys
[2013/02/17 01:00:03 | 000,290,560 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\dllcache\atmfd.dll
[2013/02/17 00:58:50 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\msado15.dll
[2013/02/17 00:57:12 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\rdpwd.sys
[2013/02/17 00:54:32 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\jsdbgui.dll
[2013/02/17 00:54:31 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\iedvtool.dll
[2013/02/17 00:51:40 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ndistapi.sys
[2013/02/17 00:48:57 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\wab.exe
[2013/02/16 21:51:10 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\uxtheme.backup
[2013/02/16 21:46:47 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Ally\My Documents\uxtheme.dll
[2013/02/16 21:46:13 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Ally\Desktop\uxtheme.dll
[2013/02/16 21:07:31 | 000,021,256 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2013/02/16 21:07:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013/02/16 21:07:30 | 000,361,032 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2013/02/16 21:07:28 | 000,738,504 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2013/02/16 21:07:28 | 000,054,232 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2013/02/16 21:06:45 | 000,041,224 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2013/02/16 21:06:44 | 000,227,648 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2013/02/16 21:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/02/16 21:06:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/02/16 21:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\Magical Jelly Bean
[2013/02/16 21:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\KeyFinder
[2013/02/16 20:58:32 | 000,000,000 | ---D | C] -- C:\Program Files\Belarc
[2013/02/16 20:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AIM
[2013/02/16 20:52:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2013/02/16 20:38:48 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/02/16 20:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2013/02/16 20:09:29 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/02/16 20:09:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Local Settings\Application Data\Google
[2013/02/16 02:45:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Backed up files from the 1TB
[2013/02/16 02:20:54 | 009,319,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RTLCPL.EXE
[2013/02/16 02:20:54 | 000,070,400 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\windows\System32\drivers\Rtlnicxp.sys
[2013/02/16 02:19:16 | 016,162,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\ALSNDMGR.CPL
[2013/02/16 02:19:16 | 002,297,664 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\drivers\ALCXWDM.SYS
[2013/02/10 19:38:21 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\mstee.sys
[2013/02/10 19:38:13 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ndisip.sys
[2013/02/10 19:38:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ipsink.ax
[2013/02/10 19:38:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ipsink.ax
[2013/02/10 19:38:11 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\streamip.sys
[2013/02/10 19:38:09 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\slip.sys
[2013/02/10 19:38:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\wstcodec.sys
[2013/02/10 19:38:03 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\nabtsfec.sys
[2013/02/10 19:38:01 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ccdecode.sys
[2013/02/10 19:37:50 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\usbaudio.sys
[2013/02/10 19:37:44 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\kswdmcap.ax
[2013/02/10 19:37:44 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\kswdmcap.ax
[2013/02/10 19:37:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\kstvtune.ax
[2013/02/10 19:37:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\kstvtune.ax
[2013/02/10 19:37:44 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vfwwdm32.dll
[2013/02/10 19:37:44 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\vfwwdm32.dll
[2013/02/10 19:37:44 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ksxbar.ax
[2013/02/10 19:37:44 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ksxbar.ax
[2013/02/10 19:37:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dshowext.ax
[2013/02/10 19:37:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\dshowext.ax
[2013/02/10 19:36:05 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\intelide.sys
[2013/02/10 19:35:34 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\gameenum.sys
[2013/02/10 19:35:34 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\gameenum.sys
[2013/01/27 13:53:54 | 000,000,000 | ---D | C] -- C:\f12faa67f3615af0b880
[2013/01/25 22:55:44 | 000,552,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\oleaut32.dll
[2009/11/29 19:24:38 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Ally\Application Data\pcouffin.sys
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\windows\System32\drivers\*.tmp files -> C:\windows\System32\drivers\*.tmp -> ]
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/02/18 16:27:19 | 000,000,312 | -H-- | M] () -- C:\windows\tasks\avast! Emergency Update.job
[2013/02/18 16:26:41 | 000,000,878 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/18 16:26:32 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2013/02/18 16:19:00 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/18 03:36:22 | 000,001,316 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2013/02/18 02:49:02 | 000,026,502 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\800px-Latveria_flag (1).JPG
[2013/02/18 00:11:03 | 000,285,256 | ---- | M] (COMODO) -- C:\windows\System32\guard32.dll
[2013/02/18 00:11:03 | 000,097,504 | ---- | M] (COMODO) -- C:\windows\System32\drivers\inspect.sys
[2013/02/18 00:11:02 | 000,029,400 | ---- | M] (COMODO) -- C:\windows\System32\drivers\cmdhlp.sys
[2013/02/18 00:11:01 | 000,242,600 | ---- | M] (COMODO) -- C:\windows\System32\drivers\cmdGuard.sys
[2013/02/18 00:11:01 | 000,017,416 | ---- | M] (COMODO) -- C:\windows\System32\drivers\cmderd.sys
[2013/02/17 23:50:12 | 000,262,704 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\bobok.xml
[2013/02/17 23:44:59 | 000,000,614 | ---- | M] () -- C:\windows\System32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2013/02/17 22:19:58 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2013/02/17 21:32:44 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/17 20:59:40 | 005,033,715 | R--- | M] (Swearware) -- C:\Documents and Settings\Ally\Desktop\ComboFix.exe
[2013/02/17 18:17:38 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\Shortcut to 12 Catastrophe.mp3.lnk
[2013/02/17 18:17:38 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\DVDVideoSoft Free Studio.lnk
[2013/02/17 18:17:38 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\Cucusoft AVI to VCD DVD MPEG Converter Pro.lnk
[2013/02/17 18:17:38 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\MOVAVI VideoSuite 3.5.lnk
[2013/02/17 18:17:38 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\Avi2Dvd.lnk
[2013/02/17 18:17:38 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\DVDFab 5.lnk
[2013/02/17 17:33:23 | 000,001,316 | ---- | M] () -- C:\windows\System32\wpa.bak
[2013/02/17 15:50:30 | 000,183,424 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/02/17 03:58:26 | 000,432,776 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/02/17 03:58:26 | 000,067,732 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/02/17 03:55:21 | 000,001,374 | ---- | M] () -- C:\windows\imsins.BAK
[2013/02/16 22:21:20 | 002,183,944 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\the_avengers_by_liquidsky64-d4yyjly.jpg
[2013/02/16 22:15:52 | 000,355,336 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\Ironman_wallpaper_by_BordomBeThyName.jpg
[2013/02/16 21:07:27 | 000,002,625 | ---- | M] () -- C:\windows\System32\CONFIG.NT
[2013/02/16 20:58:34 | 000,001,723 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/02/16 20:52:54 | 000,001,405 | -H-- | M] () -- C:\IPH.PH
[2013/02/16 20:52:45 | 000,001,592 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2013/02/16 20:52:01 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/16 20:50:46 | 000,005,208 | ---- | M] () -- C:\windows\System32\pid.PNF
[2013/02/16 20:39:00 | 000,292,700 | ---- | M] () -- C:\windows\System32\nvdrsdb0.bin
[2013/02/16 20:39:00 | 000,000,001 | ---- | M] () -- C:\windows\System32\nvdrssel.bin
[2013/02/16 20:38:55 | 000,292,700 | ---- | M] () -- C:\windows\System32\nvdrsdb1.bin
[2013/02/16 20:38:55 | 000,000,000 | ---- | M] () -- C:\windows\System32\nvdrswr.lk
[2013/02/16 20:18:23 | 000,000,664 | ---- | M] () -- C:\windows\System32\d3d9caps.dat
[2013/02/14 00:44:43 | 001,810,583 | ---- | M] () -- C:\Documents and Settings\Ally\hipster
[2013/01/25 22:55:44 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\oleaut32.dll
[2013/01/24 17:42:48 | 003,360,976 | ---- | M] (Terra Informatica Software, Inc.) -- C:\cmdhtml.dll
[2013/01/24 17:42:46 | 000,281,808 | ---- | M] (Igor Pavlov) -- C:\7za.dll
[2013/01/24 17:42:41 | 018,980,560 | ---- | M] (COMODO) -- C:\cmdinstall.exe
[2013/01/24 03:19:04 | 001,196,032 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\Memtest86-4.1.0.iso
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\windows\System32\drivers\*.tmp files -> C:\windows\System32\drivers\*.tmp -> ]
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/18 02:49:01 | 000,026,502 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\800px-Latveria_flag (1).JPG
[2013/02/18 00:58:28 | 001,196,032 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Memtest86-4.1.0.iso
[2013/02/17 23:50:12 | 000,262,704 | ---- | C] () -- C:\Documents and Settings\Ally\My Documents\bobok.xml
[2013/02/17 23:40:54 | 000,000,614 | ---- | C] () -- C:\windows\System32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2013/02/17 21:59:30 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/02/17 21:57:55 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/02/17 21:57:55 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/02/17 21:57:55 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/02/17 21:57:55 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/02/17 21:57:55 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/02/17 21:32:44 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/17 00:51:30 | 000,003,072 | ---- | C] () -- C:\windows\System32\iacenc.dll
[2013/02/17 00:51:30 | 000,003,072 | ---- | C] () -- C:\windows\System32\dllcache\iacenc.dll
[2013/02/16 22:21:20 | 002,183,944 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\the_avengers_by_liquidsky64-d4yyjly.jpg
[2013/02/16 22:15:52 | 000,355,336 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Ironman_wallpaper_by_BordomBeThyName.jpg
[2013/02/16 22:12:13 | 003,104,272 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Radium Neue.ip
[2013/02/16 22:12:13 | 000,115,290 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Radium Neue.png
[2013/02/16 21:48:04 | 000,011,578 | R--- | C] () -- C:\Documents and Settings\Ally\Desktop\Replacer.cmd
[2013/02/16 21:48:04 | 000,003,116 | R--- | C] () -- C:\Documents and Settings\Ally\Desktop\data
[2013/02/16 21:07:27 | 000,000,312 | -H-- | C] () -- C:\windows\tasks\avast! Emergency Update.job
[2013/02/16 20:58:34 | 000,001,723 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/02/16 20:58:34 | 000,001,711 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Belarc Advisor.lnk
[2013/02/16 20:58:32 | 000,003,840 | ---- | C] () -- C:\windows\System32\drivers\BANTExt.sys
[2013/02/16 20:50:46 | 000,005,208 | ---- | C] () -- C:\windows\System32\pid.PNF
[2013/02/16 20:38:55 | 000,292,700 | ---- | C] () -- C:\windows\System32\nvdrsdb1.bin
[2013/02/16 20:38:55 | 000,292,700 | ---- | C] () -- C:\windows\System32\nvdrsdb0.bin
[2013/02/16 20:38:55 | 000,000,001 | ---- | C] () -- C:\windows\System32\nvdrssel.bin
[2013/02/16 20:38:55 | 000,000,000 | ---- | C] () -- C:\windows\System32\nvdrswr.lk
[2013/02/16 20:10:29 | 000,000,664 | ---- | C] () -- C:\windows\System32\d3d9caps.dat
[2013/02/16 20:10:13 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/16 20:09:32 | 000,000,882 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/16 20:09:31 | 000,000,878 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/16 02:20:54 | 000,156,672 | ---- | C] () -- C:\windows\System32\RTLCPAPI.dll
[2013/02/16 02:19:17 | 000,141,016 | ---- | C] () -- C:\windows\System32\ALSNDMGR.WAV
[2013/02/16 02:08:23 | 001,810,583 | ---- | C] () -- C:\Documents and Settings\Ally\hipster
[2012/02/09 22:40:00 | 002,783,770 | ---- | C] () -- C:\windows\System32\nvdata.data
[2010/03/12 16:36:45 | 000,003,630 | ---- | C] () -- C:\Documents and Settings\Ally\.recently-used.xbel
[2010/02/07 16:12:04 | 000,143,718 | ---- | C] () -- C:\Documents and Settings\Ally\myhubby2.bmp
[2009/11/29 19:24:38 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\pcouffin.cat
[2009/11/29 19:24:38 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\pcouffin.inf
[2009/11/29 19:10:09 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/05/19 13:17:46 | 040,229,620 | ---- | C] () -- C:\Documents and Settings\Ally\remix.wav
[2009/05/13 17:31:53 | 000,000,518 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\burnaware.ini
[2009/03/11 18:39:26 | 000,085,504 | ---- | C] () -- C:\Documents and Settings\Ally\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/01/01 00:33:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ally\initdebug.nfo

========== ZeroAccess Check ==========

[2009/04/20 19:37:33 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/04/28 23:46:52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009/10/04 09:33:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/03/09 16:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2013/02/16 21:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/05/04 18:01:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/08/21 14:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/05/06 13:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IJJIGame
[2010/03/12 19:49:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2009/07/20 20:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2010/01/28 14:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/03/01 19:05:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickMediaConverter
[2010/03/10 22:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2009/11/29 19:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2009/07/14 19:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2009/07/24 14:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock
[2009/12/30 11:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SYSTEMAX Software Development
[2009/07/13 13:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2009/07/20 20:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2009/06/30 09:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/04/25 10:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/07/24 14:33:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{AD1633B8-8F63-40E6-8A96-9AF47AC850E1}
[2009/02/15 17:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\acccore
[2009/10/04 09:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Ahoihoi
[2009/08/22 13:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Ashampoo
[2009/02/18 16:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Auslogics
[2009/07/24 18:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Axialis
[2009/06/01 15:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Canneverbe_Limited
[2010/03/01 19:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\CocoonSoftware
[2009/05/04 18:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\DAEMON Tools Lite
[2013/02/18 16:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\DNA
[2010/02/09 19:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Efficient Diary
[2009/05/01 15:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\GetRightToGo
[2010/03/12 16:36:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\gtk-2.0
[2009/05/06 13:37:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\ijjigame
[2009/05/11 13:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\iLike
[2009/08/27 11:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Inkscape
[2009/03/13 20:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Lingoes
[2009/10/04 09:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Miranda
[2009/07/14 19:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Publish Providers
[2010/03/10 22:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Software Informer
[2009/07/13 14:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Sony
[2009/07/24 19:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Stardock
[2009/12/30 11:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\SYSTEMAX Software Development
[2009/08/28 14:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Transparent
[2009/07/21 08:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Ulead Systems
[2013/02/18 16:15:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\uTorrent
[2009/05/09 11:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Viewpoint
[2009/11/29 19:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Vso
[2009/05/01 15:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ally\Application Data\Xilisoft Corporation

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 2/18/2013 4:29:52 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ally\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.49 Gb Available Physical Memory | 82.92% Memory free
4.85 Gb Paging File | 4.51 Gb Available in Paging File | 92.99% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 277.82 Gb Free Space | 59.65% Space Free | Partition Type: NTFS
Drive D: | 931.50 Gb Total Space | 278.50 Gb Free Space | 29.90% Space Free | Partition Type: NTFS

Computer Name: HOME-46F4D09C66 | User Name: Ally | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"" =
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"" =
"58422:TCP" = 58422:TCP:*:Enabled:Pando Media Booster
"58422:UDP" = 58422:UDP:*:Enabled:Pando Media Booster
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"56294:TCP" = 56294:TCP:*:Enabled:Pando Media Booster
"56294:UDP" = 56294:UDP:*:Enabled:Pando Media Booster
"" =
"58422:TCP" = 58422:TCP:*:Enabled:Pando Media Booster
"58422:UDP" = 58422:UDP:*:Enabled:Pando Media Booster
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"58670:TCP" = 58670:TCP:*:Enabled:Pando Media Booster
"58670:UDP" = 58670:UDP:*:Enabled:Pando Media Booster
"57761:TCP" = 57761:TCP:*:Enabled:Pando Media Booster
"57761:UDP" = 57761:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe" = C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services -- ()
"C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe" = C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone V3 Application -- ()
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe" = C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services -- ()
"C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe" = C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone V3 Application -- ()
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\WINDOWS\system32\dlcxcoms.exe" = C:\WINDOWS\system32\dlcxcoms.exe:*:Enabled:Dell 926 Server -- ( )
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL Inc.)
"C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe" = C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe" = C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe:127.0.0.1/255.255.255.255:Enabled:GeekBuddy RSP


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08F8FD7C-44A5-4423-B87C-EBD3D94C9F87}" = Vampire - The Masquerade Bloodlines
"{0BBBA9A9-02E8-467D-BE57-4797A50F7861}" = Intel® Network Connections 15.1.29.0
"{107254A0-0ADF-11D4-9397-00D0B7020B38}" =
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = The Sims™ 2 Mansion and Garden Stuff
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 17
"{26A24AE4-039D-4CA4-87B4-2F83216013FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216017FB}" =
"{26B5AD79-EE99-4E17-93A6-AF215E3A81E9}" =
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2AC6B7A8-0199-4D13-99C0-C0BD76E41BBC}" = musicshakeENG
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{403EF592-953B-4794-BCEF-ECAB835C2095}" =
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{49253DE2-FC99-4BE3-99A4-DAB01A8E6088}" = Camtasia Studio 6
"{582876EC-A178-44D4-9823-C10D6C62EAFF}" =
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{6102D63A-9387-4FC8-98E4-181121F8C0BA}" = MPlugin_USA
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = The Sims 2 Family Fun Stuff
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Home Stuff
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7210BCFE-ED8D-4261-8537-81B5A4BDFA2A}" = Rosetta Stone V3
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 H&M® Fashion Stuff
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 FreeTime
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims 2 Glamour Life Stuff
"{A0CD6AEA-A97A-4C0A-80A9-D623C358273F}" = CloudNine
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB300003" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB958483" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB960043" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB975195" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976570" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976578" =
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B7E2A724-2774-4AC2-9F0A-B58C7319B6E6}" = Sony Vegas Pro 8.0
"{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}" =
"{BB8B979E-E336-47E7-96BC-1031C1B94561}" =
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003" =
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043" =
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D9A8E7D7-8309-4FD0-B12A-B6BC783B0CDF}" = IMWhiteboard
"{DEABAFD0-4BB9-46FA-BDC2-CDB5AA2FAE79}" = IMRemote
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E448503F-D677-46DB-AC77-7F9F094DFC01}" = openCanvas4.5e Plus
"{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}" = NVIDIA PhysX v8.10.17
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Bon Voyage
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FD9E03B5-AEEA-4D59-B512-6CE4AA0281D4}" = Byki
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM MusicLink 4.0.0.0" = AIM MusicLink 4.0.0.0
"AIM_7" = AIM 7
"AOL Diagnostics_N" =
"AOLOCP_Y" =
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"Avi2Dvd" = Avi2Dvd 0.5
"AviSynth" = AviSynth 2.5
"Belarc Advisor" = Belarc Advisor 8.3
"Branding" =
"BurnAware Free_is1" = BurnAware Free 2.3.5
"CABAL Online_is1" = CABAL Online
"CamStudio" = CamStudio
"Colorizer 1.0.0.1" = Colorizer 1.0.0.1
"Connection Manager" =
"Cucusoft MPEG/MOV/RM/AVI to DVD/VCD/SVCD/MPEG Co~546FA5AA_is1" = Cucusoft MPEG/MOV/RM/AVI to DVD/VCD/SVCD/MPEG Converter Pro 7.0
"CursorWorkshop" = Axialis CursorWorkshop 6.31
"Digsby" = Digsby
"DMX5_is1" = DriverMax 5
"DriverAgent" = %s Plugin for Netscape by eSupport.com
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.5.0
"Efficient Diary_is1" = Efficient Diary 1.88
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Free DVD Video Burner_is1" = Free DVD Video Burner version 1.2
"Free MP3 Sound Recorder_is1" = Free MP3 Sound Recorder v1.9
"Free Realms Installer" = Free Realms Installer
"Free Video to DVD Converter_is1" = Free Video to DVD Converter version 1.2
"Free Video to Mp3 Converter_is1" = Free Video to Mp3 Converter version 3.1
"Google Chrome" = Google Chrome
"Graboid Video" = Graboid Video 1.65
"Hamachi" = Hamachi 1.0.3.0
"IconPackager" = IconPackager
"IDNMitigationAPIs" =
"ie7" =
"ie8" = Windows Internet Explorer 8
"Impulse" = Impulse
"ImTOO AVI to DVD Converter" = ImTOO AVI to DVD Converter
"Inkscape" = Inkscape 0.46
"InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines
"InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Lingoes Translator_is1" = Lingoes 2.5.3
"Magic DVD Ripper_is1" = Magic DVD Ripper V5.4.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Miranda IM" = Miranda IM 0.8.8
"MOVAVI VideoSuite 3.5" = MOVAVI VideoSuite 3.5
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NirSoft BlueScreenView" = NirSoft BlueScreenView
"NLSDownlevelMapping" =
"No-IP.com DUC" = No-IP.com DUC (remove only)
"PC Pitstop Optimize_is1" = PC Pitstop Optimize 1.5
"PCHealth" =
"Pen Tablet Driver" = Pen Tablet
"PremiumSoft Navicat Lite 8.2_is1" = PremiumSoft Navicat Lite 8.2
"PROSetDX" =
"Software Informer_is1" = Software Informer 1.0 BETA
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Speccy" = Speccy
"ST5UNST #1" = Janus 4.1
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"Uninstall_is1" = Uninstall 1.0.0.1
"Veoh Video Downloader_is1" = Veoh Video Downloader 3.14
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.4
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WinX DVD Ripper_is1" = WinX DVD Ripper 4.2.1
"WMCSetup" =
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"Byki Express for N/A" = Byki Express for N/A
"Dungeon Sea Online" = Dungeon Sea Online
"ijji FireFox Launcher" = ijji FireFox Launcher 1.0
"QUICKMEDIACONVERTER" = QMC

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2/17/2013 11:14:24 PM | Computer Name = HOME-46F4D09C66 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 2/17/2013 11:14:24 PM | Computer Name = HOME-46F4D09C66 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 2/17/2013 11:14:24 PM | Computer Name = HOME-46F4D09C66 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 2/17/2013 11:14:24 PM | Computer Name = HOME-46F4D09C66 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The server name or address could not be resolved

Error - 2/17/2013 11:57:41 PM | Computer Name = HOME-46F4D09C66 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module msxml3.dll, version 8.100.1053.0, fault address 0x000a1465.

Error - 2/18/2013 12:41:15 AM | Computer Name = HOME-46F4D09C66 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 2/18/2013 12:41:15 AM | Computer Name = HOME-46F4D09C66 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 2/18/2013 12:41:15 AM | Computer Name = HOME-46F4D09C66 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 2/18/2013 1:09:32 AM | Computer Name = HOME-46F4D09C66 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 2/18/2013 1:09:32 AM | Computer Name = HOME-46F4D09C66 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

[ System Events ]
Error - 2/18/2013 12:58:28 AM | Computer Name = HOME-46F4D09C66 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 2/18/2013 12:58:29 AM | Computer Name = HOME-46F4D09C66 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 2/18/2013 12:58:29 AM | Computer Name = HOME-46F4D09C66 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 2/18/2013 12:58:29 AM | Computer Name = HOME-46F4D09C66 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 2/18/2013 1:19:39 AM | Computer Name = HOME-46F4D09C66 | Source = Service Control Manager | ID = 7031
Description = The avast! Antivirus service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.

Error - 2/18/2013 1:35:30 AM | Computer Name = HOME-46F4D09C66 | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NwlnkNb. The backup browser is stopping.

Error - 2/18/2013 3:30:26 AM | Computer Name = HOME-46F4D09C66 | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NwlnkNb. The backup browser is stopping.

Error - 2/18/2013 4:05:57 AM | Computer Name = HOME-46F4D09C66 | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NwlnkNb. The backup browser is stopping.

Error - 2/18/2013 4:29:58 AM | Computer Name = HOME-46F4D09C66 | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{15D2CD05-3B7B-46ED-A6B3-2E4BE1EDD31D}. The
backup browser is stopping.

Error - 2/18/2013 5:04:02 PM | Computer Name = HOME-46F4D09C66 | Source = System Error | ID = 1003
Description = Error code 1000000a, parameter1 00000004, parameter2 00000002, parameter3
00000000, parameter4 804e7eed.


< End of report >
  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts

I hope I'm posting this correctly.


Perfect. :)

There are certainly problems showing in your logs but I think we could do with a bit more information before taking action.

Now

Firstly please uninstall Comodo as it will likely interfere with the tools we will be using. You can reinstall it later if you wish.

Step 2

Open SuperAntiSpware and click on the radio button View Scan Logs click on the last two logs and paste the logs back here.

Step 3

You have ComboFix on your machine.

Right click on Start > Explore and navigate to:

:\Qoobox folder (most likely C:\Qoobox\ComboFix.txt) and pasting the contents of the last two text files back here.

Note: ComboFix.txt are numbered so if there was more than one run for instance you might find C:\Qoobox\ComboFix2.txt. etc.

Lastly in this post

Please download Farbar Service Scanner and run.

  • Make sure the following options are checked:


  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Other Services

[*]Press Scan
[*]A log (FSS.txt) will be created in the same directory the tool is run.
[*]Copy and paste the log back here.
[/list]So when you return please post
  • SAS logs
  • ComboFix logs
  • FSS.txt

  • 0

#7
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Alright, I think it uninstalled combofix. Superantispyware refuses to boot up, it errors and asks if I want to restart it, I click yes and the same thing happens. The last time I ran it was back in 2010 though, so I don't know if those logs would be useful to you and it wouldn't let me access them through the program. If you need them and know of any way to get them, let me know. There's only one recent combofix log, the rest are from 2011, so I didn't paste them, but if you need those please let me know. I included the FSS log as you asked in this post too.

ComboFix 13-02-15.01 - Ally 02/17/2013 22:06:36.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3071.2426 [GMT -5:00]
Running from: c:\documents and settings\Ally\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\D81EDBF9-D167-4011-B77D-211DF920EB80
c:\documents and settings\All Users\Application Data\DynuEncrypt.dll
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Ally\Application Data\Dealio
c:\documents and settings\Ally\Application Data\Dealio\res\widgets.xml
c:\documents and settings\Ally\Application Data\Dealio\temp\http___www_dealio_com_rss_coupons-deals_dotd_.xml
c:\documents and settings\Ally\Application Data\inst.exe
c:\documents and settings\Ally\ggtranslate.exe
c:\documents and settings\Ally\My Documents\Downloads\PowerPointViewer.exe
c:\program files\Dealio Toolbar
c:\program files\Dealio Toolbar\FF\chrome.manifest
c:\program files\Dealio Toolbar\FF\chrome\chrome.jar
c:\program files\Dealio Toolbar\FF\install.rdf
c:\program files\Dealio Toolbar\IE\6.9\config.ini
c:\program files\Dealio Toolbar\IE\6.9\dealioToolbarIE.dll
c:\program files\Dealio Toolbar\Res\amazon.gif
c:\program files\Dealio Toolbar\Res\apple.gif
c:\program files\Dealio Toolbar\Res\barnes.gif
c:\program files\Dealio Toolbar\Res\bestbuy.gif
c:\program files\Dealio Toolbar\Res\dealio_logo.gif
c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\Res\ebay.gif
c:\program files\Dealio Toolbar\Res\facebook.gif
c:\program files\Dealio Toolbar\Res\googleplus.gif
c:\program files\Dealio Toolbar\Res\icon_settings.gif
c:\program files\Dealio Toolbar\Res\Lang\res1031.ini
c:\program files\Dealio Toolbar\Res\Lang\res1033.ini
c:\program files\Dealio Toolbar\Res\Lang\res1034.ini
c:\program files\Dealio Toolbar\Res\Lang\res1036.ini
c:\program files\Dealio Toolbar\Res\Lang\res1040.ini
c:\program files\Dealio Toolbar\Res\macys.gif
c:\program files\Dealio Toolbar\Res\newegg.gif
c:\program files\Dealio Toolbar\Res\overstock.gif
c:\program files\Dealio Toolbar\Res\radio-close.gif
c:\program files\Dealio Toolbar\Res\radio-minimize.gif
c:\program files\Dealio Toolbar\Res\radiobeta.gif
c:\program files\Dealio Toolbar\Res\search-button-hover.gif
c:\program files\Dealio Toolbar\Res\search-button.gif
c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files\Dealio Toolbar\Res\search-chevron.gif
c:\program files\Dealio Toolbar\Res\search_amazon.gif
c:\program files\Dealio Toolbar\Res\search_baidu.gif
c:\program files\Dealio Toolbar\Res\search_dealio.gif
c:\program files\Dealio Toolbar\Res\search_ebay.gif
c:\program files\Dealio Toolbar\Res\search_yahoo.gif
c:\program files\Dealio Toolbar\Res\search_yandex.gif
c:\program files\Dealio Toolbar\Res\target.gif
c:\program files\Dealio Toolbar\Res\twitter.gif
c:\program files\Dealio Toolbar\Res\walmart.gif
c:\program files\Dealio Toolbar\Res\widgets.xml
c:\program files\Dealio Toolbar\WidgiHelper.exe
c:\program files\SGPSA
c:\windows\dasetup.log
c:\windows\system32\system.dll
c:\windows\UA000106.DLL
c:\windows\wininit.ini
D:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-01-18 to 2013-02-18 )))))))))))))))))))))))))))))))
.
.
2013-02-18 02:33 . 2013-02-18 02:33 -------- d-----w- c:\documents and settings\Ally\Application Data\Malwarebytes
2013-02-18 02:32 . 2013-02-18 02:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-02-18 02:32 . 2013-02-18 02:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-18 02:32 . 2012-12-14 21:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-17 20:54 . 2013-02-17 20:54 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2013-02-17 06:05 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2013-02-17 06:02 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2013-02-17 06:02 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2013-02-17 06:01 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2013-02-17 06:00 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2013-02-17 06:00 . 2012-12-16 12:23 290560 -c----w- c:\windows\system32\dllcache\atmfd.dll
2013-02-17 05:58 . 2012-05-28 18:16 536576 -c----w- c:\windows\system32\dllcache\msado15.dll
2013-02-17 05:57 . 2012-07-04 14:05 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2013-02-17 05:54 . 2012-12-26 20:16 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2013-02-17 05:54 . 2012-12-26 20:16 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2013-02-17 05:51 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2013-02-17 05:51 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2013-02-17 05:51 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2013-02-17 05:48 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2013-02-17 02:51 . 2008-04-14 00:12 218624 ----a-w- c:\windows\system32\uxtheme.backup
2013-02-17 02:07 . 2012-10-30 23:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-17 02:07 . 2012-10-30 23:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-17 02:07 . 2012-10-30 23:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-17 02:07 . 2012-10-30 23:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-17 02:06 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-17 02:06 . 2012-10-30 23:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-17 02:06 . 2013-02-17 02:06 -------- d-----w- c:\program files\AVAST Software
2013-02-17 02:06 . 2013-02-17 02:06 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2013-02-17 02:02 . 2013-02-17 02:02 -------- d-----w- c:\program files\Magical Jelly Bean
2013-02-17 01:58 . 2013-02-17 01:58 -------- d-----w- c:\program files\Belarc
2013-02-17 01:58 . 2011-08-09 21:33 3840 ----a-w- c:\windows\system32\drivers\BANTExt.sys
2013-02-17 01:57 . 2013-02-17 01:57 -------- d-----w- c:\documents and settings\Ally\Application Data\Search Settings
2013-02-17 01:57 . 2013-02-17 01:57 -------- d-----w- c:\program files\Application Updater
2013-02-17 01:57 . 2013-02-17 01:57 -------- d-----w- c:\program files\Common Files\Spigot
2013-02-17 01:52 . 2013-02-17 01:52 -------- d-----w- c:\program files\Common Files\Software Update Utility
2013-02-17 01:38 . 2013-02-17 01:39 292700 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-02-17 01:38 . 2013-02-17 01:39 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-02-17 01:38 . 2013-02-17 01:38 292700 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-02-17 01:38 . 2013-02-17 01:38 -------- d-----w- c:\program files\NVIDIA Corporation
2013-02-17 01:09 . 2013-02-17 01:10 -------- d-----w- c:\documents and settings\Ally\Local Settings\Application Data\Google
2013-02-17 01:09 . 2013-02-17 01:09 -------- d-----w- c:\program files\Google
2013-02-16 07:45 . 2013-02-17 00:29 -------- d-----w- c:\documents and settings\Ally\Backed up files from the 1TB
2013-02-16 07:20 . 2004-11-17 08:11 9319936 ----a-w- c:\windows\system32\RTLCPL.EXE
2013-02-16 07:20 . 2004-09-07 06:23 156672 ----a-w- c:\windows\system32\RTLCPAPI.dll
2013-02-16 07:20 . 2004-07-16 06:19 70400 ----a-w- c:\windows\system32\drivers\Rtlnicxp.sys
2013-02-16 07:19 . 2004-11-17 11:05 2297664 ----a-w- c:\windows\system32\drivers\ALCXWDM.SYS
2013-02-16 07:19 . 2004-11-17 08:08 16162816 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2013-02-11 00:37 . 2008-04-13 18:45 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2013-02-11 00:37 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2013-02-11 00:37 . 2008-04-14 00:12 91136 ----a-w- c:\windows\system32\kswdmcap.ax
2013-02-11 00:37 . 2008-04-14 00:12 61952 ----a-w- c:\windows\system32\kstvtune.ax
2013-02-11 00:37 . 2008-04-14 00:12 43008 ----a-w- c:\windows\system32\ksxbar.ax
2013-02-11 00:37 . 2008-04-14 00:12 20992 ----a-w- c:\windows\system32\dshowext.ax
2013-02-11 00:37 . 2008-04-14 00:12 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2013-02-11 00:37 . 2008-04-14 00:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2013-02-11 00:36 . 2008-04-13 18:40 5504 -c--a-w- c:\windows\system32\dllcache\intelide.sys
2013-02-11 00:36 . 2008-04-13 18:40 5504 ----a-w- c:\windows\system32\drivers\intelide.sys
2013-02-11 00:35 . 2008-04-13 18:45 10624 -c--a-w- c:\windows\system32\dllcache\gameenum.sys
2013-02-11 00:35 . 2008-04-13 18:45 10624 ----a-w- c:\windows\system32\drivers\gameenum.sys
2013-01-27 18:53 . 2013-01-27 18:54 -------- d-----w- C:\f12faa67f3615af0b880
2013-01-26 03:55 . 2013-01-26 03:55 552448 -c----w- c:\windows\system32\dllcache\oleaut32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 03:55 . 2004-08-04 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:19 . 2004-08-04 12:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37 . 2004-08-03 22:59 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20 . 2004-08-04 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-04 12:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-04 12:00 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:16 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:16 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:16 . 2004-08-04 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2004-08-04 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-02-19 1262888]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVD1.dll" [2010-02-20 2349080]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2009-02-11 18:40 365960 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
2010-02-20 18:27 2349080 ----a-w- c:\program files\DVDVideoSoft\tbDVD1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-02-11 365960]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVD1.dll" [2010-02-20 2349080]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}"= "c:\program files\DVDVideoSoft\tbDVD1.dll" [2010-02-20 2349080]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-02-11 365960]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-10-07 323392]
"Aim"="c:\program files\AIM\aim.exe" [2012-05-30 4331392]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2010-01-28 2937528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Ask and Record FLV Service"="c:\program files\Ask & Record Toolbar\FLVSrvc.exe" [2009-03-10 156672]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"UVS12 Preload"="c:\program files\Corel\Corel VideoStudio 12\uvPL.exe" [2008-06-09 397456]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-03-04 1983760]
"PC Pitstop Optimize Scheduler"="c:\program files\PCPitstop\Optimize\PCPOptimize.exe" [2008-03-26 2577120]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-12 483422]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 77824]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2013-02-08 1320768]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"DLCXCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll" [2006-10-16 106496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-12-14 512360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-03-09 21:18 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Rosetta Stone\\Rosetta Stone V3\\support\\bin\\win\\RosettaStoneLtdServices.exe"=
"c:\\Program Files\\Rosetta Stone\\Rosetta Stone V3\\RosettaStoneVersion3.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\WINDOWS\\system32\\dlcxcoms.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56294:TCP"= 56294:TCP:Pando Media Booster
"56294:UDP"= 56294:UDP:Pando Media Booster
"<NO NAME>"=
"58422:TCP"= 58422:TCP:Pando Media Booster
"58422:UDP"= 58422:UDP:Pando Media Booster
"58670:TCP"= 58670:TCP:Pando Media Booster
"58670:UDP"= 58670:UDP:Pando Media Booster
"57761:TCP"= 57761:TCP:Pando Media Booster
"57761:UDP"= 57761:UDP:Pando Media Booster
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5/4/2009 5:58 PM 721904]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2/16/2013 9:07 PM 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/16/2013 9:07 PM 361032]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [3/3/2010 7:54 PM 214056]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [3/3/2010 7:54 PM 25160]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [5/26/2009 9:05 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/26/2009 9:05 AM 66632]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2/8/2013 10:38 AM 805240]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/16/2013 9:07 PM 21256]
R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [10/13/2011 5:21 PM 249648]
R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [4/11/2009 3:39 PM 1373480]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2/15/2009 5:31 PM 24652]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [11/29/2009 7:24 PM 47360]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [4/23/2009 2:29 PM 234888]
S2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [10/21/2011 3:23 PM 196176]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5/26/2009 9:05 AM 12872]
S3 XDva225;XDva225;\??\c:\windows\system32\XDva225.sys --> c:\windows\system32\XDva225.sys [?]
S3 XDva279;XDva279;\??\c:\windows\system32\XDva279.sys --> c:\windows\system32\XDva279.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-17 01:09 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-18 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-17 23:50]
.
2013-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-17 01:09]
.
2013-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-17 01:09]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.netgame.com
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\documents and settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.greatsearchnow.com/greatsearch.aspx?category=web&Toolbar_id={6085181D-CCAA-53FD-9064-E56AABD295C5}&query=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=966134&p=
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
Notify-AtiExtEvent - (no file)
AddRemove-Guild Wars - c:\program files\Guild Wars\Gw.exe
AddRemove-IFlyFF .5 - c:\program files\IFlyFF\IFlyFF\Uninstall.exe
AddRemove-PaintToolSAI - c:\documents and settings\Ally\My Documents\Downloads\PaintToolSAI\uninst.exe
AddRemove-{4817189D-1785-4627-A33C-39FD90919300} - c:\program files\EA GAMES\The Sims 2 Pets\EAUninstall.exe
AddRemove-{5C648FDB-0138-4619-B66E-230EF53E8E2C} - c:\program files\EA GAMES\The Sims 2 Teen Style Stuff\EAUninstall.exe
AddRemove-{7B3577F5-1D82-4C9B-008B-69D026FD8BCA} - c:\program files\EA GAMES\The Sims 2 Open For Business\EAUninstall.exe
AddRemove-{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2} - c:\program files\EA GAMES\The Sims 2 University\EAUninstall.exe
AddRemove-{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06} - c:\program files\EA GAMES\The Sims 2 Seasons\EAUninstall.exe
AddRemove-{F7529650-B9DB-481B-0089-A2AC3C2821C1} - c:\program files\EA GAMES\The Sims 2 Nightlife\EAUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-17 22:20
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose, ZwOpenFile
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCXCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll,[email protected]???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1417001333-287218729-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(828)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
Completion time: 2013-02-17 22:22:48
ComboFix-quarantined-files.txt 2013-02-18 03:22
ComboFix2.txt 2011-08-20 03:40
ComboFix3.txt 2011-08-19 03:07
ComboFix4.txt 2011-08-19 02:28
ComboFix5.txt 2011-08-21 01:32
.
Pre-Run: 299,264,131,072 bytes free
Post-Run: 299,282,653,184 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 6E7C37EB68C7CBE84CE0FA0F3591EE18

Farbar Service Scanner Version: 18-02-2013
Ran by Ally (administrator) on 18-02-2013 at 17:38:42
Running from "C:\Documents and Settings\Ally\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice service is OK.


System Restore Disabled Policy:
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=DWORD:1


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\windows\system32\dhcpcsvc.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\netbt.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\windows\system32\Drivers\ipsec.sys => MD5 is legit
C:\windows\system32\dnsrslvr.dll => MD5 is legit
C:\windows\system32\ipnathlp.dll => MD5 is legit
C:\windows\system32\netman.dll => MD5 is legit
C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\srsvc.dll => MD5 is legit
C:\windows\system32\Drivers\sr.sys => MD5 is legit
C:\windows\system32\wscsvc.dll => MD5 is legit
C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuauserv.dll
[2009-02-15 16:21] - [2008-04-13 19:12] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A

C:\windows\system32\qmgr.dll => MD5 is legit
C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\services.exe
[2004-08-04 07:00] - [2009-02-06 06:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


Extra List:
=======
aswTdi(10) Gpc(3) IPSec(5) NetBT(6) NwlnkIpx(8) NwlnkNb(9) PSched(7) Tcpip(4)
0x0A00000005000000010000000200000003000000040000000A00000006000000070000000800000009000000
IpSec Tag value is correct.

**** End of log ****
  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts

Alright, I think it uninstalled combofix.


It was COMODO we wanted unininstalled... not ComboFix. Not to worry if you have uninstalled ComboFix... we can deal with that later but if you haven't uninstalled COMODO please do so now. :)

Superantispyware refuses to boot up, it errors and asks if I want to restart it, I click yes and the same thing happens. The last time I ran it was back in 2010 though, so I don't know if those logs would be useful to you and it wouldn't let me access them through the program.


That tells me what I wanted to know. SAS did have a habit of removing a service by mistake and I wanted to check that it hadn't done that and maybe moved it to quarantine.

See if you can uninstall it. No use having it if you are not using it and it may just be conflicting and getting in the way of things. Tell me if you have difficulty with that.

Also this one:

Viewpoint Manager is considered as foistware instead of malware since it is mostly installed without users approval. Check out this article:

http://www.clickz.com/news/article.php/3561546

Up to you but I recommend removal of this program. Click on Start > Control Panel > Add or Remove Programs uninstall the following if they exist:

Viewpoint, Viewpoint Manager, Viewpoint Media Player.

Now

Let's see if we can remove some bits and pieces of malware and then see what can be done with any left over system problems.

Please run OTL.exe

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    DRV - (XDva279) -- C:\windows\system32\XDva279.sys File not found
    DRV - (XDva225) -- C:\WINDOWS\system32\XDva225.sys File not found
    DRV - (i2omgmt) -- File not found
    DRV - (Changer) -- File not found
    DRV - (ak4ja6v1) -- File not found
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2269050
    FF - prefs.js..browser.search.defaulturl: "http://www.greatsearchnow.com/greatsearch.aspx?category=web&Toolbar_id={6085181D-CCAA-53FD-9064-E56AABD295C5}&query="
    FF - prefs.js..browser.search.order.1: "Fast Browser Search"
    FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2269050&SearchSource=13"
    FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.7
    FF - prefs.js..extensions.enabledItems: [email protected]:1.0.8.0552
    FF - prefs.js..extensions.enabledItems: [email protected]:4.0.2
    FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:1.5.41.0
    [2009/12/26 14:51:33 | 000,000,000 | ---D | M] (FaceFun) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    [2009/10/10 11:33:31 | 000,000,000 | ---D | M] (Gaia Online Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{2e768a0b-9ee3-4e60-babc-9ff4bc4aacfb}
    [2009/02/22 14:35:01 | 000,000,000 | ---D | M] (Meez Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{6260b5bb-930d-477c-83a9-ff91c6dc8a29}
    [2009/07/08 12:37:15 | 000,000,000 | ---D | M] (The Pirate Bay Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{a33fa729-d155-4b23-842b-2c665ecabdb6}
    [2009/11/29 18:14:38 | 000,000,881 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\conduit.xml
    [2009/05/03 08:31:35 | 000,007,992 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\do-great-good.xml
    [2009/03/15 20:01:54 | 000,002,269 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\dogpile---search-and-rescue.xml
    [2009/03/21 19:52:20 | 000,002,014 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\dogpile.xml
    [2010/03/06 03:20:48 | 000,002,373 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\search-the-web.xml
    File not found (No name found) -- C:\PROGRAM FILES\DEALIO TOOLBAR\FF
    File not found (No name found) -- C:\PROGRAM FILES\DEALIO TOOLBAR\SSFF
    O2 - BHO: (Fast Browser Search Toolbar Helper) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - Reg Error: Value error. File not found
    O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - Reg Error: Value error. File not found
    [1 C:\windows\System32\drivers\*.tmp files -> C:\windows\System32\drivers\*.tmp -> ]
    [1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [emptyflash]
    [emptyjava]
    [Reboot]
    
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.The log is saved in the same location as OTL.
Next

Please download AdwCleaner from here to your desktop
  • Click on the green downward facing arrow on the right to commence download.
  • Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this.

On reboot a log will be produced please post that back here.

Finally in this post

  • Close all windows and open OTL again.
  • Click Run Scan and let the program run uninterrupted
  • It will produce a log for you. Post the log here.
Note: If the log doesn't appear where you saved OTL when you downloaded it then a copy of the OTL log is saved in a text file at

When you return please post
  • OTL fix txt
  • AdwCleaner log
  • OTL scan txt

  • 0

#9
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Sorry for the combofix thing, I can be such an idiot sometimes. I tried to uninstall Comodo but it wasn't in add remove, so I used the unofficial tool from the forums for Comodo, it errored and said that certain files weren't there and that it wasn't considered installed, but it did remove some files too. I booted back up and Comodo didn't boot up with the system, but I'm not sure it's uninstalled. I don't know why it's giving me such a hassle. I uninstalled Superantispyware as well, along with viewpoint. I ran the fix you gave me, but it froze during the restart on the log out screen and I let it sit there for about 30 minutes, hoping it would eventually reboot, but it didn't so I had to do an emergency shut down. I'm not sure if the fix worked, I couldn't find a log with the exact name you provided me but I did find one in a folder called "_OTL". Also, after I ran the fix and after I did the shut down because it froze, as the computer started I got a new error pop up, saying something about CFP.exe having a critical error and not running from the directory it should be to function properly. Anyway, here are the logs I have. I'm not sure if this OTL log is from the fix you provided me or not, but here it is. It's all I could find.

========== OTL ==========
Service XDva279 stopped successfully!
Service XDva279 deleted successfully!
File C:\windows\system32\XDva279.sys File not found not found.
Service XDva225 stopped successfully!
Service XDva225 deleted successfully!
File C:\WINDOWS\system32\XDva225.sys File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
Error: No service named ak4ja6v1 was found to stop!
Service\Driver key ak4ja6v1 not found.
File File not found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Prefs.js: "http://www.greatsear...D295C5}&query=" removed from browser.search.defaulturl
Prefs.js: "Fast Browser Search" removed from browser.search.order.1
Prefs.js: "http://search.condui...earchSource=13" removed from browser.startup.homepage
Prefs.js: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.7 removed from extensions.enabledItems
Prefs.js: [email protected]:1.0.8.0552 removed from extensions.enabledItems
Prefs.js: [email protected]:4.0.2 removed from extensions.enabledItems
Prefs.js: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:1.5.41.0 removed from extensions.enabledItems
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\META-INF folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\components folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\chrome\content\facefun_product folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\chrome\content folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\chrome folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{2e768a0b-9ee3-4e60-babc-9ff4bc4aacfb}\META-INF folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{2e768a0b-9ee3-4e60-babc-9ff4bc4aacfb}\components folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{2e768a0b-9ee3-4e60-babc-9ff4bc4aacfb}\chrome\skin\weather folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{2e768a0b-9ee3-4e60-babc-9ff4bc4aacfb}\chrome\skin\gray03 folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{2e768a0b-9ee3-4e60-babc-9ff4bc4aacfb}\chrome\skin folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{2e768a0b-9ee3-4e60-babc-9ff4bc4aacfb}\chrome\content\locale folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{2e768a0b-9ee3-4e60-babc-9ff4bc4aacfb}\chrome\content\flashradio folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{2e768a0b-9ee3-4e60-babc-9ff4bc4aacfb}\chrome\content folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{2e768a0b-9ee3-4e60-babc-9ff4bc4aacfb}\chrome folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{2e768a0b-9ee3-4e60-babc-9ff4bc4aacfb} folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{6260b5bb-930d-477c-83a9-ff91c6dc8a29}\searchplugin folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{6260b5bb-930d-477c-83a9-ff91c6dc8a29}\META-INF folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{6260b5bb-930d-477c-83a9-ff91c6dc8a29}\lib folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{6260b5bb-930d-477c-83a9-ff91c6dc8a29}\defaults folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{6260b5bb-930d-477c-83a9-ff91c6dc8a29}\components folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{6260b5bb-930d-477c-83a9-ff91c6dc8a29}\chrome folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{6260b5bb-930d-477c-83a9-ff91c6dc8a29} folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{a33fa729-d155-4b23-842b-2c665ecabdb6}\searchplugin folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{a33fa729-d155-4b23-842b-2c665ecabdb6}\META-INF folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{a33fa729-d155-4b23-842b-2c665ecabdb6}\lib folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{a33fa729-d155-4b23-842b-2c665ecabdb6}\defaults folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{a33fa729-d155-4b23-842b-2c665ecabdb6}\components folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{a33fa729-d155-4b23-842b-2c665ecabdb6}\chrome folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{a33fa729-d155-4b23-842b-2c665ecabdb6} folder moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\do-great-good.xml moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\dogpile---search-and-rescue.xml moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\dogpile.xml moved successfully.
C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\search-the-web.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ deleted successfully.
C:\windows\System32\drivers\SET56.tmp deleted successfully.
C:\windows\System32\CONFIG.TMP deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Ally\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Ally\My Documents\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users

User: Ally
->Flash cache emptied: 346268 bytes

User: Default User

User: DZH~1.OLY

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Ally
->Java cache emptied: 1637038037 bytes

User: Default User

User: DZH~1.OLY

User: LocalService

User: NetworkService

Total Java Files Cleaned = 1,561.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02182013_185438

# AdwCleaner v2.112 - Logfile created 02/18/2013 at 20:31:24
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Ally - HOME-46F4D09C66
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Ally\Desktop\adwcleaner0.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\daemon-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Search Settings
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
Folder Deleted : C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\Conduit
Folder Deleted : C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\CT1060933
Folder Deleted : C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\CT2269050
Folder Deleted : C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
Folder Deleted : C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
Folder Deleted : C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\FCTB
Folder Deleted : C:\Documents and Settings\Ally\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Ally\Local Settings\Application Data\Winamp Toolbar
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\Winamp Toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{055069F3-F78B-4BD1-A277-FE66648D3300}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D59156-647B-4B06-B20E-0E297A1077BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BE990A32-C2EC-4654-8FD0-26FECEA81998}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C878CD69-85DB-426B-81A3-E71175AAEB91}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\Software\Winamp Toolbar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.fastbrowsersearch.com/new-tab/?v=18&tid={13BB872B-7224-4746-9E81-93AE854CF449} --> hxxp://www.google.com

-\\ Mozilla Firefox v3.6 (en-US)

File : C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\prefs.js

C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\user.js ... Deleted !

Deleted : user_pref("CT1060933.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT1060933.AllowNonPrivacy", false);
Deleted : user_pref("CT1060933.CTID", "CT1060933");
Deleted : user_pref("CT1060933.CTPBaseServerUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT1060933.CommunitiesChangesLastCheckTime", "Thu May 14 2009 17:21:05 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT1060933.CommunityChanged", false);
Deleted : user_pref("CT1060933.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1060933.DownloadDomainsCheckInterval", "168");
Deleted : user_pref("CT1060933.DownloadDomainsListLastCheckTime", "Fri May 08 2009 19:47:43 GMT-0400 (Eastern [...]
Deleted : user_pref("CT1060933.DownloadDomainsListLastServerUpdateTime", "1201073583");
Deleted : user_pref("CT1060933.EMailNotifierPollDate", "Mon May 11 2009 23:05:47 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT1060933.FirstTime", true);
Deleted : user_pref("CT1060933.FirstTimeFF3", true);
Deleted : user_pref("CT1060933.Initialize", true);
Deleted : user_pref("CT1060933.IsGrouping", false);
Deleted : user_pref("CT1060933.IsMulticommunity", true);
Deleted : user_pref("CT1060933.LanguagePackLastCheckTime", "Wed May 13 2009 18:18:41 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT1060933.LanguagePackReloadInterval", "24");
Deleted : user_pref("CT1060933.LastLogin", "Thu May 14 2009 17:21:06 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT1060933.Locale", "en-us");
Deleted : user_pref("CT1060933.LoginCache", "4");
Deleted : user_pref("CT1060933.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT1060933.MCDetectTooltipShow", true);
Deleted : user_pref("CT1060933.MCDetectTooltipUrl", "hxxp://@[email protected]/rank/tooltip/?version=1");
Deleted : user_pref("CT1060933.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT1060933.RadioIsPodcast", false);
Deleted : user_pref("CT1060933.RadioLastCheckTime", "Thu May 14 2009 19:52:38 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT1060933.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT1060933.RadioLastUpdateServer", "128860360783570000");
Deleted : user_pref("CT1060933.RadioMediaID", "5020427");
Deleted : user_pref("CT1060933.RadioMediaType", "Media Player");
Deleted : user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT10609335020427");
Deleted : user_pref("CT1060933.RadioStationName", "Classic%20Rock");
Deleted : user_pref("CT1060933.RadioStationURL", "hxxp://tuner1.dc1.sonixtream.com/playlists/wmgk/wmgkWMGKFM.a[...]
Deleted : user_pref("CT1060933.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT1060933.Server", "hxxp://users.conduit.com");
Deleted : user_pref("CT1060933.SettingsLastUpdate", "1242298758");
Deleted : user_pref("CT1060933.ThirdPartyComponentsInterval", "72");
Deleted : user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Fri May 08 2009 19:47:44 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1241555278");
Deleted : user_pref("CT1060933.ToolbarAlignMode", "SYSTEM");
Deleted : user_pref("CT1060933.ToolbarName", "Freecorder");
Deleted : user_pref("CT1060933.UserID", "UN20090508194743155");
Deleted : user_pref("CT1060933.VusualLastUpdateTime", "1241555278");
Deleted : user_pref("CT1361345.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT1361345.CTID", "CT1361345");
Deleted : user_pref("CT1361345.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1361345.EMailNotifierPollDate", "Wed Jul 15 2009 22:14:46 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT1361345.FeedLastCount128400398788400385", 1308);
Deleted : user_pref("CT1361345.FeedPollDate128450449371787593", "Wed Jul 15 2009 20:29:44 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787594", "Wed Jul 15 2009 20:29:44 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787595", "Wed Jul 15 2009 18:29:45 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787596", "Wed Jul 15 2009 20:29:45 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787597", "Wed Jul 15 2009 20:29:45 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787598", "Wed Jul 15 2009 20:29:45 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787599", "Wed Jul 15 2009 20:29:45 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787600", "Wed Jul 15 2009 20:29:45 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787601", "Wed Jul 15 2009 20:29:45 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787602", "Wed Jul 15 2009 20:29:45 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787603", "Wed Jul 15 2009 20:29:45 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787604", "Wed Jul 15 2009 20:29:45 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787605", "Wed Jul 15 2009 20:29:45 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787606", "Wed Jul 15 2009 20:29:45 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787607", "Wed Jul 15 2009 20:29:46 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787608", "Wed Jul 15 2009 20:29:46 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787609", "Wed Jul 15 2009 20:29:46 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787610", "Wed Jul 15 2009 20:29:46 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787611", "Wed Jul 15 2009 20:29:46 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787612", "Wed Jul 15 2009 20:29:46 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787613", "Wed Jul 15 2009 20:29:46 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787614", "Wed Jul 15 2009 20:29:46 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787615", "Wed Jul 15 2009 20:29:47 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787616", "Wed Jul 15 2009 20:29:47 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787617", "Wed Jul 15 2009 20:29:47 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787618", "Wed Jul 15 2009 20:29:47 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787619", "Wed Jul 15 2009 20:29:47 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787620", "Wed Jul 15 2009 20:29:47 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787621", "Wed Jul 15 2009 20:29:48 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787622", "Wed Jul 15 2009 20:29:48 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787623", "Wed Jul 15 2009 20:29:48 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787624", "Wed Jul 15 2009 20:29:48 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787625", "Wed Jul 15 2009 20:29:48 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787626", "Wed Jul 15 2009 20:29:48 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FeedPollDate128450449371787627", "Wed Jul 15 2009 20:29:48 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT1361345.FirstTime", true);
Deleted : user_pref("CT1361345.FirstTimeFF3", true);
Deleted : user_pref("CT1361345.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT1361345.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT1361345.Initialize", true);
Deleted : user_pref("CT1361345.InitializeCommonPrefs", true);
Deleted : user_pref("CT1361345.InstalledDate", "Wed Jul 08 2009 18:15:36 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT1361345.IsGrouping", false);
Deleted : user_pref("CT1361345.IsMulticommunity", false);
Deleted : user_pref("CT1361345.IsOpenThankYouPage", true);
Deleted : user_pref("CT1361345.IsOpenUninstallPage", true);
Deleted : user_pref("CT1361345.LanguagePackLastCheckTime", "Tue Jul 14 2009 20:16:22 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT1361345.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT1361345.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT1361345.LastLogin_2.1.0.19", "Wed Jul 15 2009 12:29:43 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT1361345.LatestVersion", "2.1.0.18");
Deleted : user_pref("CT1361345.Locale", "en-us");
Deleted : user_pref("CT1361345.LoginCache", 4);
Deleted : user_pref("CT1361345.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT1361345.MCDetectTooltipUrl", "hxxp://@[email protected]/rank/tooltip/?version=1");
Deleted : user_pref("CT1361345.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT1361345.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT1361345.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT1361345.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT136[...]
Deleted : user_pref("CT1361345.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT1361345.SettingsLastCheckTime", "Wed Jul 15 2009 12:29:41 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT1361345.SettingsLastUpdate", "1247478207");
Deleted : user_pref("CT1361345.ThirdPartyComponentsInterval", 72);
Deleted : user_pref("CT1361345.ThirdPartyComponentsLastCheck", "Tue Jul 14 2009 20:15:01 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT1361345.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT1361345.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT1361345.UserID", "UN97561161884769758");
Deleted : user_pref("CT1361345.alertChannelId", "807");
Deleted : user_pref("CT1361345.clientLogIsEnabled", false);
Deleted : user_pref("CT1361345.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT1361345.components.1000082", false);
Deleted : user_pref("CT1361345.components.1000234", false);
Deleted : user_pref("CT1361345.myStuffEnabled", true);
Deleted : user_pref("CT1361345.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT1361345.myStuffSearchUrl", "hxxp://search.conduit.com/Results.aspx?q=SEARCH_TERM&ctid=E[...]
Deleted : user_pref("CT1361345.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT1361345.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT1361345.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2017277.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2017277.AllowNonPrivacy", false);
Deleted : user_pref("CT2017277.CTID", "CT2017277");
Deleted : user_pref("CT2017277.CTPBaseServerUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2017277.CommunityChanged", false);
Deleted : user_pref("CT2017277.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2017277.EMailNotifierPollDate", "Wed Jul 15 2009 22:14:39 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2017277.ExternalComponentPollDate128705718867650901", "Wed Jul 15 2009 21:29:36 GMT-040[...]
Deleted : user_pref("CT2017277.ExternalComponentPollDate128708334405606629", "Wed Jul 15 2009 21:29:36 GMT-040[...]
Deleted : user_pref("CT2017277.ExternalComponentPollDate128722025408512555", "Wed Jul 15 2009 21:29:36 GMT-040[...]
Deleted : user_pref("CT2017277.ExternalComponentPollDate128735847304619517", "Wed Jul 15 2009 22:09:36 GMT-040[...]
Deleted : user_pref("CT2017277.ExternalComponentPollDate128795563512788392", "Wed Jul 15 2009 22:14:36 GMT-040[...]
Deleted : user_pref("CT2017277.FeedLastCount128711633963250461", 705);
Deleted : user_pref("CT2017277.FeedLastCount128781854756375742", 62);
Deleted : user_pref("CT2017277.FeedPollDate128780952426375568", "Wed Jul 15 2009 20:29:37 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128780956824812589", "Wed Jul 15 2009 20:29:37 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128780957325282219", "Wed Jul 15 2009 20:29:37 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128780958906531732", "Wed Jul 15 2009 20:29:38 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128780959486375862", "Wed Jul 15 2009 20:29:43 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128780959843875927", "Wed Jul 15 2009 20:29:37 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128780960105750579", "Wed Jul 15 2009 20:29:38 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128780961003562907", "Wed Jul 15 2009 20:29:38 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128780961425907180", "Wed Jul 15 2009 20:29:38 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128780962189657092", "Wed Jul 15 2009 20:29:38 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128780962602625966", "Wed Jul 15 2009 20:29:38 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128780966561375420", "Wed Jul 15 2009 20:29:38 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128780967315906923", "Wed Jul 15 2009 20:29:37 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128780968761062637", "Wed Jul 15 2009 20:29:38 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128781854365125719", "Wed Jul 15 2009 20:29:37 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128781854623406862", "Wed Jul 15 2009 20:29:37 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FeedPollDate128856768914643777", "Wed Jul 15 2009 18:29:38 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2017277.FirstTime", true);
Deleted : user_pref("CT2017277.FirstTimeFF3", true);
Deleted : user_pref("CT2017277.Initialize", true);
Deleted : user_pref("CT2017277.InitializeCommonPrefs", true);
Deleted : user_pref("CT2017277.InvalidateCache", false);
Deleted : user_pref("CT2017277.IsGrouping", false);
Deleted : user_pref("CT2017277.IsMulticommunity", false);
Deleted : user_pref("CT2017277.IsOpenThankYouPage", true);
Deleted : user_pref("CT2017277.IsOpenUninstallPage", true);
Deleted : user_pref("CT2017277.LanguagePackLastCheckTime", "Tue Jul 14 2009 13:00:19 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2017277.LanguagePackReloadInterval", "24");
Deleted : user_pref("CT2017277.LastLogin", "Wed Jul 15 2009 12:29:35 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2017277.Locale", "en-us");
Deleted : user_pref("CT2017277.LoginCache", "4");
Deleted : user_pref("CT2017277.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2017277.MCDetectTooltipUrl", "hxxp://@[email protected]/rank/tooltip/?version=1");
Deleted : user_pref("CT2017277.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2017277.MyGadgetsServerUrl", "hxxp://services.MyStuff.u-page.com/MyStuffService.asmx/Le[...]
Deleted : user_pref("CT2017277.MyGadgetsTrustedDomains", "conduit.com");
Deleted : user_pref("CT2017277.RadioIsPodcast", false);
Deleted : user_pref("CT2017277.RadioLastCheckTime", "Sat Jul 11 2009 12:30:11 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2017277.RadioLastUpdateIPServer", "4");
Deleted : user_pref("CT2017277.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2017277.RadioMediaID", "10176");
Deleted : user_pref("CT2017277.RadioMediaType", "Media Player");
Deleted : user_pref("CT2017277.RadioMenuSelectedID", "EBRadioMenu_CT201727710176");
Deleted : user_pref("CT2017277.RadioStationName", "WGUC");
Deleted : user_pref("CT2017277.RadioStationURL", "hxxp://www.wguc.org/listen/WGUCLive.asx");
Deleted : user_pref("CT2017277.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2017277.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2017277.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT201[...]
Deleted : user_pref("CT2017277.Server", "hxxp://users.conduit.com");
Deleted : user_pref("CT2017277.SettingsInvalidateCache", false);
Deleted : user_pref("CT2017277.SettingsLastUpdate", "1247478207");
Deleted : user_pref("CT2017277.ThirdPartyComponentsInterval", "72");
Deleted : user_pref("CT2017277.ThirdPartyComponentsLastCheck", "Fri May 08 2009 19:47:50 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT2017277.ThirdPartyComponentsLastUpdate", "1241203325");
Deleted : user_pref("CT2017277.ToolbarAlignMode", "SYSTEM");
Deleted : user_pref("CT2017277.ToolbarName", "Meez");
Deleted : user_pref("CT2017277.UserID", "UN20090508194744096");
Deleted : user_pref("CT2017277.VusualLastUpdateTime", "1245746598");
Deleted : user_pref("CT2017277.WeatherNetwork", "");
Deleted : user_pref("CT2017277.WeatherPollDate", "Wed Jul 15 2009 21:59:39 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2017277.WeatherUnit", "C");
Deleted : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2269050.CTID", "CT2269050");
Deleted : user_pref("CT2269050.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2269050.EMailNotifierPollDate", "Thu Dec 03 2009 19:23:28 GMT-0500 (Eastern Standard Ti[...]
Deleted : user_pref("CT2269050.ExternalComponentPollDate8877840225553681985", "Thu Dec 03 2009 16:17:03 GMT-05[...]
Deleted : user_pref("CT2269050.FirstTime", true);
Deleted : user_pref("CT2269050.FirstTimeFF3", true);
Deleted : user_pref("CT2269050.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2269050.Initialize", true);
Deleted : user_pref("CT2269050.InitializeCommonPrefs", true);
Deleted : user_pref("CT2269050.InstalledDate", "Sun Nov 29 2009 18:14:38 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT2269050.InvalidateCache", false);
Deleted : user_pref("CT2269050.IsGrouping", false);
Deleted : user_pref("CT2269050.IsMulticommunity", false);
Deleted : user_pref("CT2269050.IsOpenThankYouPage", false);
Deleted : user_pref("CT2269050.IsOpenUninstallPage", false);
Deleted : user_pref("CT2269050.LanguagePackLastCheckTime", "Thu Dec 03 2009 16:17:04 GMT-0500 (Eastern Standar[...]
Deleted : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2269050.LastLogin_2.4.0.4", "Thu Dec 03 2009 16:32:39 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2269050.LatestVersion", "2.1.0.18");
Deleted : user_pref("CT2269050.Locale", "en");
Deleted : user_pref("CT2269050.LoginCache", 4);
Deleted : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@[email protected]/rank/tooltip/?version=1");
Deleted : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2269050.RadioIsPodcast", false);
Deleted : user_pref("CT2269050.RadioLastCheckTime", "Thu Dec 03 2009 18:15:26 GMT-0500 (Eastern Standard Time)[...]
Deleted : user_pref("CT2269050.RadioLastUpdateIPServer", "4");
Deleted : user_pref("CT2269050.RadioLastUpdateServer", "128956111944730000");
Deleted : user_pref("CT2269050.RadioMediaID", "12473383");
Deleted : user_pref("CT2269050.RadioMediaType", "Media Player");
Deleted : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Deleted : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Deleted : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Deleted : user_pref("CT2269050.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Deleted : user_pref("CT2269050.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Thu Dec 03 2009 19:14:44 GMT-0500 (Eastern Stand[...]
Deleted : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://hosting.conduit-services.com/newtab/?ctid=EB[...]
Deleted : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2269050.SettingsLastCheckTime", "Thu Dec 03 2009 16:17:03 GMT-0500 (Eastern Standard Ti[...]
Deleted : user_pref("CT2269050.SettingsLastUpdate", "1259689913");
Deleted : user_pref("CT2269050.ThirdPartyComponentsInterval", 72);
Deleted : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Wed Dec 02 2009 19:14:44 GMT-0500 (Eastern Sta[...]
Deleted : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1259689913");
Deleted : user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT2269050.UserID", "UN61152463971064573");
Deleted : user_pref("CT2269050.ValidationData_Search", 0);
Deleted : user_pref("CT2269050.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2269050.WeatherNetwork", "");
Deleted : user_pref("CT2269050.WeatherPollDate", "Thu Dec 03 2009 17:33:10 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT2269050.WeatherUnit", "F");
Deleted : user_pref("CT2269050.alertChannelId", "666138");
Deleted : user_pref("CT2269050.clientLogIsEnabled", false);
Deleted : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2269050.myStuffEnabled", true);
Deleted : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2269050.myStuffSearchUrl", "hxxp://search.conduit.com/Results.aspx?q=SEARCH_TERM&ctid=E[...]
Deleted : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.yahoo.com/search?fr=greent[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2017277,CT1361345,CT2269050");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Jul 15 2009 21:29:40 GMT-0400 (Easte[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Jul 15 2009 20:15:01 GMT-0400 (Eastern D[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "{5cee7e05-7902-49f0-870a-6278342020f3}");
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Deleted : user_pref("aol_toolbar.surf.date", "18");
Deleted : user_pref("aol_toolbar.surf.lastDate", "16");
Deleted : user_pref("aol_toolbar.surf.lastMonth", "1");
Deleted : user_pref("aol_toolbar.surf.lastYear", "2013");
Deleted : user_pref("aol_toolbar.surf.mURL", "");
Deleted : user_pref("aol_toolbar.surf.mURLh", "0");
Deleted : user_pref("aol_toolbar.surf.mURLw", "0");
Deleted : user_pref("aol_toolbar.surf.mURLx", "0");
Deleted : user_pref("aol_toolbar.surf.mURLy", "0");
Deleted : user_pref("aol_toolbar.surf.milestone", "-1");
Deleted : user_pref("aol_toolbar.surf.month", "18");
Deleted : user_pref("aol_toolbar.surf.prevMonth", "2168");
Deleted : user_pref("aol_toolbar.surf.total", "50803");
Deleted : user_pref("aol_toolbar.surf.week", "18");
Deleted : user_pref("aol_toolbar.surf.year", "18");
Deleted : user_pref("facefun_product.defaultengine.url", "hxxp%3A//search.conduit.com/ResultsExt.aspx%3Fctid%3[...]
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.ClearCacheDate", 19);
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.FirstLaunchShown", true);
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.LoadAffilateDate", 19);
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.LoadLayoutDate.108", 10);
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.StateReportDate", "1255972862621");
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.customNewTab", false);
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.data", "970E0D327E91ACB7AE5FC2C7B268ABD9A70C71F[...]
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.helpUsImprove", true);
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.hideOthers", false);
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.processAddrBar", true);
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.restoreSearch", false);
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.searchHistory", true);
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.session", "");
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.showFirstLaunchOptions", true);
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.stday", "19");
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.sthour", "13");
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.tb_lang", "en");
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.tool_id", "108");
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.user_id", "21232915");
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.user_key", "fe5a04338e9096e2bc8302e627803a49fe8[...]
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.user_layouts", "108");
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.user_lnames", "Gaia%20Online%20Toolbar");
Deleted : user_pref("freecause2e768a0b9ee34e60babc9ff4bc4aacfb.yahooSearch", true);
Deleted : user_pref("myqna.searchquotes", "Y");
Deleted : user_pref("playsushi.position.button", true);
Deleted : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");

-\\ Google Chrome v24.0.1312.57

File : C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [38092 octets] - [18/02/2013 20:31:24]

########## EOF - C:\AdwCleaner[S1].txt - [38153 octets] ##########

OTL logfile created on: 2/18/2013 8:38:21 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ally\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 81.53% Memory free
4.85 Gb Paging File | 4.47 Gb Available in Paging File | 92.36% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 284.23 Gb Free Space | 61.03% Space Free | Partition Type: NTFS
Drive D: | 931.50 Gb Total Space | 278.51 Gb Free Space | 29.90% Space Free | Partition Type: NTFS

Computer Name: HOME-46F4D09C66 | User Name: Ally | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ally\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AIM\aim.exe (AOL Inc.)
PRC - C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe (Wacom Technology, Corp.)
PRC - C:\WINDOWS\system32\Pen_Tablet.exe (Wacom Technology, Corp.)
PRC - C:\WINDOWS\system32\dlcxcoms.exe ( )
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\13021800\algo.dll ()
MOD - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll ()
MOD - C:\Program Files\Avi2Dvd\Programs\Filters\Haali media splitter\mmfinfo.dll ()
MOD - C:\Program Files\Avi2Dvd\Programs\Filters\Haali media splitter\mkunicode.dll ()


========== Services (SafeList) ==========

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (npggsvc) -- C:\WINDOWS\system32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (STacSV) -- c:\Program Files\IDT\IntelXPV_v103\WDM\stacsv.exe (IDT, Inc.)
SRV - (NMSAccessU) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TabletServicePen) -- C:\WINDOWS\system32\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (dlcx_device) -- C:\WINDOWS\system32\dlcxcoms.exe ( )


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (TVICHW32) -- C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS File not found
DRV - (sfng32) -- system32\drivers\sfng32.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (EagleNT) -- C:\WINDOWS\system32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\DOCUME~1\Ally\LOCALS~1\Temp\catchme.sys File not found
DRV - (an2ljc4u) -- File not found
DRV - (aswSnx) -- C:\windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\windows\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- C:\windows\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (BANTExt) -- C:\WINDOWS\system32\drivers\BANTExt.sys ()
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (wacommousefilter) -- C:\WINDOWS\system32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (wacomvhid) -- C:\WINDOWS\system32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (WacomVKHid) -- C:\WINDOWS\system32\drivers\WacomVKHid.sys (Wacom Technology)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8F98310E-C4DA-4800-BC84-B368D6D0FECE}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=966134"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.5.1
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: [email protected]:3.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.3
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\PROGRA~1\SONYON~1\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/02/16 21:06:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/13 08:18:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/18 20:31:38 | 000,000,000 | ---D | M]

[2009/02/15 17:30:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Extensions
[2013/02/18 20:31:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions
[2009/06/17 11:34:53 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/12/08 15:29:47 | 000,000,000 | ---D | M] ("tektek.org GaiaOnline Toolbar 2.1") -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{0df7b3bb-9581-44bb-835f-061a29ec8a46}
[2009/09/02 12:18:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/24 13:19:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/11/26 20:56:41 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/05/30 17:58:11 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/10/04 09:36:19 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/12/07 15:01:01 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/06/17 11:34:56 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/04/25 14:25:55 | 000,000,000 | ---D | M] (DriverAgent Plugin for Firefox and Opera) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}
[2010/01/20 18:24:37 | 000,000,000 | ---D | M] (Illimitux) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/04/09 17:52:06 | 000,000,000 | ---D | M] (Personas for Firefox) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/06/09 21:16:44 | 000,000,000 | ---D | M] (translator) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/09/01 16:07:37 | 000,000,000 | ---D | M] (translator (fixed)) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/10/04 09:36:36 | 000,004,546 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\aim-search.xml
[2009/04/21 11:53:14 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\live-search.xml
[2009/07/14 12:00:21 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\winamp-search.xml
[2009/10/10 15:18:10 | 000,000,872 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\yahoo.gif
[2009/10/10 15:18:10 | 000,000,464 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\yahoo.src
[2009/10/10 15:18:06 | 000,001,765 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\yahoo.xml
[2013/02/16 20:57:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALLY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\IYM1YXEH.DEFAULT\EXTENSIONS\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALLY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\IYM1YXEH.DEFAULT\EXTENSIONS\{E9A1DEE0-C623-4439-8932-001E7D17607D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALLY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\IYM1YXEH.DEFAULT\EXTENSIONS\[email protected]
File not found (No name found) -- C:\PROGRAM FILES\DEALIO TOOLBAR\FF
File not found (No name found) -- C:\PROGRAM FILES\DEALIO TOOLBAR\SSFF
[2009/03/16 16:06:00 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2008/08/19 15:31:28 | 000,098,304 | ---- | M] (ASP) -- C:\Program Files\mozilla firefox\plugins\NPHoldemFireLauncher.dll
[2009/01/28 22:08:04 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiCHPlugin.dll
[2008/09/10 02:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\mozilla firefox\plugins\npijjiFFPlugin1.dll
[2009/11/09 20:30:56 | 000,189,592 | ---- | M] (MGame) -- C:\Program Files\mozilla firefox\plugins\NPMFireLauncher.dll
[2010/01/28 14:08:16 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: HoldemFireLauncher (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPHoldemFireLauncher.dll
CHR - plugin: ijji plugin for channeling games. (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
CHR - plugin: npijjiFFPlugin1 for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: MFireLauncher (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPMFireLauncher.dll
CHR - plugin: Pando Web Installer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Free Realms Installer (Enabled) = C:\PROGRA~1\SONYON~1\npsoe.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Marlies Dekkers = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm\2_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.60_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/02/17 22:19:58 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DLCXCATS] C:\windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [PC Pitstop Optimize Scheduler] C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe (PC Pitstop, LLC.)
O4 - HKLM..\Run: [SoundMan] C:\windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://www.netgame.c...ch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15D2CD05-3B7B-46ED-A6B3-2E4BE1EDD31D}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84F6238C-AC6E-456E-8A36-8A4D2EE5FCD2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - AppInit_DLLs: (C:\windows\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O24 - Desktop WallPaper: C:\Documents and Settings\Ally\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ally\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/18 20:57:37 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/18 18:54:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/02/18 18:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Application Data\Uninstaller Tool(Comodo Forums)
[2013/02/18 17:32:13 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/02/17 23:52:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO
[2013/02/17 23:44:59 | 000,281,808 | ---- | C] (Igor Pavlov) -- C:\7za.dll
[2013/02/17 23:44:59 | 000,000,000 | ---D | C] -- C:\themes
[2013/02/17 23:44:58 | 003,360,976 | ---- | C] (Terra Informatica Software, Inc.) -- C:\cmdhtml.dll
[2013/02/17 23:44:58 | 000,000,000 | ---D | C] -- C:\cis
[2013/02/17 23:44:57 | 018,980,560 | ---- | C] (COMODO) -- C:\cmdinstall.exe
[2013/02/17 23:40:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Local Settings\Application Data\COMODO
[2013/02/17 23:14:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Start Menu\Programs\NirSoft BlueScreenView
[2013/02/17 23:14:12 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2013/02/17 21:59:28 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/02/17 21:33:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Application Data\Malwarebytes
[2013/02/17 21:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/17 21:32:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/02/17 21:32:40 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2013/02/17 21:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/02/17 21:00:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ally\My Documents\My Music
[2013/02/17 21:00:40 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/02/17 03:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2013/02/17 01:05:01 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\mfc40u.dll
[2013/02/17 01:02:19 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ndproxy.sys
[2013/02/17 01:02:07 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\comctl32.dll
[2013/02/17 01:01:16 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\helpsvc.exe
[2013/02/17 01:00:56 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\mup.sys
[2013/02/17 01:00:03 | 000,290,560 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\dllcache\atmfd.dll
[2013/02/17 00:58:50 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\msado15.dll
[2013/02/17 00:57:12 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\rdpwd.sys
[2013/02/17 00:54:32 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\jsdbgui.dll
[2013/02/17 00:54:31 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\iedvtool.dll
[2013/02/17 00:51:40 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ndistapi.sys
[2013/02/17 00:48:57 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\wab.exe
[2013/02/16 21:51:10 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\uxtheme.backup
[2013/02/16 21:46:47 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Ally\My Documents\uxtheme.dll
[2013/02/16 21:46:13 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Ally\Desktop\uxtheme.dll
[2013/02/16 21:07:31 | 000,021,256 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2013/02/16 21:07:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013/02/16 21:07:30 | 000,361,032 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2013/02/16 21:07:28 | 000,738,504 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2013/02/16 21:07:28 | 000,054,232 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2013/02/16 21:06:45 | 000,041,224 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2013/02/16 21:06:44 | 000,227,648 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2013/02/16 21:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/02/16 21:06:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/02/16 21:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\Magical Jelly Bean
[2013/02/16 21:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\KeyFinder
[2013/02/16 20:58:32 | 000,000,000 | ---D | C] -- C:\Program Files\Belarc
[2013/02/16 20:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AIM
[2013/02/16 20:38:48 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/02/16 20:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2013/02/16 20:09:29 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/02/16 20:09:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Local Settings\Application Data\Google
[2013/02/16 02:45:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Backed up files from the 1TB
[2013/02/16 02:20:54 | 009,319,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RTLCPL.EXE
[2013/02/16 02:20:54 | 000,070,400 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\windows\System32\drivers\Rtlnicxp.sys
[2013/02/16 02:19:16 | 016,162,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\ALSNDMGR.CPL
[2013/02/16 02:19:16 | 002,297,664 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\drivers\ALCXWDM.SYS
[2013/02/10 19:38:21 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\mstee.sys
[2013/02/10 19:38:13 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ndisip.sys
[2013/02/10 19:38:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ipsink.ax
[2013/02/10 19:38:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ipsink.ax
[2013/02/10 19:38:11 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\streamip.sys
[2013/02/10 19:38:09 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\slip.sys
[2013/02/10 19:38:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\wstcodec.sys
[2013/02/10 19:38:03 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\nabtsfec.sys
[2013/02/10 19:38:01 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ccdecode.sys
[2013/02/10 19:37:50 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\usbaudio.sys
[2013/02/10 19:37:44 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\kswdmcap.ax
[2013/02/10 19:37:44 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\kswdmcap.ax
[2013/02/10 19:37:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\kstvtune.ax
[2013/02/10 19:37:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\kstvtune.ax
[2013/02/10 19:37:44 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vfwwdm32.dll
[2013/02/10 19:37:44 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\vfwwdm32.dll
[2013/02/10 19:37:44 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ksxbar.ax
[2013/02/10 19:37:44 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ksxbar.ax
[2013/02/10 19:37:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dshowext.ax
[2013/02/10 19:37:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\dshowext.ax
[2013/02/10 19:36:05 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\intelide.sys
[2013/02/10 19:35:34 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\gameenum.sys
[2013/02/10 19:35:34 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\gameenum.sys
[2013/01/27 13:53:54 | 000,000,000 | ---D | C] -- C:\f12faa67f3615af0b880
[2013/01/25 22:55:44 | 000,552,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\oleaut32.dll
[2009/11/29 19:24:38 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Ally\Application Data\pcouffin.sys
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/02/18 20:34:55 | 000,000,312 | -H-- | M] () -- C:\windows\tasks\avast! Emergency Update.job
[2013/02/18 20:34:18 | 000,000,878 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/18 20:34:10 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2013/02/18 20:29:19 | 000,587,671 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\adwcleaner0.exe
[2013/02/18 20:19:00 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/18 03:36:22 | 000,001,316 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2013/02/18 02:49:02 | 000,026,502 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\800px-Latveria_flag (1).JPG
[2013/02/18 00:11:03 | 000,285,256 | ---- | M] (COMODO) -- C:\windows\System32\guard32.dll
[2013/02/17 23:50:12 | 000,262,704 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\bobok.xml
[2013/02/17 23:44:59 | 000,000,614 | ---- | M] () -- C:\windows\System32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2013/02/17 22:19:58 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2013/02/17 21:32:44 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/17 18:17:38 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\Shortcut to 12 Catastrophe.mp3.lnk
[2013/02/17 18:17:38 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\DVDVideoSoft Free Studio.lnk
[2013/02/17 18:17:38 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\Cucusoft AVI to VCD DVD MPEG Converter Pro.lnk
[2013/02/17 18:17:38 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\MOVAVI VideoSuite 3.5.lnk
[2013/02/17 18:17:38 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\Avi2Dvd.lnk
[2013/02/17 18:17:38 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\DVDFab 5.lnk
[2013/02/17 17:33:23 | 000,001,316 | ---- | M] () -- C:\windows\System32\wpa.bak
[2013/02/17 15:50:30 | 000,183,424 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/02/17 03:58:26 | 000,432,776 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/02/17 03:58:26 | 000,067,732 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/02/17 03:55:21 | 000,001,374 | ---- | M] () -- C:\windows\imsins.BAK
[2013/02/16 22:21:20 | 002,183,944 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\the_avengers_by_liquidsky64-d4yyjly.jpg
[2013/02/16 22:15:52 | 000,355,336 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\Ironman_wallpaper_by_BordomBeThyName.jpg
[2013/02/16 21:07:27 | 000,002,625 | ---- | M] () -- C:\windows\System32\CONFIG.NT
[2013/02/16 20:58:34 | 000,001,723 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/02/16 20:52:54 | 000,001,405 | -H-- | M] () -- C:\IPH.PH
[2013/02/16 20:52:45 | 000,001,592 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2013/02/16 20:52:01 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/16 20:50:46 | 000,005,208 | ---- | M] () -- C:\windows\System32\pid.PNF
[2013/02/16 20:39:00 | 000,292,700 | ---- | M] () -- C:\windows\System32\nvdrsdb0.bin
[2013/02/16 20:39:00 | 000,000,001 | ---- | M] () -- C:\windows\System32\nvdrssel.bin
[2013/02/16 20:38:55 | 000,292,700 | ---- | M] () -- C:\windows\System32\nvdrsdb1.bin
[2013/02/16 20:38:55 | 000,000,000 | ---- | M] () -- C:\windows\System32\nvdrswr.lk
[2013/02/16 20:18:23 | 000,000,664 | ---- | M] () -- C:\windows\System32\d3d9caps.dat
[2013/02/14 00:44:43 | 001,810,583 | ---- | M] () -- C:\Documents and Settings\Ally\hipster
[2013/01/25 22:55:44 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\oleaut32.dll
[2013/01/24 17:42:48 | 003,360,976 | ---- | M] (Terra Informatica Software, Inc.) -- C:\cmdhtml.dll
[2013/01/24 17:42:46 | 000,281,808 | ---- | M] (Igor Pavlov) -- C:\7za.dll
[2013/01/24 17:42:41 | 018,980,560 | ---- | M] (COMODO) -- C:\cmdinstall.exe
[2013/01/24 03:19:04 | 001,196,032 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\Memtest86-4.1.0.iso
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/18 20:29:16 | 000,587,671 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\adwcleaner0.exe
[2013/02/18 02:49:01 | 000,026,502 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\800px-Latveria_flag (1).JPG
[2013/02/18 00:58:28 | 001,196,032 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Memtest86-4.1.0.iso
[2013/02/17 23:50:12 | 000,262,704 | ---- | C] () -- C:\Documents and Settings\Ally\My Documents\bobok.xml
[2013/02/17 23:40:54 | 000,000,614 | ---- | C] () -- C:\windows\System32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2013/02/17 21:59:30 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/02/17 21:32:44 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/17 00:51:30 | 000,003,072 | ---- | C] () -- C:\windows\System32\iacenc.dll
[2013/02/17 00:51:30 | 000,003,072 | ---- | C] () -- C:\windows\System32\dllcache\iacenc.dll
[2013/02/16 22:21:20 | 002,183,944 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\the_avengers_by_liquidsky64-d4yyjly.jpg
[2013/02/16 22:15:52 | 000,355,336 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Ironman_wallpaper_by_BordomBeThyName.jpg
[2013/02/16 22:12:13 | 003,104,272 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Radium Neue.ip
[2013/02/16 22:12:13 | 000,115,290 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Radium Neue.png
[2013/02/16 21:48:04 | 000,011,578 | R--- | C] () -- C:\Documents and Settings\Ally\Desktop\Replacer.cmd
[2013/02/16 21:48:04 | 000,003,116 | R--- | C] () -- C:\Documents and Settings\Ally\Desktop\data
[2013/02/16 21:07:27 | 000,000,312 | -H-- | C] () -- C:\windows\tasks\avast! Emergency Update.job
[2013/02/16 20:58:34 | 000,001,723 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/02/16 20:58:34 | 000,001,711 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Belarc Advisor.lnk
[2013/02/16 20:58:32 | 000,003,840 | ---- | C] () -- C:\windows\System32\drivers\BANTExt.sys
[2013/02/16 20:50:46 | 000,005,208 | ---- | C] () -- C:\windows\System32\pid.PNF
[2013/02/16 20:38:55 | 000,292,700 | ---- | C] () -- C:\windows\System32\nvdrsdb1.bin
[2013/02/16 20:38:55 | 000,292,700 | ---- | C] () -- C:\windows\System32\nvdrsdb0.bin
[2013/02/16 20:38:55 | 000,000,001 | ---- | C] () -- C:\windows\System32\nvdrssel.bin
[2013/02/16 20:38:55 | 000,000,000 | ---- | C] () -- C:\windows\System32\nvdrswr.lk
[2013/02/16 20:10:29 | 000,000,664 | ---- | C] () -- C:\windows\System32\d3d9caps.dat
[2013/02/16 20:10:13 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/16 20:09:32 | 000,000,882 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/16 20:09:31 | 000,000,878 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/16 02:20:54 | 000,156,672 | ---- | C] () -- C:\windows\System32\RTLCPAPI.dll
[2013/02/16 02:19:17 | 000,141,016 | ---- | C] () -- C:\windows\System32\ALSNDMGR.WAV
[2013/02/16 02:08:23 | 001,810,583 | ---- | C] () -- C:\Documents and Settings\Ally\hipster
[2012/02/09 22:40:00 | 002,783,770 | ---- | C] () -- C:\windows\System32\nvdata.data
[2010/03/12 16:36:45 | 000,003,630 | ---- | C] () -- C:\Documents and Settings\Ally\.recently-used.xbel
[2010/02/07 16:12:04 | 000,143,718 | ---- | C] () -- C:\Documents and Settings\Ally\myhubby2.bmp
[2009/11/29 19:24:38 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\pcouffin.cat
[2009/11/29 19:24:38 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\pcouffin.inf
[2009/11/29 19:10:09 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/05/19 13:17:46 | 040,229,620 | ---- | C] () -- C:\Documents and Settings\Ally\remix.wav
[2009/05/13 17:31:53 | 000,000,518 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\burnaware.ini
[2009/03/11 18:39:26 | 000,085,504 | ---- | C] () -- C:\Documents and Settings\Ally\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/01/01 00:33:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ally\initdebug.nfo

========== ZeroAccess Check ==========

[2009/04/20 19:37:33 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/04/28 23:46:52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Edited by Quamble, 18 February 2013 - 08:24 PM.

  • 0

#10
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts

I tried to uninstall Comodo but it wasn't in add remove, so I used the unofficial tool from the forums for Comodo, it errored and said that certain files weren't there and that it wasn't considered installed, but it did remove some files too


I wonder... was it this one which also comes from the Comodo forums. I guess there would be no harm in trying it to see. Tell me how you get on.

Download and run the Comodo Removal Tool

Click on the button to the right side and from the drop down choose Download.

Double click to unzip and run.

After that

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Put a checkmark beside loaded modules.

    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    Posted Image

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

  • 0

Advertisements


#11
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Yep, that definitely looks like what I used. Ran it again, and it said the registry entry wasn't valid or couldn't be found or something. I ran TDSSKiller, here's the log.

23:01:55.0343 3528 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:01:57.0359 3528 ============================================================
23:01:57.0359 3528 Current date / time: 2013/02/18 23:01:57.0359
23:01:57.0375 3528 SystemInfo:
23:01:57.0375 3528
23:01:57.0375 3528 OS Version: 5.1.2600 ServicePack: 3.0
23:01:57.0375 3528 Product type: Workstation
23:01:57.0375 3528 ComputerName: HOME-46F4D09C66
23:01:57.0375 3528 UserName: Ally
23:01:57.0375 3528 Windows directory: C:\windows
23:01:57.0375 3528 System windows directory: C:\windows
23:01:57.0375 3528 Processor architecture: Intel x86
23:01:57.0375 3528 Number of processors: 2
23:01:57.0375 3528 Page size: 0x1000
23:01:57.0390 3528 Boot type: Normal boot
23:01:57.0390 3528 ============================================================
23:02:02.0859 3528 BG loaded
23:02:04.0265 3528 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:02:04.0390 3528 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:02:04.0515 3528 ============================================================
23:02:04.0515 3528 \Device\Harddisk0\DR0:
23:02:05.0859 3528 MBR partitions:
23:02:05.0859 3528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
23:02:05.0859 3528 \Device\Harddisk1\DR1:
23:02:05.0875 3528 MBR partitions:
23:02:05.0875 3528 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74701AC1
23:02:05.0875 3528 ============================================================
23:02:05.0953 3528 D: <-> \Device\Harddisk1\DR1\Partition1
23:02:06.0093 3528 C: <-> \Device\Harddisk0\DR0\Partition1
23:02:06.0093 3528 ============================================================
23:02:06.0093 3528 Initialize success
23:02:06.0125 3528 ============================================================
23:03:10.0453 1228 ============================================================
23:03:10.0453 1228 Scan started
23:03:10.0453 1228 Mode: Manual; SigCheck; TDLFS;
23:03:10.0453 1228 ============================================================
23:03:12.0343 1228 ================ Scan system memory ========================
23:03:12.0343 1228 System memory - ok
23:03:12.0343 1228 ================ Scan services =============================
23:03:12.0859 1228 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\windows\system32\drivers\Aavmker4.sys
23:03:13.0109 1228 Aavmker4 - ok
23:03:13.0109 1228 Abiosdsk - ok
23:03:13.0125 1228 abp480n5 - ok
23:03:13.0156 1228 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
23:03:14.0406 1228 ACPI - ok
23:03:14.0437 1228 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\windows\system32\drivers\ACPIEC.sys
23:03:14.0578 1228 ACPIEC - ok
23:03:14.0593 1228 adpu160m - ok
23:03:14.0640 1228 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\windows\system32\drivers\aec.sys
23:03:14.0781 1228 aec - ok
23:03:14.0828 1228 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\windows\System32\drivers\afd.sys
23:03:14.0843 1228 AFD - ok
23:03:14.0859 1228 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
23:03:15.0000 1228 agp440 - ok
23:03:15.0015 1228 Aha154x - ok
23:03:15.0015 1228 aic78u2 - ok
23:03:15.0031 1228 aic78xx - ok
23:03:15.0093 1228 [ 933933288DF5ED26D1928215C97D05C7 ] ALCXWDM C:\windows\system32\drivers\ALCXWDM.SYS
23:03:15.0203 1228 ALCXWDM ( UnsignedFile.Multi.Generic ) - warning
23:03:15.0203 1228 ALCXWDM - detected UnsignedFile.Multi.Generic (1)
23:03:15.0250 1228 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\windows\system32\alrsvc.dll
23:03:15.0375 1228 Alerter - ok
23:03:15.0390 1228 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\windows\System32\alg.exe
23:03:15.0468 1228 ALG - ok
23:03:15.0468 1228 AliIde - ok
23:03:15.0484 1228 amsint - ok
23:03:15.0578 1228 [ 43DC4FC662DF064535E30B17C8B5AB00 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
23:03:15.0609 1228 Apple Mobile Device - ok
23:03:15.0609 1228 AppMgmt - ok
23:03:15.0625 1228 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\windows\system32\DRIVERS\arp1394.sys
23:03:15.0765 1228 Arp1394 - ok
23:03:15.0765 1228 asc - ok
23:03:15.0781 1228 asc3350p - ok
23:03:15.0781 1228 asc3550 - ok
23:03:15.0875 1228 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:03:15.0890 1228 aspnet_state - ok
23:03:15.0921 1228 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
23:03:15.0937 1228 aswFsBlk - ok
23:03:15.0968 1228 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\windows\system32\drivers\aswMon2.sys
23:03:15.0984 1228 aswMon2 - ok
23:03:16.0000 1228 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\windows\system32\drivers\aswRdr.sys
23:03:16.0031 1228 aswRdr - ok
23:03:16.0062 1228 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
23:03:16.0109 1228 aswSnx - ok
23:03:16.0140 1228 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\windows\system32\drivers\aswSP.sys
23:03:16.0171 1228 aswSP - ok
23:03:16.0187 1228 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\windows\system32\drivers\aswTdi.sys
23:03:16.0203 1228 aswTdi - ok
23:03:16.0234 1228 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
23:03:16.0359 1228 AsyncMac - ok
23:03:16.0375 1228 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\windows\system32\DRIVERS\atapi.sys
23:03:16.0531 1228 atapi - ok
23:03:16.0531 1228 Atdisk - ok
23:03:16.0562 1228 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\windows\system32\DRIVERS\atmarpc.sys
23:03:16.0687 1228 Atmarpc - ok
23:03:16.0734 1228 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\windows\System32\audiosrv.dll
23:03:16.0875 1228 AudioSrv - ok
23:03:16.0906 1228 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\windows\system32\DRIVERS\audstub.sys
23:03:17.0031 1228 audstub - ok
23:03:17.0093 1228 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:03:17.0109 1228 avast! Antivirus - ok
23:03:17.0140 1228 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\windows\System32\Drivers\BANTExt.sys
23:03:17.0171 1228 BANTExt ( UnsignedFile.Multi.Generic ) - warning
23:03:17.0171 1228 BANTExt - detected UnsignedFile.Multi.Generic (1)
23:03:17.0296 1228 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
23:03:17.0312 1228 BBSvc - ok
23:03:17.0375 1228 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
23:03:17.0406 1228 BBUpdate - ok
23:03:17.0437 1228 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\windows\system32\drivers\Beep.sys
23:03:17.0578 1228 Beep - ok
23:03:17.0593 1228 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\windows\system32\qmgr.dll
23:03:17.0765 1228 BITS - ok
23:03:17.0781 1228 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:03:17.0796 1228 Bonjour Service - ok
23:03:17.0812 1228 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\windows\System32\browser.dll
23:03:17.0843 1228 Browser - ok
23:03:17.0953 1228 catchme - ok
23:03:17.0968 1228 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\windows\system32\drivers\cbidf2k.sys
23:03:18.0125 1228 cbidf2k - ok
23:03:18.0140 1228 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\windows\system32\DRIVERS\CCDECODE.sys
23:03:18.0281 1228 CCDECODE - ok
23:03:18.0281 1228 cd20xrnt - ok
23:03:18.0312 1228 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\windows\system32\drivers\Cdaudio.sys
23:03:18.0468 1228 Cdaudio - ok
23:03:18.0468 1228 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\windows\system32\drivers\Cdfs.sys
23:03:18.0609 1228 Cdfs - ok
23:03:18.0625 1228 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\windows\system32\DRIVERS\cdrom.sys
23:03:18.0765 1228 Cdrom - ok
23:03:18.0796 1228 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\windows\system32\cisvc.exe
23:03:18.0953 1228 CiSvc - ok
23:03:18.0984 1228 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\windows\system32\clipsrv.exe
23:03:19.0125 1228 ClipSrv - ok
23:03:19.0156 1228 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:03:19.0203 1228 clr_optimization_v2.0.50727_32 - ok
23:03:19.0203 1228 CmdIde - ok
23:03:19.0218 1228 COMSysApp - ok
23:03:19.0234 1228 Cpqarray - ok
23:03:19.0265 1228 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\windows\System32\cryptsvc.dll
23:03:19.0406 1228 CryptSvc - ok
23:03:19.0406 1228 dac2w2k - ok
23:03:19.0421 1228 dac960nt - ok
23:03:19.0468 1228 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\windows\system32\rpcss.dll
23:03:19.0500 1228 DcomLaunch - ok
23:03:19.0515 1228 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\windows\System32\dhcpcsvc.dll
23:03:19.0656 1228 Dhcp - ok
23:03:19.0671 1228 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\windows\system32\DRIVERS\disk.sys
23:03:19.0812 1228 Disk - ok
23:03:19.0828 1228 dlcx_device - ok
23:03:19.0828 1228 dmadmin - ok
23:03:19.0875 1228 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\windows\system32\drivers\dmboot.sys
23:03:20.0031 1228 dmboot - ok
23:03:20.0046 1228 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\windows\system32\drivers\dmio.sys
23:03:20.0187 1228 dmio - ok
23:03:20.0218 1228 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\windows\system32\drivers\dmload.sys
23:03:20.0343 1228 dmload - ok
23:03:20.0359 1228 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\windows\System32\dmserver.dll
23:03:20.0531 1228 dmserver - ok
23:03:20.0578 1228 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\windows\system32\drivers\DMusic.sys
23:03:20.0875 1228 DMusic - ok
23:03:20.0906 1228 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\windows\System32\dnsrslvr.dll
23:03:20.0921 1228 Dnscache - ok
23:03:20.0953 1228 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\windows\System32\dot3svc.dll
23:03:21.0078 1228 Dot3svc - ok
23:03:21.0093 1228 dpti2o - ok
23:03:21.0125 1228 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
23:03:21.0281 1228 drmkaud - ok
23:03:21.0296 1228 [ AC9CF17EE2AE003C98EB4F5336C38058 ] E100B C:\windows\system32\DRIVERS\e100b325.sys
23:03:21.0328 1228 E100B - ok
23:03:21.0328 1228 EagleNT - ok
23:03:21.0375 1228 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\windows\System32\eapsvc.dll
23:03:21.0531 1228 EapHost - ok
23:03:21.0578 1228 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\windows\System32\ersvc.dll
23:03:21.0718 1228 ERSvc - ok
23:03:21.0750 1228 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\windows\system32\services.exe
23:03:21.0781 1228 Eventlog - ok
23:03:21.0828 1228 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
23:03:21.0859 1228 EventSystem - ok
23:03:21.0890 1228 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\windows\system32\drivers\Fastfat.sys
23:03:22.0031 1228 Fastfat - ok
23:03:22.0062 1228 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\windows\System32\shsvcs.dll
23:03:22.0078 1228 FastUserSwitchingCompatibility - ok
23:03:22.0109 1228 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\windows\system32\DRIVERS\fdc.sys
23:03:22.0250 1228 Fdc - ok
23:03:22.0265 1228 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\windows\system32\drivers\Fips.sys
23:03:22.0406 1228 Fips - ok
23:03:22.0453 1228 [ D778107D7C2A19D7E7A884A9F0D79581 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:03:22.0484 1228 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
23:03:22.0484 1228 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
23:03:22.0515 1228 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
23:03:22.0656 1228 Flpydisk - ok
23:03:22.0671 1228 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
23:03:22.0812 1228 FltMgr - ok
23:03:22.0859 1228 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:03:22.0875 1228 FontCache3.0.0.0 - ok
23:03:22.0875 1228 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
23:03:23.0015 1228 Fs_Rec - ok
23:03:23.0046 1228 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\windows\system32\DRIVERS\ftdisk.sys
23:03:23.0171 1228 Ftdisk - ok
23:03:23.0203 1228 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\windows\system32\DRIVERS\gameenum.sys
23:03:23.0343 1228 gameenum - ok
23:03:23.0359 1228 [ F2F431D1573EE632975C524418655B84 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
23:03:23.0375 1228 GEARAspiWDM - ok
23:03:23.0390 1228 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\windows\system32\giveio.sys
23:03:23.0406 1228 giveio ( UnsignedFile.Multi.Generic ) - warning
23:03:23.0406 1228 giveio - detected UnsignedFile.Multi.Generic (1)
23:03:23.0421 1228 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\windows\system32\DRIVERS\msgpc.sys
23:03:23.0578 1228 Gpc - ok
23:03:23.0625 1228 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:03:23.0640 1228 gupdate - ok
23:03:23.0656 1228 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:03:23.0671 1228 gupdatem - ok
23:03:23.0687 1228 [ 7929A161F9951D173CA9900FE7067391 ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
23:03:23.0703 1228 hamachi - ok
23:03:23.0734 1228 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
23:03:23.0875 1228 HDAudBus - ok
23:03:23.0937 1228 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:03:24.0078 1228 helpsvc - ok
23:03:24.0093 1228 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\windows\System32\hidserv.dll
23:03:24.0250 1228 HidServ - ok
23:03:24.0265 1228 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\windows\system32\DRIVERS\hidusb.sys
23:03:24.0390 1228 hidusb - ok
23:03:24.0421 1228 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\windows\System32\kmsvc.dll
23:03:24.0578 1228 hkmsvc - ok
23:03:24.0578 1228 hpn - ok
23:03:24.0625 1228 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\windows\system32\Drivers\HTTP.sys
23:03:24.0656 1228 HTTP - ok
23:03:24.0687 1228 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\windows\System32\w3ssl.dll
23:03:24.0828 1228 HTTPFilter - ok
23:03:24.0828 1228 i2omp - ok
23:03:24.0843 1228 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
23:03:24.0984 1228 i8042prt - ok
23:03:25.0031 1228 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:03:25.0109 1228 idsvc - ok
23:03:25.0125 1228 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\windows\system32\DRIVERS\imapi.sys
23:03:25.0265 1228 Imapi - ok
23:03:25.0312 1228 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\windows\system32\imapi.exe
23:03:25.0437 1228 ImapiService - ok
23:03:25.0453 1228 ini910u - ok
23:03:25.0468 1228 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\windows\system32\DRIVERS\intelide.sys
23:03:25.0640 1228 IntelIde - ok
23:03:25.0656 1228 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
23:03:25.0796 1228 intelppm - ok
23:03:25.0812 1228 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\windows\system32\drivers\ip6fw.sys
23:03:25.0953 1228 Ip6Fw - ok
23:03:25.0984 1228 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
23:03:26.0125 1228 IpFilterDriver - ok
23:03:26.0140 1228 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\windows\system32\DRIVERS\ipinip.sys
23:03:26.0281 1228 IpInIp - ok
23:03:26.0312 1228 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\windows\system32\DRIVERS\ipnat.sys
23:03:26.0437 1228 IpNat - ok
23:03:26.0500 1228 [ F055C1760ABFA52B159985E551EA0EDC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:03:26.0531 1228 iPod Service - ok
23:03:26.0562 1228 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\windows\system32\DRIVERS\ipsec.sys
23:03:26.0703 1228 IPSec - ok
23:03:26.0734 1228 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\windows\system32\DRIVERS\irenum.sys
23:03:26.0796 1228 IRENUM - ok
23:03:26.0812 1228 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
23:03:26.0953 1228 isapnp - ok
23:03:27.0000 1228 [ 39133291CB607BDD87CFC565A4A1E7A5 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
23:03:27.0015 1228 JavaQuickStarterService - ok
23:03:27.0015 1228 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
23:03:27.0171 1228 Kbdclass - ok
23:03:27.0203 1228 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
23:03:27.0328 1228 kbdhid - ok
23:03:27.0343 1228 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\windows\system32\drivers\kmixer.sys
23:03:27.0484 1228 kmixer - ok
23:03:27.0531 1228 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\windows\system32\drivers\KSecDD.sys
23:03:27.0546 1228 KSecDD - ok
23:03:27.0578 1228 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\windows\System32\srvsvc.dll
23:03:27.0609 1228 lanmanserver - ok
23:03:27.0640 1228 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\windows\System32\wkssvc.dll
23:03:27.0687 1228 lanmanworkstation - ok
23:03:27.0687 1228 lbrtfdc - ok
23:03:27.0703 1228 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\windows\System32\lmhsvc.dll
23:03:27.0859 1228 LmHosts - ok
23:03:27.0890 1228 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\windows\System32\msgsvc.dll
23:03:28.0031 1228 Messenger - ok
23:03:28.0046 1228 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\windows\system32\drivers\mnmdd.sys
23:03:28.0187 1228 mnmdd - ok
23:03:28.0218 1228 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:03:28.0359 1228 mnmsrvc - ok
23:03:28.0375 1228 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\windows\system32\drivers\Modem.sys
23:03:28.0515 1228 Modem - ok
23:03:28.0531 1228 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\windows\system32\DRIVERS\mouclass.sys
23:03:28.0671 1228 Mouclass - ok
23:03:28.0687 1228 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
23:03:28.0828 1228 mouhid - ok
23:03:28.0828 1228 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\windows\system32\drivers\MountMgr.sys
23:03:28.0984 1228 MountMgr - ok
23:03:28.0984 1228 mraid35x - ok
23:03:29.0000 1228 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\windows\system32\DRIVERS\mrxdav.sys
23:03:29.0125 1228 MRxDAV - ok
23:03:29.0156 1228 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\windows\system32\DRIVERS\mrxsmb.sys
23:03:29.0187 1228 MRxSmb - ok
23:03:29.0218 1228 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:03:29.0359 1228 MSDTC - ok
23:03:29.0375 1228 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\windows\system32\drivers\Msfs.sys
23:03:29.0515 1228 Msfs - ok
23:03:29.0515 1228 MSIServer - ok
23:03:29.0546 1228 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
23:03:29.0671 1228 MSKSSRV - ok
23:03:29.0687 1228 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
23:03:29.0828 1228 MSPCLOCK - ok
23:03:29.0843 1228 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\windows\system32\drivers\MSPQM.sys
23:03:29.0968 1228 MSPQM - ok
23:03:29.0984 1228 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
23:03:30.0125 1228 mssmbios - ok
23:03:30.0140 1228 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\windows\system32\drivers\MSTEE.sys
23:03:30.0281 1228 MSTEE - ok
23:03:30.0312 1228 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\windows\system32\drivers\Mup.sys
23:03:30.0328 1228 Mup - ok
23:03:30.0359 1228 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\windows\system32\DRIVERS\NABTSFEC.sys
23:03:30.0500 1228 NABTSFEC - ok
23:03:30.0531 1228 [ 0102140028FAD045756796E1C685D695 ] napagent C:\windows\System32\qagentrt.dll
23:03:30.0671 1228 napagent - ok
23:03:30.0703 1228 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\windows\system32\drivers\NDIS.sys
23:03:30.0843 1228 NDIS - ok
23:03:30.0875 1228 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\windows\system32\DRIVERS\NdisIP.sys
23:03:31.0015 1228 NdisIP - ok
23:03:31.0046 1228 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
23:03:31.0062 1228 NdisTapi - ok
23:03:31.0093 1228 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
23:03:31.0234 1228 Ndisuio - ok
23:03:31.0265 1228 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
23:03:31.0406 1228 NdisWan - ok
23:03:31.0437 1228 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\windows\system32\drivers\NDProxy.sys
23:03:31.0468 1228 NDProxy - ok
23:03:31.0468 1228 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
23:03:31.0609 1228 NetBIOS - ok
23:03:31.0625 1228 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\windows\system32\DRIVERS\netbt.sys
23:03:31.0750 1228 NetBT - ok
23:03:31.0781 1228 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\windows\system32\netdde.exe
23:03:31.0921 1228 NetDDE - ok
23:03:31.0937 1228 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\windows\system32\netdde.exe
23:03:32.0078 1228 NetDDEdsdm - ok
23:03:32.0109 1228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\windows\system32\lsass.exe
23:03:32.0250 1228 Netlogon - ok
23:03:32.0281 1228 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\windows\System32\netman.dll
23:03:32.0421 1228 Netman - ok
23:03:32.0453 1228 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:03:32.0468 1228 NetTcpPortSharing - ok
23:03:32.0500 1228 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\windows\system32\DRIVERS\nic1394.sys
23:03:32.0640 1228 NIC1394 - ok
23:03:32.0671 1228 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\windows\System32\mswsock.dll
23:03:32.0703 1228 Nla - ok
23:03:32.0765 1228 [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU C:\Program Files\CDBurnerXP\NMSAccessU.exe
23:03:32.0796 1228 NMSAccessU - ok
23:03:32.0812 1228 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\windows\system32\drivers\Npfs.sys
23:03:32.0953 1228 Npfs - ok
23:03:32.0968 1228 npggsvc - ok
23:03:32.0984 1228 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
23:03:33.0140 1228 Ntfs - ok
23:03:33.0156 1228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\windows\system32\lsass.exe
23:03:33.0296 1228 NtLmSsp - ok
23:03:33.0328 1228 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\windows\system32\ntmssvc.dll
23:03:33.0484 1228 NtmsSvc - ok
23:03:33.0515 1228 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\windows\system32\drivers\Null.sys
23:03:33.0656 1228 Null - ok
23:03:34.0234 1228 [ 0DC79B60CEDC3A8854C27B3C6E4B3414 ] nv C:\windows\system32\DRIVERS\nv4_mini.sys
23:03:34.0531 1228 nv - ok
23:03:34.0562 1228 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\windows\system32\DRIVERS\nwlnkflt.sys
23:03:34.0734 1228 NwlnkFlt - ok
23:03:34.0734 1228 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\windows\system32\DRIVERS\nwlnkfwd.sys
23:03:34.0875 1228 NwlnkFwd - ok
23:03:34.0906 1228 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\windows\system32\DRIVERS\nwlnkipx.sys
23:03:35.0046 1228 NwlnkIpx - ok
23:03:35.0062 1228 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\windows\system32\DRIVERS\nwlnknb.sys
23:03:35.0203 1228 NwlnkNb - ok
23:03:35.0234 1228 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\windows\system32\DRIVERS\nwlnkspx.sys
23:03:35.0375 1228 NwlnkSpx - ok
23:03:35.0390 1228 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
23:03:35.0531 1228 ohci1394 - ok
23:03:35.0578 1228 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\windows\system32\DRIVERS\parport.sys
23:03:35.0718 1228 Parport - ok
23:03:35.0734 1228 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\windows\system32\drivers\PartMgr.sys
23:03:35.0875 1228 PartMgr - ok
23:03:35.0921 1228 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\windows\system32\drivers\ParVdm.sys
23:03:36.0062 1228 ParVdm - ok
23:03:36.0093 1228 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\windows\system32\DRIVERS\pci.sys
23:03:36.0250 1228 PCI - ok
23:03:36.0250 1228 PCIDump - ok
23:03:36.0265 1228 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\windows\system32\DRIVERS\pciide.sys
23:03:36.0406 1228 PCIIde - ok
23:03:36.0421 1228 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\windows\system32\drivers\Pcmcia.sys
23:03:36.0562 1228 Pcmcia - ok
23:03:36.0593 1228 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\windows\system32\Drivers\pcouffin.sys
23:03:36.0593 1228 pcouffin ( UnsignedFile.Multi.Generic ) - warning
23:03:36.0593 1228 pcouffin - detected UnsignedFile.Multi.Generic (1)
23:03:36.0609 1228 PDCOMP - ok
23:03:36.0609 1228 PDFRAME - ok
23:03:36.0625 1228 PDRELI - ok
23:03:36.0625 1228 PDRFRAME - ok
23:03:36.0640 1228 perc2 - ok
23:03:36.0640 1228 perc2hib - ok
23:03:36.0671 1228 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\windows\system32\services.exe
23:03:36.0750 1228 PlugPlay - ok
23:03:36.0765 1228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\windows\system32\lsass.exe
23:03:36.0906 1228 PolicyAgent - ok
23:03:36.0906 1228 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
23:03:37.0062 1228 PptpMiniport - ok
23:03:37.0093 1228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\windows\system32\lsass.exe
23:03:37.0250 1228 ProtectedStorage - ok
23:03:37.0250 1228 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\windows\system32\DRIVERS\psched.sys
23:03:37.0406 1228 PSched - ok
23:03:37.0421 1228 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\windows\system32\DRIVERS\ptilink.sys
23:03:37.0562 1228 Ptilink - ok
23:03:37.0578 1228 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys
23:03:37.0593 1228 PxHelp20 - ok
23:03:37.0593 1228 ql1080 - ok
23:03:37.0609 1228 Ql10wnt - ok
23:03:37.0609 1228 ql12160 - ok
23:03:37.0625 1228 ql1240 - ok
23:03:37.0625 1228 ql1280 - ok
23:03:37.0656 1228 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
23:03:37.0796 1228 RasAcd - ok
23:03:37.0812 1228 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\windows\System32\rasauto.dll
23:03:37.0968 1228 RasAuto - ok
23:03:38.0000 1228 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
23:03:38.0140 1228 Rasl2tp - ok
23:03:38.0171 1228 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\windows\System32\rasmans.dll
23:03:38.0312 1228 RasMan - ok
23:03:38.0328 1228 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
23:03:38.0468 1228 RasPppoe - ok
23:03:38.0468 1228 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\windows\system32\DRIVERS\raspti.sys
23:03:38.0609 1228 Raspti - ok
23:03:38.0625 1228 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\windows\system32\DRIVERS\rdbss.sys
23:03:38.0765 1228 Rdbss - ok
23:03:38.0796 1228 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
23:03:38.0921 1228 RDPCDD - ok
23:03:38.0968 1228 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
23:03:38.0984 1228 RDPWD - ok
23:03:39.0000 1228 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:03:39.0156 1228 RDSessMgr - ok
23:03:39.0171 1228 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\windows\system32\DRIVERS\redbook.sys
23:03:39.0296 1228 redbook - ok
23:03:39.0343 1228 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\windows\System32\mprdim.dll
23:03:39.0484 1228 RemoteAccess - ok
23:03:39.0500 1228 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\windows\system32\locator.exe
23:03:39.0640 1228 RpcLocator - ok
23:03:39.0671 1228 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\windows\System32\rpcss.dll
23:03:39.0718 1228 RpcSs - ok
23:03:39.0734 1228 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\windows\system32\rsvp.exe
23:03:39.0875 1228 RSVP - ok
23:03:39.0906 1228 [ 2377F31CBB8277807C3351302CF133E9 ] RTL8023xp C:\windows\system32\DRIVERS\Rtlnicxp.sys
23:03:39.0921 1228 RTL8023xp ( UnsignedFile.Multi.Generic ) - warning
23:03:39.0921 1228 RTL8023xp - detected UnsignedFile.Multi.Generic (1)
23:03:39.0921 1228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\windows\system32\lsass.exe
23:03:40.0078 1228 SamSs - ok
23:03:40.0093 1228 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\windows\System32\SCardSvr.exe
23:03:40.0250 1228 SCardSvr - ok
23:03:40.0281 1228 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\windows\system32\schedsvc.dll
23:03:40.0421 1228 Schedule - ok
23:03:40.0453 1228 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\windows\system32\DRIVERS\secdrv.sys
23:03:40.0515 1228 Secdrv - ok
23:03:40.0531 1228 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\windows\System32\seclogon.dll
23:03:40.0671 1228 seclogon - ok
23:03:40.0687 1228 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\windows\system32\sens.dll
23:03:40.0843 1228 SENS - ok
23:03:40.0843 1228 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\windows\system32\DRIVERS\serenum.sys
23:03:41.0000 1228 serenum - ok
23:03:41.0000 1228 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\windows\system32\DRIVERS\serial.sys
23:03:41.0140 1228 Serial - ok
23:03:41.0171 1228 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\windows\system32\drivers\Sfloppy.sys
23:03:41.0328 1228 Sfloppy - ok
23:03:41.0328 1228 sfng32 - ok
23:03:41.0375 1228 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\windows\System32\ipnathlp.dll
23:03:41.0515 1228 SharedAccess - ok
23:03:41.0531 1228 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\windows\System32\shsvcs.dll
23:03:41.0562 1228 ShellHWDetection - ok
23:03:41.0578 1228 Simbad - ok
23:03:41.0593 1228 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\windows\system32\DRIVERS\SLIP.sys
23:03:41.0750 1228 SLIP - ok
23:03:41.0750 1228 Sparrow - ok
23:03:41.0781 1228 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\windows\system32\drivers\splitter.sys
23:03:41.0921 1228 splitter - ok
23:03:41.0968 1228 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\windows\system32\spoolsv.exe
23:03:42.0000 1228 Spooler - ok
23:03:42.0046 1228 [ D15DA1BA189770D93EEA2D7E18F95AF9 ] sptd C:\windows\system32\Drivers\sptd.sys
23:03:42.0046 1228 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: D15DA1BA189770D93EEA2D7E18F95AF9
23:03:42.0062 1228 sptd ( LockedFile.Multi.Generic ) - warning
23:03:42.0062 1228 sptd - detected LockedFile.Multi.Generic (1)
23:03:42.0062 1228 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\windows\system32\DRIVERS\sr.sys
23:03:42.0125 1228 sr - ok
23:03:42.0140 1228 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\windows\system32\srsvc.dll
23:03:42.0218 1228 srservice - ok
23:03:42.0250 1228 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\windows\system32\DRIVERS\srv.sys
23:03:42.0281 1228 Srv - ok
23:03:42.0312 1228 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
23:03:42.0375 1228 SSDPSRV - ok
23:03:42.0484 1228 [ C5003D42CC88C1F5D54ED9AF28D6ED7B ] STacSV c:\program files\idt\intelxpv_v103\wdm\STacSV.exe
23:03:42.0515 1228 STacSV - ok
23:03:42.0562 1228 [ 228519217A88C2F6B0CF8C022E6D669C ] STHDA C:\windows\system32\drivers\sthda.sys
23:03:42.0640 1228 STHDA - ok
23:03:42.0671 1228 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\windows\system32\wiaservc.dll
23:03:42.0812 1228 stisvc - ok
23:03:42.0828 1228 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\windows\system32\DRIVERS\StreamIP.sys
23:03:42.0968 1228 streamip - ok
23:03:43.0000 1228 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\windows\system32\DRIVERS\swenum.sys
23:03:43.0140 1228 swenum - ok
23:03:43.0156 1228 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\windows\system32\drivers\swmidi.sys
23:03:43.0296 1228 swmidi - ok
23:03:43.0312 1228 SwPrv - ok
23:03:43.0328 1228 symc810 - ok
23:03:43.0328 1228 symc8xx - ok
23:03:43.0343 1228 sym_hi - ok
23:03:43.0343 1228 sym_u3 - ok
23:03:43.0359 1228 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\windows\system32\drivers\sysaudio.sys
23:03:43.0500 1228 sysaudio - ok
23:03:43.0531 1228 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\windows\system32\smlogsvc.exe
23:03:43.0671 1228 SysmonLog - ok
23:03:43.0734 1228 [ DAD1A4D96291139C0F834B138320E475 ] TabletServicePen C:\WINDOWS\system32\Pen_Tablet.exe
23:03:43.0796 1228 TabletServicePen - ok
23:03:43.0843 1228 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\windows\System32\tapisrv.dll
23:03:43.0984 1228 TapiSrv - ok
23:03:44.0031 1228 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\windows\system32\DRIVERS\tcpip.sys
23:03:44.0078 1228 Tcpip - ok
23:03:44.0093 1228 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\windows\system32\drivers\TDPIPE.sys
23:03:44.0265 1228 TDPIPE - ok
23:03:44.0296 1228 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\windows\system32\drivers\TDTCP.sys
23:03:44.0453 1228 TDTCP - ok
23:03:44.0484 1228 [ 88155247177638048422893737429D9E ] TermDD C:\windows\system32\DRIVERS\termdd.sys
23:03:44.0625 1228 TermDD - ok
23:03:44.0640 1228 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\windows\System32\termsrv.dll
23:03:44.0781 1228 TermService - ok
23:03:44.0796 1228 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\windows\System32\shsvcs.dll
23:03:44.0828 1228 Themes - ok
23:03:44.0843 1228 TosIde - ok
23:03:44.0859 1228 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\windows\system32\trkwks.dll
23:03:45.0015 1228 TrkWks - ok
23:03:45.0031 1228 TVICHW32 - ok
23:03:45.0046 1228 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\windows\system32\drivers\Udfs.sys
23:03:45.0187 1228 Udfs - ok
23:03:45.0250 1228 [ 810883E6225C0037F2553D964FC866E3 ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
23:03:45.0281 1228 UleadBurningHelper - ok
23:03:45.0281 1228 ultra - ok
23:03:45.0296 1228 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\windows\system32\DRIVERS\update.sys
23:03:45.0437 1228 Update - ok
23:03:45.0468 1228 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\windows\System32\upnphost.dll
23:03:45.0531 1228 upnphost - ok
23:03:45.0562 1228 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\windows\System32\ups.exe
23:03:45.0687 1228 UPS - ok
23:03:45.0703 1228 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
23:03:45.0859 1228 usbaudio - ok
23:03:45.0890 1228 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
23:03:46.0031 1228 usbccgp - ok
23:03:46.0062 1228 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
23:03:46.0218 1228 usbehci - ok
23:03:46.0234 1228 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
23:03:46.0375 1228 usbhub - ok
23:03:46.0390 1228 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
23:03:46.0546 1228 usbprint - ok
23:03:46.0562 1228 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
23:03:46.0703 1228 usbscan - ok
23:03:46.0718 1228 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
23:03:46.0843 1228 USBSTOR - ok
23:03:46.0875 1228 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
23:03:47.0015 1228 usbuhci - ok
23:03:47.0046 1228 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
23:03:47.0171 1228 usbvideo - ok
23:03:47.0203 1228 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\windows\System32\drivers\vga.sys
23:03:47.0343 1228 VgaSave - ok
23:03:47.0343 1228 ViaIde - ok
23:03:47.0359 1228 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\windows\system32\drivers\VolSnap.sys
23:03:47.0500 1228 VolSnap - ok
23:03:47.0531 1228 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\windows\System32\vssvc.exe
23:03:47.0609 1228 VSS - ok
23:03:47.0640 1228 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\windows\system32\w32time.dll
23:03:47.0781 1228 W32Time - ok
23:03:47.0796 1228 [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\windows\system32\DRIVERS\wacommousefilter.sys
23:03:47.0812 1228 wacommousefilter - ok
23:03:47.0859 1228 [ 73E6F16A1F187D71FB26AF308551E54A ] wacomvhid C:\windows\system32\DRIVERS\wacomvhid.sys
23:03:47.0875 1228 wacomvhid - ok
23:03:47.0875 1228 [ 889459833432B161CB99CFDF84A1A9BB ] WacomVKHid C:\windows\system32\DRIVERS\WacomVKHid.sys
23:03:47.0890 1228 WacomVKHid - ok
23:03:47.0906 1228 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys
23:03:48.0046 1228 Wanarp - ok
23:03:48.0062 1228 WDICA - ok
23:03:48.0078 1228 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\windows\system32\drivers\wdmaud.sys
23:03:48.0218 1228 wdmaud - ok
23:03:48.0250 1228 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\windows\System32\webclnt.dll
23:03:48.0390 1228 WebClient - ok
23:03:48.0437 1228 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\windows\system32\wbem\WMIsvc.dll
23:03:48.0593 1228 winmgmt - ok
23:03:48.0625 1228 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
23:03:48.0640 1228 WmdmPmSN - ok
23:03:48.0671 1228 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:03:48.0812 1228 WmiApSrv - ok
23:03:48.0859 1228 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
23:03:48.0921 1228 WMPNetworkSvc - ok
23:03:48.0953 1228 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\windows\System32\drivers\ws2ifsl.sys
23:03:49.0359 1228 WS2IFSL - ok
23:03:49.0390 1228 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\windows\system32\wscsvc.dll
23:03:49.0531 1228 wscsvc - ok
23:03:49.0562 1228 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\windows\system32\DRIVERS\WSTCODEC.SYS
23:03:49.0718 1228 WSTCODEC - ok
23:03:49.0734 1228 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\windows\system32\wuauserv.dll
23:03:49.0875 1228 wuauserv - ok
23:03:49.0906 1228 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\windows\system32\DRIVERS\WudfPf.sys
23:03:49.0937 1228 WudfPf - ok
23:03:49.0953 1228 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\windows\system32\DRIVERS\wudfrd.sys
23:03:49.0968 1228 WudfRd - ok
23:03:49.0984 1228 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\windows\System32\WUDFSvc.dll
23:03:50.0015 1228 WudfSvc - ok
23:03:50.0062 1228 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\windows\System32\wzcsvc.dll
23:03:50.0203 1228 WZCSVC - ok
23:03:50.0234 1228 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\windows\System32\xmlprov.dll
23:03:50.0375 1228 xmlprov - ok
23:03:50.0390 1228 ================ Scan global ===============================
23:03:50.0421 1228 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\windows\system32\basesrv.dll
23:03:50.0468 1228 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\windows\system32\winsrv.dll
23:03:50.0484 1228 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\windows\system32\winsrv.dll
23:03:50.0500 1228 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\windows\system32\services.exe
23:03:50.0500 1228 [Global] - ok
23:03:50.0500 1228 ================ Scan MBR ==================================
23:03:50.0531 1228 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
23:03:50.0796 1228 \Device\Harddisk0\DR0 - ok
23:03:50.0796 1228 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
23:03:50.0953 1228 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
23:03:50.0953 1228 \Device\Harddisk1\DR1 - detected TDSS File System (1)
23:03:50.0953 1228 ================ Scan VBR ==================================
23:03:50.0953 1228 [ FBE10E0B5206A53E2B03F93B863967E9 ] \Device\Harddisk0\DR0\Partition1
23:03:50.0968 1228 \Device\Harddisk0\DR0\Partition1 - ok
23:03:50.0968 1228 [ 57FCAF0B5A1F759543A423F4AE0D65FD ] \Device\Harddisk1\DR1\Partition1
23:03:50.0968 1228 \Device\Harddisk1\DR1\Partition1 - ok
23:03:50.0968 1228 ================ Scan active images ========================
23:03:50.0968 1228 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
23:03:50.0968 1228 C:\WINDOWS\system32\drivers\intelppm.sys - ok
23:03:50.0984 1228 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
23:03:50.0984 1228 C:\WINDOWS\system32\drivers\videoprt.sys - ok
23:03:50.0984 1228 [ 0DC79B60CEDC3A8854C27B3C6E4B3414 ] C:\WINDOWS\system32\drivers\nv4_mini.sys
23:03:50.0984 1228 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
23:03:50.0984 1228 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
23:03:50.0984 1228 C:\WINDOWS\system32\drivers\usbport.sys - ok
23:03:51.0000 1228 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
23:03:51.0000 1228 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
23:03:51.0000 1228 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
23:03:51.0000 1228 C:\WINDOWS\system32\drivers\usbehci.sys - ok
23:03:51.0000 1228 [ 2377F31CBB8277807C3351302CF133E9 ] C:\WINDOWS\system32\drivers\Rtlnicxp.sys
23:03:51.0000 1228 C:\WINDOWS\system32\drivers\Rtlnicxp.sys - ok
23:03:51.0015 1228 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
23:03:51.0015 1228 C:\WINDOWS\system32\drivers\fdc.sys - ok
23:03:51.0015 1228 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
23:03:51.0015 1228 C:\WINDOWS\system32\drivers\serial.sys - ok
23:03:51.0015 1228 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
23:03:51.0015 1228 C:\WINDOWS\system32\drivers\serenum.sys - ok
23:03:51.0031 1228 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
23:03:51.0031 1228 C:\WINDOWS\system32\drivers\parport.sys - ok
23:03:51.0031 1228 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
23:03:51.0031 1228 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
23:03:51.0031 1228 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
23:03:51.0031 1228 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
23:03:51.0046 1228 [ 065639773D8B03F33577F6CDAEA21063 ] C:\WINDOWS\system32\drivers\gameenum.sys
23:03:51.0046 1228 C:\WINDOWS\system32\drivers\gameenum.sys - ok
23:03:51.0046 1228 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
23:03:51.0046 1228 C:\WINDOWS\system32\drivers\cdrom.sys - ok
23:03:51.0062 1228 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
23:03:51.0062 1228 C:\WINDOWS\system32\drivers\ks.sys - ok
23:03:51.0062 1228 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
23:03:51.0062 1228 C:\WINDOWS\system32\drivers\redbook.sys - ok
23:03:51.0062 1228 [ F2F431D1573EE632975C524418655B84 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
23:03:51.0062 1228 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
23:03:51.0078 1228 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
23:03:51.0078 1228 C:\WINDOWS\system32\drivers\imapi.sys - ok
23:03:51.0078 1228 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
23:03:51.0078 1228 C:\WINDOWS\system32\drivers\drmk.sys - ok
23:03:51.0078 1228 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
23:03:51.0078 1228 C:\WINDOWS\system32\drivers\portcls.sys - ok
23:03:51.0093 1228 [ 933933288DF5ED26D1928215C97D05C7 ] C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23:03:51.0093 1228 C:\WINDOWS\system32\drivers\ALCXWDM.SYS - ok
23:03:51.0093 1228 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
23:03:51.0093 1228 C:\WINDOWS\system32\drivers\hidparse.sys - ok
23:03:51.0093 1228 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
23:03:51.0093 1228 C:\WINDOWS\system32\drivers\hidclass.sys - ok
23:03:51.0109 1228 [ 73E6F16A1F187D71FB26AF308551E54A ] C:\WINDOWS\system32\drivers\wacomvhid.sys
23:03:51.0109 1228 C:\WINDOWS\system32\drivers\wacomvhid.sys - ok
23:03:51.0109 1228 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
23:03:51.0109 1228 C:\WINDOWS\system32\drivers\audstub.sys - ok
23:03:51.0125 1228 [ 889459833432B161CB99CFDF84A1A9BB ] C:\WINDOWS\system32\drivers\WacomVKHid.sys
23:03:51.0125 1228 C:\WINDOWS\system32\drivers\WacomVKHid.sys - ok
23:03:51.0125 1228 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
23:03:51.0125 1228 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
23:03:51.0125 1228 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
23:03:51.0125 1228 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
23:03:51.0140 1228 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
23:03:51.0140 1228 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
23:03:51.0140 1228 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
23:03:51.0140 1228 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
23:03:51.0140 1228 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
23:03:51.0140 1228 C:\WINDOWS\system32\drivers\raspptp.sys - ok
23:03:51.0156 1228 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
23:03:51.0156 1228 C:\WINDOWS\system32\drivers\tdi.sys - ok
23:03:51.0156 1228 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
23:03:51.0156 1228 C:\WINDOWS\system32\drivers\msgpc.sys - ok
23:03:51.0156 1228 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
23:03:51.0156 1228 C:\WINDOWS\system32\drivers\psched.sys - ok
23:03:51.0171 1228 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
23:03:51.0171 1228 C:\WINDOWS\system32\drivers\ptilink.sys - ok
23:03:51.0171 1228 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
23:03:51.0171 1228 C:\WINDOWS\system32\drivers\raspti.sys - ok
23:03:51.0171 1228 [ 7929A161F9951D173CA9900FE7067391 ] C:\WINDOWS\system32\drivers\hamachi.sys
23:03:51.0171 1228 C:\WINDOWS\system32\drivers\hamachi.sys - ok
23:03:51.0187 1228 [ 5B6C11DE7E839C05248CED8825470FEF ] C:\WINDOWS\system32\drivers\pcouffin.sys
23:03:51.0187 1228 C:\WINDOWS\system32\drivers\pcouffin.sys - ok
23:03:51.0187 1228 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
23:03:51.0187 1228 C:\WINDOWS\system32\drivers\mouclass.sys - ok
23:03:51.0187 1228 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
23:03:51.0187 1228 C:\WINDOWS\system32\drivers\termdd.sys - ok
23:03:51.0203 1228 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
23:03:51.0203 1228 C:\WINDOWS\system32\drivers\swenum.sys - ok
23:03:51.0203 1228 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
23:03:51.0203 1228 C:\WINDOWS\system32\drivers\update.sys - ok
23:03:51.0203 1228 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
23:03:51.0203 1228 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
23:03:51.0218 1228 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
23:03:51.0218 1228 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
23:03:51.0218 1228 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
23:03:51.0218 1228 C:\WINDOWS\system32\drivers\mouhid.sys - ok
23:03:51.0218 1228 [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] C:\WINDOWS\system32\drivers\wacommousefilter.sys
23:03:51.0218 1228 C:\WINDOWS\system32\drivers\wacommousefilter.sys - ok
23:03:51.0234 1228 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
23:03:51.0234 1228 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
23:03:51.0234 1228 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
23:03:51.0234 1228 C:\WINDOWS\system32\drivers\usbd.sys - ok
23:03:51.0250 1228 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
23:03:51.0250 1228 C:\WINDOWS\system32\drivers\usbhub.sys - ok
23:03:51.0250 1228 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
23:03:51.0250 1228 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
23:03:51.0250 1228 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
23:03:51.0250 1228 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
23:03:51.0265 1228 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
23:03:51.0265 1228 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
23:03:51.0265 1228 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
23:03:51.0265 1228 C:\WINDOWS\system32\drivers\beep.sys - ok
23:03:51.0265 1228 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
23:03:51.0265 1228 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
23:03:51.0281 1228 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
23:03:51.0281 1228 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
23:03:51.0281 1228 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
23:03:51.0281 1228 C:\WINDOWS\system32\drivers\null.sys - ok
23:03:51.0281 1228 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
23:03:51.0281 1228 C:\WINDOWS\system32\drivers\vga.sys - ok
23:03:51.0296 1228 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
23:03:51.0296 1228 C:\WINDOWS\system32\drivers\msfs.sys - ok
23:03:51.0296 1228 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
23:03:51.0296 1228 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
23:03:51.0296 1228 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
23:03:51.0296 1228 C:\WINDOWS\system32\drivers\ipsec.sys - ok
23:03:51.0312 1228 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
23:03:51.0312 1228 C:\WINDOWS\system32\drivers\npfs.sys - ok
23:03:51.0312 1228 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
23:03:51.0312 1228 C:\WINDOWS\system32\drivers\rasacd.sys - ok
23:03:51.0312 1228 [ E3E73B2B73A4DFADFDDF557192C4B08A ] C:\WINDOWS\system32\drivers\aswTdi.sys
23:03:51.0312 1228 C:\WINDOWS\system32\drivers\aswTdi.sys - ok
23:03:51.0328 1228 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
23:03:51.0328 1228 C:\WINDOWS\system32\drivers\ipnat.sys - ok
23:03:51.0328 1228 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
23:03:51.0328 1228 C:\WINDOWS\system32\drivers\tcpip.sys - ok
23:03:51.0328 1228 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
23:03:51.0328 1228 C:\WINDOWS\system32\drivers\netbt.sys - ok
23:03:51.0343 1228 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
23:03:51.0343 1228 C:\WINDOWS\system32\drivers\wanarp.sys - ok
23:03:51.0343 1228 [ 7C9F0A2AB17D52261A9252A2EB320884 ] C:\WINDOWS\system32\drivers\aswRdr.sys
23:03:51.0343 1228 C:\WINDOWS\system32\drivers\aswRdr.sys - ok
23:03:51.0359 1228 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:03:51.0359 1228 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
23:03:51.0359 1228 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
23:03:51.0359 1228 C:\WINDOWS\system32\drivers\afd.sys - ok
23:03:51.0359 1228 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
23:03:51.0359 1228 C:\WINDOWS\system32\drivers\netbios.sys - ok
23:03:51.0375 1228 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
23:03:51.0375 1228 C:\WINDOWS\system32\drivers\rdbss.sys - ok
23:03:51.0375 1228 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
23:03:51.0375 1228 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
23:03:51.0375 1228 [ 5D7BE7B19E827125E016325334E58FF1 ] C:\WINDOWS\system32\drivers\BANTExt.sys
23:03:51.0375 1228 C:\WINDOWS\system32\drivers\BANTExt.sys - ok
23:03:51.0390 1228 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
23:03:51.0390 1228 C:\WINDOWS\system32\drivers\fips.sys - ok
23:03:51.0390 1228 [ 67B558895695545FB0568B7541F3BCA7 ] C:\WINDOWS\system32\drivers\aswSP.sys
23:03:51.0390 1228 C:\WINDOWS\system32\drivers\aswSP.sys - ok
23:03:51.0390 1228 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] C:\WINDOWS\system32\drivers\aswSnx.sys
23:03:51.0390 1228 C:\WINDOWS\system32\drivers\aswSnx.sys - ok
23:03:51.0406 1228 [ 149A8F7ADF9742554DC323E290551E3E ] C:\WINDOWS\system32\drivers\aavmker4.sys
23:03:51.0406 1228 C:\WINDOWS\system32\drivers\aavmker4.sys - ok
23:03:51.0406 1228 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
23:03:51.0406 1228 C:\WINDOWS\system32\drivers\hidusb.sys - ok
23:03:51.0406 1228 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
23:03:51.0406 1228 C:\WINDOWS\system32\smss.exe - ok
23:03:51.0421 1228 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
23:03:51.0421 1228 C:\WINDOWS\system32\ntdll.dll - ok
23:03:51.0421 1228 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
23:03:51.0421 1228 C:\WINDOWS\system32\autochk.exe - ok
23:03:51.0421 1228 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
23:03:51.0421 1228 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
23:03:51.0437 1228 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] C:\WINDOWS\system32\drivers\usbvideo.sys
23:03:51.0437 1228 C:\WINDOWS\system32\drivers\usbvideo.sys - ok
23:03:51.0437 1228 [ E919708DB44ED8543A7C017953148330 ] C:\WINDOWS\system32\drivers\USBAUDIO.sys
23:03:51.0437 1228 C:\WINDOWS\system32\drivers\USBAUDIO.sys - ok
23:03:51.0437 1228 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
23:03:51.0437 1228 C:\WINDOWS\system32\sfcfiles.dll - ok
23:03:51.0453 1228 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
23:03:51.0453 1228 C:\WINDOWS\system32\drivers\cdfs.sys - ok
23:03:51.0453 1228 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
23:03:51.0453 1228 C:\WINDOWS\system32\drivers\wmilib.sys - ok
23:03:51.0453 1228 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
23:03:51.0453 1228 C:\WINDOWS\system32\drivers\atapi.sys - ok
23:03:51.0468 1228 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
23:03:51.0468 1228 C:\WINDOWS\system32\drivers\dxapi.sys - ok
23:03:51.0468 1228 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
23:03:51.0468 1228 C:\WINDOWS\system32\watchdog.sys - ok
23:03:51.0468 1228 [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
23:03:51.0468 1228 C:\WINDOWS\system32\win32k.sys - ok
23:03:51.0484 1228 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
23:03:51.0484 1228 C:\WINDOWS\system32\csrsrv.dll - ok
23:03:51.0484 1228 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
23:03:51.0484 1228 C:\WINDOWS\system32\csrss.exe - ok
23:03:51.0500 1228 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:03:51.0500 1228 C:\WINDOWS\system32\basesrv.dll - ok
23:03:51.0500 1228 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:03:51.0500 1228 C:\WINDOWS\system32\winsrv.dll - ok
23:03:51.0500 1228 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
23:03:51.0500 1228 C:\WINDOWS\system32\gdi32.dll - ok
23:03:51.0515 1228 [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
23:03:51.0515 1228 C:\WINDOWS\system32\kernel32.dll - ok
23:03:51.0515 1228 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
23:03:51.0515 1228 C:\WINDOWS\system32\user32.dll - ok
23:03:51.0515 1228 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
23:03:51.0515 1228 C:\WINDOWS\system32\drivers\dxg.sys - ok
23:03:51.0531 1228 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
23:03:51.0531 1228 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
23:03:51.0531 1228 [ 2E5F65B8A1D1A6894F6A5DBD08665F87 ] C:\WINDOWS\system32\nv4_disp.dll
23:03:51.0531 1228 C:\WINDOWS\system32\nv4_disp.dll - ok
23:03:51.0531 1228 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
23:03:51.0531 1228 C:\WINDOWS\system32\vga.dll - ok
23:03:51.0546 1228 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
23:03:51.0546 1228 C:\WINDOWS\system32\winlogon.exe - ok
23:03:51.0546 1228 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
23:03:51.0546 1228 C:\WINDOWS\system32\advapi32.dll - ok
23:03:51.0546 1228 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
23:03:51.0546 1228 C:\WINDOWS\system32\rpcrt4.dll - ok
23:03:51.0562 1228 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
23:03:51.0562 1228 C:\WINDOWS\system32\authz.dll - ok
23:03:51.0562 1228 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
23:03:51.0562 1228 C:\WINDOWS\system32\msvcrt.dll - ok
23:03:51.0562 1228 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
23:03:51.0562 1228 C:\WINDOWS\system32\secur32.dll - ok
23:03:51.0578 1228 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
23:03:51.0578 1228 C:\WINDOWS\system32\crypt32.dll - ok
23:03:51.0578 1228 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
23:03:51.0578 1228 C:\WINDOWS\system32\msasn1.dll - ok
23:03:51.0578 1228 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
23:03:51.0578 1228 C:\WINDOWS\system32\nddeapi.dll - ok
23:03:51.0593 1228 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
23:03:51.0593 1228 C:\WINDOWS\system32\netapi32.dll - ok
23:03:51.0593 1228 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
23:03:51.0593 1228 C:\WINDOWS\system32\profmap.dll - ok
23:03:51.0609 1228 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
23:03:51.0609 1228 C:\WINDOWS\system32\userenv.dll - ok
23:03:51.0609 1228 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
23:03:51.0609 1228 C:\WINDOWS\system32\psapi.dll - ok
23:03:51.0609 1228 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
23:03:51.0609 1228 C:\WINDOWS\system32\regapi.dll - ok
23:03:51.0625 1228 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
23:03:51.0625 1228 C:\WINDOWS\system32\setupapi.dll - ok
23:03:51.0625 1228 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
23:03:51.0625 1228 C:\WINDOWS\system32\version.dll - ok
23:03:51.0625 1228 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
23:03:51.0625 1228 C:\WINDOWS\system32\winsta.dll - ok
23:03:51.0640 1228 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
23:03:51.0640 1228 C:\WINDOWS\system32\wintrust.dll - ok
23:03:51.0640 1228 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
23:03:51.0640 1228 C:\WINDOWS\system32\imagehlp.dll - ok
23:03:51.0640 1228 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
23:03:51.0640 1228 C:\WINDOWS\system32\ws2help.dll - ok
23:03:51.0656 1228 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
23:03:51.0656 1228 C:\WINDOWS\system32\ws2_32.dll - ok
23:03:51.0656 1228 [ 38875BB3F5A94D8A1B76993A01C92881 ] C:\WINDOWS\system32\guard32.dll
23:03:51.0656 1228 C:\WINDOWS\system32\guard32.dll - ok
23:03:51.0656 1228 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
23:03:51.0656 1228 C:\WINDOWS\system32\imm32.dll - ok
23:03:51.0671 1228 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
23:03:51.0671 1228 C:\WINDOWS\system32\fltlib.dll - ok
23:03:51.0671 1228 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
23:03:51.0671 1228 C:\WINDOWS\system32\kbdus.dll - ok
23:03:51.0687 1228 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
23:03:51.0687 1228 C:\WINDOWS\system32\msgina.dll - ok
23:03:51.0687 1228 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
23:03:51.0687 1228 C:\WINDOWS\system32\comctl32.dll - ok
23:03:51.0687 1228 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
23:03:51.0687 1228 C:\WINDOWS\system32\odbc32.dll - ok
23:03:51.0703 1228 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
23:03:51.0703 1228 C:\WINDOWS\system32\comdlg32.dll - ok
23:03:51.0703 1228 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
23:03:51.0703 1228 C:\WINDOWS\system32\shell32.dll - ok
23:03:51.0703 1228 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
23:03:51.0703 1228 C:\WINDOWS\system32\shlwapi.dll - ok
23:03:51.0718 1228 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
23:03:51.0718 1228 C:\WINDOWS\system32\sxs.dll - ok
23:03:51.0718 1228 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
23:03:51.0718 1228 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
23:03:51.0718 1228 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
23:03:51.0718 1228 C:\WINDOWS\system32\odbcint.dll - ok
23:03:51.0734 1228 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
23:03:51.0734 1228 C:\WINDOWS\system32\shsvcs.dll - ok
23:03:51.0734 1228 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
23:03:51.0734 1228 C:\WINDOWS\system32\ole32.dll - ok
23:03:51.0734 1228 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
23:03:51.0734 1228 C:\WINDOWS\system32\sfc.dll - ok
23:03:51.0750 1228 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
23:03:51.0750 1228 C:\WINDOWS\system32\sfc_os.dll - ok
23:03:51.0750 1228 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
23:03:51.0750 1228 C:\WINDOWS\system32\apphelp.dll - ok
23:03:51.0750 1228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
23:03:51.0750 1228 C:\WINDOWS\system32\lsass.exe - ok
23:03:51.0765 1228 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:03:51.0765 1228 C:\WINDOWS\system32\services.exe - ok
23:03:51.0765 1228 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
23:03:51.0765 1228 C:\WINDOWS\system32\lsasrv.dll - ok
23:03:51.0765 1228 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
23:03:51.0765 1228 C:\WINDOWS\system32\ncobjapi.dll - ok
23:03:51.0781 1228 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
23:03:51.0781 1228 C:\WINDOWS\system32\msvcp60.dll - ok
23:03:51.0781 1228 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
23:03:51.0781 1228 C:\WINDOWS\system32\scesrv.dll - ok
23:03:51.0796 1228 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
23:03:51.0796 1228 C:\WINDOWS\system32\mpr.dll - ok
23:03:51.0796 1228 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
23:03:51.0796 1228 C:\WINDOWS\system32\umpnpmgr.dll - ok
23:03:51.0796 1228 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
23:03:51.0796 1228 C:\WINDOWS\system32\ntdsapi.dll - ok
23:03:51.0812 1228 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
23:03:51.0812 1228 C:\WINDOWS\system32\shimeng.dll - ok
23:03:51.0812 1228 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
23:03:51.0812 1228 C:\WINDOWS\AppPatch\acadproc.dll - ok
23:03:51.0812 1228 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
23:03:51.0812 1228 C:\WINDOWS\system32\dnsapi.dll - ok
23:03:51.0828 1228 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
23:03:51.0828 1228 C:\WINDOWS\system32\wldap32.dll - ok
23:03:51.0828 1228 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
23:03:51.0828 1228 C:\WINDOWS\system32\samlib.dll - ok
23:03:51.0828 1228 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
23:03:51.0828 1228 C:\WINDOWS\system32\samsrv.dll - ok
23:03:51.0843 1228 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
23:03:51.0843 1228 C:\WINDOWS\system32\cryptdll.dll - ok
23:03:51.0843 1228 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
23:03:51.0843 1228 C:\WINDOWS\AppPatch\acgenral.dll - ok
23:03:51.0843 1228 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
23:03:51.0843 1228 C:\WINDOWS\system32\winmm.dll - ok
23:03:51.0859 1228 [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
23:03:51.0859 1228 C:\WINDOWS\system32\oleaut32.dll - ok
23:03:51.0859 1228 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
23:03:51.0859 1228 C:\WINDOWS\system32\msacm32.dll - ok
23:03:51.0859 1228 [ E35FABBE7F63CB9AE2A06A449392E3F6 ] C:\WINDOWS\system32\uxtheme.dll
23:03:51.0859 1228 C:\WINDOWS\system32\uxtheme.dll - ok
23:03:51.0875 1228 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
23:03:51.0875 1228 C:\WINDOWS\system32\msapsspc.dll - ok
23:03:51.0875 1228 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
23:03:51.0875 1228 C:\WINDOWS\system32\msvcrt40.dll - ok
23:03:51.0875 1228 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
23:03:51.0875 1228 C:\WINDOWS\system32\schannel.dll - ok
23:03:51.0890 1228 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
23:03:51.0890 1228 C:\WINDOWS\system32\digest.dll - ok
23:03:51.0890 1228 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
23:03:51.0890 1228 C:\WINDOWS\system32\msnsspc.dll - ok
23:03:51.0906 1228 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
23:03:51.0906 1228 C:\WINDOWS\system32\kerberos.dll - ok
23:03:51.0906 1228 [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\system32\msctfime.ime
23:03:51.0906 1228 C:\WINDOWS\system32\msctfime.ime - ok
23:03:51.0906 1228 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
23:03:51.0906 1228 C:\WINDOWS\system32\msprivs.dll - ok
23:03:51.0921 1228 [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
23:03:51.0921 1228 C:\WINDOWS\system32\atmfd.dll - ok
23:03:51.0921 1228 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
23:03:51.0921 1228 C:\WINDOWS\system32\msv1_0.dll - ok
23:03:51.0921 1228 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
23:03:51.0921 1228 C:\WINDOWS\system32\iphlpapi.dll - ok
23:03:51.0937 1228 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
23:03:51.0937 1228 C:\WINDOWS\system32\netlogon.dll - ok
23:03:51.0937 1228 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
23:03:51.0937 1228 C:\WINDOWS\system32\w32time.dll - ok
23:03:51.0937 1228 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
23:03:51.0937 1228 C:\WINDOWS\system32\rsaenh.dll - ok
23:03:51.0953 1228 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
23:03:51.0953 1228 C:\WINDOWS\system32\wdigest.dll - ok
23:03:51.0953 1228 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
23:03:51.0953 1228 C:\WINDOWS\system32\winscard.dll - ok
23:03:51.0953 1228 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
23:03:51.0953 1228 C:\WINDOWS\system32\wtsapi32.dll - ok
23:03:51.0968 1228 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
23:03:51.0968 1228 C:\WINDOWS\system32\scecli.dll - ok
23:03:51.0968 1228 [ DE6ED95AEF259979B2830450072A627B ] C:\WINDOWS\system32\drivers\aswFsBlk.sys
23:03:51.0968 1228 C:\WINDOWS\system32\drivers\aswFsBlk.sys - ok
23:03:51.0968 1228 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
23:03:51.0968 1228 C:\WINDOWS\system32\svchost.exe - ok
23:03:51.0984 1228 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
23:03:51.0984 1228 C:\WINDOWS\system32\ntmarta.dll - ok
23:03:51.0984 1228 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
23:03:51.0984 1228 C:\WINDOWS\system32\rpcss.dll - ok
23:03:51.0984 1228 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
23:03:51.0984 1228 C:\WINDOWS\system32\xpsp2res.dll - ok
23:03:52.0000 1228 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
23:03:52.0000 1228 C:\WINDOWS\system32\eventlog.dll - ok
23:03:52.0000 1228 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
23:03:52.0000 1228 C:\WINDOWS\system32\mswsock.dll - ok
23:03:52.0000 1228 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
23:03:52.0000 1228 C:\WINDOWS\system32\hnetcfg.dll - ok
23:03:52.0015 1228 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
23:03:52.0015 1228 C:\WINDOWS\system32\wshtcpip.dll - ok
23:03:52.0015 1228 [ 292F92469EFB2FD402E00742C06D539D ] C:\Program Files\Bonjour\mdnsNSP.dll
23:03:52.0015 1228 C:\Program Files\Bonjour\mdnsNSP.dll - ok
23:03:52.0015 1228 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
23:03:52.0031 1228 C:\WINDOWS\system32\winrnr.dll - ok
23:03:52.0031 1228 [ 811BB60991FC03A63F2F844A3F9C6488 ] C:\WINDOWS\system32\wshisn.dll
23:03:52.0031 1228 C:\WINDOWS\system32\wshisn.dll - ok
23:03:52.0031 1228 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
23:03:52.0031 1228 C:\WINDOWS\system32\wsock32.dll - ok
23:03:52.0046 1228 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
23:03:52.0046 1228 C:\WINDOWS\system32\rasadhlp.dll - ok
23:03:52.0046 1228 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
23:03:52.0046 1228 C:\WINDOWS\system32\cryptsvc.dll - ok
23:03:52.0046 1228 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
23:03:52.0046 1228 C:\WINDOWS\system32\atl.dll - ok
23:03:52.0062 1228 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
23:03:52.0062 1228 C:\WINDOWS\system32\certcli.dll - ok
23:03:52.0062 1228 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
23:03:52.0062 1228 C:\WINDOWS\system32\cryptui.dll - ok
23:03:52.0062 1228 [ D175F91A4C98B8848818C9B5089F88A2 ] C:\WINDOWS\system32\wininet.dll
23:03:52.0062 1228 C:\WINDOWS\system32\wininet.dll - ok
23:03:52.0078 1228 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
23:03:52.0078 1228 C:\WINDOWS\system32\normaliz.dll - ok
23:03:52.0078 1228 [ 84A5C7B9B1B82F94A8245781FD44D8BA ] C:\WINDOWS\system32\urlmon.dll
23:03:52.0078 1228 C:\WINDOWS\system32\urlmon.dll - ok
23:03:52.0078 1228 [ D1B3D1E05BEDC8F9B0BBBC03D6033F82 ] C:\WINDOWS\system32\iertutil.dll
23:03:52.0078 1228 C:\WINDOWS\system32\iertutil.dll - ok
23:03:52.0093 1228 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
23:03:52.0093 1228 C:\WINDOWS\system32\esent.dll - ok
23:03:52.0093 1228 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
23:03:52.0093 1228 C:\WINDOWS\system32\riched20.dll - ok
23:03:52.0109 1228 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] C:\WINDOWS\system32\drivers\nwlnkipx.sys
23:03:52.0109 1228 C:\WINDOWS\system32\drivers\nwlnkipx.sys - ok
23:03:52.0109 1228 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
23:03:52.0109 1228 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
23:03:52.0109 1228 [ 56D34A67C05E94E16377C60609741FF8 ] C:\WINDOWS\system32\drivers\nwlnknb.sys
23:03:52.0109 1228 C:\WINDOWS\system32\drivers\nwlnknb.sys - ok
23:03:52.0125 1228 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
23:03:52.0125 1228 C:\WINDOWS\system32\dhcpcsvc.dll - ok
23:03:52.0125 1228 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
23:03:52.0125 1228 C:\WINDOWS\system32\dnsrslvr.dll - ok
23:03:52.0125 1228 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
23:03:52.0125 1228 C:\WINDOWS\system32\lmhsvc.dll - ok
23:03:52.0140 1228 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
23:03:52.0140 1228 C:\WINDOWS\system32\wzcsvc.dll - ok
23:03:52.0140 1228 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
23:03:52.0140 1228 C:\WINDOWS\system32\rtutils.dll - ok
23:03:52.0140 1228 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
23:03:52.0140 1228 C:\WINDOWS\system32\dot3api.dll - ok
23:03:52.0156 1228 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
23:03:52.0156 1228 C:\WINDOWS\system32\eapolqec.dll - ok
23:03:52.0156 1228 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
23:03:52.0156 1228 C:\WINDOWS\system32\qutil.dll - ok
23:03:52.0156 1228 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
23:03:52.0156 1228 C:\WINDOWS\system32\wmi.dll - ok
23:03:52.0171 1228 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
23:03:52.0171 1228 C:\WINDOWS\system32\clbcatq.dll - ok
23:03:52.0171 1228 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
23:03:52.0171 1228 C:\WINDOWS\system32\comres.dll - ok
23:03:52.0171 1228 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
23:03:52.0171 1228 C:\WINDOWS\system32\activeds.dll - ok
23:03:52.0187 1228 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
23:03:52.0187 1228 C:\WINDOWS\system32\mprapi.dll - ok
23:03:52.0187 1228 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
23:03:52.0187 1228 C:\WINDOWS\system32\rastls.dll - ok
23:03:52.0187 1228 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
23:03:52.0187 1228 C:\WINDOWS\system32\adsldpc.dll - ok
23:03:52.0203 1228 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
23:03:52.0203 1228 C:\WINDOWS\system32\rasapi32.dll - ok
23:03:52.0203 1228 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
23:03:52.0203 1228 C:\WINDOWS\system32\rasman.dll - ok
23:03:52.0203 1228 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
23:03:52.0203 1228 C:\WINDOWS\system32\tapi32.dll - ok
23:03:52.0218 1228 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
23:03:52.0218 1228 C:\WINDOWS\system32\raschap.dll - ok
23:03:52.0218 1228 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
23:03:52.0218 1228 C:\WINDOWS\system32\cscdll.dll - ok
23:03:52.0218 1228 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
23:03:52.0218 1228 C:\WINDOWS\system32\logonui.exe - ok
23:03:52.0234 1228 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
23:03:52.0234 1228 C:\WINDOWS\system32\dimsntfy.dll - ok
23:03:52.0234 1228 [ 84F0BE324EE111338589F448C3E8BAB2 ] C:\WINDOWS\system32\drivers\aswmon2.sys
23:03:52.0234 1228 C:\WINDOWS\system32\drivers\aswmon2.sys - ok
23:03:52.0234 1228 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
23:03:52.0250 1228 C:\WINDOWS\system32\winspool.drv - ok
23:03:52.0250 1228 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
23:03:52.0250 1228 C:\WINDOWS\system32\wlnotify.dll - ok
23:03:52.0250 1228 [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:03:52.0250 1228 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
23:03:52.0265 1228 [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
23:03:52.0265 1228 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
23:03:52.0265 1228 [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
23:03:52.0265 1228 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
23:03:52.0265 1228 [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
23:03:52.0265 1228 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
23:03:52.0281 1228 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
23:03:52.0281 1228 C:\WINDOWS\system32\duser.dll - ok
23:03:52.0281 1228 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
23:03:52.0281 1228 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
23:03:52.0281 1228 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
23:03:52.0281 1228 C:\WINDOWS\system32\msimg32.dll - ok
23:03:52.0296 1228 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
23:03:52.0296 1228 C:\WINDOWS\system32\oleacc.dll - ok
23:03:52.0296 1228 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
23:03:52.0296 1228 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
23:03:52.0296 1228 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
23:03:52.0296 1228 C:\WINDOWS\system32\shgina.dll - ok
23:03:52.0312 1228 [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\AVAST Software\Avast\ashBase.dll
23:03:52.0312 1228 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
23:03:52.0312 1228 [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
23:03:52.0312 1228 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
23:03:52.0312 1228 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
23:03:52.0312 1228 C:\WINDOWS\system32\dbghelp.dll - ok
23:03:52.0328 1228 [ B316906B4A04DD39985350D29DE31068 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
23:03:52.0328 1228 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
23:03:52.0328 1228 [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\AVAST Software\Avast\ashServ.dll
23:03:52.0328 1228 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
23:03:52.0343 1228 [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
23:03:52.0343 1228 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
23:03:52.0343 1228 [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
23:03:52.0343 1228 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
23:03:52.0343 1228 [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
23:03:52.0343 1228 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
23:03:52.0359 1228 [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
23:03:52.0359 1228 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
23:03:52.0359 1228 [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
23:03:52.0359 1228 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
23:03:52.0359 1228 [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
23:03:52.0359 1228 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
23:03:52.0375 1228 [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
23:03:52.0375 1228 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
23:03:52.0375 1228 [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
23:03:52.0375 1228 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
23:03:52.0375 1228 [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
23:03:52.0375 1228 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
23:03:52.0390 1228 [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\AVAST Software\Avast\aswDld.dll
23:03:52.0390 1228 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
23:03:52.0390 1228 [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
23:03:52.0390 1228 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
23:03:52.0390 1228 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
23:03:52.0390 1228 C:\WINDOWS\system32\schedsvc.dll - ok
23:03:52.0406 1228 [ 4BFEAAD2BB30BFEA51DEB8FE6E2D20A3 ] C:\Program Files\AVAST Software\Avast\defs\13021800\aswEngin.dll
23:03:52.0406 1228 C:\Program Files\AVAST Software\Avast\defs\13021800\aswEngin.dll - ok
23:03:52.0406 1228 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
23:03:52.0406 1228 C:\WINDOWS\system32\msidle.dll - ok
23:03:52.0406 1228 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
23:03:52.0406 1228 C:\WINDOWS\system32\spoolsv.exe - ok
23:03:52.0421 1228 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
23:03:52.0421 1228 C:\WINDOWS\system32\cscui.dll - ok
23:03:52.0421 1228 [ B0387E7CFCBB41317AC94708204B19D5 ] C:\Program Files\AVAST Software\Avast\defs\13021800\aswCmnOS.dll
23:03:52.0421 1228 C:\Program Files\AVAST Software\Avast\defs\13021800\aswCmnOS.dll - ok
23:03:52.0437 1228 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
23:03:52.0437 1228 C:\WINDOWS\system32\powrprof.dll - ok
23:03:52.0437 1228 [ C5003D42CC88C1F5D54ED9AF28D6ED7B ] C:\Program Files\IDT\IntelXPV_v103\WDM\stacsv.exe
23:03:52.0437 1228 C:\Program Files\IDT\IntelXPV_v103\WDM\stacsv.exe - ok
23:03:52.0437 1228 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
23:03:52.0437 1228 C:\WINDOWS\system32\audiosrv.dll - ok
23:03:52.0437 1228 [ 70FFC1872B842FF80CC48C1B0CB324A1 ] C:\Program Files\AVAST Software\Avast\defs\13021800\aswCmnIS.dll
23:03:52.0437 1228 C:\Program Files\AVAST Software\Avast\defs\13021800\aswCmnIS.dll - ok
23:03:52.0453 1228 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
23:03:52.0453 1228 C:\WINDOWS\system32\dpcdll.dll - ok
23:03:52.0453 1228 [ F77EF01C669BF4E4B9F8FF5D1025B496 ] C:\Program Files\AVAST Software\Avast\defs\13021800\aswCmnBS.dll
23:03:52.0453 1228 C:\Program Files\AVAST Software\Avast\defs\13021800\aswCmnBS.dll - ok
23:03:52.0468 1228 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
23:03:52.0468 1228 C:\WINDOWS\system32\dsound.dll - ok
23:03:52.0468 1228 [ C25001B470B1456BB32B20002C4DB9BB ] C:\Program Files\AVAST Software\Avast\defs\13021800\aswRep.dll
23:03:52.0468 1228 C:\Program Files\AVAST Software\Avast\defs\13021800\aswRep.dll - ok
23:03:52.0468 1228 [ 707715D4C54AC3F754D954CC8D759414 ] C:\Program Files\AVAST Software\Avast\defs\13021800\aswScan.dll
23:03:52.0468 1228 C:\Program Files\AVAST Software\Avast\defs\13021800\aswScan.dll - ok
23:03:52.0484 1228 [ C1F048B33A1BD8F5B05AF76469252F55 ] C:\Program Files\AVAST Software\Avast\defs\13021800\aswFiDb.dll
23:03:52.0484 1228 C:\Program Files\AVAST Software\Avast\defs\13021800\aswFiDb.dll - ok
23:03:52.0484 1228 [ 2C4F71502AE5ADC6552EAD0F7A5AD403 ] C:\Program Files\AVAST Software\Avast\defs\13021800\algo.dll
23:03:52.0484 1228 C:\Program Files\AVAST Software\Avast\defs\13021800\algo.dll - ok
23:03:52.0484 1228 [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
23:03:52.0484 1228 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
23:03:52.0500 1228 [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
23:03:52.0500 1228 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
23:03:52.0500 1228 [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
23:03:52.0500 1228 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
23:03:52.0500 1228 [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
23:03:52.0500 1228 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
23:03:52.0515 1228 [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
23:03:52.0515 1228 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
23:03:52.0515 1228 [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
23:03:52.0515 1228 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
23:03:52.0515 1228 [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
23:03:52.0515 1228 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
23:03:52.0531 1228 [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
23:03:52.0531 1228 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
23:03:52.0531 1228 [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
23:03:52.0531 1228 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
23:03:52.0531 1228 [ 14D87B8141E723D87F24FCFCBA5B565F ] C:\WINDOWS\system32\stacapi.dll
23:03:52.0531 1228 C:\WINDOWS\system32\stacapi.dll - ok
23:03:52.0546 1228 [ 823C5BEB3D5B79090473FBD00C2D05C8 ] C:\Program Files\AVAST Software\Avast\defs\13021800\ArPot.dll
23:03:52.0546 1228 C:\Program Files\AVAST Software\Avast\defs\13021800\ArPot.dll - ok
23:03:52.0546 1228 [ 1ABFFB6ABE8B70EDA4206F0F3D3D72F4 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
23:03:52.0546 1228 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
23:03:52.0562 1228 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
23:03:52.0562 1228 C:\WINDOWS\system32\wkssvc.dll - ok
23:03:52.0562 1228 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
23:03:52.0562 1228 C:\WINDOWS\system32\wdmaud.drv - ok
23:03:52.0562 1228 [ 6CF93FC44E346AE4D117C7A1F340BE2F ] C:\Program Files\AVAST Software\Avast\defs\13021800\exts.dll
23:03:52.0562 1228 C:\Program Files\AVAST Software\Avast\defs\13021800\exts.dll - ok
23:03:52.0578 1228 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
23:03:52.0578 1228 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
23:03:52.0578 1228 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
23:03:52.0578 1228 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
23:03:52.0578 1228 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
23:03:52.0578 1228 C:\WINDOWS\system32\drivers\splitter.sys - ok
23:03:52.0593 1228 [ 39EADCAA61372C038BCFED96DF5323DA ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
23:03:52.0593 1228 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
23:03:52.0593 1228 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] C:\WINDOWS\system32\drivers\nwlnkspx.sys
23:03:52.0593 1228 C:\WINDOWS\system32\drivers\nwlnkspx.sys - ok
23:03:52.0593 1228 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
23:03:52.0593 1228 C:\WINDOWS\system32\drivers\aec.sys - ok
23:03:52.0609 1228 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
23:03:52.0609 1228 C:\WINDOWS\system32\drivers\swmidi.sys - ok
23:03:52.0609 1228 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
23:03:52.0609 1228 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
23:03:52.0609 1228 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
23:03:52.0609 1228 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
23:03:52.0625 1228 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\DMusic.sys
23:03:52.0625 1228 C:\WINDOWS\system32\drivers\DMusic.sys - ok
23:03:52.0625 1228 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
23:03:52.0625 1228 C:\WINDOWS\system32\drivers\kmixer.sys - ok
23:03:52.0625 1228 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
23:03:52.0625 1228 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
23:03:52.0640 1228 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
23:03:52.0640 1228 C:\WINDOWS\system32\security.dll - ok
23:03:52.0640 1228 [ 96386E75BCFED6F339BE01359D6CBFAF ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
23:03:52.0640 1228 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
23:03:52.0656 1228 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
23:03:52.0656 1228 C:\WINDOWS\system32\msacm32.drv - ok
23:03:52.0656 1228 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
23:03:52.0656 1228 C:\WINDOWS\system32\midimap.dll - ok
23:03:52.0656 1228 [ 0E008AD2A6D9FFA8A9BABA7DB2C1C742 ] C:\Program Files\AVAST Software\Avast\defs\13021800\aswAR.dll
23:03:52.0656 1228 C:\Program Files\AVAST Software\Avast\defs\13021800\aswAR.dll - ok
23:03:52.0671 1228 [ 200D4A6CA70D1D8725851FA9A484033E ] C:\Program Files\AVAST Software\Avast\defs\13021800\aswRawFS.dll
23:03:52.0671 1228 C:\Program Files\AVAST Software\Avast\defs\13021800\aswRawFS.dll - ok
23:03:52.0671 1228 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
23:03:52.0671 1228 C:\WINDOWS\system32\userinit.exe - ok
23:03:52.0671 1228 [ D79D3EABD4730970770EFA530D094E0F ] C:\Program Files\AVAST Software\Avast\snxhk.dll
23:03:52.0671 1228 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
23:03:52.0687 1228 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe
23:03:52.0687 1228 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
23:03:52.0687 1228 [ 7F19838AC317C34FCED020BE529AF71E ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
23:03:52.0687 1228 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
23:03:52.0687 1228 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
23:03:52.0687 1228 C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
23:03:52.0703 1228 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
23:03:52.0703 1228 C:\WINDOWS\system32\msi.dll - ok
23:03:52.0703 1228 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
23:03:52.0703 1228 C:\WINDOWS\explorer.exe - ok
23:03:52.0703 1228 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
23:03:52.0703 1228 C:\WINDOWS\system32\browseui.dll - ok
23:03:52.0718 1228 [ 056EF846CBFD487A5F56F27DB400BDEE ] C:\WINDOWS\system32\shdocvw.dll
23:03:52.0718 1228 C:\WINDOWS\system32\shdocvw.dll - ok
23:03:52.0718 1228 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
23:03:52.0718 1228 C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
23:03:52.0718 1228 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
23:03:52.0718 1228 C:\WINDOWS\system32\mstask.dll - ok
23:03:52.0734 1228 [ 4D153BDE01AA3FD33414199052051549 ] C:\Program Files\AVAST Software\Avast\ashShell.dll
23:03:52.0734 1228 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
23:03:52.0734 1228 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
23:03:52.0734 1228 C:\WINDOWS\system32\desk.cpl - ok
23:03:52.0734 1228 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
23:03:52.0734 1228 C:\WINDOWS\system32\themeui.dll - ok
23:03:52.0750 1228 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
23:03:52.0750 1228 C:\WINDOWS\system32\actxprxy.dll - ok
23:03:52.0750 1228 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
23:03:52.0750 1228 C:\WINDOWS\system32\cmd.exe - ok
23:03:52.0750 1228 [ 53249B2147DDC8212B290ACF80570290 ] C:\WINDOWS\system32\ieframe.dll
23:03:52.0750 1228 C:\WINDOWS\system32\ieframe.dll - ok
23:03:52.0765 1228 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
23:03:52.0765 1228 C:\WINDOWS\system32\cryptnet.dll - ok
23:03:52.0765 1228 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
23:03:52.0765 1228 C:\WINDOWS\system32\sensapi.dll - ok
23:03:52.0765 1228 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
23:03:52.0765 1228 C:\WINDOWS\system32\winhttp.dll - ok
23:03:52.0781 1228 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
23:03:52.0781 1228 C:\WINDOWS\system32\cabinet.dll - ok
23:03:52.0781 1228 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
23:03:52.0781 1228 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
23:03:52.0796 1228 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
23:03:52.0796 1228 C:\WINDOWS\system32\webclnt.dll - ok
23:03:52.0796 1228 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
23:03:52.0796 1228 C:\WINDOWS\system32\drivers\parvdm.sys - ok
23:03:52.0796 1228 [ 43DC4FC662DF064535E30B17C8B5AB00 ] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
23:03:52.0796 1228 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe - ok
23:03:52.0812 1228 [ A9A3DAA780CA6C9671A19D52456705B4 ] C:\WINDOWS\system32\alrsvc.dll
23:03:52.0812 1228 C:\WINDOWS\system32\alrsvc.dll - ok
23:03:52.0812 1228 [ 01A24B415926BB5F772DBE12459D97DE ] C:\Program Files\Microsoft\BingBar\BBSvc.EXE
23:03:52.0812 1228 C:\Program Files\Microsoft\BingBar\BBSvc.EXE - ok
23:03:52.0812 1228 [ 785DE7ABDA13309D6065305542829E76 ] C:\Program Files\Microsoft\BingBar\SeaPort.EXE
23:03:52.0812 1228 C:\Program Files\Microsoft\BingBar\SeaPort.EXE - ok
23:03:52.0828 1228 [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
23:03:52.0828 1228 C:\WINDOWS\system32\msxml6.dll - ok
23:03:52.0828 1228 [ 3F56903E124E820AEECE6D471583C6C1 ] C:\Program Files\Bonjour\mDNSResponder.exe
23:03:52.0828 1228 C:\Program Files\Bonjour\mDNSResponder.exe - ok
23:03:52.0828 1228 [ D71B2CD799AD3AEEED2C29D02B0B5170 ] C:\WINDOWS\system32\dlcxcoms.exe
23:03:52.0828 1228 C:\WINDOWS\system32\dlcxcoms.exe - ok
23:03:52.0843 1228 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
23:03:52.0843 1228 C:\WINDOWS\system32\ersvc.dll - ok
23:03:52.0843 1228 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
23:03:52.0843 1228 C:\WINDOWS\system32\es.dll - ok
23:03:52.0843 1228 [ 98D36796CC850C94DD6EDEC384ECE304 ] C:\WINDOWS\system32\dlcxserv.dll
23:03:52.0843 1228 C:\WINDOWS\system32\dlcxserv.dll - ok
23:03:52.0859 1228 [ D6B87681650DF6E516CC69EB3BD2C36B ] C:\WINDOWS\system32\dlcxinpa.dll
23:03:52.0859 1228 C:\WINDOWS\system32\dlcxinpa.dll - ok
23:03:52.0859 1228 [ 91A9D940A9335BC14755F2027D44FB0E ] C:\WINDOWS\system32\dlcxiesc.dll
23:03:52.0859 1228 C:\WINDOWS\system32\dlcxiesc.dll - ok
23:03:52.0859 1228 [ FCE162D9604C08F2A0D60A674B64699D ] C:\WINDOWS\system32\dlcxusb1.dll
23:03:52.0859 1228 C:\WINDOWS\system32\dlcxusb1.dll - ok
23:03:52.0875 1228 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
23:03:52.0875 1228 C:\WINDOWS\system32\hid.dll - ok
23:03:52.0875 1228 [ 39133291CB607BDD87CFC565A4A1E7A5 ] C:\Program Files\Java\jre6\bin\jqs.exe
23:03:52.0875 1228 C:\Program Files\Java\jre6\bin\jqs.exe - ok
23:03:52.0875 1228 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
23:03:52.0875 1228 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
23:03:52.0890 1228 [ D45AADF2C95A91DB5F4E222D16F05A24 ] C:\WINDOWS\system32\dlcxhbn3.dll
23:03:52.0890 1228 C:\WINDOWS\system32\dlcxhbn3.dll - ok
23:03:52.0890 1228 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
23:03:52.0890 1228 C:\WINDOWS\system32\hidserv.dll - ok
23:03:52.0906 1228 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Java\jre6\bin\msvcr71.dll
23:03:52.0906 1228 C:\Program Files\Java\jre6\bin\msvcr71.dll - ok
23:03:52.0906 1228 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
23:03:52.0906 1228 C:\WINDOWS\system32\pdh.dll - ok
23:03:52.0906 1228 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
23:03:52.0906 1228 C:\WINDOWS\system32\odbcbcp.dll - ok
23:03:52.0921 1228 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
23:03:52.0921 1228 C:\WINDOWS\system32\srvsvc.dll - ok
23:03:52.0921 1228 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
23:03:52.0921 1228 C:\WINDOWS\system32\netman.dll - ok
23:03:52.0921 1228 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
23:03:52.0921 1228 C:\WINDOWS\system32\netshell.dll - ok
23:03:52.0937 1228 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
23:03:52.0937 1228 C:\WINDOWS\system32\credui.dll - ok
23:03:52.0937 1228 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
23:03:52.0937 1228 C:\WINDOWS\system32\dot3dlg.dll - ok
23:03:52.0937 1228 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
23:03:52.0937 1228 C:\WINDOWS\system32\onex.dll - ok
23:03:52.0953 1228 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
23:03:52.0953 1228 C:\WINDOWS\system32\eappcfg.dll - ok
23:03:52.0953 1228 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
23:03:52.0953 1228 C:\WINDOWS\system32\eappprxy.dll - ok
23:03:52.0953 1228 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
23:03:52.0953 1228 C:\WINDOWS\system32\wzcsapi.dll - ok
23:03:52.0968 1228 [ FD306FBCCE7ADB1077B709742E7148E9 ] C:\Program Files\CDBurnerXP\NMSAccessU.exe
23:03:52.0968 1228 C:\Program Files\CDBurnerXP\NMSAccessU.exe - ok
23:03:52.0968 1228 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
23:03:52.0968 1228 C:\WINDOWS\system32\netmsg.dll - ok
23:03:52.0968 1228 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
23:03:52.0968 1228 C:\WINDOWS\system32\ipsecsvc.dll - ok
23:03:52.0984 1228 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
23:03:52.0984 1228 C:\WINDOWS\system32\seclogon.dll - ok
23:03:52.0984 1228 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
23:03:52.0984 1228 C:\WINDOWS\system32\perfos.dll - ok
23:03:52.0984 1228 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
23:03:52.0984 1228 C:\WINDOWS\system32\sens.dll - ok
23:03:53.0000 1228 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
23:03:53.0000 1228 C:\WINDOWS\system32\perfdisk.dll - ok
23:03:53.0000 1228 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
23:03:53.0000 1228 C:\WINDOWS\system32\srsvc.dll - ok
23:03:53.0000 1228 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
23:03:53.0000 1228 C:\WINDOWS\system32\oakley.dll - ok
23:03:53.0015 1228 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
23:03:53.0015 1228 C:\WINDOWS\system32\wiaservc.dll - ok
23:03:53.0015 1228 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
23:03:53.0015 1228 C:\WINDOWS\system32\winipsec.dll - ok
23:03:53.0015 1228 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
23:03:53.0015 1228 C:\WINDOWS\system32\drivers\srv.sys - ok
23:03:53.0031 1228 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
23:03:53.0031 1228 C:\WINDOWS\system32\pstorsvc.dll - ok
23:03:53.0031 1228 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
23:03:53.0031 1228 C:\WINDOWS\system32\cfgmgr32.dll - ok
23:03:53.0046 1228 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
23:03:53.0046 1228 C:\WINDOWS\system32\mscms.dll - ok
23:03:53.0046 1228 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
23:03:53.0046 1228 C:\WINDOWS\system32\psbase.dll - ok
23:03:53.0046 1228 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
23:03:53.0046 1228 C:\WINDOWS\system32\spoolss.dll - ok
23:03:53.0062 1228 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
23:03:53.0062 1228 C:\WINDOWS\system32\localspl.dll - ok
23:03:53.0062 1228 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
23:03:53.0062 1228 C:\WINDOWS\system32\dssenh.dll - ok
23:03:53.0062 1228 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
23:03:53.0062 1228 C:\WINDOWS\system32\cnbjmon.dll - ok
23:03:53.0078 1228 [ 2A0C32CB84C6313400EF1B8626307C55 ] C:\WINDOWS\system32\dlcxlmpm.dll
23:03:53.0078 1228 C:\WINDOWS\system32\dlcxlmpm.dll - ok
23:03:53.0078 1228 [ E6AD9406ED28CB01FBC90E8395999333 ] C:\WINDOWS\system32\dlcxcomc.dll
23:03:53.0078 1228 C:\WINDOWS\system32\dlcxcomc.dll - ok
23:03:53.0078 1228 [ DAD1A4D96291139C0F834B138320E475 ] C:\WINDOWS\system32\Pen_Tablet.exe
23:03:53.0078 1228 C:\WINDOWS\system32\Pen_Tablet.exe - ok
23:03:53.0093 1228 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
23:03:53.0093 1228 C:\WINDOWS\system32\pjlmon.dll - ok
23:03:53.0093 1228 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
23:03:53.0093 1228 C:\WINDOWS\system32\tcpmon.dll - ok
23:03:53.0093 1228 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
23:03:53.0093 1228 C:\WINDOWS\system32\usbmon.dll - ok
23:03:53.0109 1228 [ C4C21FB6300A27BAA8331917199484E9 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll
23:03:53.0109 1228 C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll - ok
23:03:53.0109 1228 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
23:03:53.0109 1228 C:\WINDOWS\system32\trkwks.dll - ok
23:03:53.0125 1228 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
23:03:53.0125 1228 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
23:03:53.0125 1228 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
23:03:53.0125 1228 C:\WINDOWS\system32\win32spl.dll - ok
23:03:53.0125 1228 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
23:03:53.0125 1228 C:\WINDOWS\system32\netrap.dll - ok
23:03:53.0140 1228 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
23:03:53.0140 1228 C:\WINDOWS\system32\inetpp.dll - ok
23:03:53.0140 1228 [ 39DD0C97932CDFDCF006569E1A942728 ] C:\WINDOWS\system32\wiavusd.dll
23:03:53.0140 1228 C:\WINDOWS\system32\wiavusd.dll - ok
23:03:53.0140 1228 [ 810883E6225C0037F2553D964FC866E3 ] C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
23:03:53.0140 1228 C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe - ok
23:03:53.0156 1228 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
23:03:53.0156 1228 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
23:03:53.0156 1228 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
23:03:53.0156 1228 C:\WINDOWS\system32\shfolder.dll - ok
23:03:53.0156 1228 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
23:03:53.0156 1228 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
23:03:53.0171 1228 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
23:03:53.0171 1228 C:\WINDOWS\system32\vssapi.dll - ok
23:03:53.0171 1228 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
23:03:53.0171 1228 C:\WINDOWS\system32\wuauserv.dll - ok
23:03:53.0171 1228 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
23:03:53.0171 1228 C:\WINDOWS\system32\wuaueng.dll - ok
23:03:53.0187 1228 [ A876B5FEB247E65A138A88DFE73FCF32 ] C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
23:03:53.0187 1228 C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe - ok
23:03:53.0187 1228 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
23:03:53.0187 1228 C:\WINDOWS\system32\mspatcha.dll - ok
23:03:53.0187 1228 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
23:03:53.0187 1228 C:\WINDOWS\system32\browser.dll - ok
23:03:53.0203 1228 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
23:03:53.0203 1228 C:\WINDOWS\system32\ipnathlp.dll - ok
23:03:53.0203 1228 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
23:03:53.0203 1228 C:\WINDOWS\system32\wscsvc.dll - ok
23:03:53.0203 1228 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
23:03:53.0203 1228 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
23:03:53.0218 1228 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
23:03:53.0218 1228 C:\WINDOWS\system32\wbem\esscli.dll - ok
23:03:53.0218 1228 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
23:03:53.0218 1228 C:\WINDOWS\system32\wbem\fastprox.dll - ok
23:03:53.0218 1228 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
23:03:53.0218 1228 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
23:03:53.0234 1228 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
23:03:53.0234 1228 C:\WINDOWS\system32\comsvcs.dll - ok
23:03:53.0234 1228 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
23:03:53.0234 1228 C:\WINDOWS\system32\colbact.dll - ok
23:03:53.0250 1228 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
23:03:53.0250 1228 C:\WINDOWS\system32\mtxclu.dll - ok
23:03:53.0250 1228 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
23:03:53.0250 1228 C:\WINDOWS\system32\clusapi.dll - ok
23:03:53.0250 1228 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
23:03:53.0250 1228 C:\WINDOWS\system32\resutils.dll - ok
23:03:53.0265 1228 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
23:03:53.0265 1228 C:\WINDOWS\system32\wups.dll - ok
23:03:53.0265 1228 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
23:03:53.0265 1228 C:\WINDOWS\system32\wups2.dll - ok
23:03:53.0265 1228 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
23:03:53.0265 1228 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
23:03:53.0281 1228 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
23:03:53.0281 1228 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
23:03:53.0281 1228 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
23:03:53.0281 1228 C:\WINDOWS\system32\wuauclt.exe - ok
23:03:53.0281 1228 [ 5A4B93F78473F397C332A0BF6B8F093F ] C:\WINDOWS\system32\wbem\mofd.dll
23:03:53.0296 1228 C:\WINDOWS\system32\wbem\mofd.dll - ok
23:03:53.0296 1228 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
23:03:53.0296 1228 C:\WINDOWS\system32\termsrv.dll - ok
23:03:53.0296 1228 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
23:03:53.0296 1228 C:\WINDOWS\system32\icaapi.dll - ok
23:03:53.0312 1228 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
23:03:53.0312 1228 C:\WINDOWS\system32\mstlsapi.dll - ok
23:03:53.0312 1228 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
23:03:53.0312 1228 C:\WINDOWS\system32\tapisrv.dll - ok
23:03:53.0312 1228 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
23:03:53.0312 1228 C:\WINDOWS\system32\rasmans.dll - ok
23:03:53.0328 1228 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
23:03:53.0328 1228 C:\WINDOWS\system32\netcfgx.dll - ok
23:03:53.0328 1228 [ 7088887BF0A526F863EA76CBEC296C7D ] C:\Program Files\Java\jre6\bin\awt.dll
23:03:53.0328 1228 C:\Program Files\Java\jre6\bin\awt.dll - ok
23:03:53.0328 1228 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
23:03:53.0328 1228 C:\WINDOWS\system32\rastapi.dll - ok
23:03:53.0343 1228 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
23:03:53.0343 1228 C:\WINDOWS\system32\unimdm.tsp - ok
23:03:53.0343 1228 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
23:03:53.0343 1228 C:\WINDOWS\system32\uniplat.dll - ok
23:03:53.0343 1228 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
23:03:53.0343 1228 C:\WINDOWS\system32\kmddsp.tsp - ok
23:03:53.0359 1228 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
23:03:53.0359 1228 C:\WINDOWS\system32\ipconf.tsp - ok
23:03:53.0359 1228 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
23:03:53.0359 1228 C:\WINDOWS\system32\ndptsp.tsp - ok
23:03:53.0359 1228 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
23:03:53.0359 1228 C:\WINDOWS\system32\h323.tsp - ok
23:03:53.0375 1228 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
23:03:53.0375 1228 C:\WINDOWS\system32\hidphone.tsp - ok
23:03:53.0375 1228 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
23:03:53.0375 1228 C:\WINDOWS\system32\rasppp.dll - ok
23:03:53.0375 1228 [ E25025379E52E322EC91EDC7B673B552 ] C:\Program Files\Java\jre6\bin\client\jvm.dll
23:03:53.0375 1228 C:\Program Files\Java\jre6\bin\client\jvm.dll - ok
23:03:53.0390 1228 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
23:03:53.0390 1228 C:\WINDOWS\system32\ntlsapi.dll - ok
23:03:53.0390 1228 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
23:03:53.0390 1228 C:\WINDOWS\system32\rasqec.dll - ok
23:03:53.0390 1228 [ B1DED39112E0C85BAFA58DCBEC6718B6 ] C:\WINDOWS\system32\ipxwan.dll
23:03:53.0406 1228 C:\WINDOWS\system32\ipxwan.dll - ok
23:03:53.0406 1228 [ D05AB88927849DF74CF4F1C303DAEB4F ] C:\WINDOWS\system32\adptif.dll
23:03:53.0406 1228 C:\WINDOWS\system32\adptif.dll - ok
23:03:53.0406 1228 [ 916C4E7E70703F76AAAB31716F7B86DC ] C:\Program Files\Java\jre6\bin\dcpr.dll
23:03:53.0406 1228 C:\Program Files\Java\jre6\bin\dcpr.dll - ok
23:03:53.0421 1228 [ DE2272E23F0518F321ED7ACF3E0694F2 ] C:\Program Files\Java\jre6\bin\deploy.dll
23:03:53.0421 1228 C:\Program Files\Java\jre6\bin\deploy.dll - ok
23:03:53.0421 1228 [ 13C8337E3B3A62964920B31A6D209595 ] C:\Program Files\Java\jre6\bin\fontmanager.dll
23:03:53.0421 1228 C:\Program Files\Java\jre6\bin\fontmanager.dll - ok
23:03:53.0421 1228 [ 4E144BC51B9BC8B64A404B6ED390AF6E ] C:\Program Files\Java\jre6\bin\hpi.dll
23:03:53.0421 1228 C:\Program Files\Java\jre6\bin\hpi.dll - ok
23:03:53.0437 1228 [ 009DABE4E77155DBBEFAC339ECCAB741 ] C:\Program Files\Java\jre6\bin\java.dll
23:03:53.0437 1228 C:\Program Files\Java\jre6\bin\java.dll - ok
23:03:53.0437 1228 [ 7F1875210672BB9338B0F86955948ECB ] C:\Program Files\Java\jre6\bin\java.exe
23:03:53.0437 1228 C:\Program Files\Java\jre6\bin\java.exe - ok
23:03:53.0437 1228 [ 9032CD8F2D383C20497A5C66BF90A5B9 ] C:\Program Files\Java\jre6\bin\jp2native.dll
23:03:53.0437 1228 C:\Program Files\Java\jre6\bin\jp2native.dll - ok
23:03:53.0453 1228 [ 9B5CEB2D6FF6BC326C7083BC99A8C7E2 ] C:\Program Files\Java\jre6\bin\jpeg.dll
23:03:53.0453 1228 C:\Program Files\Java\jre6\bin\jpeg.dll - ok
23:03:53.0453 1228 [ 9D9B7353C71E6D26408E4EAAB8CA5129 ] C:\Program Files\Java\jre6\bin\net.dll
23:03:53.0453 1228 C:\Program Files\Java\jre6\bin\net.dll - ok
23:03:53.0453 1228 [ 12CDADB34150974A4E3470BFB0D2D594 ] C:\Program Files\Java\jre6\bin\nio.dll
23:03:53.0453 1228 C:\Program Files\Java\jre6\bin\nio.dll - ok
23:03:53.0468 1228 [ E36A9CD11E12C348E167064E89926B9A ] C:\Program Files\Java\jre6\bin\regutils.dll
23:03:53.0468 1228 C:\Program Files\Java\jre6\bin\regutils.dll - ok
23:03:53.0468 1228 [ E565723A3ACD0CB77CCF620CD30170D4 ] C:\Program Files\Java\jre6\bin\verify.dll
23:03:53.0468 1228 C:\Program Files\Java\jre6\bin\verify.dll - ok
23:03:53.0468 1228 [ 02B95B60003E6BF03A3046E1D503B9E5 ] C:\Program Files\Java\jre6\bin\zip.dll
23:03:53.0468 1228 C:\Program Files\Java\jre6\bin\zip.dll - ok
23:03:53.0484 1228 [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Ally\LOCALS~1\temp\273FD36E-EA79-4C6E-9A16-26C7037F07FD.exe
23:03:53.0484 1228 C:\DOCUME~1\Ally\LOCALS~1\temp\273FD36E-EA79-4C6E-9A16-26C7037F07FD.exe - ok
23:03:53.0484 1228 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
23:03:53.0484 1228 C:\WINDOWS\system32\linkinfo.dll - ok
23:03:53.0484 1228 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
23:03:53.0484 1228 C:\WINDOWS\system32\ntshrui.dll - ok
23:03:53.0500 1228 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
23:03:53.0500 1228 C:\WINDOWS\system32\verclsid.exe - ok
23:03:53.0500 1228 [ 452FA961163EF4AEE4815796A13AB2CF ] C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
23:03:53.0500 1228 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
23:03:53.0500 1228 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
23:03:53.0500 1228 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
23:03:53.0515 1228 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
23:03:53.0515 1228 C:\WINDOWS\system32\upnp.dll - ok
23:03:53.0515 1228 [ 6B0E8DEE62C0C9695C77F14482DDF178 ] C:\Program Files\iTunes\iTunesHelper.exe
23:03:53.0515 1228 C:\Program Files\iTunes\iTunesHelper.exe - ok
23:03:53.0515 1228 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
23:03:53.0515 1228 C:\WINDOWS\system32\ssdpapi.dll - ok
23:03:53.0531 1228 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
23:03:53.0531 1228 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
23:03:53.0531 1228 [ 2994380C9717E7EB8B2E3BC9457C7DBD ] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe
23:03:53.0531 1228 C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe - ok
23:03:53.0546 1228 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
23:03:53.0546 1228 C:\WINDOWS\system32\drivers\http.sys - ok
23:03:53.0546 1228 [ C6AF6F32EA394EE18F69C0906C318A53 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
23:03:53.0546 1228 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
23:03:53.0546 1228 [ 253A9C3847D9EBCDB328AACABB1D6ACE ] C:\Program Files\Corel\Corel VideoStudio 12\u32Cfg.dll
23:03:53.0546 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32Cfg.dll - ok
23:03:53.0562 1228 [ 3A0647BDED81DBE0BCBB51D70B22C9E0 ] C:\Program Files\Java\jre6\bin\jusched.exe
23:03:53.0562 1228 C:\Program Files\Java\jre6\bin\jusched.exe - ok
23:03:53.0562 1228 [ C040F264D19CBA0F70B97F1F21C4521C ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
23:03:53.0562 1228 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
23:03:53.0562 1228 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
23:03:53.0562 1228 C:\WINDOWS\system32\ssdpsrv.dll - ok
23:03:53.0578 1228 [ AE4237E46A57B36177EFDDA63E52F7FA ] C:\Program Files\Corel\Corel VideoStudio 12\u32sn.dll
23:03:53.0578 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32sn.dll - ok
23:03:53.0578 1228 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
23:03:53.0578 1228 C:\WINDOWS\system32\webcheck.dll - ok
23:03:53.0578 1228 [ BDE26D8C8E163602B07A4D5772214DCE ] C:\Program Files\Corel\Corel VideoStudio 12\u32Prod.dll
23:03:53.0578 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32Prod.dll - ok
23:03:53.0593 1228 [ 265254E435A0FB0CB0ADC56FD67C9C0F ] C:\Program Files\Corel\Corel VideoStudio 12\u32Comm.dll
23:03:53.0593 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32Comm.dll - ok
23:03:53.0593 1228 [ 35DF5A0EBF676CCA764C73519E0D9DE8 ] C:\Program Files\Corel\Corel VideoStudio 12\HerDocdll.dll
23:03:53.0593 1228 C:\Program Files\Corel\Corel VideoStudio 12\HerDocdll.dll - ok
23:03:53.0593 1228 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
23:03:53.0593 1228 C:\WINDOWS\system32\mlang.dll - ok
23:03:53.0609 1228 [ 3DA8B0E61675FC153E941C982C85471B ] C:\Program Files\Corel\Corel VideoStudio 12\uvipl.dll
23:03:53.0609 1228 C:\Program Files\Corel\Corel VideoStudio 12\uvipl.dll - ok
23:03:53.0609 1228 [ 705A098ACA89D722765DBE16920B21C7 ] C:\Program Files\Corel\Corel VideoStudio 12\uipp.dll
23:03:53.0609 1228 C:\Program Files\Corel\Corel VideoStudio 12\uipp.dll - ok
23:03:53.0609 1228 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
23:03:53.0609 1228 C:\WINDOWS\system32\stobject.dll - ok
23:03:53.0625 1228 [ 62F139B48C9B85C44480C334E2DE26DB ] C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe
23:03:53.0625 1228 C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe - ok
23:03:53.0625 1228 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
23:03:53.0625 1228 C:\WINDOWS\system32\batmeter.dll - ok
23:03:53.0640 1228 [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
23:03:53.0640 1228 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
23:03:53.0640 1228 [ 3C1A4F9EFD335787B79F77EA07E4A2A3 ] C:\Program Files\Corel\Corel VideoStudio 12\u32Cvt.dll
23:03:53.0640 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32Cvt.dll - ok
23:03:53.0640 1228 [ 331E22DCEED40E8499AEB2567206EB98 ] C:\Program Files\Corel\Corel VideoStudio 12\u32Base.dll
23:03:53.0640 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32Base.dll - ok
23:03:53.0656 1228 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
23:03:53.0656 1228 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
23:03:53.0656 1228 [ 61431A158C79BD9C4B08542475543689 ] C:\Program Files\Corel\Corel VideoStudio 12\Vcvrt32.dll
23:03:53.0656 1228 C:\Program Files\Corel\Corel VideoStudio 12\Vcvrt32.dll - ok
23:03:53.0656 1228 [ 6554AD10A704DB1A91AAEE1CB43082B4 ] C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll
23:03:53.0656 1228 C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll - ok
23:03:53.0671 1228 [ EA9277805014F8DB8932AEFA17AD6B9C ] C:\Program Files\Corel\Corel VideoStudio 12\uSurround.dll
23:03:53.0671 1228 C:\Program Files\Corel\Corel VideoStudio 12\uSurround.dll - ok
23:03:53.0671 1228 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
23:03:53.0671 1228 C:\WINDOWS\system32\mydocs.dll - ok
23:03:53.0671 1228 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
23:03:53.0671 1228 C:\WINDOWS\system32\oledlg.dll - ok
23:03:53.0687 1228 [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll
23:03:53.0687 1228 C:\WINDOWS\system32\msvfw32.dll - ok
23:03:53.0687 1228 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
23:03:53.0687 1228 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll - ok
23:03:53.0687 1228 [ 555ED2E89125BBF38757388CA64BDCF8 ] C:\Program Files\Corel\Corel VideoStudio 12\ULSCRUB.dll
23:03:53.0687 1228 C:\Program Files\Corel\Corel VideoStudio 12\ULSCRUB.dll - ok
23:03:53.0703 1228 [ F956060FB03F581A7A66AB4EF87CD412 ] C:\Program Files\IDT\WDM\sttray.exe
23:03:53.0703 1228 C:\Program Files\IDT\WDM\sttray.exe - ok
23:03:53.0703 1228 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
23:03:53.0703 1228 C:\WINDOWS\system32\icmp.dll - ok
23:03:53.0703 1228 [ 9A1FF348E133DB048ACB1B65A631D5D8 ] C:\Program Files\Corel\Corel VideoStudio 12\ulRender.dll
23:03:53.0703 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulRender.dll - ok
23:03:53.0718 1228 [ 301FE9387A8810194824A5790DAAFF49 ] C:\Program Files\Corel\Corel VideoStudio 12\uRenderA.dll
23:03:53.0718 1228 C:\Program Files\Corel\Corel VideoStudio 12\uRenderA.dll - ok
23:03:53.0718 1228 [ 4A25D60D5161FD9430FE31D5373B5776 ] C:\Program Files\IDT\WDM\stlang.dll
23:03:53.0718 1228 C:\Program Files\IDT\WDM\stlang.dll - ok
23:03:53.0718 1228 [ F6F2BFC17069EB335ACCEEF7595F9302 ] C:\WINDOWS\system32\mfc42u.dll
23:03:53.0718 1228 C:\WINDOWS\system32\mfc42u.dll - ok
23:03:53.0734 1228 [ 170E36F09C571652C98DC0885F2CBE92 ] C:\Program Files\Corel\Corel VideoStudio 12\ulPPMgr.dll
23:03:53.0734 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulPPMgr.dll - ok
23:03:53.0734 1228 [ 4859C3455E5655191991AE1DE860BE26 ] C:\Program Files\Corel\Corel VideoStudio 12\uRenderS.dll
23:03:53.0734 1228 C:\Program Files\Corel\Corel VideoStudio 12\uRenderS.dll - ok
23:03:53.0734 1228 [ FF86E640E4E0FD18CFB4696B38867222 ] C:\WINDOWS\SOUNDMAN.EXE
23:03:53.0734 1228 C:\WINDOWS\SOUNDMAN.EXE - ok
23:03:53.0750 1228 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
23:03:53.0750 1228 C:\WINDOWS\system32\imapi.exe - ok
23:03:53.0750 1228 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
23:03:53.0750 1228 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
23:03:53.0750 1228 [ C0654EB39B86189286FAAD9C5DA35776 ] C:\Program Files\Corel\Corel VideoStudio 12\Dir12.dll
23:03:53.0750 1228 C:\Program Files\Corel\Corel VideoStudio 12\Dir12.dll - ok
23:03:53.0765 1228 [ 007109974BA9D4D3AA99498C12A96F28 ] C:\Program Files\Corel\Corel VideoStudio 12\ulDARMgr.dll
23:03:53.0765 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulDARMgr.dll - ok
23:03:53.0765 1228 [ E5A7CE62FFE74A371FBA342B9C5AA5F1 ] C:\Program Files\Corel\Corel VideoStudio 12\MSPEEffectFunc.dll
23:03:53.0765 1228 C:\Program Files\Corel\Corel VideoStudio 12\MSPEEffectFunc.dll - ok
23:03:53.0781 1228 [ 8D85CE80FB7CA9158A5C105173937EB3 ] C:\Program Files\Corel\Corel VideoStudio 12\uplcpuinf.dll
23:03:53.0781 1228 C:\Program Files\Corel\Corel VideoStudio 12\uplcpuinf.dll - ok
23:03:53.0781 1228 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
23:03:53.0781 1228 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
23:03:53.0781 1228 [ E9612B0AB3E42365C7A02068398BC808 ] C:\Program Files\Corel\Corel VideoStudio 12\u32video.dll
23:03:53.0781 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32video.dll - ok
23:03:53.0796 1228 [ D8793B415E392D82DF924DA7F97303B7 ] C:\Program Files\Corel\Corel VideoStudio 12\u32Brows.dll
23:03:53.0796 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32Brows.dll - ok
23:03:53.0796 1228 [ 7CD986400D830A93983E7FF3A77BEA5E ] C:\Program Files\Corel\Corel VideoStudio 12\u32Misc.dll
23:03:53.0796 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32Misc.dll - ok
23:03:53.0796 1228 [ 1F95F072D1384B6C0F9245318D35B6A5 ] C:\Program Files\QuickTime\QTSystem\QuickTime.qts
23:03:53.0796 1228 C:\Program Files\QuickTime\QTSystem\QuickTime.qts - ok
23:03:53.0812 1228 [ 805F14BEE2DEAD82B1C07C2439057EE5 ] C:\Program Files\Corel\Corel VideoStudio 12\Vepb40.dll
23:03:53.0812 1228 C:\Program Files\Corel\Corel VideoStudio 12\Vepb40.dll - ok
23:03:53.0812 1228 [ 083649EF692A066880C9326020915AFE ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
23:03:53.0812 1228 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
23:03:53.0812 1228 [ 179EED57FED3C7422A559633641032BA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
23:03:53.0812 1228 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
23:03:53.0828 1228 [ 779E7948BD15F480137E24CB1A9B83C9 ] C:\Program Files\Corel\Corel VideoStudio 12\uvBase.dll
23:03:53.0828 1228 C:\Program Files\Corel\Corel VideoStudio 12\uvBase.dll - ok
23:03:53.0828 1228 [ BF107ACF2CDD552AABE14E8C3E62E3FC ] C:\WINDOWS\system32\quartz.dll
23:03:53.0828 1228 C:\WINDOWS\system32\quartz.dll - ok
23:03:53.0828 1228 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
23:03:53.0828 1228 C:\WINDOWS\system32\rundll32.exe - ok
23:03:53.0843 1228 [ 8E16BF5600797E678EA97051CF93E6BF ] C:\WINDOWS\system32\dumprep.exe
23:03:53.0843 1228 C:\WINDOWS\system32\dumprep.exe - ok
23:03:53.0843 1228 [ 0B3BCC54988F29A3398FFCBF15CB81E4 ] C:\Program Files\Corel\Corel VideoStudio 12\VioRC.dll
23:03:53.0843 1228 C:\Program Files\Corel\Corel VideoStudio 12\VioRC.dll - ok
23:03:53.0843 1228 [ 8C322C8B48A624AEC4F9F1B230A992C3 ] C:\Program Files\Corel\Corel VideoStudio 12\uvPlay.dll
23:03:53.0843 1228 C:\Program Files\Corel\Corel VideoStudio 12\uvPlay.dll - ok
23:03:53.0859 1228 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
23:03:53.0859 1228 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll - ok
23:03:53.0859 1228 [ 6B98C9C9A36D8416250CB6DBE027BE0F ] C:\Program Files\Corel\Corel VideoStudio 12\u32File.dll
23:03:53.0859 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32File.dll - ok
23:03:53.0875 1228 [ 1B1B2F39869A78B8539F04A214282345 ] C:\Program Files\Corel\Corel VideoStudio 12\Upfmgr.dll
23:03:53.0875 1228 C:\Program Files\Corel\Corel VideoStudio 12\Upfmgr.dll - ok
23:03:53.0875 1228 [ C6CAFCDB427DE48C908B004CDCEE830F ] C:\Program Files\Corel\Corel VideoStudio 12\upfMgrRC.dll
23:03:53.0875 1228 C:\Program Files\Corel\Corel VideoStudio 12\upfMgrRC.dll - ok
23:03:53.0875 1228 [ 4F090A7D8AE69D70D8E3D2963AE2A581 ] C:\Program Files\Corel\Corel VideoStudio 12\UFCVECOMM.dll
23:03:53.0875 1228 C:\Program Files\Corel\Corel VideoStudio 12\UFCVECOMM.dll - ok
23:03:53.0890 1228 [ DC627E5EC5B60BED972C735CED0B83F6 ] C:\Program Files\Corel\Corel VideoStudio 12\UFCCOMMRC.dll
23:03:53.0890 1228 C:\Program Files\Corel\Corel VideoStudio 12\UFCCOMMRC.dll - ok
23:03:53.0890 1228 [ AFA1F8CC076AB0462512A78473D86D53 ] C:\Program Files\DNA\btdna.exe
23:03:53.0890 1228 C:\Program Files\DNA\btdna.exe - ok
23:03:53.0890 1228 [ A76312137987C28FFFA39499FE2BE408 ] C:\Program Files\Corel\Corel VideoStudio 12\UFCVEBUF.dll
23:03:53.0890 1228 C:\Program Files\Corel\Corel VideoStudio 12\UFCVEBUF.dll - ok
23:03:53.0906 1228 [ B5340A6E7411F6BCB308BF78E0B1E729 ] C:\Program Files\Corel\Corel VideoStudio 12\u32Tx.dll
23:03:53.0906 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32Tx.dll - ok
23:03:53.0906 1228 [ B5C8572863D10353BF1269CF4287E9D2 ] C:\Program Files\Corel\Corel VideoStudio 12\ukMgr.dll
23:03:53.0906 1228 C:\Program Files\Corel\Corel VideoStudio 12\ukMgr.dll - ok
23:03:53.0906 1228 [ 8147886EAA98C2650175300B7543FAFE ] C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxtime.dll
23:03:53.0906 1228 C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxtime.dll - ok
23:03:53.0921 1228 [ 5C189A70C0CF78156B4EF780333CA64E ] C:\Program Files\AIM\aim.exe
23:03:53.0921 1228 C:\Program Files\AIM\aim.exe - ok
23:03:53.0921 1228 [ 5CA83D1FBEADEEA0BD634B8891102399 ] C:\Program Files\Corel\Corel VideoStudio 12\u32txEx.dll
23:03:53.0921 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32txEx.dll - ok
23:03:53.0921 1228 [ 09D9081B6F4B90474D79F065C9AC6451 ] C:\Program Files\Corel\Corel VideoStudio 12\uTimeCode.dll
23:03:53.0921 1228 C:\Program Files\Corel\Corel VideoStudio 12\uTimeCode.dll - ok
23:03:53.0937 1228 [ 934F1C1C99AF02CDAD6A09830F587E1F ] C:\Program Files\Corel\Corel VideoStudio 12\PexExif.dll
23:03:53.0937 1228 C:\Program Files\Corel\Corel VideoStudio 12\PexExif.dll - ok
23:03:53.0937 1228 [ D806B1FD27277E66C2A87D13D1161896 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxcfg.dll
23:03:53.0937 1228 C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxcfg.dll - ok
23:03:53.0937 1228 [ F4625BBF1A4E25B4B5C164147977B42C ] C:\Program Files\Corel\Corel VideoStudio 12\uExifLib.dll
23:03:53.0937 1228 C:\Program Files\Corel\Corel VideoStudio 12\uExifLib.dll - ok
23:03:53.0953 1228 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
23:03:53.0953 1228 C:\WINDOWS\system32\rasdlg.dll - ok
23:03:53.0953 1228 [ B38E925FBDF3D877BC852FBAD3024803 ] C:\Program Files\Corel\Corel VideoStudio 12\ulibjpg.dll
23:03:53.0953 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulibjpg.dll - ok
23:03:53.0953 1228 [ 9C4767CBA37C4EA073718611ADE33F35 ] C:\Program Files\Corel\Corel VideoStudio 12\ulibtif.dll
23:03:53.0953 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulibtif.dll - ok
23:03:53.0968 1228 [ 6B339575CE6D75E4CA0DFFBB7632F635 ] C:\Program Files\Corel\Corel VideoStudio 12\uliblzw.dll
23:03:53.0968 1228 C:\Program Files\Corel\Corel VideoStudio 12\uliblzw.dll - ok
23:03:53.0968 1228 [ 7C6FCBAF1BE7513C5BC5B90519EE59DF ] C:\Program Files\Pando Networks\Media Booster\PMB.exe
23:03:53.0968 1228 C:\Program Files\Pando Networks\Media Booster\PMB.exe - ok
23:03:53.0968 1228 [ 30C7C902BC586F9B37F6BDE3991C4E2F ] C:\Program Files\Corel\Corel VideoStudio 12\ucvtmem.dll
23:03:53.0968 1228 C:\Program Files\Corel\Corel VideoStudio 12\ucvtmem.dll - ok
23:03:53.0984 1228 [ EF2032C193D8BF140770C71F2531E1F9 ] C:\Program Files\Corel\Corel VideoStudio 12\pexBuf.dll
23:03:53.0984 1228 C:\Program Files\Corel\Corel VideoStudio 12\pexBuf.dll - ok
23:03:53.0984 1228 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
23:03:53.0984 1228 C:\WINDOWS\system32\ctfmon.exe - ok
23:03:53.0984 1228 [ 4B0C90720EE19E5690D4C2C181A3A533 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxtime.exe
23:03:54.0000 1228 C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxtime.exe - ok
23:03:54.0000 1228 [ 390E1A074C9BA10FC3014D88F66BA144 ] C:\Program Files\Corel\Corel VideoStudio 12\u32Fido.dll
23:03:54.0000 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32Fido.dll - ok
23:03:54.0000 1228 [ 0726E7573EB02544F4A0287120FBEC4E ] C:\Program Files\Corel\Corel VideoStudio 12\HerDocRC.dll
23:03:54.0000 1228 C:\Program Files\Corel\Corel VideoStudio 12\HerDocRC.dll - ok
23:03:54.0015 1228 [ 6C2A0DDAB2CBB2473F22146F47D31A14 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxretv.dll
23:03:54.0015 1228 C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxretv.dll - ok
23:03:54.0015 1228 [ 454E7B38683A9DA071A47EBFBC5694B9 ] C:\Program Files\Corel\Corel VideoStudio 12\uVeCfg.dll
23:03:54.0015 1228 C:\Program Files\Corel\Corel VideoStudio 12\uVeCfg.dll - ok
23:03:54.0015 1228 [ DA9916D628EFF05C9056D55040299119 ] C:\Program Files\Corel\Corel VideoStudio 12\uAfxUnknown.dll
23:03:54.0015 1228 C:\Program Files\Corel\Corel VideoStudio 12\uAfxUnknown.dll - ok
23:03:54.0031 1228 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
23:03:54.0031 1228 C:\WINDOWS\system32\faultrep.dll - ok
23:03:54.0031 1228 [ D6A5717119593179CF31CB46C6582C12 ] C:\Program Files\Corel\Corel VideoStudio 12\uBaseObject.dll
23:03:54.0031 1228 C:\Program Files\Corel\Corel VideoStudio 12\uBaseObject.dll - ok
23:03:54.0031 1228 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
23:03:54.0031 1228 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll - ok
23:03:54.0046 1228 [ BDA2B90E5AA5BF20A1BB13116A90D3C6 ] C:\Program Files\Corel\Corel VideoStudio 12\cutime.dll
23:03:54.0046 1228 C:\Program Files\Corel\Corel VideoStudio 12\cutime.dll - ok
23:03:54.0046 1228 [ C571B29C66142CE230AAD9FFFDEA3E9C ] C:\Program Files\Corel\Corel VideoStudio 12\uOverlay.dll
23:03:54.0046 1228 C:\Program Files\Corel\Corel VideoStudio 12\uOverlay.dll - ok
23:03:54.0046 1228 [ CBD322964ACB2F1FD3088AA5B20C479E ] C:\Program Files\Corel\Corel VideoStudio 12\VFX32.dll
23:03:54.0062 1228 C:\Program Files\Corel\Corel VideoStudio 12\VFX32.dll - ok
23:03:54.0062 1228 [ 13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\AVAST Software\Avast\aswAra.dll
23:03:54.0062 1228 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
23:03:54.0062 1228 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
23:03:54.0062 1228 C:\WINDOWS\system32\msctf.dll - ok
23:03:54.0078 1228 [ 04AE32314A592EEE661A3662914BAC83 ] C:\Program Files\Corel\Corel VideoStudio 12\libguide40.dll
23:03:54.0078 1228 C:\Program Files\Corel\Corel VideoStudio 12\libguide40.dll - ok
23:03:54.0078 1228 [ 44827BE9661A768E7DA8FCA3BA8BA8B1 ] C:\Program Files\Corel\Corel VideoStudio 12\libmmd.dll
23:03:54.0078 1228 C:\Program Files\Corel\Corel VideoStudio 12\libmmd.dll - ok
23:03:54.0078 1228 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
23:03:54.0078 1228 C:\WINDOWS\system32\msutb.dll - ok
23:03:54.0093 1228 [ A51C57282F776C4AB7923B4206F99644 ] C:\Program Files\Corel\Corel VideoStudio 12\UfcAud.dll
23:03:54.0093 1228 C:\Program Files\Corel\Corel VideoStudio 12\UfcAud.dll - ok
23:03:54.0109 1228 [ F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\AVAST Software\Avast\aswData.dll
23:03:54.0109 1228 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
23:03:54.0109 1228 [ 1C404CAE1A6925302CD9276BC330CFAD ] C:\Program Files\Corel\Corel VideoStudio 12\u32utx.dll
23:03:54.0109 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32utx.dll - ok
23:03:54.0109 1228 [ 3512411491E96E48C8B0A59516E24848 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxtsfw.dll
23:03:54.0125 1228 C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxtsfw.dll - ok
23:03:54.0125 1228 [ 014104CC12910FAC317D587420BFEAEE ] C:\Program Files\Corel\Corel VideoStudio 12\UFCAUDRC.dll
23:03:54.0125 1228 C:\Program Files\Corel\Corel VideoStudio 12\UFCAUDRC.dll - ok
23:03:54.0125 1228 [ 420E3B19C99364448640C3701DEC7AFB ] C:\Program Files\Corel\Corel VideoStudio 12\uDrawingTool.dll
23:03:54.0125 1228 C:\Program Files\Corel\Corel VideoStudio 12\uDrawingTool.dll - ok
23:03:54.0140 1228 [ 258E6C53A259FEC9D77BCC419912DAA1 ] C:\Program Files\Corel\Corel VideoStudio 12\Utmpmgr.dll
23:03:54.0140 1228 C:\Program Files\Corel\Corel VideoStudio 12\Utmpmgr.dll - ok
23:03:54.0140 1228 [ 6915C68032BF662F771470241B94A74B ] C:\Program Files\Pando Networks\Media Booster\nspr4.dll
23:03:54.0140 1228 C:\Program Files\Pando Networks\Media Booster\nspr4.dll - ok
23:03:54.0140 1228 [ 7ED2A2BD36243348342E7DC79BF7D5F1 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxdrec.dll
23:03:54.0140 1228 C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxdrec.dll - ok
23:03:54.0156 1228 [ 12F8C2E14A299442E5D2679FA1C4D914 ] C:\Program Files\Corel\Corel VideoStudio 12\uTextCfg.dll
23:03:54.0156 1228 C:\Program Files\Corel\Corel VideoStudio 12\uTextCfg.dll - ok
23:03:54.0156 1228 [ 11028E2B2C115FE19C7C252B2826BE6C ] C:\Program Files\Corel\Corel VideoStudio 12\ufcvren.dll
23:03:54.0156 1228 C:\Program Files\Corel\Corel VideoStudio 12\ufcvren.dll - ok
23:03:54.0156 1228 [ AB6E3DF509C6BD59062F685A40395C23 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
23:03:54.0156 1228 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
23:03:54.0171 1228 [ 78DE71AB719FBFEE7191DEB94004AAC2 ] C:\Program Files\Pando Networks\Media Booster\plc4.dll
23:03:54.0171 1228 C:\Program Files\Pando Networks\Media Booster\plc4.dll - ok
23:03:54.0171 1228 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
23:03:54.0171 1228 C:\WINDOWS\ime\sptip.dll - ok
23:03:54.0171 1228 [ D10F7CA80117F57A8B1841915C479E4D ] C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxcomx.dll
23:03:54.0171 1228 C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcxcomx.dll - ok
23:03:54.0187 1228 [ 5E46D1863792F61F9252AE1934E428E9 ] C:\Program Files\Corel\Corel VideoStudio 12\TgeDll.dll
23:03:54.0187 1228 C:\Program Files\Corel\Corel VideoStudio 12\TgeDll.dll - ok
23:03:54.0187 1228 [ AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
23:03:54.0187 1228 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
23:03:54.0187 1228 [ D2E5202E8A74B79588A9966DD7BFB371 ] C:\Program Files\Corel\Corel VideoStudio 12\u32Clips.dll
23:03:54.0187 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32Clips.dll - ok
23:03:54.0203 1228 [ BDDF688645BBFDE42D9F5FA25D5DBEDB ] C:\Program Files\Corel\Corel VideoStudio 12\aefilter.dll
23:03:54.0203 1228 C:\Program Files\Corel\Corel VideoStudio 12\aefilter.dll - ok
23:03:54.0203 1228 [ B21F464E6E3F2CCC8A83F4DA6B403E79 ] C:\Program Files\Corel\Corel VideoStudio 12\upatheng.dll
23:03:54.0203 1228 C:\Program Files\Corel\Corel VideoStudio 12\upatheng.dll - ok
23:03:54.0203 1228 [ 50A0A49F1901B56FC940B7A8076A8AD3 ] C:\Program Files\Pando Networks\Media Booster\BugSplat.dll
23:03:54.0203 1228 C:\Program Files\Pando Networks\Media Booster\BugSplat.dll - ok
23:03:54.0218 1228 [ 53563EBB28E8AE15583DFF2120606E53 ] C:\Program Files\Corel\Corel VideoStudio 12\aematrix.dll
23:03:54.0218 1228 C:\Program Files\Corel\Corel VideoStudio 12\aematrix.dll - ok
23:03:54.0218 1228 [ E0CF750DDFF4576C38A4CC031390529D ] C:\Program Files\Corel\Corel VideoStudio 12\aemath.dll
23:03:54.0218 1228 C:\Program Files\Corel\Corel VideoStudio 12\aemath.dll - ok
23:03:54.0234 1228 [ 51975414443350B960448C6C6C7A4C25 ] C:\Program Files\Corel\Corel VideoStudio 12\ufcpath.dll
23:03:54.0234 1228 C:\Program Files\Corel\Corel VideoStudio 12\ufcpath.dll - ok
23:03:54.0234 1228 [ 51F730E58867D7CE330A7892F1C60EE1 ] C:\Program Files\Corel\Corel VideoStudio 12\ulTitleMgr.dll
23:03:54.0234 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulTitleMgr.dll - ok
23:03:54.0234 1228 [ 871F979D70414C900B35E56222932DAF ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
23:03:54.0234 1228 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll - ok
23:03:54.0250 1228 [ 52C207459410BC1966E7DA0CB5774C80 ] C:\Program Files\Corel\Corel VideoStudio 12\TitlePlugRC.dll
23:03:54.0250 1228 C:\Program Files\Corel\Corel VideoStudio 12\TitlePlugRC.dll - ok
23:03:54.0250 1228 [ A340CD71EB535A3DD751B5F28723E50C ] C:\WINDOWS\system32\ddraw.dll
23:03:54.0250 1228 C:\WINDOWS\system32\ddraw.dll - ok
23:03:54.0250 1228 [ 4E0469BAD610FC6A83669A2DAEA120C2 ] C:\Program Files\AIM\xprt6.dll
23:03:54.0250 1228 C:\Program Files\AIM\xprt6.dll - ok
23:03:54.0265 1228 [ DE1D434DFEBFBF619556228C4C8DE577 ] C:\Program Files\Corel\Corel VideoStudio 12\ulTitleData.dll
23:03:54.0265 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulTitleData.dll - ok
23:03:54.0265 1228 [ 6AC4D624892D3389B259ED7E49E44DC4 ] C:\Program Files\Corel\Corel VideoStudio 12\ufctxt.dll
23:03:54.0265 1228 C:\Program Files\Corel\Corel VideoStudio 12\ufctxt.dll - ok
23:03:54.0265 1228 [ 3AA56BB37BBA235DC651F1281530D08B ] C:\Program Files\Corel\Corel VideoStudio 12\ufclib.dll
23:03:54.0265 1228 C:\Program Files\Corel\Corel VideoStudio 12\ufclib.dll - ok
23:03:54.0281 1228 [ D8B91D94ECB123862B390FDE3250D3BB ] C:\WINDOWS\system32\dciman32.dll
23:03:54.0281 1228 C:\WINDOWS\system32\dciman32.dll - ok
23:03:54.0281 1228 [ 4D03CA609E68F4C90CF66515218017F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
23:03:54.0281 1228 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll - ok
23:03:54.0281 1228 [ 3A48A492672CD7EBFF5DCE128DF864FE ] C:\Program Files\Corel\Corel VideoStudio 12\uVideoTool.dll
23:03:54.0281 1228 C:\Program Files\Corel\Corel VideoStudio 12\uVideoTool.dll - ok
23:03:54.0296 1228 [ C5A2579589DE9D0B4BD3199B8D65B7F6 ] C:\Program Files\Pando Networks\Media Booster\nss3.dll
23:03:54.0296 1228 C:\Program Files\Pando Networks\Media Booster\nss3.dll - ok
23:03:54.0296 1228 [ 837968E2908F2525B1692BD4A1DC7CBA ] C:\Program Files\Corel\Corel VideoStudio 12\uTextUser.dll
23:03:54.0296 1228 C:\Program Files\Corel\Corel VideoStudio 12\uTextUser.dll - ok
23:03:54.0312 1228 [ 2775D1104ED4AA6AF4A4FC5C86C5AE23 ] C:\Program Files\Pando Networks\Media Booster\softokn3.dll
23:03:54.0312 1228 C:\Program Files\Pando Networks\Media Booster\softokn3.dll - ok
23:03:54.0312 1228 [ 80128CA2478EC3F7AE0702D2FA9BC3D9 ] C:\Program Files\Pando Networks\Media Booster\plds4.dll
23:03:54.0312 1228 C:\Program Files\Pando Networks\Media Booster\plds4.dll - ok
23:03:54.0312 1228 [ 10274C74857FC47B86B85E6410091F56 ] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
23:03:54.0312 1228 C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll - ok
23:03:54.0328 1228 [ 3EA70DEE83AA019F0B59014577CB0A35 ] C:\Program Files\Pando Networks\Media Booster\ssl3.dll
23:03:54.0328 1228 C:\Program Files\Pando Networks\Media Booster\ssl3.dll - ok
23:03:54.0328 1228 [ 095321E773DF7C8AA3B61D7DD516304B ] C:\Program Files\Corel\Corel VideoStudio 12\ShadowDlg.dll
23:03:54.0328 1228 C:\Program Files\Corel\Corel VideoStudio 12\ShadowDlg.dll - ok
23:03:54.0328 1228 [ DE12F030DB309A4FD933F8DF5D722E85 ] C:\Program Files\Pando Networks\Media Booster\smime3.dll
23:03:54.0328 1228 C:\Program Files\Pando Networks\Media Booster\smime3.dll - ok
23:03:54.0343 1228 [ ED740FBBB64284DC866E7E42923F48B1 ] C:\Program Files\Corel\Corel VideoStudio 12\uTextTool.dll
23:03:54.0343 1228 C:\Program Files\Corel\Corel VideoStudio 12\uTextTool.dll - ok
23:03:54.0343 1228 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\02548161.sys
23:03:54.0343 1228 C:\WINDOWS\system32\drivers\02548161.sys - ok
23:03:54.0343 1228 [ 8AFC17155ED5AB60B7C52D7F553D579C ] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
23:03:54.0343 1228 C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx - ok
23:03:54.0359 1228 [ 1B6C91D62936F1FBA8D3902BDFA31943 ] C:\Program Files\Corel\Corel VideoStudio 12\Ulclrtxt.dll
23:03:54.0359 1228 C:\Program Files\Corel\Corel VideoStudio 12\Ulclrtxt.dll - ok
23:03:54.0359 1228 [ BD0EF6F128E3D55BEF3B5E16CA3793D4 ] C:\Program Files\Corel\Corel VideoStudio 12\uTextToolRc.dll
23:03:54.0359 1228 C:\Program Files\Corel\Corel VideoStudio 12\uTextToolRc.dll - ok
23:03:54.0375 1228 [ 72BA53F115812F5EC63B64D926903918 ] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll
23:03:54.0375 1228 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll - ok
23:03:54.0375 1228 [ 338CA67CCE2135416E403879DBE48DB6 ] C:\Program Files\Corel\Corel VideoStudio 12\uvwtxt.dll
23:03:54.0375 1228 C:\Program Files\Corel\Corel VideoStudio 12\uvwtxt.dll - ok
23:03:54.0375 1228 [ DD23B351B05BECE521F34C014389073A ] C:\Program Files\Pando Networks\Media Booster\freebl3.dll
23:03:54.0375 1228 C:\Program Files\Pando Networks\Media Booster\freebl3.dll - ok
23:03:54.0390 1228 [ 9D362539CB97E842E04B0FDA04870530 ] C:\Program Files\AVAST Software\Avast\defs\13021800\uiext.dll
23:03:54.0390 1228 C:\Program Files\AVAST Software\Avast\defs\13021800\uiext.dll - ok
23:03:54.0390 1228 [ 51B77F8A1E1B16EF4334CD9EB5A12752 ] C:\Program Files\Corel\Corel VideoStudio 12\UFCUNDO.dll
23:03:54.0390 1228 C:\Program Files\Corel\Corel VideoStudio 12\UFCUNDO.dll - ok
23:03:54.0390 1228 [ F055C1760ABFA52B159985E551EA0EDC ] C:\Program Files\iPod\bin\iPodService.exe
23:03:54.0390 1228 C:\Program Files\iPod\bin\iPodService.exe - ok
23:03:54.0406 1228 [ 0689622E6484934EB6E5F4D3A96311F9 ] C:\WINDOWS\system32\jscript.dll
23:03:54.0406 1228 C:\WINDOWS\system32\jscript.dll - ok
23:03:54.0406 1228 [ EC08BE1E570FDC3409739CFDB53268D8 ] C:\Program Files\Corel\Corel VideoStudio 12\ulTitleEng.dll
23:03:54.0406 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulTitleEng.dll - ok
23:03:54.0421 1228 [ ADC86D6F888156ED0CB652457F6F70ED ] C:\Program Files\Corel\Corel VideoStudio 12\ulColorBar.dll
23:03:54.0421 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulColorBar.dll - ok
23:03:54.0421 1228 [ 124715CD10C62A78404F1A3B1048D062 ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
23:03:54.0421 1228 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok
23:03:54.0421 1228 [ 2A0076E03170C773274A634B7AE1854D ] C:\Program Files\Corel\Corel VideoStudio 12\UFCCOLOR.dll
23:03:54.0421 1228 C:\Program Files\Corel\Corel VideoStudio 12\UFCCOLOR.dll - ok
23:03:54.0437 1228 [ 67FAC13FA69A61C6E7009EE6AA2E6F7E ] C:\Program Files\Corel\Corel VideoStudio 12\UFCCOLORRC.dll
23:03:54.0437 1228 C:\Program Files\Corel\Corel VideoStudio 12\UFCCOLORRC.dll - ok
23:03:54.0437 1228 [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
23:03:54.0437 1228 C:\WINDOWS\system32\msftedit.dll - ok
23:03:54.0437 1228 [ F6E90663A9CEB27A8953AB35FEE1E9D0 ] C:\Program Files\Corel\Corel VideoStudio 12\uHerObjs.dll
23:03:54.0437 1228 C:\Program Files\Corel\Corel VideoStudio 12\uHerObjs.dll - ok
23:03:54.0453 1228 [ C6E426E4C2B7E24F4A5A0EAE547E6C4C ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
23:03:54.0453 1228 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
23:03:54.0453 1228 [ E55891FE7FD0A97EAFFE80FCC43BBA55 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
23:03:54.0453 1228 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
23:03:54.0453 1228 [ 920EF97ED399D875405C3A0492839F61 ] C:\Program Files\Corel\Corel VideoStudio 12\GridOptDlg.dll
23:03:54.0453 1228 C:\Program Files\Corel\Corel VideoStudio 12\GridOptDlg.dll - ok
23:03:54.0468 1228 [ 8043781EB6D0CAE045DFA4F759B7207F ] C:\Program Files\Corel\Corel VideoStudio 12\ufctxeff.dll
23:03:54.0468 1228 C:\Program Files\Corel\Corel VideoStudio 12\ufctxeff.dll - ok
23:03:54.0468 1228 [ 44892A19331CB843B3BC9E164BE1A442 ] C:\Program Files\Corel\Corel VideoStudio 12\ucimg.dll
23:03:54.0468 1228 C:\Program Files\Corel\Corel VideoStudio 12\ucimg.dll - ok
23:03:54.0468 1228 [ 60F36D082937639D29B810F4B0FC2E1F ] C:\Program Files\AIM\acccore.dll
23:03:54.0468 1228 C:\Program Files\AIM\acccore.dll - ok
23:03:54.0484 1228 [ E5CDAC7F5A7B0F6C2B7EDDC54B928018 ] C:\Program Files\AIM\coolcore61.dll
23:03:54.0484 1228 C:\Program Files\AIM\coolcore61.dll - ok
23:03:54.0484 1228 [ 10951D2ECD13445CF983FC057D618FFC ] C:\Program Files\Corel\Corel VideoStudio 12\UFCSTATU.dll
23:03:54.0484 1228 C:\Program Files\Corel\Corel VideoStudio 12\UFCSTATU.dll - ok
23:03:54.0500 1228 [ 5C1B6D61CB977474873E95870503348B ] C:\Program Files\Corel\Corel VideoStudio 12\ulAFAdapter.dll
23:03:54.0500 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulAFAdapter.dll - ok
23:03:54.0500 1228 [ 727C9E97CB26879C17A30484C2C76E98 ] C:\WINDOWS\system32\mshtml.dll
23:03:54.0500 1228 C:\WINDOWS\system32\mshtml.dll - ok
23:03:54.0500 1228 [ B440CBB190951F607EC9171C456376CE ] C:\Program Files\Corel\Corel VideoStudio 12\uAMModule.dll
23:03:54.0500 1228 C:\Program Files\Corel\Corel VideoStudio 12\uAMModule.dll - ok
23:03:54.0515 1228 [ 79AC0E64CC37AB3F9E6A2592F6B2A116 ] C:\Program Files\Corel\Corel VideoStudio 12\uvSmartProxyMgr.dll
23:03:54.0515 1228 C:\Program Files\Corel\Corel VideoStudio 12\uvSmartProxyMgr.dll - ok
23:03:54.0515 1228 [ C918D7DC69BB36ECD25E382CB042C3B8 ] C:\Program Files\Corel\Corel VideoStudio 12\uvSmartProxyMgrRC.dll
23:03:54.0515 1228 C:\Program Files\Corel\Corel VideoStudio 12\uvSmartProxyMgrRC.dll - ok
23:03:54.0515 1228 [ FD11CBF65A68B04DE936B747ED8C05ED ] C:\Program Files\Corel\Corel VideoStudio 12\uCodecUtils.dll
23:03:54.0515 1228 C:\Program Files\Corel\Corel VideoStudio 12\uCodecUtils.dll - ok
23:03:54.0531 1228 [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] C:\WINDOWS\system32\msls31.dll
23:03:54.0531 1228 C:\WINDOWS\system32\msls31.dll - ok
23:03:54.0531 1228 [ A3F648EC240EB9F09214C3953F810CAB ] C:\Program Files\Corel\Corel VideoStudio 12\dxaudmgr.dll
23:03:54.0531 1228 C:\Program Files\Corel\Corel VideoStudio 12\dxaudmgr.dll - ok
23:03:54.0531 1228 [ F96E7E2F6E0FA294B4C117F53C8115D4 ] C:\Program Files\AIM\nss3.dll
23:03:54.0531 1228 C:\Program Files\AIM\nss3.dll - ok
23:03:54.0546 1228 [ 5370B196FC71DF07B11CA14C38F5DA67 ] C:\Program Files\Corel\Corel VideoStudio 12\OlePFrm.dll
23:03:54.0546 1228 C:\Program Files\Corel\Corel VideoStudio 12\OlePFrm.dll - ok
23:03:54.0546 1228 [ 0EFB3626C2899955BC22C050842C1DB1 ] C:\Program Files\AIM\softokn3.dll
23:03:54.0546 1228 C:\Program Files\AIM\softokn3.dll - ok
23:03:54.0562 1228 [ 60B8974FA964F568C25A55C19D59883A ] C:\Program Files\AIM\plc4.dll
23:03:54.0562 1228 C:\Program Files\AIM\plc4.dll - ok
23:03:54.0562 1228 [ 537DBA28451A112EFECCBD850B8C961F ] C:\Program Files\AIM\nspr4.dll
23:03:54.0562 1228 C:\Program Files\AIM\nspr4.dll - ok
23:03:54.0562 1228 [ 3BB617EF942280B0BE09D844BDE4AF56 ] C:\Program Files\AIM\plds4.dll
23:03:54.0562 1228 C:\Program Files\AIM\plds4.dll - ok
23:03:54.0578 1228 [ 31C79E69AAB3F66F84853B6A78DE8239 ] C:\Program Files\AIM\ssl3.dll
23:03:54.0578 1228 C:\Program Files\AIM\ssl3.dll - ok
23:03:54.0578 1228 [ 3F04269F9EA533E7B2B5A32B48AF4111 ] C:\Program Files\Corel\Corel VideoStudio 12\ulPrev.dll
23:03:54.0578 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulPrev.dll - ok
23:03:54.0578 1228 [ B1DDF206A4B97C1ED89C3ABE2ECBE3EF ] C:\Program Files\AIM\smime3.dll
23:03:54.0578 1228 C:\Program Files\AIM\smime3.dll - ok
23:03:54.0593 1228 [ 93DEB816C6985DD75D5A84AD5D266CAC ] C:\Program Files\AIM\nssckbi.dll
23:03:54.0593 1228 C:\Program Files\AIM\nssckbi.dll - ok
23:03:54.0593 1228 [ C732C3D95C88FE57D3969A43D4199450 ] C:\Program Files\Corel\Corel VideoStudio 12\ulPrevRC.dll
23:03:54.0593 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulPrevRC.dll - ok
23:03:54.0593 1228 [ F4E0946911E54A8C9716CFBEDAB0D072 ] C:\Program Files\AIM\jgtktlk.dll
23:03:54.0593 1228 C:\Program Files\AIM\jgtktlk.dll - ok
23:03:54.0609 1228 [ 201CF9CA1579AA80E6223FC0A99ABFBF ] C:\Program Files\Corel\Corel VideoStudio 12\DrawImageMgr.dll
23:03:54.0609 1228 C:\Program Files\Corel\Corel VideoStudio 12\DrawImageMgr.dll - ok
23:03:54.0609 1228 [ 793A88F0FC2079371E8CD7DD64AE054E ] C:\Program Files\Corel\Corel VideoStudio 12\DrawingRC.dll
23:03:54.0609 1228 C:\Program Files\Corel\Corel VideoStudio 12\DrawingRC.dll - ok
23:03:54.0609 1228 [ CCEE935EE3D2337866018D84116704E7 ] C:\Program Files\Corel\Corel VideoStudio 12\ConverDib.dll
23:03:54.0609 1228 C:\Program Files\Corel\Corel VideoStudio 12\ConverDib.dll - ok
23:03:54.0625 1228 [ EAAB28367E374DD362D319A58357870A ] C:\Program Files\Corel\Corel VideoStudio 12\uvgrc.dll
23:03:54.0625 1228 C:\Program Files\Corel\Corel VideoStudio 12\uvgrc.dll - ok
23:03:54.0625 1228 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
23:03:54.0625 1228 C:\WINDOWS\system32\msxml3.dll - ok
23:03:54.0640 1228 [ 6EDB0999658DB5DD898642449C01B2FB ] C:\Program Files\Corel\Corel VideoStudio 12\uvDV.dll
23:03:54.0640 1228 C:\Program Files\Corel\Corel VideoStudio 12\uvDV.dll - ok
23:03:54.0640 1228 [ 8E99F1EA636F7AECAF4D19198C12D60B ] C:\Program Files\Corel\Corel VideoStudio 12\ufckey.dll
23:03:54.0640 1228 C:\Program Files\Corel\Corel VideoStudio 12\ufckey.dll - ok
23:03:54.0640 1228 [ 9F605F0C817038B4BD0DB7A81ADAFB03 ] C:\Program Files\Corel\Corel VideoStudio 12\upl.dll
23:03:54.0640 1228 C:\Program Files\Corel\Corel VideoStudio 12\upl.dll - ok
23:03:54.0656 1228 [ B872EA5F87C4C459D1D14E96F71AF83B ] C:\Program Files\Corel\Corel VideoStudio 12\uSmartSndMgr.dll
23:03:54.0656 1228 C:\Program Files\Corel\Corel VideoStudio 12\uSmartSndMgr.dll - ok
23:03:54.0656 1228 [ D6C3787153991154BBB7D857470038E5 ] C:\Program Files\Corel\Corel VideoStudio 12\uSmartSndMgrRC.dll
23:03:54.0656 1228 C:\Program Files\Corel\Corel VideoStudio 12\uSmartSndMgrRC.dll - ok
23:03:54.0656 1228 [ 6B56C44EDE7E32B934AF5141A00DF391 ] C:\Program Files\Corel\Corel VideoStudio 12\u32uscUI.dll
23:03:54.0656 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32uscUI.dll - ok
23:03:54.0671 1228 [ 5E58C6E3B92CD81FC4B533CF50C64828 ] C:\Program Files\Corel\Corel VideoStudio 12\ufctmtg.dll
23:03:54.0671 1228 C:\Program Files\Corel\Corel VideoStudio 12\ufctmtg.dll - ok
23:03:54.0671 1228 [ F864C70BE5D522B15C04CCC18A226B43 ] C:\Program Files\Corel\Corel VideoStudio 12\herrc.dll
23:03:54.0671 1228 C:\Program Files\Corel\Corel VideoStudio 12\herrc.dll - ok
23:03:54.0671 1228 [ 18458181A1914005BC0F54ACD820D439 ] C:\Program Files\Corel\Corel VideoStudio 12\DiGeneral.dll
23:03:54.0671 1228 C:\Program Files\Corel\Corel VideoStudio 12\DiGeneral.dll - ok
23:03:54.0687 1228 [ 1776FE72C8A085EA8F11E179E4530BE9 ] C:\Program Files\Corel\Corel VideoStudio 12\upppmgr.dll
23:03:54.0687 1228 C:\Program Files\Corel\Corel VideoStudio 12\upppmgr.dll - ok
23:03:54.0687 1228 [ 2C5796DA185797F64A208F6596BA91C4 ] C:\Program Files\Corel\Corel VideoStudio 12\DMFExportAPI.dll
23:03:54.0687 1228 C:\Program Files\Corel\Corel VideoStudio 12\DMFExportAPI.dll - ok
23:03:54.0687 1228 [ 86042F6F6A5287EAF9379C91D0BF72B6 ] C:\WINDOWS\system32\dwwin.exe
23:03:54.0687 1228 C:\WINDOWS\system32\dwwin.exe - ok
23:03:54.0703 1228 [ 8BC9625AA136CBD459A7BED0E3002309 ] C:\Program Files\Corel\Corel VideoStudio 12\AIKRC.dll
23:03:54.0703 1228 C:\Program Files\Corel\Corel VideoStudio 12\AIKRC.dll - ok
23:03:54.0703 1228 [ 409BFCE8279A2AEB2A090EF55F53DD46 ] C:\Program Files\Corel\Corel VideoStudio 12\AIKRC2.dll
23:03:54.0703 1228 C:\Program Files\Corel\Corel VideoStudio 12\AIKRC2.dll - ok
23:03:54.0703 1228 [ EF32415C2755E66CA1B345DF68C71243 ] C:\WINDOWS\system32\1033\dwintl.dll
23:03:54.0703 1228 C:\WINDOWS\system32\1033\dwintl.dll - ok
23:03:54.0718 1228 [ 12C4D4208EF7ED85C89AABB4C71BA99A ] C:\Program Files\Corel\Corel VideoStudio 12\uviplW7.dll
23:03:54.0718 1228 C:\Program Files\Corel\Corel VideoStudio 12\uviplW7.dll - ok
23:03:54.0718 1228 [ E11457C66FDD966EE415FBBC6D9BE643 ] C:\WINDOWS\system32\msimtf.dll
23:03:54.0718 1228 C:\WINDOWS\system32\msimtf.dll - ok
23:03:54.0718 1228 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
23:03:54.0718 1228 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll - ok
23:03:54.0734 1228 [ 5E28284F9B5F9097640D58A73D38AD4C ] C:\WINDOWS\system32\notepad.exe
23:03:54.0734 1228 C:\WINDOWS\system32\notepad.exe - ok
23:03:54.0734 1228 [ 5C796291F4177ECC93C83A2CBA286629 ] C:\Program Files\Corel\Corel VideoStudio 12\PEXEXIF_Res.dll
23:03:54.0734 1228 C:\Program Files\Corel\Corel VideoStudio 12\PEXEXIF_Res.dll - ok
23:03:54.0750 1228 [ F548C8A5C5BA7DC5F835A747DEF471D1 ] C:\Program Files\Corel\Corel VideoStudio 12\TgeDllRC.dll
23:03:54.0750 1228 C:\Program Files\Corel\Corel VideoStudio 12\TgeDllRC.dll - ok
23:03:54.0750 1228 [ 988E38AB9E2EC81D3F071BC39D1CF299 ] C:\Program Files\Corel\Corel VideoStudio 12\FIO\u32zlib.dll
23:03:54.0750 1228 C:\Program Files\Corel\Corel VideoStudio 12\FIO\u32zlib.dll - ok
23:03:54.0750 1228 [ 42B928FC8518D793BF7A5EAFC57B1D8B ] C:\WINDOWS\system32\imgutil.dll
23:03:54.0750 1228 C:\WINDOWS\system32\imgutil.dll - ok
23:03:54.0765 1228 [ FE0AA5E34DF2E154921C51587028E415 ] C:\Program Files\Corel\Corel VideoStudio 12\ufctxeffrc.dll
23:03:54.0765 1228 C:\Program Files\Corel\Corel VideoStudio 12\ufctxeffrc.dll - ok
23:03:54.0765 1228 [ E5FA1B044DAC5F6F600A1742D73F6936 ] C:\WINDOWS\system32\pngfilt.dll
23:03:54.0765 1228 C:\WINDOWS\system32\pngfilt.dll - ok
23:03:54.0765 1228 [ 1AFA313EBAD4AC2045382CC2E91C1FE7 ] C:\Program Files\Corel\Corel VideoStudio 12\DMFHost.dll
23:03:54.0765 1228 C:\Program Files\Corel\Corel VideoStudio 12\DMFHost.dll - ok
23:03:54.0781 1228 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
23:03:54.0781 1228 C:\WINDOWS\system32\drprov.dll - ok
23:03:54.0781 1228 [ 6E66BB6BBED588CB0326ED91B504C4A9 ] C:\Program Files\Corel\Corel VideoStudio 12\xSystem.dll
23:03:54.0781 1228 C:\Program Files\Corel\Corel VideoStudio 12\xSystem.dll - ok
23:03:54.0781 1228 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
23:03:54.0781 1228 C:\WINDOWS\system32\ntlanman.dll - ok
23:03:54.0796 1228 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
23:03:54.0796 1228 C:\WINDOWS\system32\mfc42.dll - ok
23:03:54.0796 1228 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
23:03:54.0796 1228 C:\WINDOWS\system32\netui0.dll - ok
23:03:54.0796 1228 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
23:03:54.0796 1228 C:\WINDOWS\system32\netui1.dll - ok
23:03:54.0812 1228 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
23:03:54.0812 1228 C:\WINDOWS\system32\davclnt.dll - ok
23:03:54.0812 1228 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
23:03:54.0812 1228 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
23:03:54.0812 1228 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
23:03:54.0812 1228 C:\WINDOWS\system32\wbem\wbemess.dll - ok
23:03:54.0828 1228 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
23:03:54.0828 1228 C:\WINDOWS\system32\alg.exe - ok
23:03:54.0828 1228 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
23:03:54.0828 1228 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
23:03:54.0843 1228 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
23:03:54.0843 1228 C:\WINDOWS\system32\wuapi.dll - ok
23:03:54.0843 1228 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
23:03:54.0843 1228 C:\WINDOWS\system32\wbem\ncprov.dll - ok
23:03:54.0843 1228 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
23:03:54.0843 1228 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
23:03:54.0859 1228 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
23:03:54.0859 1228 C:\WINDOWS\system32\wbem\framedyn.dll - ok
23:03:54.0859 1228 [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINDOWS\system32\wbem\wmiprov.dll
23:03:54.0859 1228 C:\WINDOWS\system32\wbem\wmiprov.dll - ok
23:03:54.0859 1228 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
23:03:54.0859 1228 C:\WINDOWS\system32\httpapi.dll - ok
23:03:54.0875 1228 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
23:03:54.0875 1228 C:\WINDOWS\system32\w3ssl.dll - ok
23:03:54.0875 1228 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
23:03:54.0875 1228 C:\WINDOWS\system32\strmfilt.dll - ok
23:03:54.0875 1228 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
23:03:54.0875 1228 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
23:03:54.0890 1228 [ 3253CDF35BAA7828CBE6CA3A486284F9 ] C:\Program Files\Corel\Corel VideoStudio 12\vio\Uvavi.vio
23:03:54.0890 1228 C:\Program Files\Corel\Corel VideoStudio 12\vio\Uvavi.vio - ok
23:03:54.0890 1228 [ 382668323400BD3BCFE9FFF249515975 ] C:\WINDOWS\system32\avifil32.dll
23:03:54.0890 1228 C:\WINDOWS\system32\avifil32.dll - ok
23:03:54.0890 1228 [ C0EC568A87064A49243A1129DA322C42 ] C:\Program Files\Corel\Corel VideoStudio 12\Pal.dll
23:03:54.0890 1228 C:\Program Files\Corel\Corel VideoStudio 12\Pal.dll - ok
23:03:54.0906 1228 [ 577E496F0D41411BF149394D80959D53 ] C:\WINDOWS\system32\imaadp32.acm
23:03:54.0906 1228 C:\WINDOWS\system32\imaadp32.acm - ok
23:03:54.0906 1228 [ C5648BE5409E0AABDA8C9047BAC8F603 ] C:\WINDOWS\system32\msadp32.acm
23:03:54.0906 1228 C:\WINDOWS\system32\msadp32.acm - ok
23:03:54.0906 1228 [ 33271A2667334B9A8842C65A079EF375 ] C:\WINDOWS\system32\msg711.acm
23:03:54.0906 1228 C:\WINDOWS\system32\msg711.acm - ok
23:03:54.0921 1228 [ 3A9846E207DAFC13009C048A2F6F8C2A ] C:\WINDOWS\system32\msgsm32.acm
23:03:54.0921 1228 C:\WINDOWS\system32\msgsm32.acm - ok
23:03:54.0921 1228 [ E8CD0D7E169ECCE2D4FD829DAAB786ED ] C:\WINDOWS\system32\tssoft32.acm
23:03:54.0921 1228 C:\WINDOWS\system32\tssoft32.acm - ok
23:03:54.0937 1228 [ 735F504DEEFE4E2AD06360FCE2842DD4 ] C:\WINDOWS\system32\tsd32.dll
23:03:54.0937 1228 C:\WINDOWS\system32\tsd32.dll - ok
23:03:54.0937 1228 [ B87F759738C52E8D6FBCDAAA84C6486F ] C:\WINDOWS\system32\msg723.acm
23:03:54.0937 1228 C:\WINDOWS\system32\msg723.acm - ok
23:03:54.0937 1228 [ 55AEEA66C5E84E3FD6CD3E933397D478 ] C:\WINDOWS\system32\msaud32.acm
23:03:54.0937 1228 C:\WINDOWS\system32\msaud32.acm - ok
23:03:54.0953 1228 [ 0DBB250A89E2E1C9281009AC269F0805 ] C:\WINDOWS\system32\sl_anet.acm
23:03:54.0953 1228 C:\WINDOWS\system32\sl_anet.acm - ok
23:03:54.0953 1228 [ 877C90686858D899B042BBA45E9B7F2C ] C:\WINDOWS\system32\iac25_32.ax
23:03:54.0953 1228 C:\WINDOWS\system32\iac25_32.ax - ok
23:03:54.0953 1228 [ C30B851A482C4549125F4209788791E6 ] C:\WINDOWS\system32\iacenc.dll
23:03:54.0953 1228 C:\WINDOWS\system32\iacenc.dll - ok
23:03:54.0968 1228 [ F3946B534CC197CBFFD9A2ECFD1F556F ] C:\WINDOWS\system32\l3codeca.acm
23:03:54.0968 1228 C:\WINDOWS\system32\l3codeca.acm - ok
23:03:54.0968 1228 [ CF1C4265A73D50A1CE97FD308CE1AFC9 ] C:\WINDOWS\system32\sirenacm.dll
23:03:54.0968 1228 C:\WINDOWS\system32\sirenacm.dll - ok
23:03:54.0968 1228 [ 13FA039C5E464F3BF0C6D01E00581CAA ] C:\WINDOWS\system32\ac3acm.acm
23:03:54.0968 1228 C:\WINDOWS\system32\ac3acm.acm - ok
23:03:54.0984 1228 [ 22722B4E887BB95AB071542DE5A42C80 ] C:\WINDOWS\system32\lameACM.acm
23:03:54.0984 1228 C:\WINDOWS\system32\lameACM.acm - ok
23:03:54.0984 1228 [ 0A088320F77453FA250A63ACC3BADE02 ] C:\WINDOWS\system32\url.dll
23:03:54.0984 1228 C:\WINDOWS\system32\url.dll - ok
23:03:54.0984 1228 [ A516C0027E5E1E51FA5A53633029F7C3 ] C:\PROGRA~1\COMMON~1\ULEADS~1\VIO\DVACM.acm
23:03:54.0984 1228 C:\PROGRA~1\COMMON~1\ULEADS~1\VIO\DVACM.acm - ok
23:03:55.0000 1228 [ D048C23D23DA79360A8234F287B3F31A ] C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGACM.acm
23:03:55.0000 1228 C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGACM.acm - ok
23:03:55.0000 1228 [ 6A6C8BA32D6D3E65A29954679E1021A4 ] C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
23:03:55.0000 1228 C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm - ok
23:03:55.0000 1228 [ 27AC4269AEC331615FE934838E6C0736 ] C:\Program Files\Corel\Corel VideoStudio 12\upbplug.dll
23:03:55.0000 1228 C:\Program Files\Corel\Corel VideoStudio 12\upbplug.dll - ok
23:03:55.0015 1228 [ 4B40CD24C8E77579574AF84B636623E7 ] C:\Program Files\Corel\Corel VideoStudio 12\u32mpb.dll
23:03:55.0015 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32mpb.dll - ok
23:03:55.0015 1228 [ 23EB1427936C374F2F946CC9A56D1D3A ] C:\Program Files\Corel\Corel VideoStudio 12\u32mpbm.dll
23:03:55.0015 1228 C:\Program Files\Corel\Corel VideoStudio 12\u32mpbm.dll - ok
23:03:55.0031 1228 [ A2F3DF6E26EE9388B9783A9DEF794140 ] C:\Program Files\Corel\Corel VideoStudio 12\sepa.dll
23:03:55.0031 1228 C:\Program Files\Corel\Corel VideoStudio 12\sepa.dll - ok
23:03:55.0031 1228 [ 4CF58B5E4C1B31A25D4F72B4EFE61A2D ] C:\Program Files\Corel\Corel VideoStudio 12\vio\uvuis.vio
23:03:55.0031 1228 C:\Program Files\Corel\Corel VideoStudio 12\vio\uvuis.vio - ok
23:03:55.0031 1228 [ E8AE7380DDF881C96F08BB32CA73595B ] C:\Program Files\Corel\Corel VideoStudio 12\vio\uvmpeg.vio
23:03:55.0031 1228 C:\Program Files\Corel\Corel VideoStudio 12\vio\uvmpeg.vio - ok
23:03:55.0046 1228 [ 3397F2B00FB0714EB1BE024E04A864EB ] C:\Program Files\Corel\Corel VideoStudio 12\MPEG_VioRC.dll
23:03:55.0046 1228 C:\Program Files\Corel\Corel VideoStudio 12\MPEG_VioRC.dll - ok
23:03:55.0046 1228 [ 72D17E196CDC1D6ECF6EF974FBC38402 ] C:\Program Files\Corel\Corel VideoStudio 12\uvHTMPEG2.dll
23:03:55.0046 1228 C:\Program Files\Corel\Corel VideoStudio 12\uvHTMPEG2.dll - ok
23:03:55.0046 1228 [ 1214C7B97B1EF70AD20771E7DC603BDD ] C:\Program Files\Corel\Corel VideoStudio 12\ulStream.dll
23:03:55.0046 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulStream.dll - ok
23:03:55.0062 1228 [ 5EBC634B3EA53AE1FC9EBCE20E9D3847 ] C:\Program Files\Common Files\Ulead Systems\MPEG\mpegin.dll
23:03:55.0062 1228 C:\Program Files\Common Files\Ulead Systems\MPEG\mpegin.dll - ok
23:03:55.0062 1228 [ D25C03D04159D462D69F294BA7142BDB ] C:\WINDOWS\system32\msdmo.dll
23:03:55.0062 1228 C:\WINDOWS\system32\msdmo.dll - ok
23:03:55.0062 1228 [ 34395FAEDE6E3D820523C626CFCF3CE5 ] C:\Program Files\Common Files\Ulead Systems\MPEG\mcmpgdec.dll
23:03:55.0062 1228 C:\Program Files\Common Files\Ulead Systems\MPEG\mcmpgdec.dll - ok
23:03:55.0078 1228 [ 1DC8ED52943AE079A82D4EDA68B32339 ] C:\Program Files\Common Files\Ulead Systems\MPEG\ac3aout.dll
23:03:55.0078 1228 C:\Program Files\Common Files\Ulead Systems\MPEG\ac3aout.dll - ok
23:03:55.0078 1228 [ 0C682D6C1E2EEC6B1C9243FB5403E129 ] C:\Program Files\Common Files\Ulead Systems\MPEG\pcmaout.dll
23:03:55.0078 1228 C:\Program Files\Common Files\Ulead Systems\MPEG\pcmaout.dll - ok
23:03:55.0078 1228 [ 1D82F2174394D2F6556659348D961560 ] C:\Program Files\Common Files\Ulead Systems\MPEG\MPGAOUT.DLL
23:03:55.0078 1228 C:\Program Files\Common Files\Ulead Systems\MPEG\MPGAOUT.DLL - ok
23:03:55.0093 1228 [ E4C5CD1174082874D5178A9FB4D38A0C ] C:\Program Files\Common Files\Ulead Systems\MPEG\MPGVOUT.dll
23:03:55.0093 1228 C:\Program Files\Common Files\Ulead Systems\MPEG\MPGVOUT.dll - ok
23:03:55.0093 1228 [ A3B1AE9913B4B6DAEFF30A5D4A7CE2DF ] C:\Program Files\Common Files\Ulead Systems\MPEG\mpgvout.004
23:03:55.0093 1228 C:\Program Files\Common Files\Ulead Systems\MPEG\mpgvout.004 - ok
23:03:55.0109 1228 [ 69393B7DEBBD71D82EA473F950E6485B ] C:\Program Files\Common Files\Ulead Systems\MPEG\mpgmux.dll
23:03:55.0109 1228 C:\Program Files\Common Files\Ulead Systems\MPEG\mpgmux.dll - ok
23:03:55.0109 1228 [ AE98E0E87828345C8EA0E900B215427A ] C:\Program Files\Common Files\Ulead Systems\MPEG\mpg_dlg.dll
23:03:55.0109 1228 C:\Program Files\Common Files\Ulead Systems\MPEG\mpg_dlg.dll - ok
23:03:55.0109 1228 [ 30D4D5D0D8D6BC34C4B88165A6C6BA46 ] C:\Program Files\Common Files\Ulead Systems\MPEG\mpgcheck.dll
23:03:55.0109 1228 C:\Program Files\Common Files\Ulead Systems\MPEG\mpgcheck.dll - ok
23:03:55.0125 1228 [ BF7F2014FE1A019D746F0CB7D783AF36 ] C:\Program Files\Corel\Corel VideoStudio 12\uvSEPA.dll
23:03:55.0125 1228 C:\Program Files\Corel\Corel VideoStudio 12\uvSEPA.dll - ok
23:03:55.0125 1228 [ 0AC8709031B082DF71D5AD0529492976 ] C:\Program Files\Common Files\Ulead Systems\MPEG\MpgVEncHP.dll
23:03:55.0125 1228 C:\Program Files\Common Files\Ulead Systems\MPEG\MpgVEncHP.dll - ok
23:03:55.0125 1228 [ 794D4186FE9ACB063496D9F23E38D105 ] C:\Program Files\Common Files\Ulead Systems\MPEG\mcstdh264vout.001
23:03:55.0125 1228 C:\Program Files\Common Files\Ulead Systems\MPEG\mcstdh264vout.001 - ok
23:03:55.0140 1228 [ EC0E0F7CB37F76A45AFEFECBEBBDCDBC ] C:\Program Files\Common Files\Ulead Systems\MPEG\mcstdh264vout.dll
23:03:55.0140 1228 C:\Program Files\Common Files\Ulead Systems\MPEG\mcstdh264vout.dll - ok
23:03:55.0140 1228 [ EDD336F8EA57F04CDDCA474FEF520493 ] C:\Program Files\Corel\Corel VideoStudio 12\uvMPEGRO.dll
23:03:55.0140 1228 C:\Program Files\Corel\Corel VideoStudio 12\uvMPEGRO.dll - ok
23:03:55.0156 1228 [ 36CB2D7D22D811302C83E5E78A0B4D6C ] C:\Program Files\Corel\Corel VideoStudio 12\drawing\DrawDV.dra
23:03:55.0156 1228 C:\Program Files\Corel\Corel VideoStudio 12\drawing\DrawDV.dra - ok
23:03:55.0156 1228 [ AA5E22854F56C68148EB3345DBD62970 ] C:\WINDOWS\system32\devenum.dll
23:03:55.0156 1228 C:\WINDOWS\system32\devenum.dll - ok
23:03:55.0156 1228 [ 01CFA88F8DEE91EC9F8E0988F49D106E ] C:\WINDOWS\system32\avicap32.dll
23:03:55.0156 1228 C:\WINDOWS\system32\avicap32.dll - ok
23:03:55.0171 1228 [ F1941197A42F9F373CC70042FC82C950 ] C:\WINDOWS\system32\ksproxy.ax
23:03:55.0171 1228 C:\WINDOWS\system32\ksproxy.ax - ok
23:03:55.0171 1228 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9 ] C:\WINDOWS\system32\ksuser.dll
23:03:55.0171 1228 C:\WINDOWS\system32\ksuser.dll - ok
23:03:55.0171 1228 [ 94BA90C6AF5C50FF5F7A6392514C4642 ] C:\WINDOWS\system32\vidcap.ax
23:03:55.0171 1228 C:\WINDOWS\system32\vidcap.ax - ok
23:03:55.0187 1228 [ C9EF69B25DFA1C0E7932CB02FB8A7E91 ] C:\WINDOWS\system32\kswdmcap.ax
23:03:55.0187 1228 C:\WINDOWS\system32\kswdmcap.ax - ok
23:03:55.0187 1228 [ 0917A80268BDCE38CD19F93F2B12A9AD ] C:\Program Files\Corel\Corel VideoStudio 12\drawing\DrawWinDevice.dra
23:03:55.0187 1228 C:\Program Files\Corel\Corel VideoStudio 12\drawing\DrawWinDevice.dra - ok
23:03:55.0187 1228 [ BDE3ABDF759D81481BAE8F38AB58B7BB ] C:\Program Files\Corel\Corel VideoStudio 12\drawing\DualHead.dra
23:03:55.0187 1228 C:\Program Files\Corel\Corel VideoStudio 12\drawing\DualHead.dra - ok
23:03:55.0203 1228 [ 78C896A74AB040AF7667D518A9B5B8FD ] C:\Program Files\Corel\Corel VideoStudio 12\drawing\ICDraw.dra
23:03:55.0203 1228 C:\Program Files\Corel\Corel VideoStudio 12\drawing\ICDraw.dra - ok
23:03:55.0203 1228 [ 938B596D4170E4F9870A902DF2DEEF48 ] C:\WINDOWS\system32\iccvid.dll
23:03:55.0203 1228 C:\WINDOWS\system32\iccvid.dll - ok
23:03:55.0203 1228 [ 7D529AA41EA993357F8C3D7E92C2372A ] C:\WINDOWS\system32\msh263.drv
23:03:55.0203 1228 C:\WINDOWS\system32\msh263.drv - ok
23:03:55.0218 1228 [ 43ECA1576906BA76FB3E329A338A3CAE ] C:\WINDOWS\system32\ir32_32.dll
23:03:55.0218 1228 C:\WINDOWS\system32\ir32_32.dll - ok
23:03:55.0218 1228 [ 948E1498C6438625247F94534AAA82FE ] C:\WINDOWS\system32\ir41_32.ax
23:03:55.0218 1228 C:\WINDOWS\system32\ir41_32.ax - ok
23:03:55.0218 1228 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
23:03:55.0218 1228 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
23:03:55.0234 1228 [ C07552F5734B37F947289B51BC932376 ] C:\WINDOWS\system32\iyuv_32.dll
23:03:55.0234 1228 C:\WINDOWS\system32\iyuv_32.dll - ok
23:03:55.0234 1228 [ 777819E1514AA632364DE59F810B292C ] C:\WINDOWS\system32\msrle32.dll
23:03:55.0234 1228 C:\WINDOWS\system32\msrle32.dll - ok
23:03:55.0234 1228 [ FCB4782D700268C1B82ECEF74CF1A3B9 ] C:\WINDOWS\system32\msvidc32.dll
23:03:55.0234 1228 C:\WINDOWS\system32\msvidc32.dll - ok
23:03:55.0250 1228 [ 0F200BE1ED9DE188CA6407A3759BE7CF ] C:\WINDOWS\system32\msyuv.dll
23:03:55.0250 1228 C:\WINDOWS\system32\msyuv.dll - ok
23:03:55.0250 1228 [ C6FD300A6100AC89BC4CB944C19FA2A9 ] C:\WINDOWS\system32\msh261.drv
23:03:55.0250 1228 C:\WINDOWS\system32\msh261.drv - ok
23:03:55.0250 1228 [ B08F8FFBA4570E21A71C38E00CC678E7 ] C:\WINDOWS\system32\tsbyuv.dll
23:03:55.0250 1228 C:\WINDOWS\system32\tsbyuv.dll - ok
23:03:55.0265 1228 [ 5F10DC19D92CCF6B719B494572F4F74B ] C:\WINDOWS\system32\ir50_32.dll
23:03:55.0265 1228 C:\WINDOWS\system32\ir50_32.dll - ok
23:03:55.0265 1228 [ 4B0C0A8C960AF22761FB6A25D8A50DF2 ] C:\WINDOWS\system32\vp6vfw.dll
23:03:55.0265 1228 C:\WINDOWS\system32\vp6vfw.dll - ok
23:03:55.0265 1228 [ D60FB168C1EB7931094828D920254D98 ] C:\WINDOWS\system32\tsccvid.dll
23:03:55.0265 1228 C:\WINDOWS\system32\tsccvid.dll - ok
23:03:55.0281 1228 [ FDB6EA5F8D7F75173ECA24C661C28F88 ] C:\WINDOWS\system32\xvidvfw.dll
23:03:55.0281 1228 C:\WINDOWS\system32\xvidvfw.dll - ok
23:03:55.0281 1228 [ EA2A7A4E96087395C92F669BC316D592 ] C:\WINDOWS\system32\xvidcore.dll
23:03:55.0281 1228 C:\WINDOWS\system32\xvidcore.dll - ok
23:03:55.0281 1228 [ DD602C1FBA3A3E962627569C9E10AF7C ] C:\WINDOWS\system32\yv12vfw.dll
23:03:55.0296 1228 C:\WINDOWS\system32\yv12vfw.dll - ok
23:03:55.0296 1228 [ C5582FED3BF46AFD05D521AE2ECB3A59 ] C:\WINDOWS\system32\ff_vfw.dll
23:03:55.0296 1228 C:\WINDOWS\system32\ff_vfw.dll - ok
23:03:55.0296 1228 [ 2B7513DA802D175E910F9C9841547FE5 ] C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
23:03:55.0296 1228 C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax - ok
23:03:55.0312 1228 [ BC87DB4759083525F96A159861670C5E ] C:\WINDOWS\system32\dinput.dll
23:03:55.0312 1228 C:\WINDOWS\system32\dinput.dll - ok
23:03:55.0312 1228 [ 0A41851CE20B307F73496E329AA0424F ] C:\PROGRA~1\Corel\CORELV~1\DivX_ul.dll
23:03:55.0312 1228 C:\PROGRA~1\Corel\CORELV~1\DivX_ul.dll - ok
23:03:55.0312 1228 [ 9483304299E2C6EE5CFD4756AD91E082 ] C:\Program Files\Corel\Corel VideoStudio 12\ppp\dvdvr.ppp
23:03:55.0312 1228 C:\Program Files\Corel\Corel VideoStudio 12\ppp\dvdvr.ppp - ok
23:03:55.0328 1228 [ 1D9B4B539079A7D37811039A48A980C5 ] C:\Program Files\Corel\Corel VideoStudio 12\VR_MANGR.dll
23:03:55.0328 1228 C:\Program Files\Corel\Corel VideoStudio 12\VR_MANGR.dll - ok
23:03:55.0328 1228 [ C76741378CFB79CF2C2186A58D0B1E96 ] C:\Program Files\Corel\Corel VideoStudio 12\VR_MOVIE.dll
23:03:55.0328 1228 C:\Program Files\Corel\Corel VideoStudio 12\VR_MOVIE.dll - ok
23:03:55.0328 1228 [ 2AE8892CB8324B612500AFD091E8BD1D ] C:\Program Files\Corel\Corel VideoStudio 12\ppp\DVRecording.ppp
23:03:55.0328 1228 C:\Program Files\Corel\Corel VideoStudio 12\ppp\DVRecording.ppp - ok
23:03:55.0343 1228 [ EEDD32A81CB0DA2128B8ACE472787422 ] C:\Program Files\Corel\Corel VideoStudio 12\PPPRC.dll
23:03:55.0343 1228 C:\Program Files\Corel\Corel VideoStudio 12\PPPRC.dll - ok
23:03:55.0343 1228 [ 71569FE54CC0F302A659D044AC99FCB6 ] C:\Program Files\Corel\Corel VideoStudio 12\ppp\DvrMS.dll
23:03:55.0343 1228 C:\Program Files\Corel\Corel VideoStudio 12\ppp\DvrMS.dll - ok
23:03:55.0343 1228 [ 63AB3F63D70A6B64C197206C921C8751 ] C:\Program Files\Corel\Corel VideoStudio 12\udevmgr.dll
23:03:55.0343 1228 C:\Program Files\Corel\Corel VideoStudio 12\udevmgr.dll - ok
23:03:55.0359 1228 [ 7BCC58A7C72984F0796570C8268E7717 ] C:\Program Files\Corel\Corel VideoStudio 12\CapMgrRC.dll
23:03:55.0359 1228 C:\Program Files\Corel\Corel VideoStudio 12\CapMgrRC.dll - ok
23:03:55.0359 1228 [ 8D9BA1CCE94242C2ABADC50C3F90F72A ] C:\Program Files\Corel\Corel VideoStudio 12\CapMgr.dll
23:03:55.0359 1228 C:\Program Files\Corel\Corel VideoStudio 12\CapMgr.dll - ok
23:03:55.0359 1228 [ B930238DD238414D58BE10D12581BB88 ] C:\Program Files\Corel\Corel VideoStudio 12\XProfileAgent.dll
23:03:55.0359 1228 C:\Program Files\Corel\Corel VideoStudio 12\XProfileAgent.dll - ok
23:03:55.0375 1228 [ 411697042D4244375FD1B9D392562BE6 ] C:\Program Files\Corel\Corel VideoStudio 12\MpegSettings.dll
23:03:55.0375 1228 C:\Program Files\Corel\Corel VideoStudio 12\MpegSettings.dll - ok
23:03:55.0375 1228 [ EEF976FD573F79804093BEAE387AEE2C ] C:\Program Files\Corel\Corel VideoStudio 12\MpegMainConceptLib.dll
23:03:55.0375 1228 C:\Program Files\Corel\Corel VideoStudio 12\MpegMainConceptLib.dll - ok
23:03:55.0390 1228 [ AEABCFDCA9F1B3EC0ED61D0F2BAE8C35 ] C:\Program Files\Corel\Corel VideoStudio 12\ppp\DvrPapi.dll
23:03:55.0390 1228 C:\Program Files\Corel\Corel VideoStudio 12\ppp\DvrPapi.dll - ok
23:03:55.0390 1228 [ 5910EA4D980C43F6F23676051733821F ] C:\Program Files\Corel\Corel VideoStudio 12\ppp\DvrTI.dll
23:03:55.0390 1228 C:\Program Files\Corel\Corel VideoStudio 12\ppp\DvrTI.dll - ok
23:03:55.0390 1228 [ 26BEC6E28D5AF18F0AE665C6984E743B ] C:\Program Files\Corel\Corel VideoStudio 12\ppp\DvrHDV.ppp
23:03:55.0390 1228 C:\Program Files\Corel\Corel VideoStudio 12\ppp\DvrHDV.ppp - ok
23:03:55.0406 1228 [ 0A024C837D17D35B0B95038C40B69387 ] C:\Program Files\Corel\Corel VideoStudio 12\CU3PDVR_HDV_RC.dll
23:03:55.0406 1228 C:\Program Files\Corel\Corel VideoStudio 12\CU3PDVR_HDV_RC.dll - ok
23:03:55.0406 1228 [ 1B98AA2B6CE2197BE38ACB2D299B2374 ] C:\Program Files\Corel\Corel VideoStudio 12\ppp\neptune.ppp
23:03:55.0406 1228 C:\Program Files\Corel\Corel VideoStudio 12\ppp\neptune.ppp - ok
23:03:55.0406 1228 [ ABE795517B0B883268D0427F8ECCE627 ] C:\Program Files\Corel\Corel VideoStudio 12\ppp\u3phtml.ppp
23:03:55.0406 1228 C:\Program Files\Corel\Corel VideoStudio 12\ppp\u3phtml.ppp - ok
23:03:55.0421 1228 [ 932DB6D0AF49DC0D5FFA7B563E1038E8 ] C:\Program Files\Corel\Corel VideoStudio 12\ppp\u3pmail.ppp
23:03:55.0421 1228 C:\Program Files\Corel\Corel VideoStudio 12\ppp\u3pmail.ppp - ok
23:03:55.0421 1228 [ E81BBE78A8EF85ACD490B3E64EF63A7C ] C:\WINDOWS\system32\mapi32.dll
23:03:55.0421 1228 C:\WINDOWS\system32\mapi32.dll - ok
23:03:55.0421 1228 [ 5F6EA56C1F6A59D6FBA8F6BBC228FF5E ] C:\Program Files\Corel\Corel VideoStudio 12\ppp\u3pmgc.ppp
23:03:55.0421 1228 C:\Program Files\Corel\Corel VideoStudio 12\ppp\u3pmgc.ppp - ok
23:03:55.0437 1228 [ 195E801DA5340C2D19031680D7DC3AF5 ] C:\Program Files\Corel\Corel VideoStudio 12\ppp\u3pScreenSaver.ppp
23:03:55.0437 1228 C:\Program Files\Corel\Corel VideoStudio 12\ppp\u3pScreenSaver.ppp - ok
23:03:55.0437 1228 [ B24778B772263CBA9E53F81EA8EE43B1 ] C:\Program Files\Corel\Corel VideoStudio 12\ppp\uPPPYouTube.ppp
23:03:55.0437 1228 C:\Program Files\Corel\Corel VideoStudio 12\ppp\uPPPYouTube.ppp - ok
23:03:55.0437 1228 [ AC0366692C2891AFDC87D12C684E35D3 ] C:\Program Files\Corel\Corel VideoStudio 12\ulTitlePlug.dll
23:03:55.0437 1228 C:\Program Files\Corel\Corel VideoStudio 12\ulTitlePlug.dll - ok
23:03:55.0453 1228 [ B4B44EA7DA6BA93300C473D0BBBB46A1 ] C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Curve.dll
23:03:55.0453 1228 C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Curve.dll - ok
23:03:55.0453 1228 [ C11DF47ADF85CB7AA98C5448B99A45EF ] C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Drop.dll
23:03:55.0453 1228 C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Drop.dll - ok
23:03:55.0453 1228 [ 4545E33D0EB63A154B7DA723BE44018F ] C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Fade.dll
23:03:55.0453 1228 C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Fade.dll - ok
23:03:55.0468 1228 [ B4881551FF00D757084A0957A94D3134 ] C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Fly.dll
23:03:55.0468 1228 C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Fly.dll - ok
23:03:55.0468 1228 [ 4B039C3EA466B470C6945DFEDB14EFCE ] C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\PathAnim.dll
23:03:55.0468 1228 C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\PathAnim.dll - ok
23:03:55.0468 1228 [ 12F45629422563F3F22B21EEF7E21A7F ] C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Popup.dll
23:03:55.0468 1228 C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Popup.dll - ok
23:03:55.0484 1228 [ F40A50011B428A9C523A119F029A95B2 ] C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Turn.dll
23:03:55.0484 1228 C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Turn.dll - ok
23:03:55.0484 1228 [ 4AD70A63F8A670911F8E1853983E33B8 ] C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Zoom.dll
23:03:55.0484 1228 C:\Program Files\Corel\Corel VideoStudio 12\motion_plug\Zoom.dll - ok
23:03:55.0484 1228 [ A23085158FEB835BD24A8EFA8D5D083E ] C:\Program Files\Corel\Corel VideoStudio 12\eio\EIO.DLL
23:03:55.0500 1228 C:\Program Files\Corel\Corel VideoStudio 12\eio\EIO.DLL - ok
23:03:55.0500 1228 [ 00B6BADFB631FB766823498362A1D3FD ] C:\Program Files\Corel\Corel VideoStudio 12\eio\AFT.EIO
23:03:55.0500 1228 C:\Program Files\Corel\Corel VideoStudio 12\eio\AFT.EIO - ok
23:03:55.0500 1228 [ A59BEAC7EB906146E9C418811662A244 ] C:\Program Files\Corel\Corel VideoStudio 12\eio\VST.EIO
23:03:55.0500 1228 C:\Program Files\Corel\Corel VideoStudio 12\eio\VST.EIO - ok
23:03:55.0515 1228 [ 433ED9649E96D98764CA4B6B4C82FF2A ] C:\Program Files\Corel\Corel VideoStudio 12\vio\uvwav.vio
23:03:55.0515 1228 C:\Program Files\Corel\Corel VideoStudio 12\vio\uvwav.vio - ok
23:03:55.0515 1228 ============================================================
23:03:55.0515 1228 Scan finished
23:03:55.0515 1228 ============================================================
23:03:55.0625 1740 Detected object count: 8
23:03:55.0625 1740 Actual detected object count: 8
23:05:14.0562 1740 ALCXWDM ( UnsignedFile.Multi.Generic ) - skipped by user
23:05:14.0562 1740 ALCXWDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:05:14.0578 1740 BANTExt ( UnsignedFile.Multi.Generic ) - skipped by user
23:05:14.0578 1740 BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:05:14.0578 1740 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:05:14.0578 1740 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:05:14.0578 1740 giveio ( UnsignedFile.Multi.Generic ) - skipped by user
23:05:14.0578 1740 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:05:14.0578 1740 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
23:05:14.0578 1740 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:05:14.0578 1740 RTL8023xp ( UnsignedFile.Multi.Generic ) - skipped by user
23:05:14.0578 1740 RTL8023xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:05:14.0578 1740 sptd ( LockedFile.Multi.Generic ) - skipped by user
23:05:14.0578 1740 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
23:05:14.0578 1740 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
23:05:14.0578 1740 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
  • 0

#12
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts

Yep, that definitely looks like what I used. Ran it again, and it said the registry entry wasn't valid or couldn't be found or something.


We will look at another way.

Please delete your version of ComboFix, including the folders C:\Qoobox and C:\Combofix,if they are there and after that download a new version of Combofix.

Download ComboFix from one of this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#13
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
When I ran ComboFix, it tried to install the recovery console, I clicked yes, but it errored and said "Boot partition could not be enumerated," then it went on to the scan. Other than that, the scan went fine.

ComboFix 13-02-18.02 - Ally 02/19/2013 16:57:47.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3071.2531 [GMT -5:00]
Running from: c:\documents and settings\Ally\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((( Files Created from 2013-01-19 to 2013-02-19 )))))))))))))))))))))))))))))))
.
.
2013-02-19 04:01 . 2013-02-19 04:01 -------- d-----w- c:\windows\system32\wbem\Repository
2013-02-18 23:54 . 2013-02-18 23:54 -------- d-----w- C:\_OTL
2013-02-18 23:50 . 2013-02-18 23:50 -------- d-----w- c:\documents and settings\Ally\Application Data\Uninstaller Tool(Comodo Forums)
2013-02-18 04:52 . 2013-02-18 04:59 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\COMODO
2013-02-18 04:44 . 2013-02-18 04:44 -------- d-----w- C:\themes
2013-02-18 04:44 . 2013-01-24 22:42 281808 ----a-w- C:\7za.dll
2013-02-18 04:44 . 2013-02-18 04:44 -------- d-----w- C:\cis
2013-02-18 04:44 . 2013-01-24 22:42 3360976 ----a-w- C:\cmdhtml.dll
2013-02-18 04:44 . 2013-01-24 22:42 18980560 ----a-w- C:\cmdinstall.exe
2013-02-18 04:40 . 2013-02-18 04:59 -------- d-----w- c:\documents and settings\Ally\Local Settings\Application Data\COMODO
2013-02-18 04:14 . 2013-02-18 04:14 -------- d-----w- c:\program files\NirSoft
2013-02-18 02:33 . 2013-02-18 02:33 -------- d-----w- c:\documents and settings\Ally\Application Data\Malwarebytes
2013-02-18 02:32 . 2013-02-18 02:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-02-18 02:32 . 2013-02-18 02:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-18 02:32 . 2012-12-14 21:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-17 20:54 . 2013-02-17 20:54 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2013-02-17 06:05 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2013-02-17 06:02 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2013-02-17 06:02 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2013-02-17 06:01 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2013-02-17 06:00 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2013-02-17 06:00 . 2012-12-16 12:23 290560 -c----w- c:\windows\system32\dllcache\atmfd.dll
2013-02-17 05:58 . 2012-05-28 18:16 536576 -c----w- c:\windows\system32\dllcache\msado15.dll
2013-02-17 05:57 . 2012-07-04 14:05 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2013-02-17 05:54 . 2012-12-26 20:16 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2013-02-17 05:54 . 2012-12-26 20:16 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2013-02-17 05:51 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2013-02-17 05:51 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2013-02-17 05:51 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2013-02-17 05:48 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2013-02-17 02:51 . 2008-04-14 00:12 218624 ----a-w- c:\windows\system32\uxtheme.backup
2013-02-17 02:07 . 2012-10-30 23:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-17 02:07 . 2012-10-30 23:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-17 02:07 . 2012-10-30 23:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-17 02:07 . 2012-10-30 23:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-17 02:06 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-17 02:06 . 2012-10-30 23:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-17 02:06 . 2013-02-17 02:06 -------- d-----w- c:\program files\AVAST Software
2013-02-17 02:06 . 2013-02-17 02:06 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2013-02-17 02:02 . 2013-02-17 02:02 -------- d-----w- c:\program files\Magical Jelly Bean
2013-02-17 01:58 . 2013-02-17 01:58 -------- d-----w- c:\program files\Belarc
2013-02-17 01:58 . 2011-08-09 21:33 3840 ----a-w- c:\windows\system32\drivers\BANTExt.sys
2013-02-17 01:38 . 2013-02-17 01:39 292700 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-02-17 01:38 . 2013-02-17 01:39 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-02-17 01:38 . 2013-02-17 01:38 292700 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-02-17 01:38 . 2013-02-17 01:38 -------- d-----w- c:\program files\NVIDIA Corporation
2013-02-17 01:09 . 2013-02-17 01:10 -------- d-----w- c:\documents and settings\Ally\Local Settings\Application Data\Google
2013-02-17 01:09 . 2013-02-17 01:09 -------- d-----w- c:\program files\Google
2013-02-16 07:45 . 2013-02-17 00:29 -------- d-----w- c:\documents and settings\Ally\Backed up files from the 1TB
2013-02-16 07:20 . 2004-11-17 08:11 9319936 ----a-w- c:\windows\system32\RTLCPL.EXE
2013-02-16 07:20 . 2004-09-07 06:23 156672 ----a-w- c:\windows\system32\RTLCPAPI.dll
2013-02-16 07:20 . 2004-07-16 06:19 70400 ----a-w- c:\windows\system32\drivers\Rtlnicxp.sys
2013-02-16 07:19 . 2004-11-17 11:05 2297664 ----a-w- c:\windows\system32\drivers\ALCXWDM.SYS
2013-02-16 07:19 . 2004-11-17 08:08 16162816 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2013-02-11 00:37 . 2008-04-13 18:45 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2013-02-11 00:37 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2013-02-11 00:37 . 2008-04-14 00:12 91136 ----a-w- c:\windows\system32\kswdmcap.ax
2013-02-11 00:37 . 2008-04-14 00:12 61952 ----a-w- c:\windows\system32\kstvtune.ax
2013-02-11 00:37 . 2008-04-14 00:12 43008 ----a-w- c:\windows\system32\ksxbar.ax
2013-02-11 00:37 . 2008-04-14 00:12 20992 ----a-w- c:\windows\system32\dshowext.ax
2013-02-11 00:37 . 2008-04-14 00:12 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2013-02-11 00:37 . 2008-04-14 00:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2013-02-11 00:36 . 2008-04-13 18:40 5504 -c--a-w- c:\windows\system32\dllcache\intelide.sys
2013-02-11 00:36 . 2008-04-13 18:40 5504 ----a-w- c:\windows\system32\drivers\intelide.sys
2013-02-11 00:35 . 2008-04-13 18:45 10624 -c--a-w- c:\windows\system32\dllcache\gameenum.sys
2013-02-11 00:35 . 2008-04-13 18:45 10624 ----a-w- c:\windows\system32\drivers\gameenum.sys
2013-01-27 18:53 . 2013-01-27 18:54 -------- d-----w- C:\f12faa67f3615af0b880
2013-01-26 03:55 . 2013-01-26 03:55 552448 -c----w- c:\windows\system32\dllcache\oleaut32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-18 05:11 . 2010-03-04 00:54 285256 ----a-w- c:\windows\system32\guard32.dll
2013-01-26 03:55 . 2004-08-04 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:19 . 2004-08-04 12:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37 . 2004-08-03 22:59 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20 . 2004-08-04 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-04 12:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-04 12:00 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:16 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:16 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:16 . 2004-08-04 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2004-08-04 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-10-07 323392]
"Aim"="c:\program files\AIM\aim.exe" [2012-05-30 4331392]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2010-01-28 2937528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"UVS12 Preload"="c:\program files\Corel\Corel VideoStudio 12\uvPL.exe" [2008-06-09 397456]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"PC Pitstop Optimize Scheduler"="c:\program files\PCPitstop\Optimize\PCPOptimize.exe" [2008-03-26 2577120]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-12 483422]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 77824]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"DLCXCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll" [2006-10-16 106496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Rosetta Stone\\Rosetta Stone V3\\support\\bin\\win\\RosettaStoneLtdServices.exe"=
"c:\\Program Files\\Rosetta Stone\\Rosetta Stone V3\\RosettaStoneVersion3.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\WINDOWS\\system32\\dlcxcoms.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56294:TCP"= 56294:TCP:Pando Media Booster
"56294:UDP"= 56294:UDP:Pando Media Booster
"<NO NAME>"=
"58422:TCP"= 58422:TCP:Pando Media Booster
"58422:UDP"= 58422:UDP:Pando Media Booster
"58670:TCP"= 58670:TCP:Pando Media Booster
"58670:UDP"= 58670:UDP:Pando Media Booster
"57761:TCP"= 57761:TCP:Pando Media Booster
"57761:UDP"= 57761:UDP:Pando Media Booster
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5/4/2009 5:58 PM 721904]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2/16/2013 9:07 PM 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/16/2013 9:07 PM 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/16/2013 9:07 PM 21256]
R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [10/13/2011 5:21 PM 249648]
R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [4/11/2009 3:39 PM 1373480]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [11/29/2009 7:24 PM 47360]
S2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [10/21/2011 3:23 PM 196176]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-17 01:09 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-19 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-17 23:50]
.
2013-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-17 01:09]
.
2013-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-17 01:09]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\documents and settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage -
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-COMODO Internet Security - c:\program files\COMODO\COMODO Internet Security\cfp.exe
SafeBoot-22752142.sys
AddRemove-Free DVD Video Burner_is1 - c:\program files\DVDVideoSoft\Free DVD Video Burner\unins000.exe
AddRemove-Free Video to DVD Converter_is1 - c:\program files\DVDVideoSoft\Free Video to DVD Converter\unins000.exe
AddRemove-Free Video to Mp3 Converter_is1 - c:\program files\DVDVideoSoft\Free Video to Mp3 Converter\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-19 17:06
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCXCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll,[email protected]???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1417001333-287218729-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(784)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(840)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'explorer.exe'(2068)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Stardock\Object Desktop\IconPackager\iprepair.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-02-19 17:08:00
ComboFix-quarantined-files.txt 2013-02-19 22:07
ComboFix2.txt 2013-02-18 03:22
.
Pre-Run: 304,988,094,464 bytes free
Post-Run: 305,081,401,344 bytes free
.
- - End Of File - - C06ABFA5F2D9354217E18174CB936AAE
  • 0

#14
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts

When I ran ComboFix, it tried to install the recovery console, I clicked yes, but it errored and said "Boot partition could not be enumerated," then it went on to the scan.


Hmm... we wanted to use the Recovery Console to repair your machines Boot.ini :rolleyes:

Probably won't add much to the discussion but just in case let's do this:

Turn on the boot logging:

Start > All Programs > Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
msconfig

Click on the Boot tab. Check the boot log box and then Apply and OK. Reboot.

After a boot the log should be at C:\Windows\ntbtlog.txt

Copy and post back here.

After that

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

KillAll::

Driver::
npggsvc

File::
C:\cmdinstall.exe
C:\windows\System32\guard32.dll
c:\windows\system32\GameMon.des -service

Folder::
C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO
C:\Documents and Settings\Ally\Local Settings\Application Data\COMODO

Reboot::


Save this as CFScript.txt, in the same location as ComboFix.exe

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt. Please post that here for further review.
  • 0

#15
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
I did the msconfig thing just as you told me, but it wouldn't let me open it through the command prompt in accessories, so I tried it on the "Run" when you first click on the start up icon, it worked but no boot tab was available, I went through every tab but I didn't see any options to enable boot logging. The tabs that are available are: General, SYSTEM.ini, WIN.ini, Services, Startup, and Tools. None of them have any logging options though. I wanted to let you know before I proceeded with the next step. I'm assuming it's alright to do the ComboFix step now or is there another way to turn boot logging on?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP