Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan.Agent/Gen-MulDrop [Solved]


  • This topic is locked This topic is locked

#1
stman01

stman01

    Member

  • Member
  • PipPip
  • 29 posts
The title is just one of two Trojan's that have recently popped up on my computer. I can't remember the other, because I apparently did not write it down. The Muldrop trojan showed up probably about a week ago. My computer became insanely slow so I ran my virus/malaware programs (Avast, Super Anti-Sypware and Malawarebytes). The only program that picked anything up was Super Anti-spyware. I removed that Muldrop trojan and then ran the scanners again in safe mode. The Muldrop trojan did not show up in safe mode, but a second trojan did. This time Malawarebytes was the one to pick it up. The only thing I remember about that trojan is that it had the word "fake" in it's name. That's probably not helpful, but never know. I turned off the computer for the night then ran the scanners in safe mode again in the morning. That same second trojan came up again. I again hit "remove."

I haven't run any more scans for a few days because I haven't had the time to turn on the computer. I do notice that the internet is still incredibly slow, which leads me to believe that there are still issues. I usually update/run all my anti-virus/malaware programs at least once a week. I'm not exactly sure where I specifically picked up these trojans. I typically stick to the same kind of websites daily and don't stray from that (sports news websites such as ESPN and local newspapers). I do know that no site is safe anymore these days though, especially with the revenue they get from putting up ads on their site. I use Firefox as my default web browser, if that info is needed as well. Any help you can give me will be greatly appreciated.


Two logs came up when I ran the OTL quickscan, hopefully that's correct. I'll post both.

1st log:
OTL Extras logfile created on: 6/8/2013 9:50:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

501.77 Mb Total Physical Memory | 150.98 Mb Available Physical Memory | 30.09% Memory free
1.93 Gb Paging File | 1.43 Gb Available in Paging File | 73.88% Paging File free
Paging file location(s): C:\pagefile.sys 1512 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.64 Gb Total Space | 181.74 Gb Free Space | 79.49% Space Free | Partition Type: NTFS
Drive D: | 4.23 Gb Total Space | 0.79 Gb Free Space | 18.75% Space Free | Partition Type: FAT32

Computer Name: YOUR-9D5EC51C2A | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Program Files\Qwest\QuickConnect\QuickConnect.exe" = C:\Program Files\Qwest\QuickConnect\QuickConnect.exe:*:Enabled:QuickConnect -- (Qwest Communications International Inc.)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\WINDOWS\system32\lxdkcoms.exe" = C:\WINDOWS\system32\lxdkcoms.exe:*:Enabled:Lexmark Communications System
"C:\Program Files\Lexmark 5300 Series\lxdkamon.exe" = C:\Program Files\Lexmark 5300 Series\lxdkamon.exe:*:Enabled:Lexmark Device Monitor
"C:\Program Files\Lexmark 5300 Series\frun.exe" = C:\Program Files\Lexmark 5300 Series\frun.exe:*:Enabled:Lexmark Productivity Studio
"C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe" = C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader -- (ABBYY (BIT Software))
"C:\Program Files\Lexmark 5300 Series\lxdkmon.exe" = C:\Program Files\Lexmark 5300 Series\lxdkmon.exe:*:Enabled:Printer Device Monitor
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdkpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdkpswx.exe:*:Enabled:Printer Status Window Interface
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdktime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdktime.exe:*:Enabled:Lexmark Connect Time Executable
"C:\Program Files\Lexmark 5300 Series\LXDKFax.exe" = C:\Program Files\Lexmark 5300 Series\LXDKFax.exe:*:Enabled:Fax Solutions Software
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdkjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdkjswx.exe:*:Enabled:Job Status Window Interface
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdkwbgw.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdkwbgw.exe:*:Enabled:Lexmark Web Gateway
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Qwest\QuickConnect\QuickConnect.exe" = C:\Program Files\Qwest\QuickConnect\QuickConnect.exe:*:Enabled:QuickConnect -- (Qwest Communications International Inc.)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\plugin-container.exe" = C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox -- (Mozilla Corporation)
"C:\Documents and Settings\Owner\Local Settings\temp\7zS3968\HPDiagnosticCoreUI.exe" = C:\Documents and Settings\Owner\Local Settings\temp\7zS3968\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS
"C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetup.exe" = C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP Device Setup (HP Deskjet 3510 series) -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe" = C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Network Communicator (HP Deskjet 3510 series) -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe" = C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe:LocalSubNet:Enabled:HP Network Communicator COM (HP Deskjet 3510 series) -- (Hewlett-Packard Co.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{0FF18B53-CA57-40BB-B562-21A27B662005}" = 1600
"{1006DA78-79A1-43AD-BEB9-7CDCDAEFD588}" = HP Deskjet 3510 series Product Improvement Study
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{178BAABD-0C95-4EB6-9E12-29A039EA27F6}" = Qwest eChat Support Tools
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3560CE5A-C4EF-4DB0-9ECC-BA035FE309C5}" = MSN Toolbar
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It! Library 10
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Picture It! Premium 10
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4998FF95-709A-430A-B104-92A009ABB848}" = QuickConnect
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{552D540B-CC79-4596-A1AA-5F31FBBAC78C}" = BatchPurifier
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E66ECBD-FCA7-4AE1-A8C5-1CA78BEEB057}" = Multimedia Keyboard Driver
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9692FD03-6662-4E62-B08C-30DFF51651E1}" = Actiontec Gateway
"{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}" = HP Deskjet 3510 series Help
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F6E90-519F-4217-9A4B-466632D5CCCB}" = HP Deskjet 3510 series Basic Device Software
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB449D5A-7710-47aa-B9F5-352B877C90E6}" = 1600_Help
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Picture Package Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D167DA32-32AB-45FC-AEC1-7380BE2221A2}" = QuickConnect
"{D42B6F90-1084-4C9B-AF28-958926E6E32E}" = LP_Flash
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D94A8E22-DF2B-4107-9E51-608A60A7671D}" = Personal Ancestral File 5
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}" = RealDownloader
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4C6CC40-1142-49be-A28C-7BBD36F0B41A}" = 1600Trb
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = SoftV92 Data Fax Modem with SmartCP
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"getPlus®_ocx" = getPlus®_ocx
"Google Chrome" = Google Chrome
"HiDownload_is1" = HiDownload
"HP Photo & Imaging" = HP Image Zone 4.7
"HP Photo Creations" = HP Photo Creations
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Lexmark X73" = Lexmark X73
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PictureItPrem_v10" = Microsoft Picture It! Premium 10
"PROSet" = Intel® PRO Network Adapters and Drivers
"RealArcade" = RealArcade
"RealPlayer 16.0" = RealPlayer
"URL Helper_is1" = URL Helper
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahtzee Download Edition" = Yahtzee Download Edition
"ZoneAlarm" = ZoneAlarm

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/11/2013 3:48:34 AM | Computer Name = YOUR-9D5EC51C2A | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 20.0.1.4847, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/12/2013 3:26:25 AM | Computer Name = YOUR-9D5EC51C2A | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 20.0.1.4847, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/14/2013 5:58:31 PM | Computer Name = YOUR-9D5EC51C2A | Source = MsiInstaller | ID = 1013
Description = Product: HP Deskjet 3510 series Basic Device Software -- A newer version
of HP Deskjet 3510 series Basic Device Software is already installed on your system.

Error - 5/15/2013 11:31:15 PM | Computer Name = YOUR-9D5EC51C2A | Source = Application Error | ID = 1000
Description = Faulting application msimn.exe, version 6.0.2900.5512, faulting module
unknown, version 0.0.0.0, fault address 0x6034a064.

Error - 5/16/2013 7:59:28 PM | Computer Name = YOUR-9D5EC51C2A | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 20.0.1.4847, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/17/2013 3:05:02 AM | Computer Name = YOUR-9D5EC51C2A | Source = Application Hang | ID = 1002
Description = Hanging application AvastUI.exe, version 8.0.1483.72, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/19/2013 12:48:59 AM | Computer Name = YOUR-9D5EC51C2A | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 21.0.0.4879, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/21/2013 8:17:26 PM | Computer Name = YOUR-9D5EC51C2A | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 21.0.0.4879, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/21/2013 8:17:27 PM | Computer Name = YOUR-9D5EC51C2A | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 21.0.0.4879, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/3/2013 7:55:07 PM | Computer Name = YOUR-9D5EC51C2A | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

[ System Events ]
Error - 6/7/2013 7:48:51 AM | Computer Name = YOUR-9D5EC51C2A | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 6/7/2013 7:49:28 AM | Computer Name = YOUR-9D5EC51C2A | Source = Service Control Manager | ID = 7001
Description = The DHCP Client service depends on the NetBios over Tcpip service
which failed to start because of the following error: %%31

Error - 6/7/2013 7:49:28 AM | Computer Name = YOUR-9D5EC51C2A | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31

Error - 6/7/2013 7:49:28 AM | Computer Name = YOUR-9D5EC51C2A | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 6/7/2013 7:49:28 AM | Computer Name = YOUR-9D5EC51C2A | Source = Service Control Manager | ID = 7001
Description = The TrueVector Internet Monitor service depends on the vsdatant service
which failed to start because of the following error: %%31

Error - 6/7/2013 7:49:28 AM | Computer Name = YOUR-9D5EC51C2A | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 6/7/2013 7:49:28 AM | Computer Name = YOUR-9D5EC51C2A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eeCtrl Fips intelppm IPSec Lbd MRxSmb NetBIOS NetBT
RasAcd
Rdbss
SASDIFSV
SASKUTIL
SBRE
Tcpip
vsdatant

Error - 6/7/2013 5:53:58 PM | Computer Name = YOUR-9D5EC51C2A | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 6/7/2013 5:56:52 PM | Computer Name = YOUR-9D5EC51C2A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
eeCtrl Lbd SBRE

Error - 6/8/2013 10:04:00 PM | Computer Name = YOUR-9D5EC51C2A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
eeCtrl Lbd SBRE


< End of report >

2nd log:

OTL logfile created on: 6/8/2013 9:50:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

501.77 Mb Total Physical Memory | 150.98 Mb Available Physical Memory | 30.09% Memory free
1.93 Gb Paging File | 1.43 Gb Available in Paging File | 73.88% Paging File free
Paging file location(s): C:\pagefile.sys 1512 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.64 Gb Total Space | 181.74 Gb Free Space | 79.49% Space Free | Partition Type: NTFS
Drive D: | 4.23 Gb Total Space | 0.79 Gb Free Space | 18.75% Space Free | Partition Type: FAT32

Computer Name: YOUR-9D5EC51C2A | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/08 21:34:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2013/05/16 20:57:34 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/05/09 03:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/04/20 00:33:23 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/03/06 02:23:52 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/09/20 18:24:00 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/06 16:14:18 | 000,919,016 | ---- | M] (Zone Labs, LLC) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2007/09/06 16:14:18 | 000,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2006/10/15 18:28:28 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS


========== Modules (No Company Name) ==========

MOD - [2013/06/08 14:22:48 | 002,087,936 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13060801\algo.dll
MOD - [2013/06/06 14:16:27 | 002,087,936 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13060601\algo.dll
MOD - [2013/05/16 20:57:32 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/05/15 19:33:25 | 016,033,160 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2013/01/02 01:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/06 16:15:50 | 000,194,032 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\lib\pyd\zpui.pyd
MOD - [2007/09/06 16:15:50 | 000,046,576 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\lib\pyd\_socket.pyd
MOD - [2007/09/06 16:15:50 | 000,026,096 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\lib\pyd\signedDll.pyd
MOD - [2007/09/06 16:15:48 | 000,144,880 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyexpat.pyd
MOD - [2007/09/06 16:15:48 | 000,026,096 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyvsinit.pyd
MOD - [2007/09/06 16:13:58 | 000,796,048 | ---- | M] () -- C:\WINDOWS\system32\libeay32_0.9.6l.dll
MOD - [2007/05/31 21:06:42 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\LXDKPMON.DLL
MOD - [2007/04/09 05:59:30 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\lxdkoem.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/05/16 20:57:33 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/15 19:34:04 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/04/20 00:33:23 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/09/20 18:24:00 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2007/09/06 16:14:18 | 000,075,304 | ---- | M] (Zone Labs, LLC) [Auto | Running] -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2007/01/25 12:31:34 | 000,093,048 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/10/15 18:28:28 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/05/09 03:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/05/09 03:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/05/09 03:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 03:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 03:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 03:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 03:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/05/09 03:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/03 12:31:32 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/09/03 12:31:31 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/20 11:05:40 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/09/06 16:14:28 | 000,395,080 | ---- | M] (Zone Labs, LLC) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/06/11 12:44:10 | 000,050,416 | ---- | M] (Zone Labs, LLC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2007/01/25 12:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2006/12/29 18:18:55 | 000,016,224 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2006/08/28 22:48:26 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/08/28 22:48:26 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2004/11/15 19:41:54 | 000,036,804 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2004/10/27 20:24:00 | 002,297,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2004/08/12 19:45:52 | 000,113,664 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/06/17 17:56:22 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/06/17 17:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 17:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2001/08/17 15:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)
DRV - [2001/08/17 14:12:32 | 000,016,074 | ---- | M] (NETGEAR Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FA312nd5.sys -- (FA312)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{59163DEA-F164-4D6A-8846-A42D3074A892}: "URL" = http://www.google.co...ie7&rlz=1I7GWYA
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Search the Web"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: moveplayer%40movenetworks.com:7
FF - prefs.js..extensions.enabledAddons: autofillForms%40blueimp.net:0.9.9.0
FF - prefs.js..extensions.enabledAddons: %7BDAC3F861-B30D-40dd-9166-F4E75327FAC7%7D:1.3.1
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:0.9.8.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {b3c32be9-27de-4c75-8878-b4ec7247bbcc}:3.3.3.2
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/03 14:36:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/03 14:36:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/18 16:02:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/04/10 19:10:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/19 19:22:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Owner\Application Data\Move Networks [2010/03/31 16:07:09 | 000,000,000 | ---D | M]

[2010/11/02 00:19:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2013/04/06 20:25:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9nhoziaq.default\extensions
[2010/11/11 21:23:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9nhoziaq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/30 20:41:01 | 000,000,000 | ---D | M] (Minnesota Twins Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9nhoziaq.default\extensions\{b3c32be9-27de-4c75-8878-b4ec7247bbcc}(2)
[2012/12/07 18:49:21 | 000,149,045 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9nhoziaq.default\extensions\[email protected]
[2013/05/16 20:57:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/05/16 20:57:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/05/16 20:57:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/16 20:57:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/04/10 19:10:09 | 000,000,000 | ---D | M] (RealDownloader) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2010/03/31 16:07:09 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOVE NETWORKS
[2013/05/18 16:02:06 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2009/11/19 17:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2009/11/19 17:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2013/04/10 19:08:25 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

========== Chrome ==========

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

O1 HOSTS File: ([2010/09/12 13:30:59 | 000,000,000 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O8 - Extra context menu item: Download All Files by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGetAll.htm ()
O8 - Extra context menu item: Download by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGet.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_33.dll (Sun Microsystems, Inc.)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1369515927640 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com...obat/nos/gp.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{657AC6C3-D9B5-47E3-880B-54F0DEB28E32}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:AutorunsDisabled () -
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/04/13 12:20:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2100/02/08 17:03:54 | 000,053,248 | ---- | C] (Silitek Corp.) -- C:\Program Files\ACMonitor_X73.exe
[2013/06/08 21:34:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/06/03 18:55:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\ElevatedDiagnostics
[2013/06/03 18:52:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2013/06/03 18:52:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2013/05/25 15:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\CyberLink
[2013/05/25 15:33:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Ahead
[2013/05/16 20:57:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/01/01 17:58:23 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Owner\Application Data\pcouffin.sys
[2007/10/03 21:47:43 | 002,614,072 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccleanersetup200.exe
[2007/10/03 21:22:00 | 000,210,416 | ---- | C] (Check Point Software Technologies LTD) -- C:\Program Files\zonealarmSetup_en.exe
[2007/10/02 23:39:24 | 000,436,360 | ---- | C] (Yahoo! Inc.) -- C:\Program Files\msgr8us.exe
[2007/10/02 21:33:55 | 018,895,728 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Install_Messenger.exe
[3 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/08 21:48:09 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/08 21:48:03 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/08 21:34:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/06/08 21:32:12 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/08 21:31:30 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/06/08 21:05:16 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/06/08 21:04:49 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/06/08 21:03:50 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/06/08 21:03:49 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/06/08 21:03:40 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/08 21:03:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/08 21:03:37 | 526,217,216 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/07 17:03:12 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2013/06/07 16:53:47 | 000,000,209 | RHS- | M] () -- C:\boot.ini
[2013/06/06 20:41:51 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2013/06/05 22:52:48 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/06/05 14:00:16 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2013/06/03 14:32:07 | 000,095,000 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\audreylaurajune32013.jpg
[2013/06/01 22:15:01 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2013/05/30 12:22:24 | 000,073,498 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\audreypreschoolgraduatemay2013.jpg
[2013/05/30 12:21:59 | 000,076,279 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\grantlauraaudreymay2013.jpg
[2013/05/28 23:14:37 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/05/28 18:27:48 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Microsoft Word.lnk
[2013/05/27 10:10:44 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013/05/18 16:02:12 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/05/15 18:13:00 | 000,259,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/05/15 06:31:00 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/05/15 06:26:40 | 000,441,552 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/05/15 06:26:40 | 000,071,488 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[3 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files Created - No Company Name ==========

[2100/03/04 12:41:14 | 000,017,020 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\Lxarscan.sys
[2100/02/23 18:55:50 | 000,000,821 | ---- | C] () -- C:\WINDOWS\Lexmark_ICM.ini
[2100/02/23 15:35:34 | 000,000,768 | ---- | C] () -- C:\Program Files\x73_lut.dat
[2100/02/23 14:35:34 | 000,000,768 | ---- | C] () -- C:\WINDOWS\x73_lut.dat
[2100/02/08 16:53:34 | 000,001,437 | ---- | C] () -- C:\Program Files\gtx73.ini
[2100/02/08 15:53:34 | 000,001,437 | ---- | C] () -- C:\WINDOWS\GtX73.ini
[2013/06/07 16:56:30 | 526,217,216 | -HS- | C] () -- C:\hiberfil.sys
[2013/06/06 17:36:11 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/06/03 14:32:03 | 000,095,000 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\audreylaurajune32013.jpg
[2013/05/30 12:22:23 | 000,073,498 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\audreypreschoolgraduatemay2013.jpg
[2013/05/30 12:21:49 | 000,076,279 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\grantlauraaudreymay2013.jpg
[2013/05/28 23:15:05 | 000,000,300 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/05/28 23:15:02 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/05/28 23:14:35 | 000,000,326 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/03/28 21:56:10 | 000,174,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/28 21:56:09 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012/12/02 17:48:10 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini
[2012/02/15 21:33:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/07/10 18:39:15 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/07/10 18:39:15 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2009/01/01 17:58:24 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\ezpinst.exe
[2009/01/01 17:58:24 | 000,007,176 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.cat
[2009/01/01 17:58:23 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.inf
[2008/08/10 14:32:23 | 002,228,534 | ---- | C] ( ) -- C:\Program Files\audacity-win-1.2.6.exe
[2008/03/07 00:22:07 | 000,032,631 | ---- | C] () -- C:\Documents and Settings\All Users\lxdk
[2007/10/03 21:58:56 | 028,556,584 | ---- | C] () -- C:\Program Files\avgantivirus75free_488a1138.exe
[2006/12/28 18:05:35 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2006/12/16 12:56:59 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2006/10/15 18:50:56 | 000,064,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2001/05/09 17:38:20 | 000,008,152 | ---- | C] () -- C:\Program Files\OsloD3066.usb
[2000/12/05 16:56:34 | 000,114,688 | ---- | C] () -- C:\Program Files\lxarscan.dll
[2000/01/11 13:50:48 | 000,000,046 | ---- | C] () -- C:\Program Files\ACMonitor_X73.ini

========== ZeroAccess Check ==========

[2005/04/13 12:15:37 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/08/20 00:30:51 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/11/30 23:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2013/03/28 21:54:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/07/04 17:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2007/10/03 21:33:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2007/09/22 19:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2010/09/21 19:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/10/12 20:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2012/12/02 17:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visan
[2007/11/14 19:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2011/08/03 22:25:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\5300 Series
[2009/04/24 18:14:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/04/05 20:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Digital Confidence
[2013/06/03 18:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ElevatedDiagnostics
[2009/10/26 19:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2008/01/22 19:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Lexmark Productivity Studio
[2009/01/01 17:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MagicDVDCreator
[2010/01/14 20:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\OpenOffice.org
[2006/10/15 18:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2006/12/16 12:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2007/10/12 20:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Viewpoint
[2009/01/01 17:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Vso

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >
  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello stman01,

Firstly, please go to Start > Control Panel >Add or Remove Programs (Programs and Features if you are a Vista user) and uninstall the following if they exist:

Viewpoint, Viewpoint Manager, Viewpoint Media Player.:

Viewpoint Manager is considered to be foistware. You can go to the link below to read about it.

http://www.clickz.com/news/article.php/3561546

After that

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. The 32bit version will be the right one for your machine.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

  • 0

#3
stman01

stman01

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Thank you for your help, emeraldnzl. I've removed Viewpoint Media Player from my programs.

FRST Log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2013
Ran by Owner (administrator) on 13-06-2013 19:05:28
Running from C:\Documents and Settings\Owner\Desktop
Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Zone Labs, LLC) C:\WINDOWS\system32\ZoneLabs\vsmon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Microsoft Corporation) C:\WINDOWS\eHome\ehRecvr.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehSched.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(New Boundary Technologies, Inc.) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Zone Labs, LLC) C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPNSCFG.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [919016 2007-09-06] (Zone Labs, LLC)
HKLM\...\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] [x]
HKLM\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k [x]
Winlogon\Notify\igfxcui: igfxsrvc.dll (Intel Corporation)
HKCU\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [204288 2006-10-18] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
HKLM SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.c...ferrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.c...ferrer:source?}
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search...p={searchTerms}
HKCU SearchScopes: DefaultScope {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search...p={searchTerms}
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search...p={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKCU -No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
Toolbar: HKCU -No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
Toolbar: HKCU -Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
Toolbar: HKCU -No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com...obat/nos/gp.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: ipp - No CLSID Value -
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-09-03] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9nhoziaq.default
FF SearchEngine: Search the Web
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: chrome://browser-region/locale/region.properties
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @movenetworks.com/Quantum Media Player - C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF Plugin: @real.com/nppl3260;version=16.0.1.18 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.1.18 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9nhoziaq.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Minnesota Twins Community Toolbar - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9nhoziaq.default\Extensions\{b3c32be9-27de-4c75-8878-b4ec7247bbcc}(2)
FF Extension: autofillForms - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9nhoziaq.default\Extensions\[email protected]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (RealNetworks™ Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Move Streaming Media Player) - C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll No File
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-20] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S4 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [311808 2001-05-14] (Lexmark International, Inc.)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] ()
R2 PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [172032 2006-10-15] (New Boundary Technologies, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)
R2 vsmon; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [75304 2007-09-06] (Zone Labs, LLC)
S4 HidServ; %SystemRoot%\System32\hidserv.dll [x]
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-05-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368944 2013-05-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [174664 2013-05-09] ()
R1 Cdr4_xp; C:\Windows\System32\Drivers\Cdr4_xp.sys [2432 2006-08-28] (Sonic Solutions)
R1 Cdralw2k; C:\Windows\System32\Drivers\Cdralw2k.sys [2560 2006-08-28] (Sonic Solutions)
R3 FA312; C:\Windows\System32\DRIVERS\FA312nd5.sys [16074 2001-08-17] (NETGEAR Corp.)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [16224 2006-12-29] (LogMeIn, Inc.)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [113664 2004-08-12] (Windows ® Server 2003 DDK provider)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows ® Server 2003 DDK provider)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [51120 2004-12-14] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2004-12-14] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21744 2004-12-14] (HP)
R3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [776637 2004-12-01] (Intel Corporation)
S3 mxnic; C:\Windows\System32\DRIVERS\mxnic.sys [19968 2001-08-17] (Macronix International Co., Ltd. )
S3 nm; C:\Windows\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [42000 2007-01-25] (CACE Technologies)
S1 P3; C:\Windows\System32\DRIVERS\p3.sys [42752 2008-04-13] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-09-03] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SASENUM; C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [12872 2010-02-20] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [67664 2011-09-03] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 srescan; C:\Windows\System32\ZoneLabs\srescan.sys [50416 2007-06-11] (Zone Labs, LLC)
R3 SunkFilt; C:\WINDOWS\System32\Drivers\sunkfilt.sys [36804 2004-11-15] (Alcor Micro Corp.)
R1 vsdatant; C:\Windows\System32\vsdatant.sys [395080 2007-09-06] (Zone Labs, LLC)
S4 Abiosdsk; No ImagePath
S4 Atdisk; No ImagePath
S1 Changer; No ImagePath
S1 eeCtrl; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [x]
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
S1 lbrtfdc; No ImagePath
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S1 SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys [x]
S4 Simbad; No ImagePath
S3 wanatw; system32\DRIVERS\wanatw4.sys [x]
S3 WDICA; No ImagePath
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

2100-03-04 12:41 - 2001-05-10 10:36 - 00017020 ____A ( ) C:\Windows\System32\Drivers\Lxarscan.sys
2100-02-23 18:55 - 2001-04-02 16:30 - 00000821 ____A C:\Windows\Lexmark_ICM.ini
2100-02-23 15:35 - 2001-02-22 10:54 - 00000768 ____A C:\Program Files\x73_lut.dat
2100-02-23 14:35 - 2001-02-22 09:54 - 00000768 ____A C:\Windows\x73_lut.dat
2100-02-08 17:03 - 2001-05-11 12:39 - 00053248 ____A (Silitek Corp.) C:\Program Files\ACMonitor_X73.exe
2100-02-08 16:53 - 2001-04-23 15:22 - 00001437 ____A C:\Program Files\gtx73.ini
2100-02-08 15:53 - 2001-04-23 14:22 - 00001437 ____A C:\Windows\GtX73.ini
2013-06-13 19:05 - 2013-06-13 19:05 - 00000000 ____D C:\FRST
2013-06-12 22:40 - 2013-06-13 16:04 - 00000159 ____A C:\Windows\wiadebug.log
2013-06-12 22:40 - 2013-06-13 16:04 - 00000049 ____A C:\Windows\wiaservc.log
2013-06-12 22:40 - 2013-06-12 22:40 - 00000000 ____A C:\Windows\Sti_Trace.log
2013-06-12 22:39 - 2013-06-13 06:33 - 00023826 ____A C:\Windows\SchedLgU.Txt
2013-06-12 22:37 - 2013-06-13 19:00 - 00032087 ____A C:\Windows\WindowsUpdate.log
2013-06-12 07:06 - 2013-06-12 07:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-06 17:36 - 2013-06-13 16:05 - 00000278 ____A C:\Windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
2013-06-03 18:52 - 2013-06-03 23:07 - 00065536 ____A C:\Windows\System32\config\WindowsPowerShell.evt
2013-06-03 18:52 - 2013-06-03 18:52 - 00000000 __HDC C:\Windows\$NtUninstallKB926139-v2$
2013-06-03 18:52 - 2013-06-03 18:52 - 00000000 ____D C:\Windows\System32\windowspowershell
2013-05-28 23:15 - 2013-06-13 16:03 - 00000300 ____A C:\Windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
2013-05-28 23:15 - 2013-06-12 22:55 - 00000308 ____A C:\Windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
2013-05-28 23:14 - 2013-05-28 23:14 - 00000326 ____A C:\Windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
2013-05-16 20:57 - 2013-05-16 22:36 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-15 06:21 - 2013-05-15 06:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-05-15 06:16 - 2013-05-15 06:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$

==================== One Month Modified Files and Folders ========

2013-06-13 19:05 - 2013-06-13 19:05 - 00000000 ____D C:\FRST
2013-06-13 19:00 - 2013-06-12 22:37 - 00032087 ____A C:\Windows\WindowsUpdate.log
2013-06-13 18:48 - 2013-03-16 15:32 - 00000884 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-13 18:31 - 2012-03-29 04:18 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-13 17:01 - 2013-02-24 18:01 - 00000456 ____A C:\Windows\Tasks\At3.job
2013-06-13 16:11 - 2013-03-28 21:56 - 00000364 ___AH C:\Windows\Tasks\avast! Emergency Update.job
2013-06-13 16:05 - 2013-06-06 17:36 - 00000278 ____A C:\Windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
2013-06-13 16:04 - 2013-06-12 22:40 - 00000159 ____A C:\Windows\wiadebug.log
2013-06-13 16:04 - 2013-06-12 22:40 - 00000049 ____A C:\Windows\wiaservc.log
2013-06-13 16:04 - 2005-04-13 12:14 - 00000000 ____D C:\Windows\Registration
2013-06-13 16:03 - 2013-05-28 23:15 - 00000300 ____A C:\Windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
2013-06-13 16:03 - 2013-03-16 15:32 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-13 16:03 - 2012-07-02 18:11 - 00000278 ____A C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
2013-06-13 16:03 - 2005-04-13 12:26 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-13 14:00 - 2013-02-24 18:01 - 00000456 ____A C:\Windows\Tasks\At4.job
2013-06-13 06:33 - 2013-06-12 22:39 - 00023826 ____A C:\Windows\SchedLgU.Txt
2013-06-12 22:55 - 2013-05-28 23:15 - 00000308 ____A C:\Windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
2013-06-12 22:41 - 2013-02-01 10:56 - 00000286 ____A C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
2013-06-12 22:40 - 2013-06-12 22:40 - 00000000 ____A C:\Windows\Sti_Trace.log
2013-06-12 22:37 - 2005-04-13 11:57 - 00000209 _RASH C:\boot.ini
2013-06-12 22:37 - 2005-04-13 11:56 - 00000704 ____A C:\Windows\win.ini
2013-06-12 22:37 - 2005-04-13 11:56 - 00000227 ____A C:\Windows\system.ini
2013-06-12 20:40 - 2013-02-24 18:01 - 00000456 ____A C:\Windows\Tasks\At2.job
2013-06-12 20:14 - 2009-07-04 12:18 - 00000000 ____D C:\Windows\ie8updates
2013-06-12 07:06 - 2013-06-12 07:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-12 07:00 - 2007-10-28 18:31 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-11 21:47 - 2012-03-29 04:18 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-11 21:47 - 2011-05-13 23:31 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-10 00:31 - 2009-04-24 17:42 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-06-08 22:15 - 2009-01-25 00:28 - 00000486 ____A C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2013-06-08 21:03 - 2005-04-13 11:56 - 00001170 ____A C:\Windows\System32\wpa.dbl
2013-06-07 06:47 - 2008-12-03 20:14 - 00000000 __HDC C:\Windows\ie7
2013-06-05 22:46 - 2011-10-13 11:26 - 00000000 __HDC C:\Windows\$NtUninstallKB2567053$
2013-06-03 23:07 - 2013-06-03 18:52 - 00065536 ____A C:\Windows\System32\config\WindowsPowerShell.evt
2013-06-03 23:06 - 2008-03-17 00:44 - 00000000 ____D C:\Windows\Minidump
2013-06-03 19:24 - 2005-04-13 12:13 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-03 18:52 - 2013-06-03 18:52 - 00000000 __HDC C:\Windows\$NtUninstallKB926139-v2$
2013-06-03 18:52 - 2013-06-03 18:52 - 00000000 ____D C:\Windows\System32\windowspowershell
2013-05-28 23:14 - 2013-05-28 23:14 - 00000326 ____A C:\Windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
2013-05-27 10:10 - 2013-02-24 18:01 - 00000456 ____A C:\Windows\Tasks\At1.job
2013-05-25 16:25 - 2006-10-15 18:21 - 00000000 ____D C:\Program Files\Google
2013-05-25 15:45 - 2006-10-15 18:20 - 00000000 ____D C:\Windows\occache
2013-05-25 15:36 - 2006-10-15 18:20 - 00000000 ____D C:\Program Files\Ahead
2013-05-23 22:52 - 2008-11-09 14:34 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-05-18 16:02 - 2005-04-13 12:20 - 00002577 ____A C:\Windows\System32\CONFIG.NT
2013-05-17 20:24 - 2012-05-04 06:41 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-05-17 17:07 - 2008-04-21 01:44 - 06014976 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mshtml.dll
2013-05-17 17:07 - 2005-04-13 11:55 - 06014976 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-16 22:36 - 2013-05-16 20:57 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-16 06:58 - 2006-10-15 18:12 - 00000000 ____D C:\Program Files\Microsoft Works
2013-05-15 18:13 - 2005-04-13 05:07 - 00259048 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-15 06:26 - 2005-04-13 05:08 - 00501526 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-15 06:21 - 2013-05-15 06:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-05-15 06:20 - 2006-10-15 18:34 - 00000000 ___HD C:\Windows\$hf_mig$
2013-05-15 06:16 - 2013-05-15 06:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================


Addition Log:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2013
Ran by Owner at 2013-06-13 19:06:22 Run:
Running from C:\Documents and Settings\Owner\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

1600 (Version: 47.0.1.000)
1600_Help (Version: 47.0.1.000)
1600Trb (Version: 47.0.1.000)
ABBYY FineReader 6.0 Sprint (Version: 6.00.1990.41618)
Acrobat.com (Version: 1.6.65)
Actiontec Gateway
Adobe AIR (Version: 3.7.0.1860)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
AGEIA PhysX v7.07.09 (Version: 7.07.09)
AiO_Scan (Version: 47.0.1.000)
AiOSoftware (Version: 47.0.1.000)
avast! Free Antivirus (Version: 8.0.1489.0)
BatchPurifier (Version: 5.0.0)
BufferChm (Version: 45.4.157.000)
CCleaner (Version: 4.01)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Copy (Version: 45.4.157.000)
Coupon Printer for Windows (Version: 4.0)
Coupon Printer for Windows (Version: 5.0.0.0)
CP_AtenaShokunin1Config (Version: 45.4.131.000)
cp_dwShrek2Albums1 (Version: 45.4.157.000)
cp_dwShrek2Cards1 (Version: 45.4.157.000)
CreativeProjects (Version: 45.4.157.000)
CreativeProjectsTemplates (Version: 45.4.157.000)
Critical Update for Windows Media Player 11 (KB959772)
CueTour (Version: 45.4.157.000)
Destinations (Version: 45.4.157.000)
Digital Media Reader (Version: 1.10)
Director (Version: 45.4.157.000)
DocProc (Version: 4.5.0.0)
DocumentViewer (Version: 45.4.157.000)
Fax (Version: 47.0.1.000)
getPlus®_ocx
Google Chrome (Version: 27.0.1453.110)
Google Update Helper (Version: 1.3.21.145)
HiDownload
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HP Deskjet 3510 series Basic Device Software (Version: 28.0.1315.0)
HP Deskjet 3510 series Help (Version: 28.0.0)
HP Deskjet 3510 series Product Improvement Study (Version: 28.0.1315.0)
HP Image Zone 4.7 (Version: 4.7)
HP Photo Creations (Version: 1.0.0.7702)
HP Product Assistant (Version: 100.000.001.000)
HP Product Assistant (Version: 2.0.0.0)
HP PSC & OfficeJet 4.7
HP Update (Version: 5.003.003.001)
HPSystemDiagnostics (Version: 1.6.0.0)
InstantShare (Version: 45.4.157.000)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Adapters and Drivers
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Java™ 6 Update 33 (Version: 6.0.330)
Lexmark X73
LP_Flash (Version: 1.00.0000)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Picture It! Library 10 (Version: 10.0.0612)
Microsoft Picture It! Premium 10 (Version: 10.0.0612)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.04.0623)
Move Media Player
Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSN Toolbar (Version: 3.0.1203.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Keyboard Driver
Napster Burn Engine (Version: 2.5.0000)
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140)
PanoStandAlone (Version: 45.4.157.000)
Personal Ancestral File 5
PhotoGallery (Version: 45.4.157.000)
Picture Package Music Transfer (Version: 1.0.02.02130)
PowerDVD
ProductContext (Version: 47.0.1.000)
QFolder (Version: 1.00.0000)
QuickConnect (Version: 3.2)
QuickTime (Version: 7.71.80.42)
Qwest eChat Support Tools (Version: 4)
Readme (Version: 47.0.1.000)
RealArcade
RealDownloader (Version: 1.3.1)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
Realtek High Definition Audio Driver
RealUpgrade 1.1 (Version: 1.1.0)
Recovery Software Suite Gateway (Version: 1.00.0000)
Scan (Version: 4.5.0.0)
ScannerCopy (Version: 4.5.0.0)
Segoe UI (Version: 14.0.4327.805)
SkinsHP1 (Version: 45.4.157.000)
SoftV92 Data Fax Modem with SmartCP
Sonic Encoders (Version: 1.00)
Sony Picture Utility (Version: 2.0.05.16060)
Sony USB Driver (Version: 2.00)
SUPERAntiSpyware Free Edition (Version: 4.21.0.1004)
swMSM (Version: 12.0.0.1)
TrayApp (Version: 45.4.157.000)
Unload (Version: 4.5.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB982632) (Version: 1)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
URL Helper
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 45.4.157.000)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB890629
Windows XP Media Center Edition 2005 KB890760
Windows XP Media Center Edition 2005 KB895198
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPcap 4.0 (Version: 4.0.0.755)
Yahtzee Download Edition
ZoneAlarm (Version: 7.0.408.000)

==================== Restore Points =========================

16-03-2013 18:42:27 System Checkpoint
18-03-2013 09:12:20 System Checkpoint
19-03-2013 21:26:08 System Checkpoint
20-03-2013 04:21:34 Software Distribution Service 3.0
22-03-2013 19:43:45 System Checkpoint
23-03-2013 23:40:45 System Checkpoint
27-03-2013 01:47:43 System Checkpoint
28-03-2013 11:43:18 System Checkpoint
29-03-2013 02:08:36 avast! Free Antivirus Setup
29-03-2013 02:54:40 avast! Free Antivirus Setup
06-04-2013 01:29:44 Installed BatchPurifier
07-04-2013 23:08:40 Installed Java 7 Update 17
09-04-2013 06:58:55 System Checkpoint
10-04-2013 23:04:31 System Checkpoint
11-04-2013 02:49:41 Software Distribution Service 3.0
13-04-2013 14:42:17 System Checkpoint
15-04-2013 14:13:15 System Checkpoint
16-04-2013 19:52:51 System Checkpoint
18-04-2013 22:44:06 System Checkpoint
20-04-2013 03:45:13 Installed Java 7 Update 21
20-04-2013 05:31:37 Removed Java 7 Update 17
20-04-2013 05:32:57 Installed Java 7 Update 21
23-04-2013 11:35:05 System Checkpoint
24-04-2013 15:29:40 System Checkpoint
28-04-2013 06:38:24 System Checkpoint
29-04-2013 09:49:16 System Checkpoint
01-05-2013 01:03:26 System Checkpoint
03-05-2013 20:49:13 System Checkpoint
06-05-2013 06:40:47 System Checkpoint
08-05-2013 09:59:11 System Checkpoint
11-05-2013 16:02:34 System Checkpoint
13-05-2013 11:27:03 System Checkpoint
14-05-2013 22:05:57 Installed Microsoft Fix it 50126
15-05-2013 11:14:20 Software Distribution Service 3.0
16-05-2013 12:13:42 System Checkpoint
18-05-2013 17:46:38 System Checkpoint
19-05-2013 18:03:50 System Checkpoint
22-05-2013 12:07:26 System Checkpoint
24-05-2013 05:23:48 System Checkpoint
25-05-2013 20:25:52 Removed Apple Software Update
25-05-2013 20:26:36 Removed Apple Application Support
28-05-2013 20:08:28 System Checkpoint
29-05-2013 23:57:46 System Checkpoint
31-05-2013 13:26:43 System Checkpoint
03-06-2013 23:52:13 Installed %1 %2.
05-06-2013 07:20:05 System Checkpoint
09-06-2013 10:17:37 System Checkpoint
12-06-2013 11:59:34 Software Distribution Service 3.0
13-06-2013 01:12:35 Software Distribution Service 3.0

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2013 04:14:53 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 21.0.0.4879, faulting module mozalloc.dll, version 21.0.0.4879, fault address 0x00001988.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (06/09/2013 04:14:43 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 21.0.0.4879, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (06/03/2013 06:55:07 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/21/2013 07:17:27 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 21.0.0.4879, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/21/2013 07:17:26 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 21.0.0.4879, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/18/2013 11:48:59 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 21.0.0.4879, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/17/2013 02:05:02 AM) (Source: Application Hang) (User: )
Description: Hanging application AvastUI.exe, version 8.0.1483.72, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/16/2013 06:59:28 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 20.0.1.4847, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/15/2013 10:31:15 PM) (Source: Application Error) (User: )
Description: Faulting application msimn.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x6034a064.
Processing media-specific event for [msimn.exe!ws!]

Error: (05/14/2013 04:58:31 PM) (Source: MsiInstaller) (User: YOUR-9D5EC51C2A)
Description: Product: HP Deskjet 3510 series Basic Device Software -- A newer version of HP Deskjet 3510 series Basic Device Software is already installed on your system.


System errors:
=============
Error: (06/13/2013 04:04:14 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eeCtrl
Lbd
SBRE

Error: (06/13/2013 00:06:06 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eeCtrl
Lbd
SBRE

Error: (06/12/2013 10:40:06 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eeCtrl
Lbd
SBRE

Error: (06/12/2013 10:37:16 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/12/2013 10:36:56 PM) (Source: DCOM) (User: YOUR-9D5EC51C2A)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (06/12/2013 09:13:09 PM) (Source: DCOM) (User: YOUR-9D5EC51C2A)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (06/12/2013 09:13:09 PM) (Source: DCOM) (User: YOUR-9D5EC51C2A)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (06/12/2013 09:11:42 PM) (Source: DCOM) (User: YOUR-9D5EC51C2A)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (06/12/2013 09:08:28 PM) (Source: DCOM) (User: YOUR-9D5EC51C2A)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (06/12/2013 08:58:42 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
AswRdr
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
eeCtrl
Fips
intelppm
IPSec
Lbd
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
SASDIFSV
SASKUTIL
SBRE
Tcpip
vsdatant


Microsoft Office Sessions:
=========================
Error: (06/09/2013 04:14:53 PM) (Source: Application Error)(User: )
Description: plugin-container.exe21.0.0.4879mozalloc.dll21.0.0.487900001988

Error: (06/09/2013 04:14:43 PM) (Source: Application Hang)(User: )
Description: firefox.exe21.0.0.4879hungapp0.0.0.000000000

Error: (06/03/2013 06:55:07 PM) (Source: crypt32)(User: )
Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/21/2013 07:17:27 PM) (Source: Application Hang)(User: )
Description: firefox.exe21.0.0.4879hungapp0.0.0.000000000

Error: (05/21/2013 07:17:26 PM) (Source: Application Hang)(User: )
Description: firefox.exe21.0.0.4879hungapp0.0.0.000000000

Error: (05/18/2013 11:48:59 PM) (Source: Application Hang)(User: )
Description: firefox.exe21.0.0.4879hungapp0.0.0.000000000

Error: (05/17/2013 02:05:02 AM) (Source: Application Hang)(User: )
Description: AvastUI.exe8.0.1483.72hungapp0.0.0.000000000

Error: (05/16/2013 06:59:28 PM) (Source: Application Hang)(User: )
Description: firefox.exe20.0.1.4847hungapp0.0.0.000000000

Error: (05/15/2013 10:31:15 PM) (Source: Application Error)(User: )
Description: msimn.exe6.0.2900.5512unknown0.0.0.06034a064

Error: (05/14/2013 04:58:31 PM) (Source: MsiInstaller)(User: YOUR-9D5EC51C2A)
Description: Product: HP Deskjet 3510 series Basic Device Software -- A newer version of HP Deskjet 3510 series Basic Device Software is already installed on your system.(NULL)(NULL)(NULL)


==================== Memory info ===========================

Percentage of memory in use: 74%
Total physical RAM: 501.77 MB
Available physical RAM: 127.93 MB
Total Pagefile: 1979.51 MB
Available Pagefile: 1510.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1954.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:228.64 GB) (Free:181.99 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:4.23 GB) (Free:0.79 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 38EF9D17)
Partition 1: (Active) - (Size=229 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================
  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

  • Double click on ComboFix.exe & follow the prompts.
  • If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#5
stman01

stman01

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
I had turned off Avast to let combofix run. Now when I try to turn it back on after the log posted, I'm unable to fully turn it back on. It says the "Web Shield" is turned off and won't allow me to turn it back on. Any ideas on that?

Here is the combofix log:

ComboFix 13-06-13.01 - Owner 06/13/2013 21:59:54.13.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.164 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\WINDOWS
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\SPL56.tmp
c:\documents and settings\All Users\SPLA.tmp
c:\documents and settings\All Users\SPLD.tmp
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\Owner\WINDOWS
c:\program files\avgantivirus75free_488a1138.exe
c:\windows\COUPon~1.ocx
c:\windows\system32\config\systemprofile\WINDOWS
.
.
((((((((((((((((((((((((( Files Created from 2013-05-14 to 2013-06-14 )))))))))))))))))))))))))))))))
.
.
2100-03-04 17:41 . 2001-05-10 15:36 17020 ----a-w- c:\windows\system32\drivers\Lxarscan.sys
2100-02-08 22:03 . 2001-05-11 17:39 53248 ----a-w- c:\program files\ACMonitor_X73.exe
2013-06-14 00:05 . 2013-06-14 00:05 -------- d-----w- C:\FRST
2013-06-06 00:17 . 2013-06-06 00:17 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2013-06-03 23:55 . 2013-06-03 23:55 -------- d-----w- c:\documents and settings\Owner\Application Data\ElevatedDiagnostics
2013-05-25 20:59 . 2013-05-25 20:59 -------- d-----w- c:\documents and settings\Owner\Application Data\CyberLink
2013-05-25 20:33 . 2013-05-25 20:33 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Ahead
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 02:47 . 2012-03-29 09:18 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-12 02:47 . 2011-05-14 04:31 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-09 08:59 . 2013-03-29 02:56 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2013-03-29 02:56 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2013-03-29 02:56 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-03-29 02:56 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-29 02:56 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-03-29 02:56 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-09 08:59 . 2013-03-29 02:56 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:59 . 2013-03-29 02:56 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:58 . 2013-03-29 02:55 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2011-12-01 04:06 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-07 22:30 . 2005-04-13 16:56 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:30 . 2005-04-13 16:55 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-07 22:30 . 2005-04-13 16:55 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53 . 2005-04-13 16:55 385024 ----a-w- c:\windows\system32\html.iec
2013-05-03 01:30 . 2005-04-13 16:55 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 00:38 . 2004-08-04 05:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-20 05:33 . 2013-04-20 05:33 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-20 05:33 . 2013-01-15 05:13 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-04-20 05:33 . 2012-08-11 22:23 866720 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-04-20 05:33 . 2010-04-18 21:15 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-11 00:08 . 2003-03-19 12:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-04-11 00:08 . 2003-02-21 18:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-04-10 01:31 . 2005-04-13 16:56 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 19:50 . 2012-07-08 18:07 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2008-08-10 19:32 . 2008-08-10 19:32 2228534 ----a-w- c:\program files\audacity-win-1.2.6.exe
2007-10-04 02:48 . 2007-10-04 02:47 2614072 ----a-w- c:\program files\ccleanersetup200.exe
2007-10-04 02:22 . 2007-10-04 02:22 210416 ----a-w- c:\program files\zonealarmSetup_en.exe
2007-10-03 04:39 . 2007-10-03 04:39 436360 ----a-w- c:\program files\msgr8us.exe
2007-10-03 02:34 . 2007-10-03 02:33 18895728 ----a-w- c:\program files\Install_Messenger.exe
2001-05-08 22:36 . 2000-12-05 21:56 114688 ----a-w- c:\program files\lxarscan.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-09-06 919016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-03 113024]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Picture Motion Browser Media Check Tool.lnk]
path=c:\documents and settings\Owner\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk
backup=c:\windows\pss\Picture Motion Browser Media Check Tool.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2004-05-18 01:30 543232 ----a-w- c:\windows\zHotkey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 20:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-03 03:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2004-10-21 22:20 77824 ----a-w- c:\windows\SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunKistEM]
2004-11-15 22:04 135168 ----a-w- c:\program files\Digital Media Reader\shwiconEM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-10-19 02:05 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Abbyy FineReader 6.0 Sprint\\Scan\\ScanMan6.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Qwest\\QuickConnect\\QuickConnect.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3/28/2013 9:56 PM 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3/28/2013 9:56 PM 174664]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [3/28/2013 9:56 PM 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3/28/2013 9:56 PM 368944]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [9/3/2008 3:07 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [9/3/2008 3:07 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [7/5/2010 2:12 PM 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3/28/2013 9:56 PM 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3/28/2013 9:56 PM 66336]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [3/6/2013 2:21 AM 39056]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [1/1/2009 5:58 PM 47360]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1/25/2007 12:31 PM 42000]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [9/3/2008 3:07 PM 12872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 23:04 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 02:47]
.
2013-05-27 c:\windows\Tasks\At1.job
- c:\program files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17 10:15]
.
2013-06-14 c:\windows\Tasks\At2.job
- c:\program files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17 10:15]
.
2013-06-13 c:\windows\Tasks\At3.job
- c:\program files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17 10:15]
.
2013-06-13 c:\windows\Tasks\At4.job
- c:\program files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17 10:15]
.
2013-06-13 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-03-29 08:58]
.
2013-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-16 20:31]
.
2013-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-16 20:31]
.
2006-10-15 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2005-04-13 00:12]
.
2006-10-15 c:\windows\Tasks\ISP signup reminder 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2005-04-13 00:12]
.
2006-10-15 c:\windows\Tasks\ISP signup reminder 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2005-04-13 00:12]
.
2013-05-29 c:\windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
- c:\program files\RealNetworks\RealDownloader\recordingmanager.exe [2013-03-06 07:23]
.
2013-06-13 c:\windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06 07:21]
.
2013-06-13 c:\windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06 07:21]
.
2013-06-13 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
2013-06-13 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
2013-06-13 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
2013-02-01 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: Download All Files by HiDownload - c:\program files\StreamingStar\HiDownload\HDGetAll.htm
IE: Download by HiDownload - c:\program files\StreamingStar\HiDownload\HDGet.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\9nhoziaq.default\
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - ExtSQL: !HIDDEN! 2009-09-02 00:52; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
HKLM_ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-13 22:11
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2013-06-13 22:15:15
ComboFix-quarantined-files.txt 2013-06-14 03:15
ComboFix2.txt 2010-09-09 22:56
.
Pre-Run: 195,098,107,904 bytes free
Post-Run: 195,451,674,624 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 257B62C5BB3F608188B8639046FFBEC1
B20939CD98B7710036274839082AE757
  • 0

#6
stman01

stman01

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Nevermind on the Avast question. A restart solved that problem.
  • 0

#7
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Any ideas on that?


Most likely related to running of ComboFix when it disconnected from the internet to run.

Should fix itself with a reboot. Tell me if it persists.

For now

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

  • 0

#8
stman01

stman01

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Yeah, the restart had fixed that. Thanks.

Here's the JRT log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Microsoft Windows XP x86
Ran by Owner on Sat 06/15/2013 at 12:39:22.69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{03f998b2-0e00-11d3-a498-00104b6eb52e}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{1b00725b-c455-4de6-bfb6-ad540ad427cd}



~~~ Files

Successfully deleted: [File] C:\WINDOWS\tasks\ISP signup reminder 1.job
Successfully deleted: [File] C:\WINDOWS\tasks\ISP signup reminder 2.job
Successfully deleted: [File] C:\WINDOWS\tasks\ISP signup reminder 3.job
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npmozcouponprinter.dll"
Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\viewpoint"
Successfully deleted: [Folder] "C:\Documents and Settings\Owner\Application Data\viewpoint"
Successfully deleted: [Folder] "C:\Program Files\bigfix"
Successfully deleted: [Folder] "C:\Program Files\coupons"



~~~ FireFox

Successfully deleted: [Folder] C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\9nhoziaq.default\conduitcommon
Successfully deleted: [Folder] C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\9nhoziaq.default\smartbar
Successfully deleted the following from C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\9nhoziaq.default\prefs.js

user_pref("128946839744350689_Context", "{\"appId\":\"128946839744350689\",\"context\":\"popup\",\"windowId\":\"1\",\"viewId\":\"1\",\"frameTitle\":\"\",\"icon\":\"hxxp://stor
user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT206419");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/45342/44819/US", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT206419", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-US", "wVmmvqqOMqrv5xct1cJIHg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-US", "0uSPYx+Kl2jpu8sJZMeHjw==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-US", "Dclc8oo4TTv7+mAkSlUSWg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-US", "K4Vqu91uAzWURlxJRdXJOg==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.0.12", "\"8028f138140cc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"0ee90707f77cc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"0ee90707f77cc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.0.8", "\"6a637346d78ccc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT206419", "\"189bc05ed9753368aadfb2b80f08021d\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT206419&octid=CT206419", "\"1320116273\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT206419/CT206419", "\"1311168868\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-US", "\"dfcd977b3de16cbbb14789dbe1cbbc9f\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/18479513.xml", "\"168935c1207d8dbc48c843485f38a70a\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/39397148.xml", "\"182672a7aac49f2bddc280e844cdf562\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/53196281.xml", "\"f00c7e0f9bbf35d5a50b5ba4a7789d48\"");
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Owner\\Application Data\\Mozilla\\Firefox\\Profiles\\9nhoziaq.default\\conduitCommon\\modules
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
user_pref("CommunityToolbar.ToolbarsList", "CT206419");
user_pref("CommunityToolbar.ToolbarsList2", "CT206419");
user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Apr 05 2011 17:44:14 GMT-0500 (Central Daylight Time)");
user_pref("CommunityToolbar.alert.alertEnabled", false);
user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Apr 05 2011 17:44:24 GMT-0500 (Central Daylight Time)");
user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jun 27 2011 23:20:44 GMT-0500 (Central Daylight Time)");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "435d3894-301e-4fac-81bf-71218c0c4f60");
user_pref("CommunityToolbar.globalUserId", "e72317db-e52c-4ff0-9ed1-b7e1e253cc42");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Nov 24 2011 18:10:03 GMT-0600 (Central Standard Time)");
user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Nov 30 2011 00:19:43 GMT-0600 (Central Standard Time)");
user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Nov 30 2011 00:19:19 GMT-0600 (Central Standard Time)");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "a32a2dba-d513-43d1-af55-65143c748698");
user_pref("CommunityToolbar.twitter.user_18479513.LastCheckTime", "Wed Nov 30 2011 17:07:41 GMT-0600 (Central Standard Time)");
user_pref("CommunityToolbar.twitter.user_39397148.LastCheckTime", "Wed Nov 30 2011 17:07:41 GMT-0600 (Central Standard Time)");
user_pref("CommunityToolbar.twitter.user_53196281.LastCheckTime", "Wed Nov 30 2011 17:07:41 GMT-0600 (Central Standard Time)");





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 06/15/2013 at 12:44:15.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#9
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello stman01,

  • Close all windows and open OTL again.
  • Click Run Scan and let the program run uninterrupted
  • It will produce a log for you. Post the log here.
Note: If the log doesn't appear where you saved OTL when you downloaded it, then a copy of the OTL log is saved in a text file at C:\_OTL\MovedFiles.
  • 0

#10
stman01

stman01

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
New OTL Log:

OTL logfile created on: 6/16/2013 8:34:37 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop\OTL
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

501.77 Mb Total Physical Memory | 222.40 Mb Available Physical Memory | 44.32% Memory free
1.93 Gb Paging File | 1.45 Gb Available in Paging File | 74.91% Paging File free
Paging file location(s): C:\pagefile.sys 1512 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.64 Gb Total Space | 182.65 Gb Free Space | 79.89% Space Free | Partition Type: NTFS
Drive D: | 4.23 Gb Total Space | 0.79 Gb Free Space | 18.75% Space Free | Partition Type: FAT32

Computer Name: YOUR-9D5EC51C2A | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/08 21:34:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL\OTL.exe
PRC - [2013/05/23 22:52:52 | 004,760,816 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2013/05/09 03:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/04/20 00:33:23 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/09/20 18:24:00 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/06 16:14:18 | 000,919,016 | ---- | M] (Zone Labs, LLC) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2007/09/06 16:14:18 | 000,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2006/10/15 18:28:28 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS


========== Modules (No Company Name) ==========

MOD - [2013/06/16 02:25:16 | 002,088,960 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13061600\algo.dll
MOD - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2013/01/02 01:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/06 16:15:50 | 000,194,032 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\lib\pyd\zpui.pyd
MOD - [2007/09/06 16:15:50 | 000,046,576 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\lib\pyd\_socket.pyd
MOD - [2007/09/06 16:15:50 | 000,026,096 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\lib\pyd\signedDll.pyd
MOD - [2007/09/06 16:15:48 | 000,144,880 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyexpat.pyd
MOD - [2007/09/06 16:15:48 | 000,026,096 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyvsinit.pyd
MOD - [2007/09/06 16:13:58 | 000,796,048 | ---- | M] () -- C:\WINDOWS\system32\libeay32_0.9.6l.dll
MOD - [2007/05/31 21:06:42 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\LXDKPMON.DLL
MOD - [2007/04/09 05:59:30 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\lxdkoem.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/06/11 21:47:36 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/16 20:57:33 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/04/20 00:33:23 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/09/20 18:24:00 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2007/09/06 16:14:18 | 000,075,304 | ---- | M] (Zone Labs, LLC) [Auto | Running] -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2007/01/25 12:31:34 | 000,093,048 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/10/15 18:28:28 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/05/09 03:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/05/09 03:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/05/09 03:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 03:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 03:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 03:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 03:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/05/09 03:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/03 12:31:32 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/09/03 12:31:31 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/20 11:05:40 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/09/06 16:14:28 | 000,395,080 | ---- | M] (Zone Labs, LLC) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/06/11 12:44:10 | 000,050,416 | ---- | M] (Zone Labs, LLC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2007/01/25 12:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2006/12/29 18:18:55 | 000,016,224 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2006/08/28 22:48:26 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/08/28 22:48:26 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2004/11/15 19:41:54 | 000,036,804 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2004/10/27 20:24:00 | 002,297,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2004/08/12 19:45:52 | 000,113,664 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/06/17 17:56:22 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/06/17 17:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 17:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2001/08/17 15:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)
DRV - [2001/08/17 14:12:32 | 000,016,074 | ---- | M] (NETGEAR Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FA312nd5.sys -- (FA312)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{59163DEA-F164-4D6A-8846-A42D3074A892}: "URL" = http://www.google.co...ie7&rlz=1I7GWYA
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/03 14:36:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/03 14:36:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/18 16:02:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/04/10 19:10:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/15 12:40:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Owner\Application Data\Move Networks [2010/03/31 16:07:09 | 000,000,000 | ---D | M]

[2010/11/02 00:19:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2013/04/06 20:25:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9nhoziaq.default\extensions
[2010/11/11 21:23:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9nhoziaq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/30 20:41:01 | 000,000,000 | ---D | M] (Minnesota Twins Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9nhoziaq.default\extensions\{b3c32be9-27de-4c75-8878-b4ec7247bbcc}(2)
[2012/12/07 18:49:21 | 000,149,045 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9nhoziaq.default\extensions\[email protected]
[2013/05/16 20:57:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/05/16 20:57:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/05/16 20:57:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/16 20:57:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/04/10 19:10:09 | 000,000,000 | ---D | M] (RealDownloader) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2010/03/31 16:07:09 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOVE NETWORKS
[2013/05/18 16:02:06 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013/04/10 19:08:25 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

========== Chrome ==========

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

O1 HOSTS File: ([2013/06/13 22:11:08 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_7_700_202_Plugin.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download All Files by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGetAll.htm ()
O8 - Extra context menu item: Download by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGet.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_33.dll (Sun Microsystems, Inc.)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1369515927640 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com...obat/nos/gp.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{657AC6C3-D9B5-47E3-880B-54F0DEB28E32}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 () -
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/04/13 12:20:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2100/02/08 17:03:54 | 000,053,248 | ---- | C] (Silitek Corp.) -- C:\Program Files\ACMonitor_X73.exe
[2013/06/15 14:51:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\JRT
[2013/06/15 12:39:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/06/15 12:38:55 | 000,000,000 | ---D | C] -- C:\JRT
[2013/06/13 21:49:15 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/06/13 21:26:07 | 005,080,197 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/06/13 19:09:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\FRST
[2013/06/13 19:05:22 | 000,000,000 | ---D | C] -- C:\FRST
[2013/06/08 22:04:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\OTL
[2013/06/03 18:55:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\ElevatedDiagnostics
[2013/06/03 18:52:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2013/06/03 18:52:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2013/05/25 15:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\CyberLink
[2013/05/25 15:33:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Ahead
[2009/01/01 17:58:23 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Owner\Application Data\pcouffin.sys
[2007/10/03 21:47:43 | 002,614,072 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccleanersetup200.exe
[2007/10/03 21:22:00 | 000,210,416 | ---- | C] (Check Point Software Technologies LTD) -- C:\Program Files\zonealarmSetup_en.exe
[2007/10/02 23:39:24 | 000,436,360 | ---- | C] (Yahoo! Inc.) -- C:\Program Files\msgr8us.exe
[2007/10/02 21:33:55 | 018,895,728 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Install_Messenger.exe

========== Files - Modified Within 30 Days ==========

[2013/06/16 08:31:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/16 07:48:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/16 04:02:04 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/06/15 21:48:02 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/15 21:39:08 | 000,029,721 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\grantjune152013.jpg
[2013/06/15 21:35:56 | 000,026,820 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\jillandgrantjune152013firstparade.jpg
[2013/06/15 20:40:07 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2013/06/15 17:01:06 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2013/06/15 14:00:05 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2013/06/15 11:32:46 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/06/15 11:32:46 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/06/15 11:31:28 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/06/15 11:31:28 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/06/15 11:31:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/15 11:31:16 | 526,217,216 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/15 00:52:28 | 000,096,050 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\grantjune132013.jpg
[2013/06/15 00:51:50 | 000,122,140 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\audreyandgrantjune132013.jpg
[2013/06/14 23:28:54 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/13 22:11:08 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/06/13 21:49:20 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2013/06/13 21:34:15 | 005,080,197 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/06/12 22:55:15 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/06/12 22:37:09 | 000,000,209 | ---- | M] () -- C:\Boot.bak
[2013/06/11 21:47:03 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/11 21:47:03 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/08 23:12:08 | 000,027,838 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\audreyandhernewfriendjune82013.jpg
[2013/06/08 23:10:34 | 000,127,979 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\audreyjune82013.jpg
[2013/06/08 23:05:14 | 000,085,191 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\georgejrjune82013.jpg
[2013/06/03 14:32:07 | 000,095,000 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\audreylaurajune32013.jpg
[2013/05/30 12:22:24 | 000,073,498 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\audreypreschoolgraduatemay2013.jpg
[2013/05/30 12:21:59 | 000,076,279 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\grantlauraaudreymay2013.jpg
[2013/05/28 23:14:37 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/05/28 18:27:48 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Microsoft Word.lnk
[2013/05/27 10:10:44 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013/05/18 16:02:12 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/05/17 17:07:22 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

========== Files Created - No Company Name ==========

[2100/03/04 12:41:14 | 000,017,020 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\Lxarscan.sys
[2100/02/23 18:55:50 | 000,000,821 | ---- | C] () -- C:\WINDOWS\Lexmark_ICM.ini
[2100/02/23 15:35:34 | 000,000,768 | ---- | C] () -- C:\Program Files\x73_lut.dat
[2100/02/23 14:35:34 | 000,000,768 | ---- | C] () -- C:\WINDOWS\x73_lut.dat
[2100/02/08 16:53:34 | 000,001,437 | ---- | C] () -- C:\Program Files\gtx73.ini
[2100/02/08 15:53:34 | 000,001,437 | ---- | C] () -- C:\WINDOWS\GtX73.ini
[2013/06/15 21:39:07 | 000,029,721 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\grantjune152013.jpg
[2013/06/15 21:35:49 | 000,026,820 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\jillandgrantjune152013firstparade.jpg
[2013/06/15 00:52:21 | 000,096,050 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\grantjune132013.jpg
[2013/06/15 00:51:44 | 000,122,140 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\audreyandgrantjune132013.jpg
[2013/06/13 21:38:45 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/06/12 22:39:45 | 526,217,216 | -HS- | C] () -- C:\hiberfil.sys
[2013/06/08 23:12:07 | 000,027,838 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\audreyandhernewfriendjune82013.jpg
[2013/06/08 23:10:32 | 000,127,979 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\audreyjune82013.jpg
[2013/06/08 23:05:11 | 000,085,191 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\georgejrjune82013.jpg
[2013/06/06 17:36:11 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/06/03 14:32:03 | 000,095,000 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\audreylaurajune32013.jpg
[2013/05/30 12:22:23 | 000,073,498 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\audreypreschoolgraduatemay2013.jpg
[2013/05/30 12:21:49 | 000,076,279 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\grantlauraaudreymay2013.jpg
[2013/05/28 23:15:05 | 000,000,300 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/05/28 23:15:02 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/05/28 23:14:35 | 000,000,326 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-574775470-2624272202-834924611-1006.job
[2013/03/28 21:56:10 | 000,174,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/28 21:56:09 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012/12/02 17:48:10 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini
[2012/02/15 21:33:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/07/10 18:39:15 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/07/10 18:39:15 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2009/01/01 17:58:24 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\ezpinst.exe
[2009/01/01 17:58:24 | 000,007,176 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.cat
[2009/01/01 17:58:23 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.inf
[2008/08/10 14:32:23 | 002,228,534 | ---- | C] ( ) -- C:\Program Files\audacity-win-1.2.6.exe
[2008/03/07 00:22:07 | 000,032,631 | ---- | C] () -- C:\Documents and Settings\All Users\lxdk
[2006/12/28 18:05:35 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2006/12/16 12:56:59 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2006/10/15 18:50:56 | 000,064,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2001/05/09 17:38:20 | 000,008,152 | ---- | C] () -- C:\Program Files\OsloD3066.usb
[2000/12/05 16:56:34 | 000,114,688 | ---- | C] () -- C:\Program Files\lxarscan.dll
[2000/01/11 13:50:48 | 000,000,046 | ---- | C] () -- C:\Program Files\ACMonitor_X73.ini

========== ZeroAccess Check ==========

[2005/04/13 12:15:37 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/08/20 00:30:51 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
  • 0

Advertisements


#11
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello again stman01,

You have used Malwarebytes before. If you still have it on your machine please update and run. Post the scan report back here.

If you no-longer have Malwarebytes please download from Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

After that

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt.
  • Copy and paste that log as a reply to this topic and tell me how your machine is now.

  • 0

#12
stman01

stman01

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
It still is running slow as it was. I didn't locate a log file under Program Files-ESET Online Scanner. I checked before I hit that "uninstall" box, but there was nothing there. I did copy the deleted files it found, but that's all that showed up for me.

Malaware hasn't shown anything for a few days now. Here's the log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.16.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: YOUR-9D5EC51C2A [administrator]

6/16/2013 4:29:55 PM
mbam-log-2013-06-16 (16-29-55).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 318183
Time elapsed: 52 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Here are the files that ESET deleted:

C:\Documents and Settings\Owner\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\stubinst_pkg_en-us.cab Win32/OpenCandy application deleted - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\driverrobot_setup(2).exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\driverrobot_setup.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\System Volume Information\_restore{4653E8F8-6519-4964-B7BD-828D96FBCC0E}\RP903\A0605105.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined
  • 0

#13
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

It still is running slow as it was.


Hmm... let's check a couple of things.

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Put a checkmark beside loaded modules.

    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    Posted Image

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
After that

Please download Security Check by screen317 from here .

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
So when you return please post
  • TDSSKiller log
  • checkup.txt

  • 0

#14
stman01

stman01

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
TDSS found nothing to cure, just 14 in the "skip" category. Two logs showed up in my C: drive, one small and one long. I'll post both, just in case.

short TDSS log:
22:01:22.0687 2072 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:01:24.0718 2072 ============================================================
22:01:24.0718 2072 Current date / time: 2013/06/16 22:01:24.0718
22:01:24.0718 2072 SystemInfo:
22:01:24.0718 2072
22:01:24.0718 2072 OS Version: 5.1.2600 ServicePack: 3.0
22:01:24.0718 2072 Product type: Workstation
22:01:24.0718 2072 ComputerName: YOUR-9D5EC51C2A
22:01:24.0718 2072 UserName: Owner
22:01:24.0718 2072 Windows directory: C:\WINDOWS
22:01:24.0718 2072 System windows directory: C:\WINDOWS
22:01:24.0718 2072 Processor architecture: Intel x86
22:01:24.0718 2072 Number of processors: 2
22:01:24.0718 2072 Page size: 0x1000
22:01:24.0718 2072 Boot type: Normal boot
22:01:24.0718 2072 ============================================================
22:01:26.0593 2072 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:01:26.0812 2072 ============================================================
22:01:26.0828 2072 \Device\Harddisk0\DR0:
22:01:26.0828 2072 MBR partitions:
22:01:26.0828 2072 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x878EE9, BlocksNum 0x1C9477D7
22:01:26.0828 2072 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x878EAA
22:01:26.0828 2072 ============================================================
22:01:26.0906 2072 C: <-> \Device\Harddisk0\DR0\Partition1
22:01:26.0921 2072 D: <-> \Device\Harddisk0\DR0\Partition2
22:01:26.0921 2072 ============================================================
22:01:26.0921 2072 Initialize success
22:01:26.0921 2072 ============================================================
22:01:41.0640 2176 Deinitialize success


Long TDSS log:

22:09:22.0781 3900 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:09:23.0125 3900 ============================================================
22:09:23.0125 3900 Current date / time: 2013/06/16 22:09:23.0125
22:09:23.0125 3900 SystemInfo:
22:09:23.0125 3900
22:09:23.0125 3900 OS Version: 5.1.2600 ServicePack: 3.0
22:09:23.0125 3900 Product type: Workstation
22:09:23.0125 3900 ComputerName: YOUR-9D5EC51C2A
22:09:23.0125 3900 UserName: Owner
22:09:23.0125 3900 Windows directory: C:\WINDOWS
22:09:23.0125 3900 System windows directory: C:\WINDOWS
22:09:23.0125 3900 Processor architecture: Intel x86
22:09:23.0125 3900 Number of processors: 2
22:09:23.0125 3900 Page size: 0x1000
22:09:23.0125 3900 Boot type: Normal boot
22:09:23.0125 3900 ============================================================
22:09:25.0359 3900 BG loaded
22:09:26.0000 3900 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:09:26.0203 3900 ============================================================
22:09:26.0203 3900 \Device\Harddisk0\DR0:
22:09:26.0203 3900 MBR partitions:
22:09:26.0203 3900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x878EE9, BlocksNum 0x1C9477D7
22:09:26.0203 3900 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x878EAA
22:09:26.0203 3900 ============================================================
22:09:26.0234 3900 C: <-> \Device\Harddisk0\DR0\Partition1
22:09:26.0250 3900 D: <-> \Device\Harddisk0\DR0\Partition2
22:09:26.0281 3900 ============================================================
22:09:26.0281 3900 Initialize success
22:09:26.0281 3900 ============================================================
22:11:20.0359 2144 ============================================================
22:11:20.0359 2144 Scan started
22:11:20.0359 2144 Mode: Manual; SigCheck; TDLFS;
22:11:20.0359 2144 ============================================================
22:11:21.0312 2144 ================ Scan system memory ========================
22:11:21.0328 2144 System memory - ok
22:11:21.0328 2144 ================ Scan services =============================
22:11:21.0406 2144 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:11:21.0734 2144 !SASCORE ( UnsignedFile.Multi.Generic ) - warning
22:11:21.0734 2144 !SASCORE - detected UnsignedFile.Multi.Generic (1)
22:11:21.0875 2144 Abiosdsk - ok
22:11:21.0890 2144 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:11:22.0671 2144 abp480n5 - ok
22:11:22.0718 2144 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:11:22.0906 2144 ACPI - ok
22:11:22.0937 2144 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
22:11:23.0093 2144 ACPIEC - ok
22:11:23.0156 2144 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:11:23.0203 2144 AdobeFlashPlayerUpdateSvc - ok
22:11:23.0218 2144 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:11:23.0375 2144 adpu160m - ok
22:11:23.0406 2144 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:11:23.0562 2144 aec - ok
22:11:23.0593 2144 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:11:23.0656 2144 AFD - ok
22:11:23.0671 2144 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
22:11:23.0843 2144 agp440 - ok
22:11:23.0843 2144 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:11:23.0984 2144 agpCPQ - ok
22:11:24.0000 2144 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:11:24.0062 2144 Aha154x - ok
22:11:24.0109 2144 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:11:24.0265 2144 aic78u2 - ok
22:11:24.0265 2144 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:11:24.0421 2144 aic78xx - ok
22:11:24.0437 2144 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:11:24.0625 2144 Alerter - ok
22:11:24.0656 2144 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
22:11:24.0734 2144 ALG - ok
22:11:24.0750 2144 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
22:11:24.0890 2144 AliIde - ok
22:11:24.0890 2144 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:11:25.0031 2144 alim1541 - ok
22:11:25.0046 2144 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:11:25.0187 2144 amdagp - ok
22:11:25.0187 2144 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
22:11:25.0281 2144 amsint - ok
22:11:25.0296 2144 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
22:11:25.0390 2144 AppMgmt - ok
22:11:25.0437 2144 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:11:25.0578 2144 Arp1394 - ok
22:11:25.0593 2144 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
22:11:25.0718 2144 asc - ok
22:11:25.0765 2144 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:11:25.0953 2144 asc3350p - ok
22:11:25.0968 2144 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:11:26.0109 2144 asc3550 - ok
22:11:26.0203 2144 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:11:26.0265 2144 aspnet_state - ok
22:11:26.0265 2144 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
22:11:26.0468 2144 aswFsBlk - ok
22:11:26.0484 2144 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
22:11:26.0500 2144 aswMonFlt - ok
22:11:26.0531 2144 [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
22:11:26.0562 2144 AswRdr - ok
22:11:26.0562 2144 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
22:11:26.0578 2144 aswRvrt - ok
22:11:26.0625 2144 [ 6CAB0A5991C5C0FC63F5E66593E71D7E ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
22:11:26.0687 2144 aswSnx - ok
22:11:26.0718 2144 [ 99102F60F344BEBAF4F6114514FD28D3 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
22:11:26.0750 2144 aswSP - ok
22:11:26.0765 2144 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
22:11:26.0796 2144 aswTdi - ok
22:11:26.0812 2144 [ 16B8E3CD50A460EC32CA680C8210A0A9 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
22:11:26.0843 2144 aswVmm - ok
22:11:26.0859 2144 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:11:27.0015 2144 AsyncMac - ok
22:11:27.0031 2144 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:11:27.0187 2144 atapi - ok
22:11:27.0203 2144 Atdisk - ok
22:11:27.0234 2144 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:11:27.0390 2144 Atmarpc - ok
22:11:27.0421 2144 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:11:27.0578 2144 AudioSrv - ok
22:11:27.0609 2144 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:11:27.0750 2144 audstub - ok
22:11:27.0812 2144 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:11:27.0843 2144 avast! Antivirus - ok
22:11:27.0843 2144 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:11:28.0000 2144 Beep - ok
22:11:28.0015 2144 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
22:11:28.0312 2144 BITS - ok
22:11:28.0328 2144 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
22:11:28.0406 2144 Browser - ok
22:11:28.0515 2144 catchme - ok
22:11:28.0531 2144 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:11:28.0687 2144 cbidf - ok
22:11:28.0703 2144 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:11:28.0828 2144 cbidf2k - ok
22:11:28.0843 2144 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:11:28.0937 2144 cd20xrnt - ok
22:11:28.0953 2144 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:11:29.0109 2144 Cdaudio - ok
22:11:29.0140 2144 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:11:29.0281 2144 Cdfs - ok
22:11:29.0328 2144 [ BF79E659C506674C0497CC9C61F1A165 ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys
22:11:29.0343 2144 Cdr4_xp ( UnsignedFile.Multi.Generic ) - warning
22:11:29.0343 2144 Cdr4_xp - detected UnsignedFile.Multi.Generic (1)
22:11:29.0359 2144 [ 2C41CD49D82D5FD85C72D57B6CA25471 ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys
22:11:29.0359 2144 Cdralw2k ( UnsignedFile.Multi.Generic ) - warning
22:11:29.0359 2144 Cdralw2k - detected UnsignedFile.Multi.Generic (1)
22:11:29.0375 2144 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:11:29.0515 2144 Cdrom - ok
22:11:29.0515 2144 Changer - ok
22:11:29.0562 2144 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:11:29.0718 2144 CiSvc - ok
22:11:29.0718 2144 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:11:29.0859 2144 ClipSrv - ok
22:11:29.0875 2144 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:11:30.0015 2144 clr_optimization_v2.0.50727_32 - ok
22:11:30.0062 2144 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:11:30.0187 2144 CmdIde - ok
22:11:30.0203 2144 COMSysApp - ok
22:11:30.0218 2144 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:11:30.0359 2144 Cpqarray - ok
22:11:30.0406 2144 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:11:30.0531 2144 CryptSvc - ok
22:11:30.0546 2144 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:11:30.0703 2144 dac2w2k - ok
22:11:30.0703 2144 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:11:30.0859 2144 dac960nt - ok
22:11:30.0890 2144 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:11:31.0000 2144 DcomLaunch - ok
22:11:31.0031 2144 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:11:31.0187 2144 Dhcp - ok
22:11:31.0203 2144 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:11:31.0343 2144 Disk - ok
22:11:31.0359 2144 dmadmin - ok
22:11:31.0406 2144 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:11:31.0625 2144 dmboot - ok
22:11:31.0656 2144 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:11:31.0796 2144 dmio - ok
22:11:31.0812 2144 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:11:31.0953 2144 dmload - ok
22:11:31.0984 2144 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:11:32.0125 2144 dmserver - ok
22:11:32.0156 2144 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:11:32.0296 2144 DMusic - ok
22:11:32.0328 2144 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:11:32.0453 2144 Dnscache - ok
22:11:32.0500 2144 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:11:32.0656 2144 Dot3svc - ok
22:11:32.0671 2144 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:11:32.0812 2144 dpti2o - ok
22:11:32.0828 2144 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:11:32.0984 2144 drmkaud - ok
22:11:33.0015 2144 [ 7D91DC6342248369F94D6EBA0CF42E99 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:11:33.0062 2144 E100B - ok
22:11:33.0078 2144 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:11:33.0234 2144 EapHost - ok
22:11:33.0296 2144 eeCtrl - ok
22:11:33.0375 2144 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
22:11:33.0484 2144 ehRecvr - ok
22:11:33.0531 2144 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
22:11:33.0656 2144 ehSched - ok
22:11:33.0687 2144 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:11:33.0843 2144 ERSvc - ok
22:11:33.0890 2144 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
22:11:33.0937 2144 Eventlog - ok
22:11:33.0968 2144 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
22:11:34.0015 2144 EventSystem - ok
22:11:34.0062 2144 [ AA855FB8A866281AACB393C1FEAB91AE ] FA312 C:\WINDOWS\system32\DRIVERS\FA312nd5.sys
22:11:34.0203 2144 FA312 - ok
22:11:34.0250 2144 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:11:34.0406 2144 Fastfat - ok
22:11:34.0437 2144 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:11:34.0562 2144 FastUserSwitchingCompatibility - ok
22:11:34.0609 2144 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
22:11:34.0765 2144 Fdc - ok
22:11:34.0796 2144 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:11:34.0953 2144 Fips - ok
22:11:34.0968 2144 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:11:35.0125 2144 Flpydisk - ok
22:11:35.0156 2144 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:11:35.0312 2144 FltMgr - ok
22:11:35.0390 2144 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:11:35.0406 2144 FontCache3.0.0.0 - ok
22:11:35.0437 2144 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:11:35.0578 2144 Fs_Rec - ok
22:11:35.0593 2144 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:11:35.0734 2144 Ftdisk - ok
22:11:35.0781 2144 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:11:36.0062 2144 Gpc - ok
22:11:36.0125 2144 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:11:36.0156 2144 gupdate - ok
22:11:36.0156 2144 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:11:36.0187 2144 gupdatem - ok
22:11:36.0218 2144 [ 85F4E4617DBD603C2202354CEDFDF249 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
22:11:36.0234 2144 hamachi - ok
22:11:36.0281 2144 [ 9131EDE087AF04A7D80F7EBADC164254 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
22:11:36.0375 2144 HdAudAddService - ok
22:11:36.0406 2144 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:11:36.0562 2144 HDAudBus - ok
22:11:36.0625 2144 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:11:36.0781 2144 helpsvc - ok
22:11:36.0796 2144 HidServ - ok
22:11:36.0828 2144 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:11:36.0984 2144 HidUsb - ok
22:11:37.0015 2144 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:11:37.0171 2144 hkmsvc - ok
22:11:37.0187 2144 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
22:11:37.0328 2144 hpn - ok
22:11:37.0343 2144 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:11:37.0406 2144 HPZid412 - ok
22:11:37.0406 2144 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:11:37.0453 2144 HPZipr12 - ok
22:11:37.0468 2144 [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:11:37.0531 2144 HPZius12 - ok
22:11:37.0578 2144 [ 33DFC0AFA95F9A2C753FF2ADB7D4A21F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
22:11:37.0671 2144 HSFHWBS2 - ok
22:11:37.0718 2144 [ B2DFC168D6F7512FAEA085253C5A37AD ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
22:11:37.0843 2144 HSF_DP - ok
22:11:37.0875 2144 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:11:37.0953 2144 HTTP - ok
22:11:37.0984 2144 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:11:38.0140 2144 HTTPFilter - ok
22:11:38.0171 2144 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
22:11:38.0312 2144 i2omgmt - ok
22:11:38.0343 2144 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:11:38.0500 2144 i2omp - ok
22:11:38.0531 2144 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:11:38.0687 2144 i8042prt - ok
22:11:38.0750 2144 [ 7C7560001937DD47FE933DE2181227F2 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
22:11:38.0875 2144 ialm - ok
22:11:38.0921 2144 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
22:11:38.0937 2144 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:11:38.0937 2144 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:11:39.0000 2144 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:11:39.0078 2144 idsvc - ok
22:11:39.0093 2144 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:11:39.0250 2144 Imapi - ok
22:11:39.0281 2144 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
22:11:39.0437 2144 ImapiService - ok
22:11:39.0468 2144 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:11:39.0625 2144 ini910u - ok
22:11:39.0703 2144 [ 1ED9AC45C69E650D4F12D1114132622B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:11:39.0859 2144 IntcAzAudAddService - ok
22:11:39.0890 2144 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
22:11:40.0031 2144 IntelIde - ok
22:11:40.0046 2144 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:11:40.0203 2144 intelppm - ok
22:11:40.0218 2144 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
22:11:40.0343 2144 Ip6Fw - ok
22:11:40.0359 2144 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:11:40.0500 2144 IpFilterDriver - ok
22:11:40.0500 2144 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:11:40.0656 2144 IpInIp - ok
22:11:40.0671 2144 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:11:40.0828 2144 IpNat - ok
22:11:40.0859 2144 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:11:41.0000 2144 IPSec - ok
22:11:41.0031 2144 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:11:41.0125 2144 IRENUM - ok
22:11:41.0140 2144 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:11:41.0281 2144 isapnp - ok
22:11:41.0359 2144 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
22:11:41.0390 2144 JavaQuickStarterService - ok
22:11:41.0406 2144 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:11:41.0546 2144 Kbdclass - ok
22:11:41.0578 2144 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:11:41.0718 2144 kmixer - ok
22:11:41.0734 2144 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:11:41.0828 2144 KSecDD - ok
22:11:41.0859 2144 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
22:11:41.0937 2144 lanmanserver - ok
22:11:41.0968 2144 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:11:42.0015 2144 lanmanworkstation - ok
22:11:42.0031 2144 Lavasoft Kernexplorer - ok
22:11:42.0046 2144 Lbd - ok
22:11:42.0046 2144 lbrtfdc - ok
22:11:42.0078 2144 [ AF19547B066E3CF6842688CE2A53A53B ] LexBceS C:\WINDOWS\system32\LEXBCES.EXE
22:11:42.0109 2144 LexBceS ( UnsignedFile.Multi.Generic ) - warning
22:11:42.0109 2144 LexBceS - detected UnsignedFile.Multi.Generic (1)
22:11:42.0156 2144 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:11:42.0296 2144 LmHosts - ok
22:11:42.0328 2144 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
22:11:42.0375 2144 McrdSvc - ok
22:11:42.0406 2144 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:11:42.0484 2144 mdmxsdk - ok
22:11:42.0500 2144 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:11:42.0656 2144 Messenger - ok
22:11:42.0687 2144 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
22:11:42.0703 2144 MHN ( UnsignedFile.Multi.Generic ) - warning
22:11:42.0703 2144 MHN - detected UnsignedFile.Multi.Generic (1)
22:11:42.0734 2144 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
22:11:42.0750 2144 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
22:11:42.0750 2144 MHNDRV - detected UnsignedFile.Multi.Generic (1)
22:11:42.0765 2144 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:11:42.0906 2144 mnmdd - ok
22:11:42.0953 2144 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
22:11:43.0093 2144 mnmsrvc - ok
22:11:43.0140 2144 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:11:43.0265 2144 Modem - ok
22:11:43.0281 2144 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:11:43.0421 2144 Mouclass - ok
22:11:43.0453 2144 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:11:43.0609 2144 mouhid - ok
22:11:43.0625 2144 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:11:43.0781 2144 MountMgr - ok
22:11:43.0812 2144 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:11:43.0843 2144 MozillaMaintenance - ok
22:11:43.0875 2144 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:11:44.0015 2144 mraid35x - ok
22:11:44.0031 2144 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:11:44.0187 2144 MRxDAV - ok
22:11:44.0234 2144 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:11:44.0312 2144 MRxSmb - ok
22:11:44.0390 2144 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
22:11:44.0437 2144 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
22:11:44.0437 2144 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
22:11:44.0468 2144 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
22:11:44.0609 2144 MSDTC - ok
22:11:44.0625 2144 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:11:44.0765 2144 Msfs - ok
22:11:44.0781 2144 MSIServer - ok
22:11:44.0796 2144 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:11:44.0953 2144 MSKSSRV - ok
22:11:44.0953 2144 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:11:45.0093 2144 MSPCLOCK - ok
22:11:45.0093 2144 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:11:45.0234 2144 MSPQM - ok
22:11:45.0250 2144 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:11:45.0390 2144 mssmbios - ok
22:11:45.0437 2144 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:11:45.0453 2144 Mup - ok
22:11:45.0500 2144 [ E1CDF20697D992CF83FF86DD04DF1285 ] mxnic C:\WINDOWS\system32\DRIVERS\mxnic.sys
22:11:45.0640 2144 mxnic - ok
22:11:45.0687 2144 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
22:11:45.0859 2144 napagent - ok
22:11:45.0890 2144 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:11:46.0390 2144 NDIS - ok
22:11:46.0421 2144 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:11:46.0468 2144 NdisTapi - ok
22:11:46.0515 2144 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:11:46.0671 2144 Ndisuio - ok
22:11:46.0687 2144 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:11:46.0828 2144 NdisWan - ok
22:11:46.0859 2144 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:11:46.0906 2144 NDProxy - ok
22:11:46.0921 2144 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:11:47.0078 2144 NetBIOS - ok
22:11:47.0093 2144 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:11:47.0234 2144 NetBT - ok
22:11:47.0265 2144 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
22:11:47.0421 2144 NetDDE - ok
22:11:47.0421 2144 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:11:47.0562 2144 NetDDEdsdm - ok
22:11:47.0593 2144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:11:47.0734 2144 Netlogon - ok
22:11:47.0765 2144 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
22:11:47.0921 2144 Netman - ok
22:11:47.0953 2144 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:11:47.0984 2144 NetTcpPortSharing - ok
22:11:48.0015 2144 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:11:48.0171 2144 NIC1394 - ok
22:11:48.0203 2144 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
22:11:48.0250 2144 Nla - ok
22:11:48.0250 2144 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
22:11:48.0406 2144 nm - ok
22:11:48.0453 2144 [ B15E0180C43D8B5219196D76878CC2DD ] NPF C:\WINDOWS\system32\drivers\npf.sys
22:11:48.0468 2144 NPF - ok
22:11:48.0500 2144 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:11:48.0640 2144 Npfs - ok
22:11:48.0671 2144 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:11:48.0828 2144 Ntfs - ok
22:11:48.0859 2144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
22:11:49.0000 2144 NtLmSsp - ok
22:11:49.0031 2144 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:11:49.0187 2144 NtmsSvc - ok
22:11:49.0203 2144 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
22:11:49.0343 2144 Null - ok
22:11:49.0421 2144 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:11:49.0718 2144 nv - ok
22:11:49.0718 2144 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:11:49.0859 2144 NwlnkFlt - ok
22:11:49.0859 2144 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:11:50.0000 2144 NwlnkFwd - ok
22:11:50.0015 2144 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:11:50.0156 2144 ohci1394 - ok
22:11:50.0234 2144 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:11:50.0250 2144 ose - ok
22:11:50.0265 2144 [ C90018BAFDC7098619A4A95B046B30F3 ] P3 C:\WINDOWS\system32\DRIVERS\p3.sys
22:11:50.0390 2144 P3 - ok
22:11:50.0437 2144 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
22:11:50.0468 2144 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
22:11:50.0468 2144 PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
22:11:50.0500 2144 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
22:11:50.0640 2144 Parport - ok
22:11:50.0656 2144 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:11:50.0812 2144 PartMgr - ok
22:11:50.0843 2144 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:11:50.0984 2144 ParVdm - ok
22:11:50.0984 2144 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:11:51.0125 2144 PCI - ok
22:11:51.0125 2144 PCIDump - ok
22:11:51.0156 2144 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
22:11:51.0296 2144 PCIIde - ok
22:11:51.0312 2144 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
22:11:51.0453 2144 Pcmcia - ok
22:11:51.0484 2144 [ 02AAAFB7BA137CE5DDABCDF8090954D9 ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
22:11:51.0500 2144 pcouffin ( UnsignedFile.Multi.Generic ) - warning
22:11:51.0500 2144 pcouffin - detected UnsignedFile.Multi.Generic (1)
22:11:51.0500 2144 PDCOMP - ok
22:11:51.0515 2144 PDFRAME - ok
22:11:51.0515 2144 PDRELI - ok
22:11:51.0531 2144 PDRFRAME - ok
22:11:51.0531 2144 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
22:11:51.0687 2144 perc2 - ok
22:11:51.0703 2144 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:11:51.0843 2144 perc2hib - ok
22:11:51.0875 2144 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
22:11:51.0906 2144 PlugPlay - ok
22:11:51.0921 2144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
22:11:52.0062 2144 PolicyAgent - ok
22:11:52.0078 2144 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:11:52.0203 2144 PptpMiniport - ok
22:11:52.0250 2144 [ 33D7285F12D934268A34206DFC4AD1B3 ] PrismXL C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
22:11:52.0281 2144 PrismXL ( UnsignedFile.Multi.Generic ) - warning
22:11:52.0281 2144 PrismXL - detected UnsignedFile.Multi.Generic (1)
22:11:52.0281 2144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:11:52.0421 2144 ProtectedStorage - ok
22:11:52.0421 2144 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:11:52.0562 2144 PSched - ok
22:11:52.0562 2144 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:11:52.0718 2144 Ptilink - ok
22:11:52.0734 2144 [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:11:52.0734 2144 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
22:11:52.0734 2144 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
22:11:52.0750 2144 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:11:52.0875 2144 ql1080 - ok
22:11:52.0890 2144 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:11:53.0015 2144 Ql10wnt - ok
22:11:53.0015 2144 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:11:53.0156 2144 ql12160 - ok
22:11:53.0171 2144 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:11:53.0296 2144 ql1240 - ok
22:11:53.0312 2144 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:11:53.0437 2144 ql1280 - ok
22:11:53.0468 2144 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:11:53.0609 2144 RasAcd - ok
22:11:53.0640 2144 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:11:53.0765 2144 RasAuto - ok
22:11:53.0796 2144 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:11:53.0921 2144 Rasl2tp - ok
22:11:53.0968 2144 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:11:54.0093 2144 RasMan - ok
22:11:54.0109 2144 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:11:54.0250 2144 RasPppoe - ok
22:11:54.0265 2144 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:11:54.0390 2144 Raspti - ok
22:11:54.0406 2144 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:11:54.0546 2144 Rdbss - ok
22:11:54.0562 2144 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:11:54.0703 2144 RDPCDD - ok
22:11:54.0734 2144 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:11:54.0875 2144 rdpdr - ok
22:11:54.0921 2144 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:11:54.0968 2144 RDPWD - ok
22:11:55.0000 2144 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:11:55.0140 2144 RDSessMgr - ok
22:11:55.0187 2144 [ 89525CC2DBAD44F7199B9CC188B3F9C5 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
22:11:55.0218 2144 RealNetworks Downloader Resolver Service - ok
22:11:55.0234 2144 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:11:55.0359 2144 redbook - ok
22:11:55.0390 2144 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:11:55.0546 2144 RemoteAccess - ok
22:11:55.0578 2144 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:11:55.0718 2144 RemoteRegistry - ok
22:11:55.0765 2144 [ 9ED13880478F14900A5840FF048D174C ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
22:11:55.0781 2144 rpcapd - ok
22:11:55.0796 2144 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
22:11:55.0937 2144 RpcLocator - ok
22:11:55.0968 2144 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
22:11:56.0031 2144 RpcSs - ok
22:11:56.0046 2144 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
22:11:56.0296 2144 RSVP - ok
22:11:56.0312 2144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
22:11:56.0437 2144 SamSs - ok
22:11:56.0484 2144 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:11:56.0500 2144 SASDIFSV - ok
22:11:56.0531 2144 [ 7CE61C25C159F50F9EAF6D77FC83FA35 ] SASENUM C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
22:11:56.0546 2144 SASENUM - ok
22:11:56.0578 2144 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
22:11:56.0593 2144 SASKUTIL - ok
22:11:56.0609 2144 SBRE - ok
22:11:56.0640 2144 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:11:56.0781 2144 SCardSvr - ok
22:11:56.0812 2144 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:11:56.0984 2144 Schedule - ok
22:11:57.0046 2144 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:11:57.0125 2144 Secdrv - ok
22:11:57.0140 2144 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
22:11:57.0296 2144 seclogon - ok
22:11:57.0296 2144 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
22:11:57.0437 2144 SENS - ok
22:11:57.0484 2144 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
22:11:57.0625 2144 Serenum - ok
22:11:57.0640 2144 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
22:11:57.0781 2144 Serial - ok
22:11:57.0812 2144 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
22:11:57.0937 2144 Sfloppy - ok
22:11:57.0984 2144 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:11:58.0156 2144 SharedAccess - ok
22:11:58.0171 2144 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:11:58.0203 2144 ShellHWDetection - ok
22:11:58.0218 2144 Simbad - ok
22:11:58.0265 2144 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:11:58.0406 2144 sisagp - ok
22:11:58.0421 2144 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:11:58.0515 2144 Sparrow - ok
22:11:58.0546 2144 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:11:58.0671 2144 splitter - ok
22:11:58.0703 2144 [ 60784F891563FB1B767F70117FC2428F ] spooler C:\WINDOWS\system32\spoolsv.exe
22:11:58.0765 2144 spooler - ok
22:11:58.0812 2144 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
22:11:58.0812 2144 SPTISRV ( UnsignedFile.Multi.Generic ) - warning
22:11:58.0812 2144 SPTISRV - detected UnsignedFile.Multi.Generic (1)
22:11:58.0828 2144 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:11:58.0921 2144 sr - ok
22:11:58.0984 2144 [ 8564B89EDA35A72C09D9B26120605868 ] srescan C:\WINDOWS\system32\ZoneLabs\srescan.sys
22:11:59.0000 2144 srescan - ok
22:11:59.0046 2144 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
22:11:59.0140 2144 srservice - ok
22:11:59.0171 2144 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:11:59.0250 2144 Srv - ok
22:11:59.0265 2144 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:11:59.0343 2144 SSDPSRV - ok
22:11:59.0406 2144 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:11:59.0593 2144 stisvc - ok
22:11:59.0625 2144 [ 86CA1A5C15A5A98D5533945FB1120B05 ] SunkFilt C:\WINDOWS\System32\Drivers\sunkfilt.sys
22:11:59.0640 2144 SunkFilt ( UnsignedFile.Multi.Generic ) - warning
22:11:59.0640 2144 SunkFilt - detected UnsignedFile.Multi.Generic (1)
22:11:59.0671 2144 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:11:59.0828 2144 swenum - ok
22:11:59.0843 2144 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:12:00.0000 2144 swmidi - ok
22:12:00.0000 2144 SwPrv - ok
22:12:00.0015 2144 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
22:12:00.0156 2144 symc810 - ok
22:12:00.0171 2144 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:12:00.0296 2144 symc8xx - ok
22:12:00.0312 2144 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:12:00.0453 2144 sym_hi - ok
22:12:00.0468 2144 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:12:00.0593 2144 sym_u3 - ok
22:12:00.0625 2144 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:12:00.0781 2144 sysaudio - ok
22:12:00.0812 2144 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:12:00.0953 2144 SysmonLog - ok
22:12:00.0984 2144 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:12:01.0140 2144 TapiSrv - ok
22:12:01.0187 2144 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:12:01.0218 2144 Tcpip - ok
22:12:01.0234 2144 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:12:01.0375 2144 TDPIPE - ok
22:12:01.0406 2144 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:12:01.0546 2144 TDTCP - ok
22:12:01.0578 2144 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:12:01.0703 2144 TermDD - ok
22:12:01.0750 2144 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
22:12:01.0890 2144 TermService - ok
22:12:01.0921 2144 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
22:12:01.0937 2144 Themes - ok
22:12:01.0968 2144 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
22:12:02.0046 2144 TlntSvr - ok
22:12:02.0078 2144 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
22:12:02.0218 2144 TosIde - ok
22:12:02.0265 2144 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:12:02.0406 2144 TrkWks - ok
22:12:02.0421 2144 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:12:02.0578 2144 Udfs - ok
22:12:02.0578 2144 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
22:12:02.0656 2144 ultra - ok
22:12:02.0703 2144 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:12:02.0843 2144 Update - ok
22:12:02.0859 2144 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:12:02.0953 2144 upnphost - ok
22:12:02.0953 2144 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
22:12:03.0093 2144 UPS - ok
22:12:03.0109 2144 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:12:03.0234 2144 usbccgp - ok
22:12:03.0281 2144 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:12:03.0421 2144 usbehci - ok
22:12:03.0437 2144 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:12:03.0593 2144 usbhub - ok
22:12:03.0609 2144 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:12:03.0765 2144 usbprint - ok
22:12:03.0781 2144 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:12:03.0921 2144 usbscan - ok
22:12:03.0937 2144 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:12:04.0078 2144 USBSTOR - ok
22:12:04.0093 2144 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:12:04.0234 2144 usbuhci - ok
22:12:04.0234 2144 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:12:04.0375 2144 VgaSave - ok
22:12:04.0390 2144 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:12:04.0531 2144 viaagp - ok
22:12:04.0546 2144 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
22:12:04.0687 2144 ViaIde - ok
22:12:04.0703 2144 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:12:04.0828 2144 VolSnap - ok
22:12:04.0875 2144 [ C44515AFBB1B96AC83979F87AA4ADB71 ] vsdatant C:\WINDOWS\system32\vsdatant.sys
22:12:04.0921 2144 vsdatant - ok
22:12:04.0921 2144 vsmon - ok
22:12:04.0968 2144 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
22:12:05.0062 2144 VSS - ok
22:12:05.0078 2144 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
22:12:05.0218 2144 W32Time - ok
22:12:05.0234 2144 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:12:05.0375 2144 Wanarp - ok
22:12:05.0375 2144 wanatw - ok
22:12:05.0390 2144 WDICA - ok
22:12:05.0406 2144 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:12:05.0546 2144 wdmaud - ok
22:12:05.0562 2144 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:12:05.0718 2144 WebClient - ok
22:12:05.0765 2144 [ 2DC7C0B6175A0A8ED84A4F70199C93B5 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:12:05.0875 2144 winachsf - ok
22:12:05.0921 2144 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:12:06.0078 2144 winmgmt - ok
22:12:06.0125 2144 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
22:12:06.0156 2144 WmdmPmSN - ok
22:12:06.0218 2144 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
22:12:06.0578 2144 Wmi - ok
22:12:06.0609 2144 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:12:06.0765 2144 WmiApSrv - ok
22:12:06.0843 2144 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
22:12:06.0953 2144 WMPNetworkSvc - ok
22:12:07.0000 2144 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:12:07.0031 2144 WpdUsb - ok
22:12:07.0046 2144 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:12:07.0203 2144 WS2IFSL - ok
22:12:07.0234 2144 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
22:12:07.0390 2144 wscsvc - ok
22:12:07.0406 2144 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
22:12:07.0562 2144 wuauserv - ok
22:12:07.0593 2144 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:12:07.0640 2144 WudfPf - ok
22:12:07.0656 2144 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:12:07.0687 2144 WudfRd - ok
22:12:07.0718 2144 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
22:12:07.0750 2144 WudfSvc - ok
22:12:07.0796 2144 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:12:07.0937 2144 WZCSVC - ok
22:12:07.0984 2144 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:12:08.0125 2144 xmlprov - ok
22:12:08.0125 2144 ================ Scan global ===============================
22:12:08.0171 2144 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
22:12:08.0203 2144 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
22:12:08.0234 2144 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
22:12:08.0250 2144 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
22:12:08.0265 2144 [Global] - ok
22:12:08.0265 2144 ================ Scan MBR ==================================
22:12:08.0281 2144 [ B20939CD98B7710036274839082AE757 ] \Device\Harddisk0\DR0
22:12:08.0515 2144 \Device\Harddisk0\DR0 - ok
22:12:08.0515 2144 ================ Scan VBR ==================================
22:12:08.0531 2144 [ BC209F34A6BFA21DF23798DC8D33F31E ] \Device\Harddisk0\DR0\Partition1
22:12:08.0531 2144 \Device\Harddisk0\DR0\Partition1 - ok
22:12:08.0531 2144 [ 366DAE17811DEF7FC13490847309F20E ] \Device\Harddisk0\DR0\Partition2
22:12:08.0531 2144 \Device\Harddisk0\DR0\Partition2 - ok
22:12:08.0531 2144 ================ Scan active images ========================
22:12:08.0531 2144 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
22:12:08.0531 2144 C:\WINDOWS\system32\drivers\nic1394.sys - ok
22:12:08.0546 2144 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
22:12:08.0546 2144 C:\WINDOWS\system32\drivers\intelppm.sys - ok
22:12:08.0546 2144 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
22:12:08.0546 2144 C:\WINDOWS\system32\drivers\videoprt.sys - ok
22:12:08.0546 2144 [ 7C7560001937DD47FE933DE2181227F2 ] C:\WINDOWS\system32\drivers\ialmnt5.sys
22:12:08.0546 2144 C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
22:12:08.0546 2144 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
22:12:08.0546 2144 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
22:12:08.0562 2144 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
22:12:08.0562 2144 C:\WINDOWS\system32\drivers\usbport.sys - ok
22:12:08.0562 2144 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
22:12:08.0562 2144 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
22:12:08.0562 2144 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
22:12:08.0562 2144 C:\WINDOWS\system32\drivers\usbehci.sys - ok
22:12:08.0562 2144 [ AA855FB8A866281AACB393C1FEAB91AE ] C:\WINDOWS\system32\drivers\FA312nd5.sys
22:12:08.0562 2144 C:\WINDOWS\system32\drivers\FA312nd5.sys - ok
22:12:08.0578 2144 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
22:12:08.0578 2144 C:\WINDOWS\system32\drivers\ks.sys - ok
22:12:08.0578 2144 [ 33DFC0AFA95F9A2C753FF2ADB7D4A21F ] C:\WINDOWS\system32\drivers\HSFHWBS2.sys
22:12:08.0578 2144 C:\WINDOWS\system32\drivers\HSFHWBS2.sys - ok
22:12:08.0578 2144 [ B2DFC168D6F7512FAEA085253C5A37AD ] C:\WINDOWS\system32\drivers\HSF_DP.sys
22:12:08.0578 2144 C:\WINDOWS\system32\drivers\HSF_DP.sys - ok
22:12:08.0593 2144 [ 2DC7C0B6175A0A8ED84A4F70199C93B5 ] C:\WINDOWS\system32\drivers\HSF_CNXT.sys
22:12:08.0593 2144 C:\WINDOWS\system32\drivers\HSF_CNXT.sys - ok
22:12:08.0593 2144 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
22:12:08.0593 2144 C:\WINDOWS\system32\drivers\modem.sys - ok
22:12:08.0593 2144 [ 7D91DC6342248369F94D6EBA0CF42E99 ] C:\WINDOWS\system32\drivers\e100b325.sys
22:12:08.0593 2144 C:\WINDOWS\system32\drivers\e100b325.sys - ok
22:12:08.0593 2144 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
22:12:08.0593 2144 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
22:12:08.0609 2144 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
22:12:08.0609 2144 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
22:12:08.0609 2144 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
22:12:08.0609 2144 C:\WINDOWS\system32\drivers\mouclass.sys - ok
22:12:08.0609 2144 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
22:12:08.0609 2144 C:\WINDOWS\system32\drivers\parport.sys - ok
22:12:08.0625 2144 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
22:12:08.0625 2144 C:\WINDOWS\system32\drivers\serial.sys - ok
22:12:08.0625 2144 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
22:12:08.0625 2144 C:\WINDOWS\system32\drivers\audstub.sys - ok
22:12:08.0625 2144 [ BF79E659C506674C0497CC9C61F1A165 ] C:\WINDOWS\system32\drivers\cdr4_xp.sys
22:12:08.0625 2144 C:\WINDOWS\system32\drivers\cdr4_xp.sys - ok
22:12:08.0625 2144 [ 2C41CD49D82D5FD85C72D57B6CA25471 ] C:\WINDOWS\system32\drivers\cdralw2k.sys
22:12:08.0625 2144 C:\WINDOWS\system32\drivers\cdralw2k.sys - ok
22:12:08.0640 2144 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
22:12:08.0640 2144 C:\WINDOWS\system32\drivers\cdrom.sys - ok
22:12:08.0640 2144 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
22:12:08.0640 2144 C:\WINDOWS\system32\drivers\redbook.sys - ok
22:12:08.0640 2144 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
22:12:08.0640 2144 C:\WINDOWS\system32\drivers\serenum.sys - ok
22:12:08.0640 2144 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
22:12:08.0640 2144 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
22:12:08.0656 2144 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
22:12:08.0656 2144 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
22:12:08.0656 2144 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
22:12:08.0656 2144 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
22:12:08.0656 2144 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
22:12:08.0656 2144 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
22:12:08.0671 2144 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
22:12:08.0671 2144 C:\WINDOWS\system32\drivers\tdi.sys - ok
22:12:08.0671 2144 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
22:12:08.0671 2144 C:\WINDOWS\system32\drivers\msgpc.sys - ok
22:12:08.0671 2144 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
22:12:08.0671 2144 C:\WINDOWS\system32\drivers\psched.sys - ok
22:12:08.0671 2144 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
22:12:08.0671 2144 C:\WINDOWS\system32\drivers\raspptp.sys - ok
22:12:08.0687 2144 [ 02AAAFB7BA137CE5DDABCDF8090954D9 ] C:\WINDOWS\system32\drivers\pcouffin.sys
22:12:08.0687 2144 C:\WINDOWS\system32\drivers\pcouffin.sys - ok
22:12:08.0687 2144 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
22:12:08.0687 2144 C:\WINDOWS\system32\drivers\ptilink.sys - ok
22:12:08.0687 2144 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
22:12:08.0687 2144 C:\WINDOWS\system32\drivers\raspti.sys - ok
22:12:08.0703 2144 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
22:12:08.0703 2144 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
22:12:08.0703 2144 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
22:12:08.0703 2144 C:\WINDOWS\system32\drivers\swenum.sys - ok
22:12:08.0703 2144 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
22:12:08.0703 2144 C:\WINDOWS\system32\drivers\termdd.sys - ok
22:12:08.0703 2144 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
22:12:08.0703 2144 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
22:12:08.0718 2144 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
22:12:08.0718 2144 C:\WINDOWS\system32\drivers\update.sys - ok
22:12:08.0718 2144 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
22:12:08.0718 2144 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
22:12:08.0718 2144 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
22:12:08.0718 2144 C:\WINDOWS\system32\drivers\drmk.sys - ok
22:12:08.0718 2144 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
22:12:08.0718 2144 C:\WINDOWS\system32\drivers\portcls.sys - ok
22:12:08.0734 2144 [ 1ED9AC45C69E650D4F12D1114132622B ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:12:08.0734 2144 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
22:12:08.0734 2144 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
22:12:08.0734 2144 C:\WINDOWS\system32\drivers\usbd.sys - ok
22:12:08.0734 2144 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
22:12:08.0734 2144 C:\WINDOWS\system32\drivers\usbhub.sys - ok
22:12:08.0750 2144 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
22:12:08.0750 2144 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
22:12:08.0750 2144 [ 9368670BD426EBEA5E8B18A62416EC28 ] C:\WINDOWS\system32\drivers\i2omgmt.sys
22:12:08.0750 2144 C:\WINDOWS\system32\drivers\i2omgmt.sys - ok
22:12:08.0750 2144 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
22:12:08.0750 2144 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
22:12:08.0750 2144 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
22:12:08.0750 2144 C:\WINDOWS\system32\drivers\beep.sys - ok
22:12:08.0765 2144 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
22:12:08.0765 2144 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
22:12:08.0765 2144 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
22:12:08.0765 2144 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
22:12:08.0765 2144 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
22:12:08.0765 2144 C:\WINDOWS\system32\drivers\null.sys - ok
22:12:08.0781 2144 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
22:12:08.0781 2144 C:\WINDOWS\system32\drivers\vga.sys - ok
22:12:08.0781 2144 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
22:12:08.0781 2144 C:\WINDOWS\system32\drivers\ipsec.sys - ok
22:12:08.0781 2144 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
22:12:08.0781 2144 C:\WINDOWS\system32\drivers\msfs.sys - ok
22:12:08.0781 2144 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
22:12:08.0781 2144 C:\WINDOWS\system32\drivers\npfs.sys - ok
22:12:08.0796 2144 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
22:12:08.0796 2144 C:\WINDOWS\system32\drivers\rasacd.sys - ok
22:12:08.0796 2144 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
22:12:08.0796 2144 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
22:12:08.0796 2144 [ 1F71F170D90E42EFDE9633D81D5E12DC ] C:\WINDOWS\system32\drivers\aswTdi.sys
22:12:08.0796 2144 C:\WINDOWS\system32\drivers\aswTdi.sys - ok
22:12:08.0796 2144 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
22:12:08.0796 2144 C:\WINDOWS\system32\drivers\ipnat.sys - ok
22:12:08.0812 2144 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
22:12:08.0812 2144 C:\WINDOWS\system32\drivers\tcpip.sys - ok
22:12:08.0812 2144 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
22:12:08.0812 2144 C:\WINDOWS\system32\drivers\netbt.sys - ok
22:12:08.0812 2144 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
22:12:08.0812 2144 C:\WINDOWS\system32\drivers\wanarp.sys - ok
22:12:08.0828 2144 [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
22:12:08.0828 2144 C:\WINDOWS\system32\drivers\arp1394.sys - ok
22:12:08.0828 2144 [ 7B43265F92257A21CBFD88E7A651044C ] C:\WINDOWS\system32\drivers\aswRdr.sys
22:12:08.0828 2144 C:\WINDOWS\system32\drivers\aswRdr.sys - ok
22:12:08.0828 2144 [ C44515AFBB1B96AC83979F87AA4ADB71 ] C:\WINDOWS\system32\vsdatant.sys
22:12:08.0828 2144 C:\WINDOWS\system32\vsdatant.sys - ok
22:12:08.0828 2144 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
22:12:08.0828 2144 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
22:12:08.0843 2144 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
22:12:08.0843 2144 C:\WINDOWS\system32\drivers\afd.sys - ok
22:12:08.0843 2144 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
22:12:08.0843 2144 C:\WINDOWS\system32\drivers\netbios.sys - ok
22:12:08.0843 2144 [ C90018BAFDC7098619A4A95B046B30F3 ] C:\WINDOWS\system32\drivers\p3.sys
22:12:08.0843 2144 C:\WINDOWS\system32\drivers\p3.sys - ok
22:12:08.0843 2144 [ 39763504067962108505BFF25F024345 ] C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:12:08.0843 2144 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS - ok
22:12:08.0859 2144 [ 77B9FC20084B48408AD3E87570EB4A85 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:12:08.0859 2144 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
22:12:08.0859 2144 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
22:12:08.0859 2144 C:\WINDOWS\system32\drivers\rdbss.sys - ok
22:12:08.0859 2144 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
22:12:08.0859 2144 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
22:12:08.0875 2144 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
22:12:08.0875 2144 C:\WINDOWS\system32\drivers\fips.sys - ok
22:12:08.0875 2144 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
22:12:08.0875 2144 C:\WINDOWS\system32\drivers\imapi.sys - ok
22:12:08.0875 2144 [ 99102F60F344BEBAF4F6114514FD28D3 ] C:\WINDOWS\system32\drivers\aswSP.sys
22:12:08.0875 2144 C:\WINDOWS\system32\drivers\aswSP.sys - ok
22:12:08.0875 2144 [ 6CAB0A5991C5C0FC63F5E66593E71D7E ] C:\WINDOWS\system32\drivers\aswSnx.sys
22:12:08.0875 2144 C:\WINDOWS\system32\drivers\aswSnx.sys - ok
22:12:08.0890 2144 [ 86CA1A5C15A5A98D5533945FB1120B05 ] C:\WINDOWS\system32\drivers\Sunkfilt.sys
22:12:08.0890 2144 C:\WINDOWS\system32\drivers\Sunkfilt.sys - ok
22:12:08.0890 2144 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
22:12:08.0890 2144 C:\WINDOWS\system32\drivers\usbstor.sys - ok
22:12:08.0890 2144 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
22:12:08.0890 2144 C:\WINDOWS\system32\ntdll.dll - ok
22:12:08.0890 2144 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
22:12:08.0890 2144 C:\WINDOWS\system32\smss.exe - ok
22:12:08.0906 2144 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
22:12:08.0906 2144 C:\WINDOWS\system32\autochk.exe - ok
22:12:08.0906 2144 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
22:12:08.0906 2144 C:\WINDOWS\system32\drivers\fastfat.sys - ok
22:12:08.0906 2144 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
22:12:08.0906 2144 C:\WINDOWS\system32\sfcfiles.dll - ok
22:12:08.0921 2144 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
22:12:08.0921 2144 C:\WINDOWS\system32\drivers\wmilib.sys - ok
22:12:08.0921 2144 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
22:12:08.0921 2144 C:\WINDOWS\system32\drivers\atapi.sys - ok
22:12:08.0921 2144 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
22:12:08.0921 2144 C:\WINDOWS\system32\drivers\dxapi.sys - ok
22:12:08.0921 2144 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
22:12:08.0921 2144 C:\WINDOWS\system32\watchdog.sys - ok
22:12:08.0937 2144 [ FC8A1F72A8097910A11D5184BC3F887B ] C:\WINDOWS\system32\win32k.sys
22:12:08.0937 2144 C:\WINDOWS\system32\win32k.sys - ok
22:12:08.0937 2144 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
22:12:08.0937 2144 C:\WINDOWS\system32\basesrv.dll - ok
22:12:08.0937 2144 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
22:12:08.0937 2144 C:\WINDOWS\system32\csrsrv.dll - ok
22:12:08.0937 2144 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
22:12:08.0953 2144 C:\WINDOWS\system32\csrss.exe - ok
22:12:08.0953 2144 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
22:12:08.0953 2144 C:\WINDOWS\system32\gdi32.dll - ok
22:12:08.0953 2144 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
22:12:08.0953 2144 C:\WINDOWS\system32\winsrv.dll - ok
22:12:08.0953 2144 [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
22:12:08.0953 2144 C:\WINDOWS\system32\kernel32.dll - ok
22:12:08.0968 2144 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
22:12:08.0968 2144 C:\WINDOWS\system32\user32.dll - ok
22:12:08.0968 2144 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
22:12:08.0968 2144 C:\WINDOWS\system32\drivers\dxg.sys - ok
22:12:08.0968 2144 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
22:12:08.0968 2144 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
22:12:08.0968 2144 [ BD5AAE7CA787F0463D842E20C27CAE11 ] C:\WINDOWS\system32\ialmdnt5.dll
22:12:08.0968 2144 C:\WINDOWS\system32\ialmdnt5.dll - ok
22:12:08.0984 2144 [ 07724CC99C91631A3F9D4CFE405D0013 ] C:\WINDOWS\system32\ialmrnt5.dll
22:12:08.0984 2144 C:\WINDOWS\system32\ialmrnt5.dll - ok
22:12:08.0984 2144 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
22:12:08.0984 2144 C:\WINDOWS\system32\vga.dll - ok
22:12:08.0984 2144 [ C1D2761D7444C36CECD9A7E04650DC8F ] C:\WINDOWS\system32\ialmdev5.dll
22:12:08.0984 2144 C:\WINDOWS\system32\ialmdev5.dll - ok
22:12:08.0984 2144 [ BA50512AEDE300856846B76A761DA760 ] C:\WINDOWS\system32\ialmdd5.dll
22:12:08.0984 2144 C:\WINDOWS\system32\ialmdd5.dll - ok
22:12:09.0000 2144 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
22:12:09.0000 2144 C:\WINDOWS\system32\winlogon.exe - ok
22:12:09.0000 2144 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
22:12:09.0000 2144 C:\WINDOWS\system32\advapi32.dll - ok
22:12:09.0000 2144 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
22:12:09.0000 2144 C:\WINDOWS\system32\rpcrt4.dll - ok
22:12:09.0000 2144 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
22:12:09.0000 2144 C:\WINDOWS\system32\secur32.dll - ok
22:12:09.0015 2144 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
22:12:09.0015 2144 C:\WINDOWS\system32\authz.dll - ok
22:12:09.0015 2144 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
22:12:09.0015 2144 C:\WINDOWS\system32\msvcrt.dll - ok
22:12:09.0015 2144 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
22:12:09.0015 2144 C:\WINDOWS\system32\crypt32.dll - ok
22:12:09.0031 2144 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
22:12:09.0031 2144 C:\WINDOWS\system32\msasn1.dll - ok
22:12:09.0031 2144 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
22:12:09.0031 2144 C:\WINDOWS\system32\nddeapi.dll - ok
22:12:09.0031 2144 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
22:12:09.0031 2144 C:\WINDOWS\system32\netapi32.dll - ok
22:12:09.0031 2144 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
22:12:09.0031 2144 C:\WINDOWS\system32\profmap.dll - ok
22:12:09.0046 2144 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
22:12:09.0046 2144 C:\WINDOWS\system32\userenv.dll - ok
22:12:09.0046 2144 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
22:12:09.0046 2144 C:\WINDOWS\system32\psapi.dll - ok
22:12:09.0046 2144 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
22:12:09.0046 2144 C:\WINDOWS\system32\regapi.dll - ok
22:12:09.0062 2144 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
22:12:09.0062 2144 C:\WINDOWS\system32\setupapi.dll - ok
22:12:09.0062 2144 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
22:12:09.0062 2144 C:\WINDOWS\system32\version.dll - ok
22:12:09.0062 2144 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
22:12:09.0062 2144 C:\WINDOWS\system32\winsta.dll - ok
22:12:09.0062 2144 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
22:12:09.0062 2144 C:\WINDOWS\system32\wintrust.dll - ok
22:12:09.0078 2144 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
22:12:09.0078 2144 C:\WINDOWS\system32\imagehlp.dll - ok
22:12:09.0078 2144 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
22:12:09.0078 2144 C:\WINDOWS\system32\imm32.dll - ok
22:12:09.0078 2144 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
22:12:09.0078 2144 C:\WINDOWS\system32\ws2help.dll - ok
22:12:09.0078 2144 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
22:12:09.0078 2144 C:\WINDOWS\system32\ws2_32.dll - ok
22:12:09.0093 2144 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
22:12:09.0093 2144 C:\WINDOWS\system32\kbdus.dll - ok
22:12:09.0093 2144 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
22:12:09.0093 2144 C:\WINDOWS\system32\msgina.dll - ok
22:12:09.0093 2144 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
22:12:09.0093 2144 C:\WINDOWS\system32\comctl32.dll - ok
22:12:09.0109 2144 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
22:12:09.0109 2144 C:\WINDOWS\system32\odbc32.dll - ok
22:12:09.0109 2144 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
22:12:09.0109 2144 C:\WINDOWS\system32\comdlg32.dll - ok
22:12:09.0109 2144 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
22:12:09.0109 2144 C:\WINDOWS\system32\shell32.dll - ok
22:12:09.0109 2144 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
22:12:09.0109 2144 C:\WINDOWS\system32\shlwapi.dll - ok
22:12:09.0125 2144 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
22:12:09.0125 2144 C:\WINDOWS\system32\sxs.dll - ok
22:12:09.0125 2144 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
22:12:09.0125 2144 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
22:12:09.0125 2144 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
22:12:09.0125 2144 C:\WINDOWS\system32\odbcint.dll - ok
22:12:09.0125 2144 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
22:12:09.0125 2144 C:\WINDOWS\system32\ole32.dll - ok
22:12:09.0140 2144 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
22:12:09.0140 2144 C:\WINDOWS\system32\sfc.dll - ok
22:12:09.0140 2144 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
22:12:09.0140 2144 C:\WINDOWS\system32\sfc_os.dll - ok
22:12:09.0140 2144 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
22:12:09.0140 2144 C:\WINDOWS\system32\shsvcs.dll - ok
22:12:09.0156 2144 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
22:12:09.0156 2144 C:\WINDOWS\system32\apphelp.dll - ok
22:12:09.0156 2144 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
22:12:09.0156 2144 C:\WINDOWS\system32\services.exe - ok
22:12:09.0156 2144 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
22:12:09.0156 2144 C:\WINDOWS\system32\lsasrv.dll - ok
22:12:09.0156 2144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
22:12:09.0156 2144 C:\WINDOWS\system32\lsass.exe - ok
22:12:09.0171 2144 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
22:12:09.0171 2144 C:\WINDOWS\system32\ncobjapi.dll - ok
22:12:09.0171 2144 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
22:12:09.0171 2144 C:\WINDOWS\system32\msvcp60.dll - ok
22:12:09.0171 2144 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
22:12:09.0171 2144 C:\WINDOWS\system32\scesrv.dll - ok
22:12:09.0187 2144 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
22:12:09.0187 2144 C:\WINDOWS\system32\dnsapi.dll - ok
22:12:09.0187 2144 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
22:12:09.0187 2144 C:\WINDOWS\system32\mpr.dll - ok
22:12:09.0187 2144 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
22:12:09.0187 2144 C:\WINDOWS\system32\ntdsapi.dll - ok
22:12:09.0187 2144 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
22:12:09.0187 2144 C:\WINDOWS\system32\umpnpmgr.dll - ok
22:12:09.0203 2144 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
22:12:09.0203 2144 C:\WINDOWS\AppPatch\acadproc.dll - ok
22:12:09.0203 2144 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
22:12:09.0203 2144 C:\WINDOWS\system32\shimeng.dll - ok
22:12:09.0203 2144 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
22:12:09.0203 2144 C:\WINDOWS\system32\wldap32.dll - ok
22:12:09.0203 2144 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
22:12:09.0203 2144 C:\WINDOWS\system32\samlib.dll - ok
22:12:09.0218 2144 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
22:12:09.0218 2144 C:\WINDOWS\system32\samsrv.dll - ok
22:12:09.0218 2144 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
22:12:09.0218 2144 C:\WINDOWS\AppPatch\acgenral.dll - ok
22:12:09.0218 2144 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
22:12:09.0218 2144 C:\WINDOWS\system32\cryptdll.dll - ok
22:12:09.0234 2144 [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
22:12:09.0234 2144 C:\WINDOWS\system32\oleaut32.dll - ok
22:12:09.0234 2144 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
22:12:09.0234 2144 C:\WINDOWS\system32\winmm.dll - ok
22:12:09.0234 2144 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
22:12:09.0234 2144 C:\WINDOWS\system32\msacm32.dll - ok
22:12:09.0234 2144 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
22:12:09.0234 2144 C:\WINDOWS\system32\uxtheme.dll - ok
22:12:09.0250 2144 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
22:12:09.0250 2144 C:\WINDOWS\system32\digest.dll - ok
22:12:09.0250 2144 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
22:12:09.0250 2144 C:\WINDOWS\system32\msapsspc.dll - ok
22:12:09.0250 2144 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
22:12:09.0250 2144 C:\WINDOWS\system32\msnsspc.dll - ok
22:12:09.0250 2144 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
22:12:09.0250 2144 C:\WINDOWS\system32\msvcrt40.dll - ok
22:12:09.0265 2144 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
22:12:09.0265 2144 C:\WINDOWS\system32\schannel.dll - ok
22:12:09.0265 2144 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
22:12:09.0265 2144 C:\WINDOWS\system32\kerberos.dll - ok
22:12:09.0265 2144 [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\system32\msctfime.ime
22:12:09.0265 2144 C:\WINDOWS\system32\msctfime.ime - ok
22:12:09.0281 2144 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
22:12:09.0281 2144 C:\WINDOWS\system32\msprivs.dll - ok
22:12:09.0281 2144 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
22:12:09.0281 2144 C:\WINDOWS\system32\msv1_0.dll - ok
22:12:09.0281 2144 [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
22:12:09.0281 2144 C:\WINDOWS\system32\atmfd.dll - ok
22:12:09.0281 2144 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
22:12:09.0281 2144 C:\WINDOWS\system32\iphlpapi.dll - ok
22:12:09.0296 2144 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
22:12:09.0296 2144 C:\WINDOWS\system32\netlogon.dll - ok
22:12:09.0296 2144 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
22:12:09.0296 2144 C:\WINDOWS\system32\rsaenh.dll - ok
22:12:09.0296 2144 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
22:12:09.0296 2144 C:\WINDOWS\system32\w32time.dll - ok
22:12:09.0296 2144 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
22:12:09.0296 2144 C:\WINDOWS\system32\wdigest.dll - ok
22:12:09.0312 2144 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
22:12:09.0312 2144 C:\WINDOWS\system32\winscard.dll - ok
22:12:09.0312 2144 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
22:12:09.0312 2144 C:\WINDOWS\system32\wtsapi32.dll - ok
22:12:09.0312 2144 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
22:12:09.0312 2144 C:\WINDOWS\system32\scecli.dll - ok
22:12:09.0328 2144 [ 4AF5F360BA1E8794D32B366E45A64A0A ] C:\WINDOWS\system32\drivers\aswFsBlk.sys
22:12:09.0328 2144 C:\WINDOWS\system32\drivers\aswFsBlk.sys - ok
22:12:09.0328 2144 [ 1F7094D4268D46F718C51286DC189791 ] C:\WINDOWS\system32\drivers\aswMonFlt.sys
22:12:09.0328 2144 C:\WINDOWS\system32\drivers\aswMonFlt.sys - ok
22:12:09.0328 2144 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
22:12:09.0328 2144 C:\WINDOWS\system32\svchost.exe - ok
22:12:09.0328 2144 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
22:12:09.0328 2144 C:\WINDOWS\system32\ntmarta.dll - ok
22:12:09.0343 2144 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
22:12:09.0343 2144 C:\WINDOWS\system32\rpcss.dll - ok
22:12:09.0343 2144 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
22:12:09.0343 2144 C:\WINDOWS\system32\xpsp2res.dll - ok
22:12:09.0343 2144 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
22:12:09.0343 2144 C:\WINDOWS\system32\eventlog.dll - ok
22:12:09.0343 2144 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
22:12:09.0343 2144 C:\WINDOWS\system32\hnetcfg.dll - ok
22:12:09.0359 2144 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
22:12:09.0359 2144 C:\WINDOWS\system32\mswsock.dll - ok
22:12:09.0359 2144 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
22:12:09.0359 2144 C:\WINDOWS\system32\winrnr.dll - ok
22:12:09.0359 2144 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
22:12:09.0359 2144 C:\WINDOWS\system32\wshtcpip.dll - ok
22:12:09.0375 2144 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
22:12:09.0375 2144 C:\WINDOWS\system32\rasadhlp.dll - ok
22:12:09.0375 2144 [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
22:12:09.0375 2144 C:\WINDOWS\system32\WudfSvc.dll - ok
22:12:09.0375 2144 [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
22:12:09.0375 2144 C:\WINDOWS\system32\WudfPlatform.dll - ok
22:12:09.0375 2144 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
22:12:09.0375 2144 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
22:12:09.0390 2144 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
22:12:09.0390 2144 C:\WINDOWS\system32\dhcpcsvc.dll - ok
22:12:09.0390 2144 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
22:12:09.0390 2144 C:\WINDOWS\system32\dnsrslvr.dll - ok
22:12:09.0390 2144 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
22:12:09.0390 2144 C:\WINDOWS\system32\lmhsvc.dll - ok
22:12:09.0390 2144 [ D4431E96FAF205ED47A509F127DAF6B2 ] C:\WINDOWS\system32\ZoneLabs\vsmon.exe
22:12:09.0390 2144 C:\WINDOWS\system32\ZoneLabs\vsmon.exe - ok
22:12:09.0406 2144 [ E83681CACADF74720EE84CC5E3A8FEE6 ] C:\WINDOWS\system32\vsutil.dll
22:12:09.0406 2144 C:\WINDOWS\system32\vsutil.dll - ok
22:12:09.0406 2144 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
22:12:09.0406 2144 C:\WINDOWS\system32\wsock32.dll - ok
22:12:09.0406 2144 [ 5796DE40E2B3596F0CB61F839F4B36B7 ] C:\WINDOWS\system32\vsinit.dll
22:12:09.0406 2144 C:\WINDOWS\system32\vsinit.dll - ok
22:12:09.0421 2144 [ BF05C2149863436A6E85576237A57F4C ] C:\WINDOWS\system32\zpeng24.dll
22:12:09.0421 2144 C:\WINDOWS\system32\zpeng24.dll - ok
22:12:09.0421 2144 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
22:12:09.0421 2144 C:\WINDOWS\system32\logonui.exe - ok
22:12:09.0421 2144 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
22:12:09.0421 2144 C:\WINDOWS\system32\cscdll.dll - ok
22:12:09.0421 2144 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
22:12:09.0421 2144 C:\WINDOWS\system32\dimsntfy.dll - ok
22:12:09.0437 2144 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
22:12:09.0437 2144 C:\WINDOWS\system32\winspool.drv - ok
22:12:09.0437 2144 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
22:12:09.0437 2144 C:\WINDOWS\system32\wlnotify.dll - ok
22:12:09.0437 2144 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
22:12:09.0437 2144 C:\WINDOWS\system32\duser.dll - ok
22:12:09.0437 2144 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
22:12:09.0437 2144 C:\WINDOWS\system32\msimg32.dll - ok
22:12:09.0453 2144 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
22:12:09.0453 2144 C:\WINDOWS\system32\oleacc.dll - ok
22:12:09.0453 2144 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
22:12:09.0453 2144 C:\WINDOWS\system32\clbcatq.dll - ok
22:12:09.0453 2144 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
22:12:09.0453 2144 C:\WINDOWS\system32\comres.dll - ok
22:12:09.0468 2144 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
22:12:09.0468 2144 C:\WINDOWS\system32\shgina.dll - ok
22:12:09.0468 2144 [ 3B5F0BF4125688A531FA21C823EA6193 ] C:\WINDOWS\system32\ZoneLabs\dbghelp.dll
22:12:09.0468 2144 C:\WINDOWS\system32\ZoneLabs\dbghelp.dll - ok
22:12:09.0468 2144 [ 1454231A818E8582286456AB46EAEF07 ] C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard.zip.dll
22:12:09.0468 2144 C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard.zip.dll - ok
22:12:09.0468 2144 [ 28102EE04FD29B2704201C6D72A11DA1 ] C:\WINDOWS\system32\ZoneLabs\lib\licenseui.zip.dll
22:12:09.0468 2144 C:\WINDOWS\system32\ZoneLabs\lib\licenseui.zip.dll - ok
22:12:09.0484 2144 [ 831DC3D498230FB8F01A06348C5B57CB ] C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll
22:12:09.0484 2144 C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll - ok
22:12:09.0484 2144 [ 962ED88A4F96CBA2FCD8F819796A79D8 ] C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll
22:12:09.0484 2144 C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll - ok
22:12:09.0484 2144 [ 07F834DC6F474D85151F35048521FC78 ] C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll
22:12:09.0484 2144 C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll - ok
22:12:09.0484 2144 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
22:12:09.0484 2144 C:\WINDOWS\system32\cscui.dll - ok
22:12:09.0500 2144 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
22:12:09.0500 2144 C:\WINDOWS\system32\powrprof.dll - ok
22:12:09.0500 2144 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
22:12:09.0500 2144 C:\WINDOWS\system32\dpcdll.dll - ok
22:12:09.0500 2144 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
22:12:09.0500 2144 C:\WINDOWS\system32\userinit.exe - ok
22:12:09.0515 2144 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
22:12:09.0515 2144 C:\WINDOWS\explorer.exe - ok
22:12:09.0515 2144 [ B195F61C435F77B24F77CBF472EA55ED ] C:\WINDOWS\system32\ZoneLabs\lib\pyd\signedDll.pyd
22:12:09.0515 2144 C:\WINDOWS\system32\ZoneLabs\lib\pyd\signedDll.pyd - ok
22:12:09.0515 2144 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
22:12:09.0515 2144 C:\WINDOWS\system32\browseui.dll - ok
22:12:09.0515 2144 [ DB844FB72BB15D30981B21B7337ECC20 ] C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyvsinit.pyd
22:12:09.0515 2144 C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyvsinit.pyd - ok
22:12:09.0531 2144 [ 65280C89C68C6834C08B99250CF79576 ] C:\WINDOWS\system32\shdocvw.dll
22:12:09.0531 2144 C:\WINDOWS\system32\shdocvw.dll - ok
22:12:09.0531 2144 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
22:12:09.0531 2144 C:\WINDOWS\system32\cryptui.dll - ok
22:12:09.0531 2144 [ CE5BA470204A3176E60721C4B63B8DF3 ] C:\WINDOWS\system32\wininet.dll
22:12:09.0531 2144 C:\WINDOWS\system32\wininet.dll - ok
22:12:09.0531 2144 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
22:12:09.0531 2144 C:\WINDOWS\system32\normaliz.dll - ok
22:12:09.0546 2144 [ F2ED64D23C94ACF512A81142F3431F4C ] C:\WINDOWS\system32\urlmon.dll
22:12:09.0546 2144 C:\WINDOWS\system32\urlmon.dll - ok
22:12:09.0546 2144 [ B6C20E3BDE6D4E7BA7C3C9D91A653C6E ] C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyexpat.pyd
22:12:09.0546 2144 C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyexpat.pyd - ok
22:12:09.0546 2144 [ F81E2C10BD6C4BE3B9A242018CEF7A98 ] C:\WINDOWS\system32\iertutil.dll
22:12:09.0546 2144 C:\WINDOWS\system32\iertutil.dll - ok
22:12:09.0562 2144 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
22:12:09.0562 2144 C:\WINDOWS\system32\riched20.dll - ok
22:12:09.0562 2144 [ 10F7CD4FD3B6792DD7D19C7991EC7E56 ] C:\WINDOWS\system32\ZoneLabs\lib\pyd\_socket.pyd
22:12:09.0562 2144 C:\WINDOWS\system32\ZoneLabs\lib\pyd\_socket.pyd - ok
22:12:09.0562 2144 [ CD89FA96371429B0BEE893B156DB8932 ] C:\Program Files\AVAST Software\Avast\ashShell.dll
22:12:09.0562 2144 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
22:12:09.0562 2144 [ 920B4D089E02FB4A3F8ADA8B4BEF9B26 ] C:\PROGRA~1\AVASTS~1\Avast\1033\Base.dll
22:12:09.0562 2144 C:\PROGRA~1\AVASTS~1\Avast\1033\Base.dll - ok
22:12:09.0578 2144 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
22:12:09.0578 2144 C:\WINDOWS\system32\msi.dll - ok
22:12:09.0578 2144 [ AB034C9D6F82921E9138A7D0E8707D41 ] C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll
22:12:09.0578 2144 C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll - ok
22:12:09.0578 2144 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
22:12:09.0578 2144 C:\WINDOWS\system32\desk.cpl - ok
22:12:09.0578 2144 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
22:12:09.0593 2144 C:\WINDOWS\system32\themeui.dll - ok
22:12:09.0593 2144 [ DCC4F89E64C6B5D63B675DE071D96BA0 ] C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll
22:12:09.0593 2144 C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll - ok
22:12:09.0593 2144 [ 0FD2681B2EDB3787EE9B6A732B08CA07 ] C:\WINDOWS\system32\ZoneLabs\vsmondll.dll
22:12:09.0593 2144 C:\WINDOWS\system32\ZoneLabs\vsmondll.dll - ok
22:12:09.0593 2144 [ 1756D80FBEC8375FCAEFD36E4A166A77 ] C:\WINDOWS\system32\vsdata.dll
22:12:09.0593 2144 C:\WINDOWS\system32\vsdata.dll - ok
22:12:09.0609 2144 [ 9267AB9FA31E5472B5DFBE835A06B831 ] C:\WINDOWS\system32\ZoneLabs\ssleay32.dll
22:12:09.0609 2144 C:\WINDOWS\system32\ZoneLabs\ssleay32.dll - ok
22:12:09.0609 2144 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
22:12:09.0609 2144 C:\WINDOWS\system32\wzcsvc.dll - ok
22:12:09.0609 2144 [ 278677751E0B1E5604E47CA9DA451B22 ] C:\WINDOWS\system32\vsxml.dll
22:12:09.0609 2144 C:\WINDOWS\system32\vsxml.dll - ok
22:12:09.0609 2144 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
22:12:09.0609 2144 C:\WINDOWS\system32\rtutils.dll - ok
22:12:09.0625 2144 [ E1FD5D265EA5EA10D0C976D12C83EE14 ] C:\WINDOWS\system32\ZoneLabs\fbl.dll
22:12:09.0625 2144 C:\WINDOWS\system32\ZoneLabs\fbl.dll - ok
22:12:09.0625 2144 [ D228536556DCC6C927A1D872EDA48BC9 ] C:\WINDOWS\system32\ZoneLabs\featuremap.dll
22:12:09.0625 2144 C:\WINDOWS\system32\ZoneLabs\featuremap.dll - ok
22:12:09.0625 2144 [ 7ECC57621C1F57DAB728457CBC9D3DE9 ] C:\WINDOWS\system32\zlcomm.dll
22:12:09.0625 2144 C:\WINDOWS\system32\zlcomm.dll - ok
22:12:09.0640 2144 [ 2975C66459C426C20BC22D639DF6B611 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
22:12:09.0640 2144 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
22:12:09.0640 2144 [ 4E68C1D5AC6614BA6627364A17E17A74 ] C:\WINDOWS\system32\zlcommdb.dll
22:12:09.0640 2144 C:\WINDOWS\system32\zlcommdb.dll - ok
22:12:09.0640 2144 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
22:12:09.0640 2144 C:\WINDOWS\system32\wmi.dll - ok
22:12:09.0640 2144 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
22:12:09.0640 2144 C:\WINDOWS\system32\eapolqec.dll - ok
22:12:09.0656 2144 [ 8646FF9C3C9E691C20F181C7496E7398 ] C:\WINDOWS\system32\ZoneLabs\vsdb.dll
22:12:09.0656 2144 C:\WINDOWS\system32\ZoneLabs\vsdb.dll - ok
22:12:09.0656 2144 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
22:12:09.0656 2144 C:\WINDOWS\system32\atl.dll - ok
22:12:09.0656 2144 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
22:12:09.0656 2144 C:\WINDOWS\system32\qutil.dll - ok
22:12:09.0656 2144 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
22:12:09.0656 2144 C:\WINDOWS\system32\cmd.exe - ok
22:12:09.0671 2144 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
22:12:09.0671 2144 C:\WINDOWS\system32\dot3api.dll - ok
22:12:09.0671 2144 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
22:12:09.0671 2144 C:\WINDOWS\system32\esent.dll - ok
22:12:09.0671 2144 [ 4E98097C6DAF780D145FB702C6EA625F ] C:\WINDOWS\system32\ieframe.dll
22:12:09.0671 2144 C:\WINDOWS\system32\ieframe.dll - ok
22:12:09.0687 2144 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
22:12:09.0687 2144 C:\WINDOWS\system32\rastls.dll - ok
22:12:09.0687 2144 [ 8DCBB27289A954439C64171B5878A8D1 ] C:\WINDOWS\system32\ZoneLabs\vsruledb.dll
22:12:09.0687 2144 C:\WINDOWS\system32\ZoneLabs\vsruledb.dll - ok
22:12:09.0687 2144 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
22:12:09.0687 2144 C:\WINDOWS\system32\activeds.dll - ok
22:12:09.0703 2144 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
22:12:09.0703 2144 C:\WINDOWS\system32\adsldpc.dll - ok
22:12:09.0703 2144 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
22:12:09.0703 2144 C:\WINDOWS\system32\mprapi.dll - ok
22:12:09.0703 2144 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
22:12:09.0703 2144 C:\WINDOWS\system32\rasapi32.dll - ok
22:12:09.0703 2144 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
22:12:09.0703 2144 C:\WINDOWS\system32\rasman.dll - ok
22:12:09.0718 2144 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
22:12:09.0718 2144 C:\WINDOWS\system32\tapi32.dll - ok
22:12:09.0718 2144 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
22:12:09.0718 2144 C:\WINDOWS\system32\raschap.dll - ok
22:12:09.0718 2144 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
22:12:09.0718 2144 C:\WINDOWS\system32\netman.dll - ok
22:12:09.0718 2144 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
22:12:09.0718 2144 C:\WINDOWS\system32\netshell.dll - ok
22:12:09.0734 2144 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
22:12:09.0734 2144 C:\WINDOWS\system32\credui.dll - ok
22:12:09.0734 2144 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
22:12:09.0734 2144 C:\WINDOWS\system32\dot3dlg.dll - ok
22:12:09.0734 2144 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
22:12:09.0734 2144 C:\WINDOWS\system32\eappcfg.dll - ok
22:12:09.0734 2144 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
22:12:09.0734 2144 C:\WINDOWS\system32\eappprxy.dll - ok
22:12:09.0750 2144 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
22:12:09.0750 2144 C:\WINDOWS\system32\onex.dll - ok
22:12:09.0750 2144 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
22:12:09.0750 2144 C:\WINDOWS\system32\wzcsapi.dll - ok
22:12:09.0750 2144 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
22:12:09.0750 2144 C:\WINDOWS\system32\cryptnet.dll - ok
22:12:09.0765 2144 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
22:12:09.0765 2144 C:\WINDOWS\system32\sensapi.dll - ok
22:12:09.0765 2144 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
22:12:09.0765 2144 C:\WINDOWS\system32\winhttp.dll - ok
22:12:09.0765 2144 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
22:12:09.0765 2144 C:\WINDOWS\system32\cabinet.dll - ok
22:12:09.0765 2144 [ 5C1E88F3882A1ED453F77EFC02C152A4 ] C:\WINDOWS\system32\ZoneLabs\vsvault.dll
22:12:09.0765 2144 C:\WINDOWS\system32\ZoneLabs\vsvault.dll - ok
22:12:09.0781 2144 [ 8BE87C0E4CBAB266912845D8DC8875C7 ] C:\WINDOWS\system32\vswmi.dll
22:12:09.0781 2144 C:\WINDOWS\system32\vswmi.dll - ok
22:12:09.0781 2144 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
22:12:09.0781 2144 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
22:12:09.0781 2144 [ C10E90953773FC7A504FE0D1DC7C41B7 ] C:\WINDOWS\system32\ZoneLabs\av.dll
22:12:09.0781 2144 C:\WINDOWS\system32\ZoneLabs\av.dll - ok
22:12:09.0781 2144 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
22:12:09.0781 2144 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
22:12:09.0796 2144 [ 46846B3796B0D7D9FEC2CEF7E90BA227 ] C:\WINDOWS\system32\ZoneLabs\imsecure.dll
22:12:09.0796 2144 C:\WINDOWS\system32\ZoneLabs\imsecure.dll - ok
22:12:09.0796 2144 [ 7554E2332324B28E8F27ADA4CA4AAD68 ] C:\WINDOWS\system32\ZoneLabs\qrbase.dll
22:12:09.0796 2144 C:\WINDOWS\system32\ZoneLabs\qrbase.dll - ok
22:12:09.0796 2144 [ 77FF2EDA52ECDD52C3E05428B7644845 ] C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll
22:12:09.0796 2144 C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll - ok
22:12:09.0812 2144 [ AB294662DCB9998C46B01539F98119F0 ] C:\WINDOWS\system32\ZoneLabs\scheduler.dll
22:12:09.0812 2144 C:\WINDOWS\system32\ZoneLabs\scheduler.dll - ok
22:12:09.0812 2144 [ D710E153BAA4507F40786244399B59BE ] C:\WINDOWS\system32\ZoneLabs\zlsre.dll
22:12:09.0812 2144 C:\WINDOWS\system32\ZoneLabs\zlsre.dll - ok
22:12:09.0812 2144 [ 218A902781080F74B014F37161D846D4 ] C:\WINDOWS\system32\ZoneLabs\srescan.dll
22:12:09.0812 2144 C:\WINDOWS\system32\ZoneLabs\srescan.dll - ok
22:12:09.0812 2144 [ 54EAFCE3C83203B1855C3F099193F1B6 ] C:\WINDOWS\system32\ZoneLabs\zlupdate.dll
22:12:09.0812 2144 C:\WINDOWS\system32\ZoneLabs\zlupdate.dll - ok
22:12:09.0828 2144 [ A9CFFADF6BC51536C8EFAAE667F0DC4F ] C:\WINDOWS\system32\libeay32_0.9.6l.dll
22:12:09.0828 2144 C:\WINDOWS\system32\libeay32_0.9.6l.dll - ok
22:12:09.0828 2144 [ 4B90F94C1BCA4EA3784CDCB121DBF7DD ] C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll
22:12:09.0828 2144 C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll - ok
22:12:09.0828 2144 [ D7E3EC4A7329C93D877FFFB0913C3DEB ] C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll
22:12:09.0828 2144 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll - ok
22:12:09.0828 2144 [ 7C57C9A44B14B9CBC83C1F200AEF3588 ] C:\WINDOWS\system32\ZoneLabs\camupd.dll
22:12:09.0828 2144 C:\WINDOWS\system32\ZoneLabs\camupd.dll - ok
22:12:09.0843 2144 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:12:09.0843 2144 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
22:12:09.0843 2144 [ 54AE15322C30814FC23FC26907A563B3 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
22:12:09.0843 2144 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
22:12:09.0843 2144 [ 40F2889475EDC401F98FD7938F0BBF66 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
22:12:09.0843 2144 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
22:12:09.0859 2144 [ 1F9319EA6D87522C70271A55AC3BE365 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
22:12:09.0859 2144 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
22:12:09.0859 2144 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
22:12:09.0859 2144 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
22:12:09.0859 2144 [ 0C70F8F5CC8359AC633724BECF6ABAF3 ] C:\Program Files\AVAST Software\Avast\ashBase.dll
22:12:09.0859 2144 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
22:12:09.0859 2144 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
22:12:09.0859 2144 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
22:12:09.0875 2144 [ F79B2469046122E24450FB66AE580C83 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
22:12:09.0875 2144 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
22:12:09.0875 2144 [ C86121BF74BB07FC99DB9DB0ED1B49FF ] C:\Program Files\AVAST Software\Avast\avBugReport.exe
22:12:09.0875 2144 C:\Program Files\AVAST Software\Avast\avBugReport.exe - ok
22:12:09.0875 2144 [ 5C5E3AFD499E5146FEF1DA5EF8A23205 ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
22:12:09.0875 2144 C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
22:12:09.0890 2144 [ D068312FEC645A9D7C1398808734B142 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
22:12:09.0890 2144 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
22:12:09.0890 2144 [ 64BF5CD9B9D7BD391CBC9EDE847A2902 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
22:12:09.0890 2144 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
22:12:09.0890 2144 [ DA8B8A95780F406EBB213C1C5D4C0D90 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
22:12:09.0890 2144 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
22:12:09.0890 2144 [ D873AF6112E377CDBCBF3055B86C30A9 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
22:12:09.0890 2144 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
22:12:09.0906 2144 [ 69B9DD83535C421F229227B0B303082A ] C:\Program Files\AVAST Software\Avast\ashTask.dll
22:12:09.0906 2144 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
22:12:09.0906 2144 [ 91F1D56F6DC6B2AEC45369765787B64D ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
22:12:09.0906 2144 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
22:12:09.0906 2144 [ 1919B2A6BB69BD206A4F0C20FBA5E4B6 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
22:12:09.0906 2144 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
22:12:09.0921 2144 [ B3B4DDCD7263993FA3C42573066A16BE ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
22:12:09.0921 2144 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
22:12:09.0921 2144 [ 7D289D7E6253BC998F51CAADB54C5192 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
22:12:09.0921 2144 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
22:12:09.0921 2144 [ E43B269964099D96DDDAAED0E57F109E ] C:\Program Files\AVAST Software\Avast\avastIP.dll
22:12:09.0921 2144 C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
22:12:09.0921 2144 [ BB2BE07A396B5B22AC56787FACF8D86F ] C:\Program Files\AVAST Software\Avast\aswDld.dll
22:12:09.0921 2144 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
22:12:09.0937 2144 [ 79B5BAEC23456D3F7EC10FC8374DA2CC ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
22:12:09.0937 2144 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
22:12:09.0937 2144 [ 52D0FE133CBE687ED4E83FBDA70EBC9C ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
22:12:09.0937 2144 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
22:12:09.0937 2144 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
22:12:09.0937 2144 C:\WINDOWS\system32\schedsvc.dll - ok
22:12:09.0937 2144 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
22:12:09.0937 2144 C:\WINDOWS\system32\msidle.dll - ok
22:12:09.0953 2144 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
22:12:09.0953 2144 C:\WINDOWS\system32\spoolsv.exe - ok
22:12:09.0953 2144 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
22:12:09.0953 2144 C:\WINDOWS\system32\audiosrv.dll - ok
22:12:09.0953 2144 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
22:12:09.0953 2144 C:\WINDOWS\system32\wkssvc.dll - ok
22:12:09.0968 2144 [ FFB29C0781040CE862B79EFE21B3ECF0 ] C:\Program Files\AVAST Software\Avast\defs\13061601\aswEngin.dll
22:12:09.0968 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\aswEngin.dll - ok
22:12:09.0968 2144 [ 5C8ED4086C01DFB7794A70F4E632BDBF ] C:\Program Files\AVAST Software\Avast\defs\13061601\aswCmnIS.dll
22:12:09.0968 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\aswCmnIS.dll - ok
22:12:09.0968 2144 [ 40D0BB31817312CD0169C47BDDFA65C2 ] C:\Program Files\AVAST Software\Avast\defs\13061601\aswCmnOS.dll
22:12:09.0968 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\aswCmnOS.dll - ok
22:12:09.0968 2144 [ 90B7D9022FE8EDDDDEC348A29BF99EF8 ] C:\Program Files\AVAST Software\Avast\defs\13061601\aswCmnBS.dll
22:12:09.0968 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\aswCmnBS.dll - ok
22:12:09.0984 2144 [ 0F167FBAF67B8472B128FC0C621B6FE1 ] C:\Program Files\AVAST Software\Avast\defs\13061601\aswScan.dll
22:12:09.0984 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\aswScan.dll - ok
22:12:09.0984 2144 [ 32ED62D8C410117E09B0B7CA44FC4456 ] C:\Program Files\AVAST Software\Avast\defs\13061601\aswRep.dll
22:12:09.0984 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\aswRep.dll - ok
22:12:09.0984 2144 [ 2399F8068E969D9C25A05B6F779A790A ] C:\Program Files\AVAST Software\Avast\defs\13061601\aswFiDb.dll
22:12:09.0984 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\aswFiDb.dll - ok
22:12:09.0984 2144 [ 70E707B7A64B5DCEB366C41D8D86C69F ] C:\Program Files\AVAST Software\Avast\defs\13061601\algo.dll
22:12:09.0984 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\algo.dll - ok
22:12:10.0000 2144 [ C1DD6288ABA16EECBA39C3299C4040FE ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
22:12:10.0000 2144 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
22:12:10.0000 2144 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
22:12:10.0000 2144 C:\WINDOWS\system32\wdmaud.drv - ok
22:12:10.0000 2144 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
22:12:10.0000 2144 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
22:12:10.0015 2144 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
22:12:10.0015 2144 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
22:12:10.0015 2144 [ B04ABC47319CB3C808A3A5525F2F3F2F ] C:\Program Files\real\RealUpgrade\realupgrade.exe
22:12:10.0015 2144 C:\Program Files\real\RealUpgrade\realupgrade.exe - ok
22:12:10.0015 2144 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
22:12:10.0015 2144 C:\WINDOWS\system32\drivers\splitter.sys - ok
22:12:10.0015 2144 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
22:12:10.0015 2144 C:\WINDOWS\system32\drivers\aec.sys - ok
22:12:10.0031 2144 [ D1C8ADF4140E20B9D575A7763F2902AD ] C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
22:12:10.0031 2144 C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe - ok
22:12:10.0031 2144 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe
22:12:10.0031 2144 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
22:12:10.0031 2144 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
22:12:10.0031 2144 C:\WINDOWS\system32\drivers\swmidi.sys - ok
22:12:10.0031 2144 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\system32\msvcr100.dll
22:12:10.0031 2144 C:\WINDOWS\system32\msvcr100.dll - ok
22:12:10.0046 2144 [ 5CE2C1433B9B634591F0A1C4C1203A0B ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
22:12:10.0046 2144 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
22:12:10.0046 2144 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
22:12:10.0046 2144 C:\WINDOWS\system32\drivers\dmusic.sys - ok
22:12:10.0046 2144 [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files\Google\Update\1.3.21.145\goopdate.dll
22:12:10.0046 2144 C:\Program Files\Google\Update\1.3.21.145\goopdate.dll - ok
22:12:10.0062 2144 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
22:12:10.0062 2144 C:\WINDOWS\system32\drivers\kmixer.sys - ok
22:12:10.0062 2144 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
22:12:10.0062 2144 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
22:12:10.0062 2144 [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\system32\msvcp100.dll
22:12:10.0062 2144 C:\WINDOWS\system32\msvcp100.dll - ok
22:12:10.0062 2144 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
22:12:10.0062 2144 C:\WINDOWS\system32\msacm32.drv - ok
22:12:10.0078 2144 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
22:12:10.0078 2144 C:\WINDOWS\system32\midimap.dll - ok
22:12:10.0078 2144 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
22:12:10.0078 2144 C:\WINDOWS\system32\dbghelp.dll - ok
22:12:10.0078 2144 [ 9930863F3FDD34690A4BA44FE590E00A ] C:\Program Files\RealNetworks\RealDownloader\Common\hxmedpltfm.dll
22:12:10.0078 2144 C:\Program Files\RealNetworks\RealDownloader\Common\hxmedpltfm.dll - ok
22:12:10.0078 2144 [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
22:12:10.0078 2144 C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
22:12:10.0093 2144 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
22:12:10.0093 2144 C:\WINDOWS\system32\mstask.dll - ok
22:12:10.0093 2144 [ 6A9F5001D8ABC421F05E0344DFFA547E ] C:\Program Files\RealNetworks\RealDownloader\RCAPlugins\upgrade.dll
22:12:10.0093 2144 C:\Program Files\RealNetworks\RealDownloader\RCAPlugins\upgrade.dll - ok
22:12:10.0093 2144 [ CE7BE19BC7C695776607044E22DFC0C1 ] C:\Program Files\RealNetworks\RealDownloader\RCAPlugins\rpsharedcomponents.dll
22:12:10.0093 2144 C:\Program Files\RealNetworks\RealDownloader\RCAPlugins\rpsharedcomponents.dll - ok
22:12:10.0109 2144 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
22:12:10.0109 2144 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
22:12:10.0109 2144 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
22:12:10.0109 2144 C:\WINDOWS\system32\fltlib.dll - ok
22:12:10.0109 2144 [ E385B9E07B08C3F686B45D52C9F5A9B9 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
22:12:10.0109 2144 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
22:12:10.0109 2144 [ E28034BDEDD48E44C889FF40C462005D ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
22:12:10.0109 2144 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
22:12:10.0125 2144 [ B20C06BDE50900C33CEE861E5B288ABF ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
22:12:10.0125 2144 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
22:12:10.0125 2144 [ DAC5B3F300E08EFA9782F6DD0E4A9FDA ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
22:12:10.0125 2144 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
22:12:10.0125 2144 [ 5B07E1B2414CE6A7F8942493F194B697 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
22:12:10.0125 2144 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
22:12:10.0140 2144 [ F9AA8285BE0CCB3BDD77549DFC817423 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
22:12:10.0140 2144 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
22:12:10.0140 2144 [ 90622E62EABD12FFEACEF083E765707C ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
22:12:10.0140 2144 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
22:12:10.0140 2144 [ B7F721185071CF20CAB25CC2869BE0C2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
22:12:10.0140 2144 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
22:12:10.0140 2144 [ 9EEFE69139FDBB4A3C327630F8EB993A ] C:\WINDOWS\system32\wlanapi.dll
22:12:10.0140 2144 C:\WINDOWS\system32\wlanapi.dll - ok
22:12:10.0156 2144 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
22:12:10.0156 2144 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
22:12:10.0156 2144 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
22:12:10.0156 2144 C:\WINDOWS\system32\webclnt.dll - ok
22:12:10.0156 2144 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
22:12:10.0156 2144 C:\WINDOWS\system32\drivers\parvdm.sys - ok
22:12:10.0171 2144 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:12:10.0171 2144 C:\Program Files\SUPERAntiSpyware\SASCORE.EXE - ok
22:12:10.0171 2144 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
22:12:10.0171 2144 C:\WINDOWS\system32\cryptsvc.dll - ok
22:12:10.0171 2144 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] C:\WINDOWS\ehome\ehrecvr.exe
22:12:10.0171 2144 C:\WINDOWS\ehome\ehrecvr.exe - ok
22:12:10.0171 2144 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
22:12:10.0171 2144 C:\WINDOWS\system32\certcli.dll - ok
22:12:10.0187 2144 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
22:12:10.0187 2144 C:\WINDOWS\system32\dmserver.dll - ok
22:12:10.0187 2144 [ 6D280BC969218AE4A72180F907C32913 ] C:\WINDOWS\ehome\ehTrace.dll
22:12:10.0187 2144 C:\WINDOWS\ehome\ehTrace.dll - ok
22:12:10.0187 2144 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
22:12:10.0187 2144 C:\WINDOWS\system32\faultrep.dll - ok
22:12:10.0187 2144 [ A53243709439AC2A4C216B817F8D7411 ] C:\WINDOWS\ehome\ehSched.exe
22:12:10.0187 2144 C:\WINDOWS\ehome\ehSched.exe - ok
22:12:10.0203 2144 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
22:12:10.0203 2144 C:\WINDOWS\system32\ersvc.dll - ok
22:12:10.0203 2144 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
22:12:10.0203 2144 C:\WINDOWS\system32\es.dll - ok
22:12:10.0203 2144 [ 008DF0C9D81BD814480DD9C052893E8C ] C:\WINDOWS\ehome\ehRec.exe
22:12:10.0203 2144 C:\WINDOWS\ehome\ehRec.exe - ok
22:12:10.0218 2144 [ 926AFC4848FF3297BB264333BF51E21F ] C:\WINDOWS\system32\sbe.dll
22:12:10.0218 2144 C:\WINDOWS\system32\sbe.dll - ok
22:12:10.0218 2144 [ E325BCDBB6DED6C89F679B8AE89E975C ] C:\WINDOWS\system32\msvidctl.dll
22:12:10.0218 2144 C:\WINDOWS\system32\msvidctl.dll - ok
22:12:10.0218 2144 [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
22:12:10.0218 2144 C:\WINDOWS\system32\mscoree.dll - ok
22:12:10.0218 2144 [ BF107ACF2CDD552AABE14E8C3E62E3FC ] C:\WINDOWS\system32\quartz.dll
22:12:10.0218 2144 C:\WINDOWS\system32\quartz.dll - ok
22:12:10.0234 2144 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
22:12:10.0234 2144 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
22:12:10.0234 2144 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
22:12:10.0234 2144 C:\WINDOWS\system32\drivers\http.sys - ok
22:12:10.0234 2144 [ D8CDD29F05F2545D72F714089AEC6FD8 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
22:12:10.0234 2144 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll - ok
22:12:10.0234 2144 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
22:12:10.0234 2144 C:\WINDOWS\system32\w3ssl.dll - ok
22:12:10.0250 2144 [ 5739F2821D49975CEDE6BF0153D0CF01 ] C:\Program Files\Java\jre7\bin\jqs.exe
22:12:10.0250 2144 C:\Program Files\Java\jre7\bin\jqs.exe - ok
22:12:10.0250 2144 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
22:12:10.0250 2144 C:\WINDOWS\system32\strmfilt.dll - ok
22:12:10.0250 2144 [ AA5E22854F56C68148EB3345DBD62970 ] C:\WINDOWS\system32\devenum.dll
22:12:10.0250 2144 C:\WINDOWS\system32\devenum.dll - ok
22:12:10.0250 2144 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
22:12:10.0250 2144 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll - ok
22:12:10.0265 2144 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
22:12:10.0265 2144 C:\WINDOWS\system32\httpapi.dll - ok
22:12:10.0265 2144 [ D25C03D04159D462D69F294BA7142BDB ] C:\WINDOWS\system32\msdmo.dll
22:12:10.0265 2144 C:\WINDOWS\system32\msdmo.dll - ok
22:12:10.0265 2144 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
22:12:10.0265 2144 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
22:12:10.0281 2144 [ 7C87A5FB95777E4132B11FC3D92CAAF5 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
22:12:10.0281 2144 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll - ok
22:12:10.0281 2144 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
22:12:10.0281 2144 C:\WINDOWS\system32\pdh.dll - ok
22:12:10.0281 2144 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
22:12:10.0281 2144 C:\WINDOWS\system32\odbcbcp.dll - ok
22:12:10.0281 2144 [ C0A447BCA69D9661D1EF7EDF4C700FE3 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
22:12:10.0281 2144 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - ok
22:12:10.0296 2144 [ 3C318B9CD391371BED62126581EE9961 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
22:12:10.0296 2144 C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
22:12:10.0296 2144 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
22:12:10.0296 2144 C:\WINDOWS\system32\srvsvc.dll - ok
22:12:10.0296 2144 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
22:12:10.0296 2144 C:\WINDOWS\system32\ipsecsvc.dll - ok
22:12:10.0312 2144 [ 33D7285F12D934268A34206DFC4AD1B3 ] C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
22:12:10.0312 2144 C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS - ok
22:12:10.0312 2144 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
22:12:10.0312 2144 C:\WINDOWS\system32\oakley.dll - ok
22:12:10.0312 2144 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
22:12:10.0312 2144 C:\WINDOWS\system32\netmsg.dll - ok
22:12:10.0312 2144 [ 89525CC2DBAD44F7199B9CC188B3F9C5 ] C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
22:12:10.0312 2144 C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe - ok
22:12:10.0328 2144 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
22:12:10.0328 2144 C:\WINDOWS\system32\winipsec.dll - ok
22:12:10.0328 2144 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
22:12:10.0328 2144 C:\WINDOWS\system32\seclogon.dll - ok
22:12:10.0328 2144 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
22:12:10.0328 2144 C:\WINDOWS\system32\drivers\srv.sys - ok
22:12:10.0328 2144 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
22:12:10.0328 2144 C:\WINDOWS\system32\regsvc.dll - ok
22:12:10.0343 2144 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
22:12:10.0343 2144 C:\WINDOWS\system32\pstorsvc.dll - ok
22:12:10.0343 2144 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
22:12:10.0343 2144 C:\WINDOWS\system32\sens.dll - ok
22:12:10.0343 2144 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
22:12:10.0343 2144 C:\WINDOWS\system32\perfos.dll - ok
22:12:10.0359 2144 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
22:12:10.0359 2144 C:\WINDOWS\system32\psbase.dll - ok
22:12:10.0359 2144 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
22:12:10.0359 2144 C:\WINDOWS\system32\srsvc.dll - ok
22:12:10.0359 2144 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
22:12:10.0359 2144 C:\WINDOWS\system32\ssdpsrv.dll - ok
22:12:10.0359 2144 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
22:12:10.0359 2144 C:\WINDOWS\system32\perfdisk.dll - ok
22:12:10.0375 2144 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
22:12:10.0375 2144 C:\WINDOWS\system32\trkwks.dll - ok
22:12:10.0375 2144 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
22:12:10.0375 2144 C:\WINDOWS\system32\wiaservc.dll - ok
22:12:10.0375 2144 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
22:12:10.0375 2144 C:\WINDOWS\system32\dssenh.dll - ok
22:12:10.0375 2144 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
22:12:10.0375 2144 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
22:12:10.0390 2144 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
22:12:10.0390 2144 C:\WINDOWS\system32\cfgmgr32.dll - ok
22:12:10.0390 2144 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
22:12:10.0390 2144 C:\WINDOWS\system32\vssapi.dll - ok
22:12:10.0390 2144 [ 5671FD1506E2E60D6E170723D84B0CFF ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_eb09006d\mscorlib.dll
22:12:10.0390 2144 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_eb09006d\mscorlib.dll - ok
22:12:10.0406 2144 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
22:12:10.0406 2144 C:\WINDOWS\system32\spoolss.dll - ok
22:12:10.0406 2144 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
22:12:10.0406 2144 C:\WINDOWS\system32\mscms.dll - ok
22:12:10.0406 2144 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
22:12:10.0406 2144 C:\WINDOWS\system32\localspl.dll - ok
22:12:10.0406 2144 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
22:12:10.0406 2144 C:\WINDOWS\system32\wuauserv.dll - ok
22:12:10.0421 2144 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
22:12:10.0421 2144 C:\WINDOWS\system32\cnbjmon.dll - ok
22:12:10.0421 2144 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
22:12:10.0421 2144 C:\WINDOWS\system32\wuaueng.dll - ok
22:12:10.0421 2144 [ 86C5AAC31EA7909121327701045F74BD ] C:\WINDOWS\system32\IMGMAN32.DLL
22:12:10.0421 2144 C:\WINDOWS\system32\IMGMAN32.DLL - ok
22:12:10.0421 2144 [ 39BC644833A55CDF9FA6CC691251FB14 ] C:\WINDOWS\system32\LXDKPMON.DLL
22:12:10.0421 2144 C:\WINDOWS\system32\LXDKPMON.DLL - ok
22:12:10.0437 2144 [ 9F22E3CE1639917EB07DCC730CD0D410 ] C:\WINDOWS\system32\IM31IMG.DIL
22:12:10.0437 2144 C:\WINDOWS\system32\IM31IMG.DIL - ok
22:12:10.0437 2144 [ 79F4250E099096C25797F1BAD35921FE ] C:\WINDOWS\system32\IM31XPNG.DEL
22:12:10.0437 2144 C:\WINDOWS\system32\IM31XPNG.DEL - ok
22:12:10.0437 2144 [ 6A858BCA55DBAB2E5884A1592B4EAEBB ] C:\WINDOWS\system32\IM31XTIF.DEL
22:12:10.0437 2144 C:\WINDOWS\system32\IM31XTIF.DEL - ok
22:12:10.0453 2144 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
22:12:10.0453 2144 C:\WINDOWS\system32\mspatcha.dll - ok
22:12:10.0453 2144 [ 232565D4769CE44745A87CF466E91952 ] C:\WINDOWS\system32\IMHOST32.DLL
22:12:10.0453 2144 C:\WINDOWS\system32\IMHOST32.DLL - ok
22:12:10.0453 2144 [ 783C298974BF8CA4E6B67C7F57F16180 ] C:\WINDOWS\system32\lxdkoem.dll
22:12:10.0453 2144 C:\WINDOWS\system32\lxdkoem.dll - ok
22:12:10.0453 2144 [ 96C358B6AF942FA4D20D7942C8799B49 ] C:\WINDOWS\system32\hpinkstsAD11LM.dll
22:12:10.0453 2144 C:\WINDOWS\system32\hpinkstsAD11LM.dll - ok
22:12:10.0468 2144 [ FB034DE7F0D706EBA9513D8ED7478ACB ] C:\WINDOWS\system32\HPDiscoPMAD11.dll
22:12:10.0468 2144 C:\WINDOWS\system32\HPDiscoPMAD11.dll - ok
22:12:10.0468 2144 [ ADE43E6677BA2D52413DDDAB38438555 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
22:12:10.0468 2144 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - ok
22:12:10.0468 2144 [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll
22:12:10.0468 2144 C:\WINDOWS\system32\wsnmp32.dll - ok
22:12:10.0468 2144 [ 52417880AC75AC4B7F4E5C3B54CA6621 ] C:\WINDOWS\system32\hpzlnt12.dll
22:12:10.0468 2144 C:\WINDOWS\system32\hpzlnt12.dll - ok
22:12:10.0484 2144 [ 3330883EBC7FF788DF9F15C512287EAF ] C:\WINDOWS\system32\lexlmpm.dll
22:12:10.0484 2144 C:\WINDOWS\system32\lexlmpm.dll - ok
22:12:10.0484 2144 [ FB2D4FFAD86E9ED03838C52783A97C7D ] C:\WINDOWS\system32\LexBce.dll
22:12:10.0484 2144 C:\WINDOWS\system32\LexBce.dll - ok
22:12:10.0484 2144 [ AE8028E980FCAB6CCAF68E6850D8FE50 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
22:12:10.0484 2144 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - ok
22:12:10.0484 2144 [ AF19547B066E3CF6842688CE2A53A53B ] C:\WINDOWS\system32\LexBceS.exe
22:12:10.0484 2144 C:\WINDOWS\system32\LexBceS.exe - ok
22:12:10.0500 2144 [ 73B44FE5423982B2709D6EA2F674B807 ] C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
22:12:10.0500 2144 C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll - ok
22:12:10.0500 2144 [ AB9AAC01AC223F03707748C038A03244 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
22:12:10.0500 2144 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - ok
22:12:10.0500 2144 [ CF9EEA7F51101A281B99FCA7AFFA2524 ] C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll
22:12:10.0500 2144 C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll - ok
22:12:10.0515 2144 [ 0967D9749326622FA8FDE688CA126736 ] C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll
22:12:10.0515 2144 C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll - ok
22:12:10.0515 2144 [ 8BA39E5F79366F45AF9759C1DAE346AE ] C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll
22:12:10.0515 2144 C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll - ok
22:12:10.0515 2144 [ B6335A2EFBF0B4B7D4080E8B933A9F9B ] C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll
22:12:10.0515 2144 C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll - ok
22:12:10.0515 2144 [ 6D0A021A23A281AB9F212CF1E2BD3757 ] C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
22:12:10.0515 2144 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - ok
22:12:10.0531 2144 [ 38B7D70722B4942D9B02D1C94B364884 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_b35e4e05\System.dll
22:12:10.0531 2144 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_b35e4e05\System.dll - ok
22:12:10.0531 2144 [ 52ABC8C57DFEE5A7AAA210CE2E9DFE73 ] C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll
22:12:10.0531 2144 C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll - ok
22:12:10.0531 2144 [ 254CCDC043DFADC5D5EF99B533BB1DC2 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
22:12:10.0531 2144 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll - ok
22:12:10.0546 2144 [ 66946DE593185983B6D05F837D452262 ] C:\WINDOWS\ehome\ehui.dll
22:12:10.0546 2144 C:\WINDOWS\ehome\ehui.dll - ok
22:12:10.0546 2144 [ DF0A511F38F16016BF658FCA0090CB87 ] C:\WINDOWS\ehome\mcrdsvc.exe
22:12:10.0546 2144 C:\WINDOWS\ehome\mcrdsvc.exe - ok
22:12:10.0546 2144 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
22:12:10.0546 2144 C:\WINDOWS\system32\browser.dll - ok
22:12:10.0546 2144 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
22:12:10.0546 2144 C:\WINDOWS\system32\wups.dll - ok
22:12:10.0562 2144 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
22:12:10.0562 2144 C:\WINDOWS\system32\ssdpapi.dll - ok
22:12:10.0562 2144 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
22:12:10.0562 2144 C:\WINDOWS\system32\wups2.dll - ok
22:12:10.0562 2144 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
22:12:10.0562 2144 C:\WINDOWS\system32\hid.dll - ok
22:12:10.0562 2144 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
22:12:10.0578 2144 C:\WINDOWS\system32\ipnathlp.dll - ok
22:12:10.0578 2144 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] C:\WINDOWS\system32\upnphost.dll
22:12:10.0578 2144 C:\WINDOWS\system32\upnphost.dll - ok
22:12:10.0578 2144 [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
22:12:10.0578 2144 C:\WINDOWS\system32\msftedit.dll - ok
22:12:10.0578 2144 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
22:12:10.0578 2144 C:\WINDOWS\system32\wscsvc.dll - ok
22:12:10.0593 2144 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
22:12:10.0593 2144 C:\WINDOWS\system32\actxprxy.dll - ok
22:12:10.0593 2144 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
22:12:10.0593 2144 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
22:12:10.0593 2144 [ 7AC813E17BD960987C5DA788AF295361 ] C:\WINDOWS\ehome\ehdebug.dll
22:12:10.0593 2144 C:\WINDOWS\ehome\ehdebug.dll - ok
22:12:10.0593 2144 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
22:12:10.0593 2144 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
22:12:10.0609 2144 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
22:12:10.0609 2144 C:\WINDOWS\system32\shfolder.dll - ok
22:12:10.0609 2144 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
22:12:10.0609 2144 C:\WINDOWS\system32\wbem\esscli.dll - ok
22:12:10.0609 2144 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
22:12:10.0609 2144 C:\WINDOWS\system32\wbem\fastprox.dll - ok
22:12:10.0625 2144 [ A5205B3AF85B1477AB2C2A1E12201598 ] C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
22:12:10.0625 2144 C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll - ok
22:12:10.0625 2144 [ 3B8CFDA90EFAA65901ECC2EDCAD4D1EF ] C:\WINDOWS\system32\wmpmde.dll
22:12:10.0625 2144 C:\WINDOWS\system32\wmpmde.dll - ok
22:12:10.0625 2144 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
22:12:10.0625 2144 C:\WINDOWS\system32\comsvcs.dll - ok
22:12:10.0625 2144 [ 55C30168142479C602BD456AC4E230B0 ] C:\WINDOWS\system32\MFPLAT.dll
22:12:10.0625 2144 C:\WINDOWS\system32\MFPLAT.dll - ok
22:12:10.0640 2144 [ 1FE96ECDAB30AA82066C54D8C3FCA72A ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_95124dc5\System.Xml.dll
22:12:10.0640 2144 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_95124dc5\System.Xml.dll - ok
22:12:10.0640 2144 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
22:12:10.0640 2144 C:\WINDOWS\system32\colbact.dll - ok
22:12:10.0640 2144 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
22:12:10.0640 2144 C:\WINDOWS\system32\mtxclu.dll - ok
22:12:10.0640 2144 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
22:12:10.0640 2144 C:\WINDOWS\system32\clusapi.dll - ok
22:12:10.0656 2144 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
22:12:10.0656 2144 C:\WINDOWS\system32\upnp.dll - ok
22:12:10.0656 2144 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
22:12:10.0656 2144 C:\WINDOWS\system32\resutils.dll - ok
22:12:10.0656 2144 [ 77B4BE0C9AA0AC78884D8E7CFB315463 ] C:\WINDOWS\system32\wmp.dll
22:12:10.0656 2144 C:\WINDOWS\system32\wmp.dll - ok
22:12:10.0671 2144 [ 3550DFA6FFFBD7604DABB28DF4ABF096 ] C:\WINDOWS\ehome\custsat.dll
22:12:10.0671 2144 C:\WINDOWS\ehome\custsat.dll - ok
22:12:10.0671 2144 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
22:12:10.0671 2144 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
22:12:10.0671 2144 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
22:12:10.0671 2144 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
22:12:10.0671 2144 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
22:12:10.0671 2144 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
22:12:10.0687 2144 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
22:12:10.0687 2144 C:\WINDOWS\system32\wuauclt.exe - ok
22:12:10.0687 2144 [ 0F0F5B564C5A3C9B38A6220230252567 ] C:\WINDOWS\ehome\ehProxy.dll
22:12:10.0687 2144 C:\WINDOWS\ehome\ehProxy.dll - ok
22:12:10.0687 2144 [ 576FF75D51B79536C3AE7659B482B7D5 ] C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll
22:12:10.0687 2144 C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll - ok
22:12:10.0703 2144 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
22:12:10.0703 2144 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
22:12:10.0703 2144 [ 6F640DC052CF77161A23E29261593793 ] C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
22:12:10.0703 2144 C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll - ok
22:12:10.0703 2144 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
22:12:10.0703 2144 C:\WINDOWS\system32\wbem\wbemess.dll - ok
22:12:10.0703 2144 [ 30D9CFDDDE206082A5A3CF71AAB6C9C3 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
22:12:10.0703 2144 C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - ok
22:12:10.0718 2144 [ EA08C74D9BE05E53D3C92456413AA656 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
22:12:10.0718 2144 C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll - ok
22:12:10.0718 2144 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
22:12:10.0718 2144 C:\WINDOWS\system32\wuapi.dll - ok
22:12:10.0718 2144 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
22:12:10.0718 2144 C:\WINDOWS\system32\wbem\ncprov.dll - ok
22:12:10.0718 2144 [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll
22:12:10.0718 2144 C:\WINDOWS\system32\msvfw32.dll - ok
22:12:10.0734 2144 [ E8885A533A3D46209851433E3B9B3BC4 ] C:\WINDOWS\system32\wmploc.dll
22:12:10.0734 2144 C:\WINDOWS\system32\wmploc.dll - ok
22:12:10.0734 2144 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
22:12:10.0734 2144 C:\WINDOWS\system32\termsrv.dll - ok
22:12:10.0734 2144 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
22:12:10.0734 2144 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
22:12:10.0750 2144 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\WINDOWS\system32\mdimon.dll
22:12:10.0750 2144 C:\WINDOWS\system32\mdimon.dll - ok
22:12:10.0750 2144 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
22:12:10.0750 2144 C:\WINDOWS\system32\pjlmon.dll - ok
22:12:10.0750 2144 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
22:12:10.0750 2144 C:\WINDOWS\system32\icaapi.dll - ok
22:12:10.0750 2144 [ 5CCB54A9CF8FC5E3251374E0DC9C45BB ] C:\WINDOWS\system32\wmpps.dll
22:12:10.0750 2144 C:\WINDOWS\system32\wmpps.dll - ok
22:12:10.0765 2144 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
22:12:10.0765 2144 C:\WINDOWS\system32\tcpmon.dll - ok
22:12:10.0765 2144 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
22:12:10.0765 2144 C:\WINDOWS\system32\usbmon.dll - ok
22:12:10.0765 2144 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
22:12:10.0765 2144 C:\WINDOWS\system32\mstlsapi.dll - ok
22:12:10.0765 2144 [ 4F372C68F7D7546171473870F307CA17 ] C:\WINDOWS\system32\wmdrmdev.dll
22:12:10.0765 2144 C:\WINDOWS\system32\wmdrmdev.dll - ok
22:12:10.0781 2144 [ E989E4BADCCCF78E18AABF3D42B306CE ] C:\WINDOWS\system32\drmv2clt.dll
22:12:10.0781 2144 C:\WINDOWS\system32\drmv2clt.dll - ok
22:12:10.0781 2144 [ C9F5E1DE6DA983E89E714ED80C11F000 ] C:\WINDOWS\system32\drwtsn32.exe
22:12:10.0781 2144 C:\WINDOWS\system32\drwtsn32.exe - ok
22:12:10.0781 2144 [ 06848C5A1674FE6C9B7E9CA9B5B4E6E5 ] C:\WINDOWS\system32\dbgeng.dll
22:12:10.0781 2144 C:\WINDOWS\system32\dbgeng.dll - ok
22:12:10.0796 2144 [ 6187AE9B84F72351C07808B823C9DD9B ] C:\WINDOWS\system32\spool\prtprocs\w32x86\LXARPP.DLL
22:12:10.0796 2144 C:\WINDOWS\system32\spool\prtprocs\w32x86\LXARPP.DLL - ok
22:12:10.0796 2144 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
22:12:10.0796 2144 C:\WINDOWS\system32\tapisrv.dll - ok
22:12:10.0796 2144 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
22:12:10.0796 2144 C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
22:12:10.0796 2144 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
22:12:10.0796 2144 C:\WINDOWS\system32\rasmans.dll - ok
22:12:10.0812 2144 [ 0A9BA6AF531AFE7FA5E4FB973852D863 ] C:\WINDOWS\system32\dllhost.exe
22:12:10.0812 2144 C:\WINDOWS\system32\dllhost.exe - ok
22:12:10.0812 2144 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
22:12:10.0812 2144 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
22:12:10.0812 2144 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
22:12:10.0812 2144 C:\WINDOWS\system32\netcfgx.dll - ok
22:12:10.0828 2144 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
22:12:10.0828 2144 C:\WINDOWS\system32\win32spl.dll - ok
22:12:10.0828 2144 [ C7C84DF7233F4834CD190F3DCCAF50CA ] C:\WINDOWS\system32\rdpwsx.dll
22:12:10.0828 2144 C:\WINDOWS\system32\rdpwsx.dll - ok
22:12:10.0828 2144 [ 17E0CF9C8CBB717D05948656BCD86EFA ] C:\WINDOWS\system32\txflog.dll
22:12:10.0828 2144 C:\WINDOWS\system32\txflog.dll - ok
22:12:10.0828 2144 [ D7AE907903A6F46384B0F1D618FCE822 ] C:\WINDOWS\system32\exts.dll
22:12:10.0828 2144 C:\WINDOWS\system32\exts.dll - ok
22:12:10.0843 2144 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
22:12:10.0843 2144 C:\WINDOWS\system32\rasdlg.dll - ok
22:12:10.0843 2144 [ 3225C2BCBCAF3F0D994DADC82112E233 ] C:\WINDOWS\system32\ntsdexts.dll
22:12:10.0843 2144 C:\WINDOWS\system32\ntsdexts.dll - ok
22:12:10.0843 2144 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
22:12:10.0843 2144 C:\WINDOWS\system32\netrap.dll - ok
22:12:10.0843 2144 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
22:12:10.0843 2144 C:\WINDOWS\system32\rastapi.dll - ok
22:12:10.0859 2144 [ 9627EE26C7F3FD023D87DB50C62F5111 ] C:\WINDOWS\ehome\sqldb20.dll
22:12:10.0859 2144 C:\WINDOWS\ehome\sqldb20.dll - ok
22:12:10.0859 2144 [ 142843A24FEBB7BDED976F42C8E91384 ] C:\Program Files\AVAST Software\Avast\defs\13061601\ArPot.dll
22:12:10.0859 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\ArPot.dll - ok
22:12:10.0859 2144 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
22:12:10.0859 2144 C:\WINDOWS\system32\unimdm.tsp - ok
22:12:10.0875 2144 [ 160762386084A0BB69F91BB694114D14 ] C:\WINDOWS\ehome\sqlse20.dll
22:12:10.0875 2144 C:\WINDOWS\ehome\sqlse20.dll - ok
22:12:10.0875 2144 [ A2EAE71B251BD27B0F4185CF9699A1C2 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
22:12:10.0875 2144 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
22:12:10.0875 2144 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
22:12:10.0875 2144 C:\WINDOWS\system32\uniplat.dll - ok
22:12:10.0875 2144 [ A3AE51C21160328EA11F734392A0F269 ] C:\WINDOWS\ehome\sqlqp20.dll
22:12:10.0875 2144 C:\WINDOWS\ehome\sqlqp20.dll - ok
22:12:10.0890 2144 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
22:12:10.0890 2144 C:\WINDOWS\system32\alg.exe - ok
22:12:10.0890 2144 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
22:12:10.0890 2144 C:\WINDOWS\system32\unimdmat.dll - ok
22:12:10.0890 2144 [ 44BD658E0E4D21C42023AD9EBEFFDB90 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
22:12:10.0890 2144 C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
22:12:10.0890 2144 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
22:12:10.0890 2144 C:\WINDOWS\system32\modemui.dll - ok
22:12:10.0906 2144 [ F3CD3269896D64ECAEA4CA34BCEAC381 ] C:\Program Files\AVAST Software\Avast\snxhk.dll
22:12:10.0906 2144 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
22:12:10.0906 2144 [ 8ED6DA45BAB5CFC809229F26D4D4A2CE ] C:\Program Files\AVAST Software\Avast\libeay32.dll
22:12:10.0906 2144 C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
22:12:10.0906 2144 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
22:12:10.0906 2144 C:\WINDOWS\system32\kmddsp.tsp - ok
22:12:10.0921 2144 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
22:12:10.0921 2144 C:\WINDOWS\system32\ndptsp.tsp - ok
22:12:10.0921 2144 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
22:12:10.0921 2144 C:\WINDOWS\system32\ipconf.tsp - ok
22:12:10.0921 2144 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
22:12:10.0921 2144 C:\WINDOWS\system32\h323.tsp - ok
22:12:10.0921 2144 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
22:12:10.0921 2144 C:\WINDOWS\system32\hidphone.tsp - ok
22:12:10.0937 2144 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
22:12:10.0937 2144 C:\WINDOWS\system32\rasppp.dll - ok
22:12:10.0937 2144 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
22:12:10.0937 2144 C:\WINDOWS\system32\ntlsapi.dll - ok
22:12:10.0937 2144 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
22:12:10.0937 2144 C:\WINDOWS\system32\rasqec.dll - ok
22:12:10.0937 2144 [ CA4603AB0CB1C86736302BAA0AB5177C ] C:\WINDOWS\system32\blackbox.dll
22:12:10.0937 2144 C:\WINDOWS\system32\blackbox.dll - ok
22:12:10.0953 2144 [ B6D90C99A72044AEF85A2B7D78FEBEF4 ] C:\Program Files\AVAST Software\Avast\defs\13061601\exts.dll
22:12:10.0953 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\exts.dll - ok
22:12:10.0953 2144 [ C56B6D0402371CF3700EB322EF3AAF61 ] C:\WINDOWS\system32\drivers\tdtcp.sys
22:12:10.0953 2144 C:\WINDOWS\system32\drivers\tdtcp.sys - ok
22:12:10.0953 2144 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] C:\WINDOWS\system32\drivers\rdpwd.sys
22:12:10.0953 2144 C:\WINDOWS\system32\drivers\rdpwd.sys - ok
22:12:10.0968 2144 [ BF0873241C01C97E9E027C68863914C6 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
22:12:10.0968 2144 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
22:12:10.0968 2144 [ 01446ACA514121E876126C13B1332102 ] C:\WINDOWS\system32\wmdrmnet.dll
22:12:10.0968 2144 C:\WINDOWS\system32\wmdrmnet.dll - ok
22:12:10.0968 2144 [ 1087020FF6481D74A3B7EE04DA927DCA ] C:\Program Files\Java\jre7\bin\keytool.exe
22:12:10.0968 2144 C:\Program Files\Java\jre7\bin\keytool.exe - ok
22:12:10.0968 2144 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
22:12:10.0968 2144 C:\WINDOWS\system32\security.dll - ok
22:12:10.0984 2144 [ 0F2B9A24F8463EEC4E363AA36F763917 ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
22:12:10.0984 2144 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
22:12:10.0984 2144 [ DFFEC6479C5E00A103A44AC33A1058AA ] C:\WINDOWS\system32\WMVCore.dll
22:12:10.0984 2144 C:\WINDOWS\system32\WMVCore.dll - ok
22:12:10.0984 2144 [ 8FC931CA97B8DA19A380AB653AC3D6B7 ] C:\Program Files\AVAST Software\Avast\defs\13061601\aswAR.dll
22:12:10.0984 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\aswAR.dll - ok
22:12:10.0984 2144 [ 9EC1D983086E5FA14FFB3518B7E3B596 ] C:\Program Files\AVAST Software\Avast\defs\13061601\aswRawFS.dll
22:12:10.0984 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\aswRawFS.dll - ok
22:12:11.0000 2144 [ 10AA3E99691C9782308A4768F0485D8D ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
22:12:11.0000 2144 C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok
22:12:11.0000 2144 [ 7365B5CA9747C84178D42CCA72486277 ] C:\WINDOWS\system32\wmasf.dll
22:12:11.0000 2144 C:\WINDOWS\system32\wmasf.dll - ok
22:12:11.0000 2144 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
22:12:11.0000 2144 C:\WINDOWS\system32\mlang.dll - ok
22:12:11.0000 2144 [ 112EEF699F3E5EFBE13EDDB50AEDE249 ] C:\Program Files\AVAST Software\Avast\defs\13061601\swhealthex.dll
22:12:11.0000 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\swhealthex.dll - ok
22:12:11.0015 2144 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
22:12:11.0015 2144 C:\WINDOWS\system32\msxml3.dll - ok
22:12:11.0015 2144 [ ADC90EBBE2823C23A0406ACD3D6E9312 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
22:12:11.0015 2144 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL - ok
22:12:11.0015 2144 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
22:12:11.0015 2144 C:\WINDOWS\system32\qmgr.dll - ok
22:12:11.0031 2144 [ F1DAC7969C1337AF790BD1D981AA780C ] C:\WINDOWS\system32\qmgrprxy.dll
22:12:11.0031 2144 C:\WINDOWS\system32\qmgrprxy.dll - ok
22:12:11.0031 2144 [ 8598C2AE3A7C7281B1290297C7CCFD57 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
22:12:11.0031 2144 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
22:12:11.0031 2144 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
22:12:11.0031 2144 C:\WINDOWS\system32\oledlg.dll - ok
22:12:11.0031 2144 [ 15FD59F795ABAE49990B79C8B0AB6F5B ] C:\Program Files\Java\jre7\bin\jli.dll
22:12:11.0031 2144 C:\Program Files\Java\jre7\bin\jli.dll - ok
22:12:11.0046 2144 [ 36E652727134278104147DB2014BF878 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
22:12:11.0046 2144 C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
22:12:11.0046 2144 [ 60A52B2FA76513F590C52DFA59E16C84 ] C:\Program Files\Java\jre7\bin\verify.dll
22:12:11.0046 2144 C:\Program Files\Java\jre7\bin\verify.dll - ok
22:12:11.0046 2144 [ 2A4318112B14E4D015C0B6975153859B ] C:\Program Files\Java\jre7\bin\java.dll
22:12:11.0046 2144 C:\Program Files\Java\jre7\bin\java.dll - ok
22:12:11.0046 2144 [ C6F079BFD89C22903B22D94D93D45061 ] C:\Program Files\Java\jre7\bin\zip.dll
22:12:11.0062 2144 C:\Program Files\Java\jre7\bin\zip.dll - ok
22:12:11.0062 2144 [ 77AA57E57D8E7F4D1EDBCE36131B64C4 ] C:\Program Files\Java\jre7\bin\sunec.dll
22:12:11.0062 2144 C:\Program Files\Java\jre7\bin\sunec.dll - ok
22:12:11.0062 2144 [ F5A7218667841CA4549CC4C7DBA7A577 ] C:\Program Files\Java\jre7\bin\sunmscapi.dll
22:12:11.0062 2144 C:\Program Files\Java\jre7\bin\sunmscapi.dll - ok
22:12:11.0062 2144 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
22:12:11.0062 2144 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
22:12:11.0078 2144 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
22:12:11.0078 2144 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
22:12:11.0078 2144 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
22:12:11.0078 2144 C:\WINDOWS\system32\wbem\framedyn.dll - ok
22:12:11.0078 2144 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
22:12:11.0078 2144 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
22:12:11.0078 2144 [ D1E73B6F78DF0AA59B9F160F7B84377F ] C:\Program Files\Java\jre7\bin\awt.dll
22:12:11.0078 2144 C:\Program Files\Java\jre7\bin\awt.dll - ok
22:12:11.0093 2144 [ 6969F61969CBEE95A22AF2242003564D ] C:\Program Files\Java\jre7\bin\dcpr.dll
22:12:11.0093 2144 C:\Program Files\Java\jre7\bin\dcpr.dll - ok
22:12:11.0093 2144 [ D34F8AA27DAB10341BC325D13C25676E ] C:\Program Files\Java\jre7\bin\deploy.dll
22:12:11.0093 2144 C:\Program Files\Java\jre7\bin\deploy.dll - ok
22:12:11.0093 2144 [ E9E9143730A7627CEFCCBCF563BC92F5 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
22:12:11.0093 2144 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
22:12:11.0109 2144 [ AE5F5021FC66A380FD46B17A3E30E8E8 ] C:\Program Files\Java\jre7\bin\javaw.exe
22:12:11.0109 2144 C:\Program Files\Java\jre7\bin\javaw.exe - ok
22:12:11.0109 2144 [ DF1F6DD4158FE3A2B1F4A232DC9E2079 ] C:\Program Files\Java\jre7\bin\jp2native.dll
22:12:11.0109 2144 C:\Program Files\Java\jre7\bin\jp2native.dll - ok
22:12:11.0109 2144 [ E76A2F1EB29CFF5E7C0D705A1674A0F7 ] C:\Program Files\Java\jre7\bin\jpeg.dll
22:12:11.0109 2144 C:\Program Files\Java\jre7\bin\jpeg.dll - ok
22:12:11.0109 2144 [ 98FDE200AA094D5AEC67B02B550CEEEF ] C:\Program Files\Java\jre7\bin\net.dll
22:12:11.0109 2144 C:\Program Files\Java\jre7\bin\net.dll - ok
22:12:11.0125 2144 [ A817834EA027BDFEE103B2AE70250699 ] C:\Program Files\Java\jre7\bin\nio.dll
22:12:11.0125 2144 C:\Program Files\Java\jre7\bin\nio.dll - ok
22:12:11.0125 2144 [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Owner\LOCALS~1\temp\C3397540-788C-4A94-B824-472722236DCB.exe
22:12:11.0125 2144 C:\DOCUME~1\Owner\LOCALS~1\temp\C3397540-788C-4A94-B824-472722236DCB.exe - ok
22:12:11.0125 2144 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
22:12:11.0125 2144 C:\WINDOWS\system32\linkinfo.dll - ok
22:12:11.0125 2144 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
22:12:11.0125 2144 C:\WINDOWS\system32\ntshrui.dll - ok
22:12:11.0140 2144 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\11755963.sys
22:12:11.0140 2144 C:\WINDOWS\system32\drivers\11755963.sys - ok
22:12:11.0140 2144 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
22:12:11.0140 2144 C:\WINDOWS\system32\verclsid.exe - ok
22:12:11.0140 2144 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
22:12:11.0140 2144 C:\WINDOWS\system32\webcheck.dll - ok
22:12:11.0156 2144 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
22:12:11.0156 2144 C:\WINDOWS\system32\stobject.dll - ok
22:12:11.0156 2144 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
22:12:11.0156 2144 C:\WINDOWS\system32\batmeter.dll - ok
22:12:11.0156 2144 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
22:12:11.0156 2144 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
22:12:11.0156 2144 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
22:12:11.0156 2144 C:\WINDOWS\system32\mydocs.dll - ok
22:12:11.0171 2144 [ 22FFECDF6D7464DD6A9D5D29F1CDA358 ] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
22:12:11.0171 2144 C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe - ok
22:12:11.0171 2144 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
22:12:11.0171 2144 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
22:12:11.0171 2144 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
22:12:11.0171 2144 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
22:12:11.0187 2144 [ CE5C9977DA751DDC30952AC4DCBCA788 ] C:\Program Files\HP\HP Software Update\hpwuschd2.exe
22:12:11.0187 2144 C:\Program Files\HP\HP Software Update\hpwuschd2.exe - ok
22:12:11.0187 2144 [ 3F11B20D12D89365D7721BDC860CE5F0 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
22:12:11.0187 2144 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
22:12:11.0187 2144 [ F92B3868E3801653AF196C76078829FA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
22:12:11.0187 2144 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
22:12:11.0187 2144 [ A2AC352D736D4F66764B4551F9CCDD75 ] C:\WINDOWS\system32\vspubapi.dll
22:12:11.0187 2144 C:\WINDOWS\system32\vspubapi.dll - ok
22:12:11.0203 2144 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
22:12:11.0203 2144 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll - ok
22:12:11.0203 2144 [ D63797E8E7781EE1500A810CB6194FA6 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
22:12:11.0203 2144 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
22:12:11.0203 2144 [ 7EAED08CCCA4DDDE61A388C82598CFA9 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
22:12:11.0203 2144 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
22:12:11.0203 2144 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
22:12:11.0203 2144 C:\WINDOWS\system32\ctfmon.exe - ok
22:12:11.0218 2144 [ E9A73E376B26D5243F7A418A0C548929 ] C:\Program Files\Windows Media Player\wmpnssci.dll
22:12:11.0218 2144 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
22:12:11.0218 2144 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
22:12:11.0218 2144 C:\WINDOWS\system32\msctf.dll - ok
22:12:11.0218 2144 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
22:12:11.0218 2144 C:\WINDOWS\system32\msutb.dll - ok
22:12:11.0218 2144 [ 567CFED31D5C1C97899F25091048ACA1 ] C:\Program Files\Zone Labs\ZoneAlarm\framewrk.dll
22:12:11.0218 2144 C:\Program Files\Zone Labs\ZoneAlarm\framewrk.dll - ok
22:12:11.0234 2144 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
22:12:11.0234 2144 C:\WINDOWS\ime\sptip.dll - ok
22:12:11.0234 2144 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
22:12:11.0234 2144 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll - ok
22:12:11.0234 2144 [ 56DB34F4DC39CECBC871A895C6FCF1C3 ] C:\Program Files\AVAST Software\Avast\aswAra.dll
22:12:11.0234 2144 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
22:12:11.0250 2144 [ 3851909899A5E6210C58DB9CC02068D3 ] C:\Program Files\AVAST Software\Avast\aswData.dll
22:12:11.0250 2144 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
22:12:11.0250 2144 [ A3BB91467FBDDA34039686C95A31C8C2 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
22:12:11.0250 2144 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
22:12:11.0250 2144 [ 5684CD3B207C1668DEE6BD2802C25B19 ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
22:12:11.0250 2144 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
22:12:11.0250 2144 [ 8DB479E065F2B546BFBD7323E5EE5B02 ] C:\WINDOWS\system32\Macromed\Flash\Flash32_11_7_700_224.ocx
22:12:11.0250 2144 C:\WINDOWS\system32\Macromed\Flash\Flash32_11_7_700_224.ocx - ok
22:12:11.0265 2144 [ BE2F9AB059B7381FCBA852EA49DA5295 ] C:\WINDOWS\system32\ZoneLabs\lib\pyd\zpui.pyd
22:12:11.0265 2144 C:\WINDOWS\system32\ZoneLabs\lib\pyd\zpui.pyd - ok
22:12:11.0265 2144 [ 30181CDC72C19E0ECFF183901DA82AB2 ] C:\WINDOWS\system32\vsmonapi.dll
22:12:11.0265 2144 C:\WINDOWS\system32\vsmonapi.dll - ok
22:12:11.0265 2144 [ A9995A4241A8FCDFD76CE410DDA5381E ] C:\Program Files\Zone Labs\ZoneAlarm\alert.zap
22:12:11.0265 2144 C:\Program Files\Zone Labs\ZoneAlarm\alert.zap - ok
22:12:11.0265 2144 [ 43C933AE0DE2CCCFFF80B5519E1660D0 ] C:\Program Files\Zone Labs\ZoneAlarm\cam.zap
22:12:11.0281 2144 C:\Program Files\Zone Labs\ZoneAlarm\cam.zap - ok
22:12:11.0281 2144 [ 0C8D1FE72D512392AB7A14A4076E68FB ] C:\Program Files\Zone Labs\ZoneAlarm\email.zap
22:12:11.0281 2144 C:\Program Files\Zone Labs\ZoneAlarm\email.zap - ok
22:12:11.0281 2144 [ 90E13B9FDC950245F101909858E9F707 ] C:\Program Files\Zone Labs\ZoneAlarm\filter.zap
22:12:11.0281 2144 C:\Program Files\Zone Labs\ZoneAlarm\filter.zap - ok
22:12:11.0281 2144 [ 3947CFA3BB2F75CE64A1F21C12F34DDA ] C:\Program Files\Zone Labs\ZoneAlarm\firewall.zap
22:12:11.0281 2144 C:\Program Files\Zone Labs\ZoneAlarm\firewall.zap - ok
22:12:11.0296 2144 [ E5132F7B3D0522E3268229217439640B ] C:\Program Files\Zone Labs\ZoneAlarm\idlock.zap
22:12:11.0296 2144 C:\Program Files\Zone Labs\ZoneAlarm\idlock.zap - ok
22:12:11.0296 2144 [ 6B9F34C6212C8C9008E381E151D8557F ] C:\Program Files\Zone Labs\ZoneAlarm\imsecure.zap
22:12:11.0296 2144 C:\Program Files\Zone Labs\ZoneAlarm\imsecure.zap - ok
22:12:11.0296 2144 [ 938218DE2BB9E946168EDB6C8AEA7E12 ] C:\Program Files\Zone Labs\ZoneAlarm\privacy.zap
22:12:11.0296 2144 C:\Program Files\Zone Labs\ZoneAlarm\privacy.zap - ok
22:12:11.0296 2144 [ C9484F769E33DCEA42BA8BA030BBD88A ] C:\Program Files\Zone Labs\ZoneAlarm\programs.zap
22:12:11.0296 2144 C:\Program Files\Zone Labs\ZoneAlarm\programs.zap - ok
22:12:11.0312 2144 [ 58FFDEF106647B6A9694C5707D9E416D ] C:\Program Files\Zone Labs\ZoneAlarm\scan.zap
22:12:11.0312 2144 C:\Program Files\Zone Labs\ZoneAlarm\scan.zap - ok
22:12:11.0312 2144 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
22:12:11.0312 2144 C:\WINDOWS\system32\dsound.dll - ok
22:12:11.0312 2144 [ 98EEDBFC794C560E7879A331A5C8618C ] C:\Program Files\Zone Labs\ZoneAlarm\security.zap
22:12:11.0312 2144 C:\Program Files\Zone Labs\ZoneAlarm\security.zap - ok
22:12:11.0328 2144 [ CC96587B1C07F84B95271223B19537A8 ] C:\Program Files\AVAST Software\Avast\defs\13061601\uiext.dll
22:12:11.0328 2144 C:\Program Files\AVAST Software\Avast\defs\13061601\uiext.dll - ok
22:12:11.0328 2144 [ A7F361875622AA5829AA39BA248F68E9 ] C:\WINDOWS\system32\adsldp.dll
22:12:11.0328 2144 C:\WINDOWS\system32\adsldp.dll - ok
22:12:11.0328 2144 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
22:12:11.0328 2144 C:\WINDOWS\system32\drprov.dll - ok
22:12:11.0328 2144 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
22:12:11.0328 2144 C:\WINDOWS\system32\ntlanman.dll - ok
22:12:11.0343 2144 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
22:12:11.0343 2144 C:\WINDOWS\system32\netui0.dll - ok
22:12:11.0343 2144 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
22:12:11.0343 2144 C:\WINDOWS\system32\netui1.dll - ok
22:12:11.0343 2144 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
22:12:11.0343 2144 C:\WINDOWS\system32\davclnt.dll - ok
22:12:11.0343 2144 ============================================================
22:12:11.0343 2144 Scan finished
22:12:11.0343 2144 ============================================================
22:12:11.0484 0680 Detected object count: 14
22:12:11.0484 0680 Actual detected object count: 14
22:14:27.0031 0680 !SASCORE ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0046 0680 !SASCORE ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:27.0046 0680 Cdr4_xp ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0046 0680 Cdr4_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:27.0062 0680 Cdralw2k ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0062 0680 Cdralw2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:27.0062 0680 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0062 0680 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:27.0062 0680 LexBceS ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0062 0680 LexBceS ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:27.0062 0680 MHN ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0062 0680 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:27.0062 0680 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0062 0680 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:27.0062 0680 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0062 0680 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:27.0062 0680 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0062 0680 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:27.0062 0680 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0062 0680 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:27.0078 0680 PrismXL ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0078 0680 PrismXL ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:27.0078 0680 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0078 0680 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:27.0078 0680 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0078 0680 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:27.0078 0680 SunkFilt ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:27.0078 0680 SunkFilt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:15:42.0640 3844 Deinitialize success


And here's the security check:

Results of screen317's Security Check version 0.99.64
Windows XP Service Pack 3 x86
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SUPERAntiSpyware Free Edition
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
Java™ 6 Update 33
Java 7 Update 21
Adobe Flash Player 11.7.700.224
Adobe Reader XI
Mozilla Firefox (21.0)
Google Chrome 27.0.1453.110
Google Chrome 27.0.1453.94
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
Zone Labs ZoneAlarm zlclient.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 19% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
  • 0

#15
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
I see you have ZoneAlarm running along side Avast and Windows Firewall. Likely conflict going on there.

Try uninstalling ZoneAlarm and see if that makes a difference.

Come back and tell me.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP