Page 1 of 2 12 LastLast
Results 1 to 10 of 14
  1. #1
    Member
    Join Date
    Aug 2008
    Location
    Golden,CO
    Posts
    28
    Points
    1

    Default internet freezes

    have run all the required scans folowed in this post with an additional Avasti scan (no log) nothing found

    my internet explorer freezes and and need to use task manager to close and re open -sometimes even doing entire re start on computer

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 11/24/2012 at 06:23 PM

    Application Version : 5.6.1014

    Core Rules Database Version : 9633
    Trace Rules Database Version: 7445

    Scan type : Complete Scan
    Total Scan Time : 01:32:14

    Operating System Information
    Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
    Administrator

    Memory items scanned : 565
    Memory threats detected : 0
    Registry items scanned : 39957
    Registry threats detected : 0
    File items scanned : 57425
    File threats detected : 0


    Malwarebytes Anti-Malware 1.65.1.1000
    Malwarebytes : Free anti-malware download

    Database version: v2012.11.24.11

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Todd Seiders :: TODD [administrator]

    11/24/2012 6:37:00 PM
    mbam-log-2012-11-24 (18-37-00).txt

    Scan type: Full scan (C:\|D:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 383313
    Time elapsed: 2 hour(s), 34 minute(s), 2 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 2:49:05 PM, on 11/25/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
    C:\Program Files\DefaultTab\DefaultTabSearch.exe
    C:\Documents and Settings\Todd Seiders\Application Data\DefaultTab\DefaultTab\DTUpdate.exe
    C:\Program Files\Sony\PlayMemories Home\dfs.exe
    C:\WINDOWS\system32\dlcqcoms.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
    C:\Program Files\Common Files\Motive\pcCMService.exe
    C:\Program Files\PCPitstop\PC MaticRT\PCPitstopRTService.exe
    C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
    C:\Program Files\Common Files\Motive\pcServiceHost.exe
    C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Comcast\pcTrayApp.exe
    C:\Program Files\PCPitstop\Info Center\InfoCenter.exe
    C:\Program Files\AVAST Software\Avast\avastUI.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\PCPitstop\PC MaticRT\PCMaticRT.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\DriverUpdate\DriverUpdate.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\WINDOWS\notepad.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Todd Seiders\Local Settings\Temporary Internet Files\Content.IE5\XNCAZUNA\HijackThis[1].exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = Dell Start Page
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R3 - URLSearchHook: InternetHelper1.5 Toolbar - {1930e38a-deef-4cf4-9bfb-9c4ea3689a9d} - C:\Program Files\InternetHelper1.5\prxtbInte.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: InternetHelper1.5 - {1930e38a-deef-4cf4-9bfb-9c4ea3689a9d} - C:\Program Files\InternetHelper1.5\prxtbInte.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\Todd Seiders\Application Data\DefaultTab\DefaultTab\DefaultTabBHO.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: InternetHelper1.5 Toolbar - {1930e38a-deef-4cf4-9bfb-9c4ea3689a9d} - C:\Program Files\InternetHelper1.5\prxtbInte.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Comcast_McciTrayApp] "C:\Program Files\Comcast\pcTrayApp.exe"
    O4 - HKLM\..\Run: [Info Center] C:\Program Files\PCPitstop\Info Center\InfoCenter.exe
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [PC MaticRT] C:\Program Files\PCPitstop\PC MaticRT\PCMaticRT.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [DriverUpdate] "C:\Program Files\DriverUpdate\DriverUpdate.exe" -boot
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe -update activex
    O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x0821 -f video -m logitech -d 13.30.1394.0 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x0821 -f video -m logitech -d 13.30.1394.0 (User 'Default user')
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - http://upload.facebook.com/controls/...oUploader5.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirva...ls/pcmatic.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/micr...?1353291150218
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1350022498895
    O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - Cell Phones - Smartphones: Cell Phone Service, Accessories - Verizon Wireless
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/pla..._installer.exe
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{97530FB2-C597-453E-A305-DD227253DA9A}: NameServer = 208.67.222.222,208.67.220.220
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
    O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files\DefaultTab\DefaultTabSearch.exe
    O23 - Service: DefaultTabUpdate - Unknown owner - C:\Documents and Settings\Todd Seiders\Application Data\DefaultTab\DefaultTab\DTUpdate.exe
    O23 - Service: DeviceFinderService - Unknown owner - C:\Program Files\Sony\PlayMemories Home\dfs.exe
    O23 - Service: dlcq_device - - C:\WINDOWS\system32\dlcqcoms.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: pcCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\pcCMService.exe
    O23 - Service: PCPitstop Realtime - PC Pitstop LLC - C:\Program Files\PCPitstop\PC MaticRT\PCPitstopRTService.exe
    O23 - Service: PCPitstop Scheduling - PC Pitstop LLC - C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
    O23 - Service: pcServiceHost - Alcatel-Lucent - C:\Program Files\Common Files\Motive\pcServiceHost.exe
    O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

    --
    End of file - 12568 bytes

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Sorry for the delay,

    We need to see some information about what is happening in your machine. Please perform the following scan:
    • Download DDS by sUBs from one of the following links. Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
    • Notepad will open with the results.
    • Follow the instructions that pop up for posting the results.
    • Close the program window, and delete the program from your desktop.
    Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

    Information on A/V control HERE

    NEXT

    Download AdwCleaner
    • Double click on AdwCleaner.exe to run the tool.
      ***Note: Windows Vista and Windows 7 users:
      Right click in the adwCleaner.exe and select
    • Click the Search button.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your next reply.
    • Or you can find the logfile at C:\AdwCleaner[R1].txt.



    In your Next reply:

    • Post the 2 DDS LOGS.
    • Post the AdwCleaner log.


    Joe

  3. #3
    Member
    Join Date
    Aug 2008
    Location
    Golden,CO
    Posts
    28
    Points
    1

    Default

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
    Run by Todd Seiders at 11:34:36 on 2012-11-27
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.452 [GMT -7:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    ============== Running Processes ================
    .
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
    C:\Program Files\DefaultTab\DefaultTabSearch.exe
    C:\Documents and Settings\Todd Seiders\Application Data\DefaultTab\DefaultTab\DTUpdate.exe
    C:\Program Files\Sony\PlayMemories Home\dfs.exe
    C:\WINDOWS\system32\dlcqcoms.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
    C:\Program Files\Common Files\Motive\pcCMService.exe
    C:\Program Files\PCPitstop\PC MaticRT\PCPitstopRTService.exe
    C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
    C:\Program Files\Common Files\Motive\pcServiceHost.exe
    C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Comcast\pcTrayApp.exe
    C:\Program Files\PCPitstop\Info Center\InfoCenter.exe
    C:\Program Files\AVAST Software\Avast\avastUI.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    .
    ============== Pseudo HJT Report ===============
    .
    uWindow Title = Internet Explorer, optimized for Bing and MSN
    uSearch Bar = hxxp://www.google.com/ie
    uSearch Page = hxxp://www.google.com
    uDefault_Search_URL = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    uURLSearchHooks: InternetHelper1.5 Toolbar: {1930e38a-deef-4cf4-9bfb-9c4ea3689a9d} - c:\program files\internethelper1.5\prxtbInte.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: InternetHelper1.5 Toolbar: {1930e38a-deef-4cf4-9bfb-9c4ea3689a9d} - c:\program files\internethelper1.5\prxtbInte.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - c:\documents and settings\todd seiders\application data\defaulttab\defaulttab\DefaultTabBHO.dll
    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
    BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: InternetHelper1.5 Toolbar: {1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D} - c:\program files\internethelper1.5\prxtbInte.dll
    TB: InternetHelper1.5 Toolbar: {1930e38a-deef-4cf4-9bfb-9c4ea3689a9d} - c:\program files\internethelper1.5\prxtbInte.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    EB: &Discuss: {BDEADE7F-C265-11D0-BCED-00A0C90AB50F} -
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [Comcast_McciTrayApp] "c:\program files\comcast\pcTrayApp.exe"
    mRun: [Info Center] c:\program files\pcpitstop\info center\InfoCenter.exe
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    mRun: [PC MaticRT] c:\program files\pcpitstop\pc maticrt\PCMaticRT.exe
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    dRunOnce: [WUAppSetup] c:\program files\common files\logishrd\WUApp32.exe -v 0x046d -p 0x0821 -f video -m logitech -d 13.30.1394.0
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
    uPolicies-Explorer: NoDriveAutoRun = dword:67108863
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDriveAutoRun = dword:67108863
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    mPolicies-Explorer: NoDriveAutoRun = dword:67108863
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1353291150218
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1350022498895
    DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://picture.vzw.com/activex/VerizonWirelessUploadControl.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{8E48D74B-2D49-4561-AFEF-4288A2703B05} : DHCPNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{97530FB2-C597-453E-A305-DD227253DA9A} : NameServer = 208.67.222.222,208.67.220.220
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-1-25 64288]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-11-18 738504]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-11-18 361032]
    R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-9-8 65584]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2012-11-18 21592]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-11-18 21256]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-11-18 44808]
    R2 DefaultTabSearch;DefaultTabSearch;c:\program files\defaulttab\DefaultTabSearch.exe [2012-11-7 568832]
    R2 DefaultTabUpdate;DefaultTabUpdate;c:\documents and settings\todd seiders\application data\defaulttab\defaulttab\DTUpdate.exe [2012-10-14 107520]
    R2 DeviceFinderService;DeviceFinderService;c:\program files\sony\playmemories home\dfs.exe [2012-4-22 149048]
    R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-16 399432]
    R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [2006-11-17 34712]
    R2 pcCMService;pcCMService;c:\program files\common files\motive\pcCMService.exe [2012-10-14 368640]
    R2 PCPitstop Realtime;PCPitstop Realtime;c:\program files\pcpitstop\pc maticrt\PCPitstopRTService.exe [2012-11-18 3828736]
    R2 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\pcpitstop\PCPitstopScheduleService.exe [2012-11-10 91848]
    R2 pcServiceHost;pcServiceHost;c:\program files\common files\motive\pcServiceHost.exe [2012-10-14 342016]
    R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\playmemories home\PMBDeviceInfoProvider.exe [2012-4-22 474168]
    R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2012-11-18 74968]
    R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-1-22 92592]
    R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2011-8-19 450848]
    R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-5-14 676936]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
    S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944]
    S3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [2010-5-14 22176]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-5-14 22856]
    S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2012-11-18 13024]
    S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2012-11-26 00:27:27 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2012-11-26 00:23:42 388096 ----a-r- c:\documents and settings\todd seiders\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2012-11-21 17:33:40 -------- d-----w- C:\Malwarebytes
    2012-11-19 03:06:04 -------- d-----w- c:\documents and settings\all users\application data\Package Cache
    2012-11-19 02:36:35 13024 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
    2012-11-19 02:36:26 -------- d-----w- c:\documents and settings\todd seiders\local settings\application data\SlimWare Utilities Inc
    2012-11-19 02:19:05 58368 ------w- c:\windows\system32\dllcache\synceng.dll
    2012-11-18 23:45:03 74968 ----a-w- c:\windows\system32\drivers\sbapifs.sys
    2012-11-18 23:45:00 21592 ----a-w- c:\windows\system32\drivers\sbaphd.sys
    2012-11-18 16:47:55 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2012-11-18 16:46:26 41224 ----a-w- c:\windows\avastSS.scr
    2012-11-18 16:45:56 -------- d-----w- c:\program files\AVAST Software
    2012-11-18 16:45:56 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
    2012-11-16 05:51:20 -------- d-----w- C:\ce1393291911a5112e1c5eb34b8791
    2012-11-10 18:28:42 -------- d-----w- c:\documents and settings\all users\application data\PCPitstopDat
    2012-11-10 18:22:07 -------- d-----w- c:\documents and settings\all users\application data\PCPitstop
    2012-11-10 18:22:06 -------- d-----w- c:\program files\PCPitstop
    .
    ==================== Find3M ====================
    .
    2012-11-26 02:15:17 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-11-26 02:15:16 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-11-26 00:26:25 143872 ----a-w- c:\windows\system32\javacpl.cpl
    2012-11-26 00:26:24 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
    2012-11-26 00:26:24 746984 ----a-w- c:\windows\system32\deployJava1.dll
    2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys
    2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll
    2012-09-30 01:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    .
    =================== ROOTKIT ====================
    .
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover
    Windows 5.1.2600 Disk: TOSHIBA_MK1234GSX rev.AH001D -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
    .
    device: opened successfully
    user: MBR read successfully
    .
    Disk trace:
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x86E584B1]<<
    _asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x86e5f93c]; MOV EAX, [0x86e5fab0]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
    1 ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\Harddisk0\DR0[0x86F5BAB8]
    3 CLASSPNP[0xF75BDFD7] -> ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\00000075[0x86F1F510]
    5 ACPI[0xF7454620] -> ntkrnlpa!IofCallDriver[0x804EF1F0] -> [0x86F1E940]
    \Driver\atapi[0x86E86F38] -> IRP_MJ_CREATE -> 0x86E584B1
    error: Read A device attached to the system is not functioning.
    kernel: MBR read successfully
    _asm { MOV AX, 0x0; MOV SS, AX; MOV SP, 0x7c00; MOV DS, AX; CLD ; MOV CX, 0x80; MOV SI, SP; MOV DI, 0x600; MOV ES, AX; REP MOVSD ; JMP FAR 0x0:0x62d; }
    detected disk devices:
    detected hooks:
    \Driver\atapi DriverStartIo -> 0x86E582E2
    user & kernel MBR OK
    copy of MBR has been found in sector 224701155
    Warning: possible TDL3 rootkit infection !
    .
    ============= FINISH: 11:37:01.37 ===============
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 11/14/2006 2:45:35 PM
    System Uptime: 11/27/2012 11:15:30 AM (0 hours ago)
    .
    Motherboard: Dell Inc. | | 0MG532
    Processor: Genuine Intel(R) CPU T2050 @ 1.60GHz | Microprocessor | 1596/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 105 GiB total, 1.092 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Description: Intel(R) 82801 PCI Bridge - 2448
    Device ID: PCI\VEN_8086&DEV_27D8&SUBSYS_01D81028&REV_01\3&61AAA01&0&D8
    Manufacturer: Intel
    Name: Intel(R) 82801 PCI Bridge - 2448
    PNP Device ID: PCI\VEN_8086&DEV_27D8&SUBSYS_01D81028&REV_01\3&61AAA01&0&D8
    Service: pci
    .
    ==== System Restore Points ===================
    .
    RP1195: 9/23/2012 2:55:44 AM - Software Distribution Service 3.0
    RP1196: 9/23/2012 12:02:52 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    3DVIA player 5.0
    Adobe Flash Player 11 ActiveX
    Adobe Reader XI
    AOLIcon
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ArcSoft PhotoStudio 5.5
    avast! Free Antivirus
    CameraHelperMsi
    Canon CanoScan 8800F User Registration
    CanoScan 8800F
    CCleaner
    Citrix online plug-in - web
    Citrix online plug-in (DV)
    Citrix online plug-in (HDX)
    Citrix online plug-in (USB)
    Citrix online plug-in (Web)
    Conexant HDA D110 MDC V.92 Modem
    Critical Update for Windows Media Player 11 (KB959772)
    DAO 3.5
    DefaultTab
    DefaultTab Chrome
    Defraggler
    Dell PC Fax
    Dell Photo AIO Printer 966
    Dell System Restore
    Digital Content Portal
    EasySolve
    erLT
    File Type Assistant
    FileHippo.com Update Checker
    Final Media Player 2012
    Garmin Communicator Plugin
    Garmin Lifetime Updater
    Garmin USB Drivers
    Garmin WebUpdater
    Google Chrome
    Google Earth
    Google Toolbar for Internet Explorer
    Google Update Helper
    HiJackThis
    Hotfix 2050 for SQL Server 2000 ENU (KB948110)
    Hotfix 2055 for SQL Server 2000 ENU (KB960082)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Format 11 SDK (KB973442)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB2756822)
    Hotfix for Windows XP (KB932716-v2)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    ImageMixer for HDD Camcorder
    Intel(R) Graphics Media Accelerator Driver
    InternetHelper1.5 Toolbar
    iTunes
    J2SE Runtime Environment 5.0 Update 6
    Java 7 Update 9
    Java Auto Updater
    Java(TM) 6 Update 26
    Logitech Vid HD
    Logitech Webcam Software
    LWS Facebook
    LWS Gallery
    LWS Help_main
    LWS Launcher
    LWS Motion Detection
    LWS Pictures And Video
    LWS Twitter
    LWS Video Mask Maker
    LWS VideoEffects
    LWS Webcam Software
    LWS WLM Plugin
    LWS YouTube Plugin
    Malwarebytes Anti-Malware version 1.65.1.1000
    MCU
    Microsoft .NET Framework 1.0 Hotfix (KB2572066)
    Microsoft .NET Framework 1.0 Hotfix (KB2604042)
    Microsoft .NET Framework 1.0 Hotfix (KB2656378)
    Microsoft .NET Framework 1.0 Hotfix (KB953295)
    Microsoft .NET Framework 1.0 Hotfix (KB979904)
    Microsoft .NET Framework 1.0 Security Update (KB2698035)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656370)
    Microsoft .NET Framework 1.1 Security Update (KB2698023)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Outlook 2003 with Business Contact Manager Update
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Small Business Edition 2003
    Microsoft Office Standard 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Software Update for Web Folders (English) 12
    Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
    Microsoft User-Mode Driver Framework Feature Pack 1.9
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft WinUsb 1.0
    Microsoft Works
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB2721691)
    MSXML 4.0 SP3 Parser (KB973685)
    Otto
    PC Matic 1.1.0.49
    PC Pitstop Info Center 1.0.0.14
    PC Pitstop SuperShield 1.0.0.33
    PlayMemories Home
    Quicken 2002 New User Edition
    QuickTime
    Realtek High Definition Audio Driver
    Safari
    SearchAssist
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2744842)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2491683)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544521)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2705219)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135)
    Security Update for Windows XP (KB2724197)
    Security Update for Windows XP (KB2727528)
    Security Update for Windows XP (KB2731847)
    Security Update for Windows XP (KB2761226)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953838)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956390)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960714)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB963027)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165-v2)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Skype Click to Call
    Skype™ 6.0
    Sonic Activation Module
    Sonic Encoders
    SUPERAntiSpyware
    swMSM
    Synaptics Pointing Device Driver
    TomTom HOME 2.8.3.2499
    TomTom HOME Visual Studio Merge Modules
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
    Update for Windows Media Player 10 (KB910393)
    Update for Windows Media Player 10 (KB913800)
    Update for Windows Media Player 10 (KB926251)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    URL Assistant
    Viewpoint Media Player
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    VLC media player 2.0.3
    WebFldrs XP
    Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
    Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Player 10
    Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
    Windows Media Player 11
    Windows Media Player Firefox Plugin
    Windows PowerShell(TM) 1.0
    Windows XP Media Center Edition 2005 KB2502898
    Windows XP Media Center Edition 2005 KB2619340
    Windows XP Media Center Edition 2005 KB2628259
    Windows XP Media Center Edition 2005 KB908246
    Windows XP Media Center Edition 2005 KB925766
    Windows XP Media Center Edition 2005 KB973768
    Windows XP Service Pack 3
    WordPerfect Office 11
    Yontoo 1.10.02
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/24/2012 4:07:04 PM, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.
    11/24/2012 4:05:23 PM, error: Service Control Manager [7000] - The Zune Bus Enumerator Driver service failed to start due to the following error: The system cannot find the file specified.
    11/24/2012 3:06:53 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.
    11/24/2012 3:06:53 PM, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    11/20/2012 5:18:25 PM, error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    11/20/2012 5:11:08 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update Service service to connect.
    11/20/2012 5:11:08 PM, error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    11/20/2012 4:27:11 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
    11/20/2012 4:27:11 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    11/20/2012 4:26:39 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
    .
    ==== End Of File ===========================
    # AdwCleaner v2.009 - Logfile created 11/27/2012 at 11:39:08
    # Updated 24/11/2012 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Todd Seiders - TODD
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Todd Seiders\Local Settings\Temporary Internet Files\Content.IE5\XFSGSWNV\adwcleaner[1].exe
    # Option [Search]


    ***** [Services] *****

    Found : DefaultTabSearch
    Found : DefaultTabUpdate

    ***** [Files / Folders] *****

    File Found : C:\Program Files\Mozilla Firefox\.autoreg
    File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
    Folder Found : C:\Documents and Settings\All Users\Application Data\Ask
    Folder Found : C:\Documents and Settings\All Users\Application Data\boost_interprocess
    Folder Found : C:\Documents and Settings\All Users\Application Data\InstallMate
    Folder Found : C:\Documents and Settings\All Users\Application Data\Tarma Installer
    Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
    Folder Found : C:\Documents and Settings\All Users\Application Data\WeCareReminder
    Folder Found : C:\Documents and Settings\Todd Seiders\Application Data\DefaultTab
    Folder Found : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\APN
    Folder Found : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\Conduit
    Folder Found : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fcoadpabahabkmdndndlimfikephnoka
    Folder Found : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
    Folder Found : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
    Folder Found : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\InternetHelper1.5
    Folder Found : C:\Documents and Settings\Whitney Seiders\Application Data\AVG Secure Search
    Folder Found : C:\Documents and Settings\Whitney Seiders\Application Data\Viewpoint
    Folder Found : C:\Documents and Settings\Whitney Seiders\Local Settings\Application Data\Wajam
    Folder Found : C:\Documents and Settings\Whitney Seiders\Start Menu\Programs\Wajam
    Folder Found : C:\Program Files\Conduit
    Folder Found : C:\Program Files\DefaultTab
    Folder Found : C:\Program Files\InternetHelper1.5
    Folder Found : C:\Program Files\Viewpoint
    Folder Found : C:\Program Files\Wajam
    Folder Found : C:\Program Files\Yontoo

    ***** [Registry] *****

    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\DefaultTab
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\ConduitSearchScopes
    Key Found : HKCU\Software\Default Tab
    Key Found : HKCU\Software\DefaultTab
    Key Found : HKCU\Software\InternetHelper1.5
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}
    Key Found : HKCU\Software\SmartBar
    Key Found : HKCU\Software\Wajam
    Key Found : HKCU\Software\wecarereminder
    Key Found : HKCU\Toolbar
    Key Found : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
    Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
    Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
    Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
    Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
    Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{CF0A6C67-CFD0-40B0-A375-4B9893C2B339}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3247201
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
    Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO
    Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
    Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
    Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\Default Tab
    Key Found : HKLM\Software\DefaultTab
    Key Found : HKLM\Software\Freeze.com
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fcoadpabahabkmdndndlimfikephnoka
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
    Key Found : HKLM\Software\InternetHelper1.5
    Key Found : HKLM\Software\MetaStream
    Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B6F3CAE-C53C-49AE-8562-646D23F5C907}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D318CA2E-9CCE-48C8-8452-3EA06FF93431}
    Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab Chrome
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InternetHelper1.5 Toolbar
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CF0A6C67-CFD0-40B0-A375-4B9893C2B339}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InternetHelper1.5 Toolbar
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
    Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
    Key Found : HKLM\Software\Tarma Installer
    Key Found : HKLM\Software\Viewpoint
    Key Found : HKLM\Software\Wajam
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registry is clean.

    -\\ Google Chrome v [Unable to get version]

    File : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    File : C:\Documents and Settings\Whitney Seiders\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    Found [l.38] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
    Found [l.41] : keyword = "isearch.avg.com",
    Found [l.44] : search_url = "hxxp://isearch.avg.com/search?cid={AD1AAC65-99F9-4873-BCE7-815FB373916A}&mid=4357e6fb7a18ca56fe216184c7193e31-9997c164056c761f008052df295bdf7326195ec9&lang=en&ds=AVG&pr=fr&d=2011-09-29 09:38:18&v=10.0.0.7&sap=dsp&q={searchTerms}",

    *************************

    AdwCleaner[R1].txt - [8721 octets] - [26/11/2012 12:38:51]
    AdwCleaner[R2].txt - [8652 octets] - [27/11/2012 11:39:09]

    ########## EOF - C:\AdwCleaner[R2].txt - [8712 octets] ##########

  4. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hi,

    next

    Please rescan with AdwCleaner.
    Double-click AdwCleaner.exe to run the tool.
    Click Delete.
    Everything that was found will be deleted.
    Save and open files and approve the reboot. A text file will open after the restart.
    Please post the contents of that logfile with your next reply.

    Next

    Please download aswMBR ( 511KB ) to your desktop.
    • Double click the aswMBR.exe icon to run it
    • Click the Scan button to start the scan
    • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.


    In your next reply post:

    1 The deletions from AdwCleaner
    2 The aswMBR log

  5. #5
    Member
    Join Date
    Aug 2008
    Location
    Golden,CO
    Posts
    28
    Points
    1

    Default

    # AdwCleaner v2.009 - Logfile created 11/28/2012 at 10:52:40
    # Updated 24/11/2012 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Todd Seiders - TODD
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Todd Seiders\Local Settings\Temporary Internet Files\Content.IE5\XFSGSWNV\adwcleaner[1].exe
    # Option [Delete]


    ***** [Services] *****

    Stopped & Deleted : DefaultTabSearch
    Stopped & Deleted : DefaultTabUpdate

    ***** [Files / Folders] *****

    Deleted on reboot : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fcoadpabahabkmdndndlimfikephnoka
    Deleted on reboot : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
    Deleted on reboot : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
    File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\InstallMate
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\WeCareReminder
    Folder Deleted : C:\Documents and Settings\Todd Seiders\Application Data\DefaultTab
    Folder Deleted : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\APN
    Folder Deleted : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\Conduit
    Folder Deleted : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\InternetHelper1.5
    Folder Deleted : C:\Documents and Settings\Whitney Seiders\Application Data\AVG Secure Search
    Folder Deleted : C:\Documents and Settings\Whitney Seiders\Application Data\Viewpoint
    Folder Deleted : C:\Documents and Settings\Whitney Seiders\Local Settings\Application Data\Wajam
    Folder Deleted : C:\Documents and Settings\Whitney Seiders\Start Menu\Programs\Wajam
    Folder Deleted : C:\Program Files\Conduit
    Folder Deleted : C:\Program Files\DefaultTab
    Folder Deleted : C:\Program Files\InternetHelper1.5
    Folder Deleted : C:\Program Files\Viewpoint
    Folder Deleted : C:\Program Files\Wajam
    Folder Deleted : C:\Program Files\Yontoo

    ***** [Registry] *****

    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\ConduitSearchScopes
    Key Deleted : HKCU\Software\Default Tab
    Key Deleted : HKCU\Software\DefaultTab
    Key Deleted : HKCU\Software\InternetHelper1.5
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}
    Key Deleted : HKCU\Software\SmartBar
    Key Deleted : HKCU\Software\Wajam
    Key Deleted : HKCU\Software\wecarereminder
    Key Deleted : HKCU\Toolbar
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CF0A6C67-CFD0-40B0-A375-4B9893C2B339}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3247201
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
    Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
    Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
    Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
    Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\Default Tab
    Key Deleted : HKLM\Software\DefaultTab
    Key Deleted : HKLM\Software\Freeze.com
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fcoadpabahabkmdndndlimfikephnoka
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
    Key Deleted : HKLM\Software\InternetHelper1.5
    Key Deleted : HKLM\Software\MetaStream
    Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B6F3CAE-C53C-49AE-8562-646D23F5C907}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D318CA2E-9CCE-48C8-8452-3EA06FF93431}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab Chrome
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InternetHelper1.5 Toolbar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CF0A6C67-CFD0-40B0-A375-4B9893C2B339}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InternetHelper1.5 Toolbar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
    Key Deleted : HKLM\Software\Tarma Installer
    Key Deleted : HKLM\Software\Viewpoint
    Key Deleted : HKLM\Software\Wajam
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registry is clean.

    -\\ Google Chrome v [Unable to get version]

    File : C:\Documents and Settings\Todd Seiders\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    File : C:\Documents and Settings\Whitney Seiders\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    Deleted [l.38] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
    Deleted [l.41] : keyword = "isearch.avg.com",
    Deleted [l.44] : search_url = "hxxp://isearch.avg.com/search?cid={AD1AAC65-99F9-4873-BCE7-815FB373916A}&mid=43[...]

    *************************

    AdwCleaner[R1].txt - [8721 octets] - [26/11/2012 12:38:51]
    AdwCleaner[R2].txt - [8781 octets] - [27/11/2012 11:39:09]
    AdwCleaner[R3].txt - [8841 octets] - [28/11/2012 10:52:16]
    AdwCleaner[S2].txt - [8851 octets] - [28/11/2012 10:52:41]

    ########## EOF - C:\AdwCleaner[S2].txt - [8911 octets] ##########
    aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
    Run date: 2012-11-28 11:06:47
    -----------------------------
    11:06:47.359 OS Version: Windows 5.1.2600 Service Pack 3
    11:06:47.359 Number of processors: 2 586 0xE08
    11:06:47.375 ComputerName: TODD UserName:
    11:06:49.062 Initialize success
    11:06:51.578 AVAST engine defs: 12112800
    11:07:17.046 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
    11:07:17.046 Disk 0 Vendor: TOSHIBA_MK1234GSX AH001D Size: 114473MB BusType: 3
    11:07:17.062 Device \Driver\atapi -> DriverStartIo 86e602e2
    11:07:17.062 Disk 0 MBR read successfully
    11:07:17.062 Disk 0 MBR scan
    11:07:17.062 Disk 0 unknown MBR code
    11:07:17.062 Disk 0 MBR hidden
    11:07:17.062 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
    11:07:17.093 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 107615 MB offset 96390
    11:07:17.109 Disk 0 Partition - 00 0F Extended LBA 2047 MB offset 220508190
    11:07:17.140 Disk 0 Partition 3 00 DD MSDOS5.0 2047 MB offset 220508253
    11:07:17.140 Disk 0 scanning sectors +224701155
    11:07:17.203 Disk 0 scanning C:\WINDOWS\system32\drivers
    11:07:28.640 Service scanning
    11:07:51.203 Modules scanning
    11:07:59.718 Disk 0 trace - called modules:
    11:07:59.734
    11:08:00.875 AVAST engine scan C:\WINDOWS
    11:08:15.515 AVAST engine scan C:\WINDOWS\system32
    11:10:55.031 AVAST engine scan C:\WINDOWS\system32\drivers
    11:11:05.703 AVAST engine scan C:\Documents and Settings\Todd Seiders
    11:18:32.218 AVAST engine scan C:\Documents and Settings\All Users
    11:21:02.875 Scan finished successfully
    11:42:11.640 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Todd Seiders\Desktop\MBR.dat"
    11:42:11.640 The log file has been saved successfully to "C:\Documents and Settings\Todd Seiders\Desktop\aswMBR.txt"

  6. #6
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello Tidder,

    Zep516 has informed me of a possible TDL3 infection. Zep516 is currently in schooling and cannot perform the removal of this infection at this time. He has asked me to step in and continue helping in the removal of this infection and then we will get you back to Zep516.


    Please run the following tools andpPost there logs.

    1.
    Please download the latest version of TDSSKiller from here and save it to your Desktop.
    • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    • Put a checkmark beside loaded modules.
    • A reboot will be needed to apply the changes. Do it.
    • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
    • Then click on Change parameters in TDSSKiller.
    • Check all boxes then click OK.
    • Click the Start Scan button.
    • The scan should take no longer than 2 minutes.
    • If a suspicious object is detected, the default action will be Skip, click on Continue.
    • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
      Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

      Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
    • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


    2.
    Install Recovery Console and Run ComboFix

    This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

    Download Combofix from any of the links below, and save it to your desktop.

    Link 1
    Link 2
    • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
    • Close any open windows, including this one.
    • Double click on ComboFix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • If you did not have it installed, you will see the prompt below. Choose YES.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
    should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    • Click on Yes, to continue scanning for malware.
    • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
    Leave your computer alone while ComboFix is running.
    ComboFix will restart your computer if malware is found; allow it to do so.


    Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


    Things to include in your next reply::
    TdssKiller log
    Combofix.txt
    How is your machine running now.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  7. #7
    Member
    Join Date
    Aug 2008
    Location
    Golden,CO
    Posts
    28
    Points
    1

    Default

    Quote Originally Posted by fireman4it View Post
    Hello Tidder,

    Zep516 has informed me of a possible TDL3 infection. Zep516 is currently in schooling and cannot perform the removal of this infection at this time. He has asked me to step in and continue helping in the removal of this infection and then we will get you back to Zep516.


    Please run the following tools andpPost there logs.

    1.
    Please download the latest version of TDSSKiller from here and save it to your Desktop.
    • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    • Put a checkmark beside loaded modules.
    • A reboot will be needed to apply the changes. Do it.
    • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
    • Then click on Change parameters in TDSSKiller.
    • Check all boxes then click OK.
    • Click the Start Scan button.
    • The scan should take no longer than 2 minutes.
    • If a suspicious object is detected, the default action will be Skip, click on Continue.
    • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
      Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

      Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
    • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


    2.
    Install Recovery Console and Run ComboFix

    This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

    Download Combofix from any of the links below, and save it to your desktop.

    Link 1
    Link 2
    • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
    • Close any open windows, including this one.
    • Double click on ComboFix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • If you did not have it installed, you will see the prompt below. Choose YES.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
    should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    • Click on Yes, to continue scanning for malware.
    • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
    Leave your computer alone while ComboFix is running.
    ComboFix will restart your computer if malware is found; allow it to do so.


    Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


    Things to include in your next reply::
    TdssKiller log
    Combofix.txt
    How is your machine running now.

  8. #8
    Member
    Join Date
    Aug 2008
    Location
    Golden,CO
    Posts
    28
    Points
    1

    Default

    Hello
    As for the long delay- I am having issues completing last tasks of the TdssKiller & combofix. have several hours in trying to accomplish

    I ended up running the TdssKiller twice as I felt insecure if I complted 1st run properly,after that, seemed my machine ran super fast and normal

    issues came about running combofix as I had turned off all spyware and closed all windows per instructions- The scan started Ok as I could see it scanning (never touched anything while scanning) then it would disapear and leaving it sit several times and nothing else would ever occur but looking at my desktop(no log ever appeared after more then 30 minutes each time)

    so I thought to try and post just the TdssKiller log with a note that puter froze everytime and ask on the combo fix how to handle - but I could get the TdssKiller log copied in forum and thats when it froze each time

    after a reboot ran superantispyware and then Avast and it had me do a boot scan as it found threats ,which is still running

    am on a differnet machine for this posting toi see What to do now?

    Thanks,Tidder

  9. #9
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello,

    Please try and run both in Safemode.

    Now reboot into Safe Mode.
    This can be done tapping the F8 key as soon as you start your computer
    You will be brought to a menu where you can choose to boot into safe mode.
    Make sure you choose the option without networking support.
    Please see here for additional details.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  10. #10
    Member
    Join Date
    Aug 2008
    Location
    Golden,CO
    Posts
    28
    Points
    1

    Default

    14:30:36.0828 3888 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
    14:30:37.0390 3888 ============================================================
    14:30:37.0390 3888 Current date / time: 2012/12/02 14:30:37.0390
    14:30:37.0390 3888 SystemInfo:
    14:30:37.0390 3888
    14:30:37.0390 3888 OS Version: 5.1.2600 ServicePack: 3.0
    14:30:37.0390 3888 Product type: Workstation
    14:30:37.0390 3888 ComputerName: TODD
    14:30:37.0390 3888 UserName: Todd Seiders
    14:30:37.0390 3888 Windows directory: C:\WINDOWS
    14:30:37.0390 3888 System windows directory: C:\WINDOWS
    14:30:37.0390 3888 Processor architecture: Intel x86
    14:30:37.0390 3888 Number of processors: 2
    14:30:37.0390 3888 Page size: 0x1000
    14:30:37.0390 3888 Boot type: Normal boot
    14:30:37.0390 3888 ============================================================
    14:30:39.0437 3888 BG loaded
    14:30:39.0859 3888 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
    14:30:39.0890 3888 ============================================================
    14:30:39.0890 3888 \Device\Harddisk0\DR0:
    14:30:39.0890 3888 MBR partitions:
    14:30:39.0890 3888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0xD22F8D7
    14:30:39.0921 3888 ============================================================
    14:30:39.0968 3888 C: <-> \Device\Harddisk0\DR0\Partition1
    14:30:40.0015 3888 ============================================================
    14:30:40.0015 3888 Initialize success
    14:30:40.0015 3888 ============================================================
    14:30:58.0875 2980 ============================================================
    14:30:58.0875 2980 Scan started
    14:30:58.0875 2980 Mode: Manual; SigCheck; TDLFS;
    14:30:58.0875 2980 ============================================================
    14:31:07.0046 2980 ================ Scan system memory ========================
    14:31:07.0046 2980 System memory - ok
    14:31:07.0062 2980 ================ Scan services =============================
    14:31:07.0406 2980 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    14:31:09.0406 2980 !SASCORE - ok
    14:31:12.0078 2980 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
    14:31:12.0343 2980 Aavmker4 - ok
    14:31:12.0343 2980 Abiosdsk - ok
    14:31:12.0796 2980 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
    14:31:17.0515 2980 abp480n5 - ok
    14:31:19.0671 2980 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
    14:31:21.0218 2980 ACPI - ok
    14:31:21.0468 2980 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
    14:31:21.0859 2980 ACPIEC - ok
    14:31:26.0656 2980 [ 705F09A2A283F906738F77C8722A276C ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    14:31:26.0890 2980 AdobeFlashPlayerUpdateSvc - ok
    14:31:30.0671 2980 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
    14:31:32.0203 2980 adpu160m - ok
    14:31:39.0203 2980 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
    14:31:41.0890 2980 aec - ok
    14:31:42.0093 2980 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
    14:31:42.0484 2980 AFD - ok
    14:31:43.0453 2980 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
    14:31:44.0343 2980 agp440 - ok
    14:31:44.0375 2980 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
    14:31:45.0500 2980 agpCPQ - ok
    14:31:48.0250 2980 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
    14:31:49.0250 2980 Aha154x - ok
    14:31:49.0578 2980 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
    14:31:50.0968 2980 aic78u2 - ok
    14:31:51.0515 2980 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
    14:31:52.0296 2980 aic78xx - ok
    14:31:52.0359 2980 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
    14:31:53.0031 2980 Alerter - ok
    14:31:53.0375 2980 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
    14:31:53.0953 2980 ALG - ok
    14:31:54.0421 2980 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
    14:31:55.0093 2980 AliIde - ok
    14:31:56.0406 2980 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
    14:31:57.0406 2980 alim1541 - ok
    14:31:57.0531 2980 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
    14:31:59.0437 2980 amdagp - ok
    14:31:59.0468 2980 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
    14:32:00.0109 2980 amsint - ok
    14:32:00.0359 2980 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    14:32:00.0406 2980 Apple Mobile Device - ok
    14:32:00.0453 2980 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
    14:32:01.0046 2980 AppMgmt - ok
    14:32:01.0109 2980 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
    14:32:01.0718 2980 Arp1394 - ok
    14:32:02.0093 2980 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
    14:32:03.0109 2980 asc - ok
    14:32:03.0671 2980 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
    14:32:04.0359 2980 asc3350p - ok
    14:32:04.0984 2980 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
    14:32:05.0890 2980 asc3550 - ok
    14:32:09.0109 2980 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    14:32:10.0437 2980 aspnet_state - ok
    14:32:10.0531 2980 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
    14:32:10.0984 2980 aswFsBlk - ok
    14:32:13.0531 2980 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
    14:32:13.0609 2980 aswMon2 - ok
    14:32:13.0703 2980 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
    14:32:13.0765 2980 AswRdr - ok
    14:32:14.0140 2980 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
    14:32:14.0875 2980 aswSnx - ok
    14:32:15.0125 2980 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
    14:32:15.0218 2980 aswSP - ok
    14:32:15.0250 2980 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
    14:32:15.0281 2980 aswTdi - ok
    14:32:15.0343 2980 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    14:32:15.0750 2980 AsyncMac - ok
    14:32:15.0812 2980 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
    14:32:16.0015 2980 atapi - ok
    14:32:16.0031 2980 Atdisk - ok
    14:32:16.0078 2980 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    14:32:16.0375 2980 Atmarpc - ok
    14:32:16.0406 2980 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
    14:32:16.0828 2980 AudioSrv - ok
    14:32:16.0906 2980 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
    14:32:17.0218 2980 audstub - ok
    14:32:17.0359 2980 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    14:32:17.0390 2980 avast! Antivirus - ok
    14:32:17.0453 2980 [ 8BE661C16FBF84A73BCEC84B6B4A9DB5 ] Avgfwdx C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
    14:32:17.0484 2980 Avgfwdx - ok
    14:32:17.0515 2980 [ 8BE661C16FBF84A73BCEC84B6B4A9DB5 ] Avgfwfd C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
    14:32:17.0531 2980 Avgfwfd - ok
    14:32:17.0656 2980 [ 30D20FC98BCFD52E1DA778CF19B223D4 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
    14:32:17.0812 2980 BCM43XX - ok
    14:32:17.0859 2980 [ 6489310D11971F6BA6C7F49BE0BAF6E0 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
    14:32:17.0937 2980 bcm4sbxp - ok
    14:32:18.0015 2980 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
    14:32:18.0437 2980 Beep - ok
    14:32:18.0484 2980 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
    14:32:18.0937 2980 BITS - ok
    14:32:19.0000 2980 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
    14:32:19.0125 2980 Browser - ok
    14:32:19.0156 2980 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
    14:32:19.0562 2980 cbidf - ok
    14:32:19.0578 2980 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
    14:32:20.0109 2980 cbidf2k - ok
    14:32:20.0171 2980 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    14:32:20.0515 2980 CCDECODE - ok
    14:32:20.0546 2980 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
    14:32:20.0734 2980 cd20xrnt - ok
    14:32:20.0781 2980 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
    14:32:21.0062 2980 Cdaudio - ok
    14:32:21.0093 2980 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
    14:32:21.0390 2980 Cdfs - ok
    14:32:21.0437 2980 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
    14:32:21.0515 2980 Cdrom - ok
    14:32:21.0531 2980 Changer - ok
    14:32:21.0562 2980 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
    14:32:21.0828 2980 CiSvc - ok
    14:32:21.0859 2980 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
    14:32:23.0031 2980 ClipSrv - ok
    14:32:23.0062 2980 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    14:32:23.0171 2980 clr_optimization_v2.0.50727_32 - ok
    14:32:23.0265 2980 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    14:32:23.0343 2980 clr_optimization_v4.0.30319_32 - ok
    14:32:23.0375 2980 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    14:32:23.0718 2980 CmBatt - ok
    14:32:23.0796 2980 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
    14:32:24.0109 2980 CmdIde - ok
    14:32:24.0156 2980 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
    14:32:24.0640 2980 Compbatt - ok
    14:32:24.0687 2980 [ BC6B87086FF0D99F87FE8AF9A919A1E7 ] CompFilter C:\WINDOWS\system32\DRIVERS\lvbusflt.sys
    14:32:24.0781 2980 CompFilter - ok
    14:32:24.0781 2980 COMSysApp - ok
    14:32:24.0796 2980 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
    14:32:25.0109 2980 Cpqarray - ok
    14:32:25.0140 2980 [ 7DB5E3F44D797BD38B8E336CCC2E49D5 ] Creative Labs Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
    14:32:25.0187 2980 Creative Labs Licensing Service ( UnsignedFile.Multi.Generic ) - warning
    14:32:25.0187 2980 Creative Labs Licensing Service - detected UnsignedFile.Multi.Generic (1)
    14:32:25.0250 2980 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
    14:32:25.0671 2980 CryptSvc - ok
    14:32:25.0703 2980 [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
    14:32:25.0765 2980 ctxusbm - ok
    14:32:26.0015 2980 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
    14:32:26.0375 2980 dac2w2k - ok
    14:32:26.0390 2980 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
    14:32:26.0796 2980 dac960nt - ok
    14:32:27.0125 2980 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
    14:32:27.0343 2980 DcomLaunch - ok
    14:32:27.0531 2980 [ EC4718A0FF97252F99FC651CD06CADE3 ] DeviceFinderService C:\Program Files\Sony\PlayMemories Home\dfs.exe
    14:32:27.0656 2980 DeviceFinderService - ok
    14:32:27.0703 2980 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
    14:32:28.0156 2980 Dhcp - ok
    14:32:28.0187 2980 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
    14:32:28.0531 2980 Disk - ok
    14:32:28.0546 2980 dlcq_device - ok
    14:32:28.0546 2980 dmadmin - ok
    14:32:28.0656 2980 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
    14:32:29.0328 2980 dmboot - ok
    14:32:29.0453 2980 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
    14:32:29.0781 2980 dmio - ok
    14:32:29.0843 2980 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
    14:32:30.0109 2980 dmload - ok
    14:32:30.0156 2980 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
    14:32:30.0562 2980 dmserver - ok
    14:32:30.0593 2980 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
    14:32:31.0218 2980 DMusic - ok
    14:32:31.0250 2980 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
    14:32:31.0390 2980 Dnscache - ok
    14:32:31.0421 2980 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
    14:32:31.0671 2980 Dot3svc - ok
    14:32:31.0687 2980 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
    14:32:31.0875 2980 dpti2o - ok
    14:32:31.0921 2980 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
    14:32:32.0125 2980 drmkaud - ok
    14:32:32.0125 2980 DSproct - ok
    14:32:32.0156 2980 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
    14:32:32.0328 2980 E100B - ok
    14:32:32.0359 2980 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
    14:32:32.0546 2980 EapHost - ok
    14:32:32.0640 2980 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
    14:32:32.0843 2980 ehRecvr - ok
    14:32:32.0890 2980 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
    14:32:33.0125 2980 ehSched - ok
    14:32:33.0171 2980 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
    14:32:33.0687 2980 ERSvc - ok
    14:32:33.0718 2980 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
    14:32:33.0859 2980 Eventlog - ok
    14:32:33.0968 2980 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
    14:32:34.0109 2980 EventSystem - ok
    14:32:34.0156 2980 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
    14:32:34.0640 2980 Fastfat - ok
    14:32:34.0687 2980 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
    14:32:34.0765 2980 FastUserSwitchingCompatibility - ok
    14:32:34.0828 2980 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
    14:32:35.0062 2980 Fax - ok
    14:32:35.0125 2980 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
    14:32:35.0437 2980 Fdc - ok
    14:32:35.0453 2980 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
    14:32:35.0625 2980 Fips - ok
    14:32:35.0640 2980 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    14:32:35.0812 2980 Flpydisk - ok
    14:32:35.0859 2980 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
    14:32:36.0078 2980 FltMgr - ok
    14:32:36.0156 2980 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    14:32:36.0687 2980 FontCache3.0.0.0 - ok
    14:32:36.0703 2980 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
    14:32:37.0078 2980 Fs_Rec - ok
    14:32:37.0093 2980 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    14:32:37.0281 2980 Ftdisk - ok
    14:32:37.0328 2980 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
    14:32:37.0359 2980 GEARAspiWDM - ok
    14:32:37.0390 2980 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
    14:32:37.0609 2980 Gpc - ok
    14:32:37.0671 2980 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
    14:32:37.0703 2980 gupdate - ok
    14:32:37.0703 2980 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
    14:32:37.0734 2980 gupdatem - ok
    14:32:37.0812 2980 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    14:32:37.0843 2980 gusvc - ok
    14:32:37.0859 2980 HDAudBus - ok
    14:32:37.0921 2980 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    14:32:38.0187 2980 helpsvc - ok
    14:32:38.0218 2980 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
    14:32:38.0421 2980 HidServ - ok
    14:32:38.0453 2980 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
    14:32:38.0625 2980 HidUsb - ok
    14:32:38.0671 2980 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
    14:32:38.0843 2980 hkmsvc - ok
    14:32:38.0859 2980 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
    14:32:39.0031 2980 hpn - ok
    14:32:39.0078 2980 [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
    14:32:39.0234 2980 HSF_DPV - ok
    14:32:39.0265 2980 [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
    14:32:39.0312 2980 HSXHWAZL - ok
    14:32:39.0359 2980 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
    14:32:39.0421 2980 HTTP - ok
    14:32:39.0453 2980 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
    14:32:39.0703 2980 HTTPFilter - ok
    14:32:39.0718 2980 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
    14:32:39.0890 2980 i2omgmt - ok
    14:32:39.0906 2980 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
    14:32:40.0078 2980 i2omp - ok
    14:32:40.0109 2980 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    14:32:40.0312 2980 i8042prt - ok
    14:32:40.0406 2980 [ CC449157474D5E43DAEA7E20F52C635A ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
    14:32:40.0531 2980 ialm - ok
    14:32:40.0640 2980 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    14:32:40.0718 2980 idsvc - ok
    14:32:40.0750 2980 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
    14:32:41.0156 2980 Imapi - ok
    14:32:41.0203 2980 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
    14:32:41.0390 2980 ImapiService - ok
    14:32:41.0406 2980 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
    14:32:41.0578 2980 ini910u - ok
    14:32:41.0625 2980 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
    14:32:41.0796 2980 IntelIde - ok
    14:32:41.0843 2980 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
    14:32:42.0046 2980 intelppm - ok
    14:32:42.0093 2980 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
    14:32:42.0296 2980 Ip6Fw - ok
    14:32:42.0328 2980 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    14:32:42.0515 2980 IpFilterDriver - ok
    14:32:42.0531 2980 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
    14:32:42.0703 2980 IpInIp - ok
    14:32:42.0718 2980 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
    14:32:42.0890 2980 IpNat - ok
    14:32:42.0968 2980 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    14:32:43.0031 2980 iPod Service - ok
    14:32:43.0062 2980 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
    14:32:43.0281 2980 IPSec - ok
    14:32:43.0296 2980 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
    14:32:43.0421 2980 IRENUM - ok
    14:32:43.0437 2980 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
    14:32:43.0640 2980 isapnp - ok
    14:32:43.0812 2980 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
    14:32:43.0828 2980 JavaQuickStarterService - ok
    14:32:43.0859 2980 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    14:32:44.0093 2980 Kbdclass - ok
    14:32:44.0125 2980 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
    14:32:44.0421 2980 kmixer - ok
    14:32:44.0453 2980 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
    14:32:44.0531 2980 KSecDD - ok
    14:32:44.0562 2980 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
    14:32:44.0625 2980 lanmanserver - ok
    14:32:44.0656 2980 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
    14:32:44.0734 2980 lanmanworkstation - ok
    14:32:44.0765 2980 Lavasoft Kernexplorer - ok
    14:32:44.0796 2980 [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd C:\WINDOWS\system32\DRIVERS\Lbd.sys
    14:32:44.0828 2980 Lbd - ok
    14:32:44.0843 2980 lbrtfdc - ok
    14:32:44.0890 2980 [ 5E3498F3D0146C0E275272B94369E3D2 ] LexBceS C:\WINDOWS\system32\LEXBCES.EXE
    14:32:44.0937 2980 LexBceS ( UnsignedFile.Multi.Generic ) - warning
    14:32:44.0937 2980 LexBceS - detected UnsignedFile.Multi.Generic (1)
    14:32:44.0968 2980 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
    14:32:45.0375 2980 LmHosts - ok
    14:32:45.0421 2980 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
    14:32:45.0437 2980 LVPr2Mon - ok
    14:32:45.0515 2980 [ 7521C0C58EE91BE90B6CC33E792D10C7 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
    14:32:45.0562 2980 LVRS - ok
    14:32:45.0593 2980 [ D679BAC01850B70518DA1AB75E735556 ] lvselsus C:\WINDOWS\system32\DRIVERS\lvselsus.sys
    14:32:45.0609 2980 lvselsus - ok
    14:32:45.0890 2980 [ 37E57C48AF530DF01CDD4E8A2AD77B51 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
    14:32:46.0328 2980 LVUVC - ok
    14:32:46.0375 2980 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
    14:32:46.0390 2980 MBAMProtector - ok
    14:32:46.0468 2980 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    14:32:46.0500 2980 MBAMScheduler - ok
    14:32:46.0546 2980 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    14:32:46.0593 2980 MBAMService - ok
    14:32:46.0625 2980 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
    14:32:46.0671 2980 McrdSvc - ok
    14:32:46.0718 2980 [ 5BB01B9F582259D1FB7653C5C1DA3653 ] MCSTRM C:\WINDOWS\system32\drivers\MCSTRM.sys
    14:32:46.0734 2980 MCSTRM ( UnsignedFile.Multi.Generic ) - warning
    14:32:46.0734 2980 MCSTRM - detected UnsignedFile.Multi.Generic (1)
    14:32:46.0828 2980 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    14:32:46.0859 2980 MDM - ok
    14:32:46.0890 2980 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    14:32:46.0984 2980 mdmxsdk - ok
    14:32:47.0015 2980 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
    14:32:47.0390 2980 Messenger - ok
    14:32:47.0437 2980 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
    14:32:47.0453 2980 MHN ( UnsignedFile.Multi.Generic ) - warning
    14:32:47.0453 2980 MHN - detected UnsignedFile.Multi.Generic (1)
    14:32:47.0468 2980 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
    14:32:47.0484 2980 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
    14:32:47.0484 2980 MHNDRV - detected UnsignedFile.Multi.Generic (1)
    14:32:47.0500 2980 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
    14:32:47.0671 2980 mnmdd - ok
    14:32:47.0703 2980 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
    14:32:47.0890 2980 mnmsrvc - ok
    14:32:47.0921 2980 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
    14:32:48.0140 2980 Modem - ok
    14:32:48.0171 2980 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
    14:32:48.0343 2980 Mouclass - ok
    14:32:48.0375 2980 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
    14:32:48.0562 2980 mouhid - ok
    14:32:48.0593 2980 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
    14:32:48.0781 2980 MountMgr - ok
    14:32:48.0812 2980 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
    14:32:48.0968 2980 mraid35x - ok
    14:32:49.0062 2980 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
    14:32:49.0062 2980 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
    14:32:49.0062 2980 MREMP50 - detected UnsignedFile.Multi.Generic (1)
    14:32:49.0078 2980 MREMPR5 - ok
    14:32:49.0078 2980 MRENDIS5 - ok
    14:32:49.0093 2980 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
    14:32:49.0125 2980 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
    14:32:49.0125 2980 MRESP50 - detected UnsignedFile.Multi.Generic (1)
    14:32:49.0171 2980 [ A7566DA7AA8B74F1CEBC18AFD6B6CFA0 ] mrtRate C:\WINDOWS\system32\drivers\mrtRate.sys
    14:32:49.0187 2980 mrtRate ( UnsignedFile.Multi.Generic ) - warning
    14:32:49.0187 2980 mrtRate - detected UnsignedFile.Multi.Generic (1)
    14:32:49.0203 2980 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    14:32:49.0437 2980 MRxDAV - ok
    14:32:49.0484 2980 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    14:32:49.0593 2980 MRxSmb - ok
    14:32:49.0640 2980 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
    14:32:49.0812 2980 MSDTC - ok
    14:32:49.0828 2980 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
    14:32:50.0000 2980 Msfs - ok
    14:32:50.0015 2980 MSIServer - ok
    14:32:50.0046 2980 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
    14:32:50.0312 2980 MSKSSRV - ok
    14:32:50.0343 2980 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    14:32:50.0515 2980 MSPCLOCK - ok
    14:32:50.0531 2980 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
    14:32:50.0734 2980 MSPQM - ok
    14:32:50.0765 2980 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    14:32:50.0937 2980 mssmbios - ok
    14:32:51.0359 2980 [ 1B959A0614D575D0AB3B09095F0A8B83 ] MSSQL$MICROSOFTSMLBIZ C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
    14:32:52.0234 2980 MSSQL$MICROSOFTSMLBIZ - ok
    14:32:52.0359 2980 [ 1D1B22613EAB9287AF902398867BC93C ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
    14:32:52.0437 2980 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - warning
    14:32:52.0437 2980 MSSQLServerADHelper - detected UnsignedFile.Multi.Generic (1)
    14:32:52.0468 2980 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
    14:32:52.0781 2980 MSTEE - ok
    14:32:52.0828 2980 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
    14:32:52.0890 2980 Mup - ok
    14:32:52.0906 2980 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    14:32:53.0093 2980 NABTSFEC - ok
    14:32:53.0140 2980 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
    14:32:53.0343 2980 napagent - ok
    14:32:53.0375 2980 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
    14:32:53.0609 2980 NDIS - ok
    14:32:53.0640 2980 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    14:32:53.0796 2980 NdisIP - ok
    14:32:53.0828 2980 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    14:32:53.0906 2980 NdisTapi - ok
    14:32:53.0921 2980 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    14:32:54.0093 2980 Ndisuio - ok
    14:32:54.0125 2980 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    14:32:54.0312 2980 NdisWan - ok
    14:32:54.0359 2980 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
    14:32:54.0421 2980 NDProxy - ok
    14:32:54.0453 2980 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
    14:32:54.0703 2980 NetBIOS - ok
    14:32:54.0718 2980 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
    14:32:54.0937 2980 NetBT - ok
    14:32:54.0968 2980 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
    14:32:55.0187 2980 NetDDE - ok
    14:32:55.0203 2980 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
    14:32:55.0359 2980 NetDDEdsdm - ok
    14:32:55.0390 2980 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
    14:32:55.0546 2980 Netlogon - ok
    14:32:55.0578 2980 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
    14:32:55.0828 2980 Netman - ok
    14:32:55.0859 2980 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    14:32:55.0890 2980 NetTcpPortSharing - ok
    14:32:55.0921 2980 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
    14:32:56.0093 2980 NIC1394 - ok
    14:32:56.0125 2980 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
    14:32:56.0203 2980 Nla - ok
    14:32:56.0203 2980 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
    14:32:56.0375 2980 Npfs - ok
    14:32:56.0421 2980 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
    14:32:56.0687 2980 Ntfs - ok
    14:32:56.0718 2980 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
    14:32:56.0875 2980 NtLmSsp - ok
    14:32:56.0921 2980 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
    14:32:57.0125 2980 NtmsSvc - ok
    14:32:57.0171 2980 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
    14:32:57.0187 2980 NuidFltr - ok
    14:32:57.0218 2980 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
    14:32:57.0390 2980 Null - ok
    14:32:57.0468 2980 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    14:32:57.0890 2980 nv - ok
    14:32:57.0906 2980 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    14:32:58.0078 2980 NwlnkFlt - ok
    14:32:58.0109 2980 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    14:32:58.0312 2980 NwlnkFwd - ok
    14:32:58.0421 2980 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    14:32:58.0468 2980 odserv - ok
    14:32:58.0500 2980 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    14:32:58.0718 2980 ohci1394 - ok
    14:32:58.0796 2980 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    14:32:58.0828 2980 ose - ok
    14:32:58.0828 2980 PalmUSBD - ok
    14:32:58.0875 2980 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
    14:32:59.0046 2980 Parport - ok
    14:32:59.0046 2980 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
    14:32:59.0234 2980 PartMgr - ok
    14:32:59.0265 2980 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
    14:32:59.0437 2980 ParVdm - ok
    14:32:59.0484 2980 [ 3E73B088F57666A8F0F15496F0A602EE ] pcCMService C:\Program Files\Common Files\Motive\pcCMService.exe
    14:32:59.0546 2980 pcCMService ( UnsignedFile.Multi.Generic ) - warning
    14:32:59.0546 2980 pcCMService - detected UnsignedFile.Multi.Generic (1)
    14:32:59.0593 2980 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
    14:32:59.0875 2980 PCI - ok
    14:32:59.0875 2980 PCIDump - ok
    14:32:59.0890 2980 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
    14:33:00.0062 2980 PCIIde - ok
    14:33:00.0125 2980 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
    14:33:00.0296 2980 Pcmcia - ok
    14:33:00.0546 2980 [ 288BAE65C61BCEE6A5E7E7362D2CD417 ] PCPitstop Realtime C:\Program Files\PCPitstop\PC MaticRT\PCPitstopRTService.exe
    14:33:00.0812 2980 PCPitstop Realtime ( UnsignedFile.Multi.Generic ) - warning
    14:33:00.0812 2980 PCPitstop Realtime - detected UnsignedFile.Multi.Generic (1)
    14:33:00.0875 2980 [ 8D45BF21A269B379C86A02928EB617DD ] PCPitstop Scheduling C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
    14:33:00.0890 2980 PCPitstop Scheduling - ok
    14:33:00.0953 2980 [ A4D6449CEBB5931685AE310DC2D7966D ] pcServiceHost C:\Program Files\Common Files\Motive\pcServiceHost.exe
    14:33:01.0000 2980 pcServiceHost ( UnsignedFile.Multi.Generic ) - warning
    14:33:01.0000 2980 pcServiceHost - detected UnsignedFile.Multi.Generic (1)
    14:33:01.0015 2980 PDCOMP - ok
    14:33:01.0015 2980 PDFRAME - ok
    14:33:01.0031 2980 PDRELI - ok
    14:33:01.0031 2980 PDRFRAME - ok
    14:33:01.0046 2980 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
    14:33:01.0296 2980 perc2 - ok
    14:33:01.0312 2980 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
    14:33:01.0468 2980 perc2hib - ok
    14:33:01.0500 2980 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
    14:33:01.0562 2980 PlugPlay - ok
    14:33:01.0609 2980 [ 3072137896BFCCF4B190D248F583B48E ] PMBDeviceInfoProvider C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
    14:33:01.0734 2980 PMBDeviceInfoProvider - ok
    14:33:01.0750 2980 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
    14:33:01.0953 2980 PolicyAgent - ok
    14:33:01.0984 2980 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
    14:33:02.0203 2980 PptpMiniport - ok
    14:33:02.0203 2980 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
    14:33:02.0375 2980 ProtectedStorage - ok
    14:33:02.0390 2980 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
    14:33:02.0562 2980 Ptilink - ok
    14:33:02.0625 2980 [ 81088114178112618B1C414A65E50F7C ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
    14:33:02.0656 2980 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
    14:33:02.0656 2980 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
    14:33:02.0687 2980 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
    14:33:02.0906 2980 ql1080 - ok
    14:33:02.0921 2980 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
    14:33:03.0109 2980 Ql10wnt - ok
    14:33:03.0125 2980 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
    14:33:03.0296 2980 ql12160 - ok
    14:33:03.0296 2980 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
    14:33:03.0468 2980 ql1240 - ok
    14:33:03.0484 2980 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
    14:33:03.0656 2980 ql1280 - ok
    14:33:03.0671 2980 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
    14:33:03.0843 2980 RasAcd - ok
    14:33:03.0875 2980 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
    14:33:04.0109 2980 RasAuto - ok
    14:33:04.0156 2980 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    14:33:04.0328 2980 Rasl2tp - ok
    14:33:04.0359 2980 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
    14:33:04.0562 2980 RasMan - ok
    14:33:04.0593 2980 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    14:33:04.0765 2980 RasPppoe - ok
    14:33:04.0781 2980 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
    14:33:05.0015 2980 Raspti - ok
    14:33:05.0046 2980 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
    14:33:05.0218 2980 Rdbss - ok
    14:33:05.0234 2980 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    14:33:05.0390 2980 RDPCDD - ok
    14:33:05.0421 2980 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    14:33:05.0578 2980 rdpdr - ok
    14:33:05.0625 2980 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
    14:33:05.0687 2980 RDPWD - ok
    14:33:05.0718 2980 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
    14:33:05.0968 2980 RDSessMgr - ok
    14:33:05.0984 2980 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
    14:33:06.0171 2980 redbook - ok
    14:33:06.0187 2980 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
    14:33:06.0390 2980 RemoteAccess - ok
    14:33:06.0421 2980 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
    14:33:06.0609 2980 RemoteRegistry - ok
    14:33:06.0625 2980 [ 24ED7AF20651F9FA1F249482E7C1F165 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
    14:33:06.0671 2980 rimmptsk - ok
    14:33:06.0703 2980 [ 1BDBA2D2D402415A78A4BA766DFE0F7B ] rimsptsk C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
    14:33:06.0765 2980 rimsptsk - ok
    14:33:06.0796 2980 [ F774ECD11A064F0DEBB2D4395418153C ] rismxdp C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
    14:33:06.0843 2980 rismxdp - ok
    14:33:06.0859 2980 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
    14:33:07.0093 2980 RpcLocator - ok
    14:33:07.0125 2980 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
    14:33:07.0234 2980 RpcSs - ok
    14:33:07.0281 2980 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
    14:33:07.0609 2980 RSVP - ok
    14:33:07.0625 2980 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
    14:33:07.0796 2980 SamSs - ok
    14:33:07.0875 2980 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    14:33:07.0890 2980 SASDIFSV - ok
    14:33:07.0906 2980 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    14:33:07.0937 2980 SASKUTIL - ok
    14:33:07.0984 2980 [ 65A36563C0207824C8240662043C5304 ] sbaphd C:\WINDOWS\system32\drivers\sbaphd.sys
    14:33:08.0000 2980 sbaphd - ok
    14:33:08.0062 2980 [ 3D6BA67C758735918E323D4D6F64449A ] sbapifs C:\WINDOWS\system32\drivers\sbapifs.sys
    14:33:08.0078 2980 sbapifs - ok
    14:33:08.0125 2980 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
    14:33:08.0343 2980 SCardSvr - ok
    14:33:08.0375 2980 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
    14:33:08.0562 2980 Schedule - ok
    14:33:08.0593 2980 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
    14:33:08.0781 2980 sdbus - ok
    14:33:08.0812 2980 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
    14:33:08.0937 2980 Secdrv - ok
    14:33:08.0953 2980 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
    14:33:09.0187 2980 seclogon - ok
    14:33:09.0218 2980 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
    14:33:09.0390 2980 SENS - ok
    14:33:09.0437 2980 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
    14:33:09.0640 2980 serenum - ok
    14:33:09.0656 2980 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
    14:33:09.0828 2980 Serial - ok
    14:33:09.0859 2980 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
    14:33:10.0015 2980 sffdisk - ok
    14:33:10.0046 2980 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
    14:33:10.0218 2980 sffp_sd - ok
    14:33:10.0234 2980 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
    14:33:10.0390 2980 Sfloppy - ok
    14:33:10.0453 2980 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
    14:33:10.0671 2980 SharedAccess - ok
    14:33:10.0703 2980 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
    14:33:10.0765 2980 ShellHWDetection - ok
    14:33:10.0765 2980 Simbad - ok
    14:33:10.0796 2980 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
    14:33:10.0953 2980 sisagp - ok
    14:33:11.0062 2980 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
    14:33:11.0078 2980 SkypeUpdate - ok
    14:33:11.0109 2980 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
    14:33:11.0281 2980 SLIP - ok
    14:33:11.0312 2980 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
    14:33:11.0453 2980 Sparrow - ok
    14:33:11.0484 2980 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
    14:33:11.0671 2980 splitter - ok
    14:33:11.0703 2980 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
    14:33:11.0750 2980 Spooler - ok
    14:33:11.0812 2980 [ 352E375AB298C23B0F9BC307652C7F50 ] SQLAgent$MICROSOFTSMLBIZ C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE
    14:33:11.0859 2980 SQLAgent$MICROSOFTSMLBIZ ( UnsignedFile.Multi.Generic ) - warning
    14:33:11.0859 2980 SQLAgent$MICROSOFTSMLBIZ - detected UnsignedFile.Multi.Generic (1)
    14:33:11.0890 2980 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
    14:33:12.0031 2980 sr - ok
    14:33:12.0062 2980 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
    14:33:12.0187 2980 srservice - ok
    14:33:12.0234 2980 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
    14:33:12.0328 2980 Srv - ok
    14:33:12.0343 2980 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
    14:33:12.0562 2980 SSDPSRV - ok
    14:33:12.0640 2980 [ 3AD78E22210D3FBD9F76DE84A8DF19B5 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
    14:33:12.0812 2980 STHDA - ok
    14:33:12.0859 2980 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
    14:33:13.0296 2980 stisvc - ok
    14:33:13.0312 2980 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    14:33:13.0484 2980 streamip - ok
    14:33:13.0515 2980 [ 29D6A9672680A74C625E99DCA507C754 ] SWDUMon C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
    14:33:13.0531 2980 SWDUMon - ok
    14:33:13.0562 2980 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
    14:33:13.0734 2980 swenum - ok
    14:33:13.0750 2980 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
    14:33:13.0937 2980 swmidi - ok
    14:33:13.0937 2980 SwPrv - ok
    14:33:13.0953 2980 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
    14:33:14.0125 2980 symc810 - ok
    14:33:14.0140 2980 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
    14:33:14.0375 2980 symc8xx - ok
    14:33:14.0390 2980 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
    14:33:14.0562 2980 sym_hi - ok
    14:33:14.0578 2980 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
    14:33:14.0750 2980 sym_u3 - ok
    14:33:14.0796 2980 [ FA2DAA32BED908023272A0F77D625DAE ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
    14:33:14.0843 2980 SynTP - ok
    14:33:14.0875 2980 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
    14:33:15.0031 2980 sysaudio - ok
    14:33:15.0078 2980 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
    14:33:15.0296 2980 SysmonLog - ok
    14:33:15.0328 2980 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
    14:33:15.0531 2980 TapiSrv - ok
    14:33:15.0609 2980 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
    14:33:15.0703 2980 Tcpip - ok
    14:33:15.0765 2980 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
    14:33:16.0125 2980 TDPIPE - ok
    14:33:16.0140 2980 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
    14:33:16.0359 2980 TDTCP - ok
    14:33:16.0375 2980 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
    14:33:16.0562 2980 TermDD - ok
    14:33:16.0609 2980 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
    14:33:16.0812 2980 TermService - ok
    14:33:16.0843 2980 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
    14:33:16.0890 2980 Themes - ok
    14:33:16.0921 2980 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
    14:33:17.0078 2980 TlntSvr - ok
    14:33:17.0171 2980 [ 3199A477F0F06EEDE41BD55179F8EB05 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    14:33:17.0187 2980 TomTomHOMEService - ok
    14:33:17.0203 2980 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
    14:33:17.0375 2980 TosIde - ok
    14:33:17.0406 2980 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
    14:33:17.0593 2980 TrkWks - ok
    14:33:17.0625 2980 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
    14:33:17.0796 2980 Udfs - ok
    14:33:17.0796 2980 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
    14:33:17.0921 2980 ultra - ok
    14:33:18.0031 2980 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    14:33:18.0062 2980 UMVPFSrv - ok
    14:33:18.0125 2980 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
    14:33:18.0312 2980 Update - ok
    14:33:18.0359 2980 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
    14:33:18.0484 2980 upnphost - ok
    14:33:18.0500 2980 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
    14:33:18.0718 2980 UPS - ok
    14:33:18.0765 2980 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
    14:33:18.0812 2980 USBAAPL - ok
    14:33:18.0828 2980 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
    14:33:19.0000 2980 usbaudio - ok
    14:33:19.0031 2980 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    14:33:19.0218 2980 usbccgp - ok
    14:33:19.0234 2980 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
    14:33:19.0421 2980 usbehci - ok
    14:33:19.0437 2980 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
    14:33:19.0640 2980 usbhub - ok
    14:33:19.0656 2980 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
    14:33:19.0828 2980 usbprint - ok
    14:33:19.0859 2980 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
    14:33:20.0031 2980 usbscan - ok
    14:33:20.0046 2980 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    14:33:20.0234 2980 USBSTOR - ok
    14:33:20.0250 2980 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    14:33:20.0406 2980 usbuhci - ok
    14:33:20.0421 2980 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
    14:33:20.0593 2980 VgaSave - ok
    14:33:20.0625 2980 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
    14:33:20.0859 2980 viaagp - ok
    14:33:20.0875 2980 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
    14:33:21.0046 2980 ViaIde - ok
    14:33:21.0062 2980 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
    14:33:21.0234 2980 VolSnap - ok
    14:33:21.0296 2980 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
    14:33:21.0421 2980 VSS - ok
    14:33:21.0453 2980 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
    14:33:21.0640 2980 w32time - ok
    14:33:21.0671 2980 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
    14:33:21.0890 2980 Wanarp - ok
    14:33:21.0890 2980 wanatw - ok
    14:33:21.0953 2980 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
    14:33:22.0000 2980 WDC_SAM - ok
    14:33:22.0062 2980 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
    14:33:22.0109 2980 Wdf01000 - ok
    14:33:22.0109 2980 WDICA - ok
    14:33:22.0140 2980 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
    14:33:22.0375 2980 wdmaud - ok
    14:33:22.0406 2980 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
    14:33:22.0734 2980 WebClient - ok
    14:33:22.0781 2980 [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
    14:33:22.0890 2980 winachsf - ok
    14:33:22.0968 2980 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
    14:33:23.0140 2980 winmgmt - ok
    14:33:23.0187 2980 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
    14:33:23.0203 2980 WinUSB - ok
    14:33:23.0250 2980 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
    14:33:23.0328 2980 WmdmPmSN - ok
    14:33:23.0390 2980 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
    14:33:23.0468 2980 Wmi - ok
    14:33:23.0500 2980 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
    14:33:23.0718 2980 WmiAcpi - ok
    14:33:23.0734 2980 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
    14:33:23.0906 2980 WmiApSrv - ok
    14:33:24.0000 2980 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
    14:33:24.0171 2980 WMPNetworkSvc - ok
    14:33:24.0281 2980 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    14:33:24.0359 2980 WPFFontCache_v0400 - ok
    14:33:24.0375 2980 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
    14:33:24.0593 2980 WS2IFSL - ok
    14:33:24.0640 2980 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
    14:33:24.0828 2980 wscsvc - ok
    14:33:24.0843 2980 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    14:33:25.0000 2980 WSTCODEC - ok
    14:33:25.0015 2980 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
    14:33:25.0218 2980 wuauserv - ok
    14:33:25.0265 2980 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    14:33:25.0312 2980 WudfPf - ok
    14:33:25.0343 2980 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    14:33:25.0390 2980 WudfRd - ok
    14:33:25.0406 2980 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
    14:33:25.0453 2980 WudfSvc - ok
    14:33:25.0515 2980 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
    14:33:25.0765 2980 WZCSVC - ok
    14:33:25.0812 2980 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
    14:33:26.0062 2980 xmlprov - ok
    14:33:26.0062 2980 zumbus - ok
    14:33:26.0078 2980 ================ Scan global ===============================
    14:33:26.0109 2980 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
    14:33:26.0171 2980 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
    14:33:26.0203 2980 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
    14:33:26.0234 2980 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
    14:33:26.0234 2980 [Global] - ok
    14:33:26.0234 2980 ================ Scan MBR ==================================
    14:33:26.0250 2980 [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
    14:33:26.0515 2980 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
    14:33:26.0515 2980 \Device\Harddisk0\DR0 - detected TDSS File System (1)
    14:33:26.0515 2980 ================ Scan VBR ==================================
    14:33:26.0515 2980 [ F7FA9B78C1308EB270968B5086462A7E ] \Device\Harddisk0\DR0\Partition1
    14:33:26.0531 2980 \Device\Harddisk0\DR0\Partition1 - ok
    14:33:26.0531 2980 ================ Scan active images ========================
    14:33:26.0531 2980 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
    14:33:26.0531 2980 C:\WINDOWS\system32\drivers\nic1394.sys - ok
    14:33:26.0531 2980 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
    14:33:26.0531 2980 C:\WINDOWS\system32\drivers\intelppm.sys - ok
    14:33:26.0531 2980 [ 0F6C187D38D98F8DF904589A5F94D411 ] C:\WINDOWS\system32\drivers\cmbatt.sys
    14:33:26.0531 2980 C:\WINDOWS\system32\drivers\cmbatt.sys - ok
    14:33:26.0546 2980 [ C42584FD66CE9E17403AEBCA199F7BDB ] C:\WINDOWS\system32\drivers\wmiacpi.sys
    14:33:26.0546 2980 C:\WINDOWS\system32\drivers\wmiacpi.sys - ok
    14:33:26.0546 2980 [ CC449157474D5E43DAEA7E20F52C635A ] C:\WINDOWS\system32\drivers\ialmnt5.sys
    14:33:26.0546 2980 C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
    14:33:26.0546 2980 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
    14:33:26.0546 2980 C:\WINDOWS\system32\drivers\videoprt.sys - ok
    14:33:26.0562 2980 [ 30D20FC98BCFD52E1DA778CF19B223D4 ] C:\WINDOWS\system32\drivers\BCMWL5.SYS
    14:33:26.0562 2980 C:\WINDOWS\system32\drivers\BCMWL5.SYS - ok
    14:33:26.0562 2980 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
    14:33:26.0562 2980 C:\WINDOWS\system32\drivers\usbport.sys - ok
    14:33:26.0562 2980 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
    14:33:26.0562 2980 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
    14:33:26.0578 2980 [ 6489310D11971F6BA6C7F49BE0BAF6E0 ] C:\WINDOWS\system32\drivers\bcm4sbxp.sys
    14:33:26.0578 2980 C:\WINDOWS\system32\drivers\bcm4sbxp.sys - ok
    14:33:26.0578 2980 [ 24ED7AF20651F9FA1F249482E7C1F165 ] C:\WINDOWS\system32\drivers\rimmptsk.sys
    14:33:26.0578 2980 C:\WINDOWS\system32\drivers\rimmptsk.sys - ok
    14:33:26.0578 2980 [ 1BDBA2D2D402415A78A4BA766DFE0F7B ] C:\WINDOWS\system32\drivers\rimsptsk.sys
    14:33:26.0578 2980 C:\WINDOWS\system32\drivers\rimsptsk.sys - ok
    14:33:26.0578 2980 [ F774ECD11A064F0DEBB2D4395418153C ] C:\WINDOWS\system32\drivers\rixdptsk.sys
    14:33:26.0578 2980 C:\WINDOWS\system32\drivers\rixdptsk.sys - ok
    14:33:26.0593 2980 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] C:\WINDOWS\system32\drivers\sdbus.sys
    14:33:26.0593 2980 C:\WINDOWS\system32\drivers\sdbus.sys - ok
    14:33:26.0593 2980 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
    14:33:26.0593 2980 C:\WINDOWS\system32\drivers\usbehci.sys - ok
    14:33:26.0593 2980 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
    14:33:26.0593 2980 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
    14:33:26.0609 2980 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
    14:33:26.0609 2980 C:\WINDOWS\system32\drivers\imapi.sys - ok
    14:33:26.0609 2980 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
    14:33:26.0609 2980 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
    14:33:26.0609 2980 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
    14:33:26.0609 2980 C:\WINDOWS\system32\drivers\mouclass.sys - ok
    14:33:26.0625 2980 [ FA2DAA32BED908023272A0F77D625DAE ] C:\WINDOWS\system32\drivers\SynTP.sys
    14:33:26.0625 2980 C:\WINDOWS\system32\drivers\SynTP.sys - ok
    14:33:26.0625 2980 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
    14:33:26.0625 2980 C:\WINDOWS\system32\drivers\usbd.sys - ok
    14:33:26.0625 2980 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] C:\WINDOWS\system32\drivers\cdrom.sys
    14:33:26.0625 2980 C:\WINDOWS\system32\drivers\cdrom.sys - ok
    14:33:26.0625 2980 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
    14:33:26.0625 2980 C:\WINDOWS\system32\drivers\ks.sys - ok
    14:33:26.0640 2980 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
    14:33:26.0640 2980 C:\WINDOWS\system32\drivers\audstub.sys - ok
    14:33:26.0640 2980 [ 8BE661C16FBF84A73BCEC84B6B4A9DB5 ] C:\WINDOWS\system32\drivers\avgfwdx.sys
    14:33:26.0640 2980 C:\WINDOWS\system32\drivers\avgfwdx.sys - ok
    14:33:26.0640 2980 [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
    14:33:26.0640 2980 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
    14:33:26.0656 2980 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
    14:33:26.0656 2980 C:\WINDOWS\system32\drivers\redbook.sys - ok
    14:33:26.0656 2980 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
    14:33:26.0656 2980 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
    14:33:26.0656 2980 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
    14:33:26.0656 2980 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
    14:33:26.0671 2980 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
    14:33:26.0671 2980 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
    14:33:26.0671 2980 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
    14:33:26.0671 2980 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
    14:33:26.0671 2980 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
    14:33:26.0671 2980 C:\WINDOWS\system32\drivers\tdi.sys - ok
    14:33:26.0671 2980 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
    14:33:26.0671 2980 C:\WINDOWS\system32\drivers\ptilink.sys - ok
    14:33:26.0687 2980 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
    14:33:26.0687 2980 C:\WINDOWS\system32\drivers\raspptp.sys - ok
    14:33:26.0687 2980 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
    14:33:26.0687 2980 C:\WINDOWS\system32\drivers\raspti.sys - ok
    14:33:26.0687 2980 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
    14:33:26.0687 2980 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
    14:33:26.0703 2980 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
    14:33:26.0703 2980 C:\WINDOWS\system32\drivers\swenum.sys - ok
    14:33:26.0703 2980 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
    14:33:26.0703 2980 C:\WINDOWS\system32\drivers\termdd.sys - ok
    14:33:26.0703 2980 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
    14:33:26.0703 2980 C:\WINDOWS\system32\drivers\update.sys - ok
    14:33:26.0718 2980 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
    14:33:26.0718 2980 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
    14:33:26.0718 2980 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
    14:33:26.0718 2980 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
    14:33:26.0718 2980 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
    14:33:26.0718 2980 C:\WINDOWS\system32\drivers\usbhub.sys - ok
    14:33:26.0718 2980 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
    14:33:26.0718 2980 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
    14:33:26.0734 2980 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
    14:33:26.0734 2980 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
    14:33:26.0734 2980 [ 9368670BD426EBEA5E8B18A62416EC28 ] C:\WINDOWS\system32\drivers\i2omgmt.sys
    14:33:26.0734 2980 C:\WINDOWS\system32\drivers\i2omgmt.sys - ok
    14:33:26.0734 2980 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
    14:33:26.0734 2980 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
    14:33:26.0750 2980 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
    14:33:26.0750 2980 C:\WINDOWS\system32\drivers\null.sys - ok
    14:33:26.0750 2980 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
    14:33:26.0750 2980 C:\WINDOWS\system32\drivers\beep.sys - ok
    14:33:26.0750 2980 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
    14:33:26.0750 2980 C:\WINDOWS\system32\drivers\vga.sys - ok
    14:33:26.0750 2980 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
    14:33:26.0765 2980 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
    14:33:26.0765 2980 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
    14:33:26.0765 2980 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
    14:33:26.0765 2980 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
    14:33:26.0765 2980 C:\WINDOWS\system32\drivers\msfs.sys - ok
    14:33:26.0765 2980 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
    14:33:26.0765 2980 C:\WINDOWS\system32\drivers\npfs.sys - ok
    14:33:26.0781 2980 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
    14:33:26.0781 2980 C:\WINDOWS\system32\drivers\rasacd.sys - ok
    14:33:26.0781 2980 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
    14:33:26.0781 2980 C:\WINDOWS\system32\drivers\ipsec.sys - ok
    14:33:26.0781 2980 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
    14:33:26.0781 2980 C:\WINDOWS\system32\drivers\msgpc.sys - ok
    14:33:26.0796 2980 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
    14:33:26.0796 2980 C:\WINDOWS\system32\drivers\tcpip.sys - ok
    14:33:26.0796 2980 [ E3E73B2B73A4DFADFDDF557192C4B08A ] C:\WINDOWS\system32\drivers\aswTdi.sys
    14:33:26.0796 2980 C:\WINDOWS\system32\drivers\aswTdi.sys - ok
    14:33:26.0796 2980 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
    14:33:26.0796 2980 C:\WINDOWS\system32\drivers\ipnat.sys - ok
    14:33:26.0796 2980 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
    14:33:26.0796 2980 C:\WINDOWS\system32\drivers\netbt.sys - ok
    14:33:26.0812 2980 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
    14:33:26.0812 2980 C:\WINDOWS\system32\drivers\afd.sys - ok
    14:33:26.0812 2980 [ 7C9F0A2AB17D52261A9252A2EB320884 ] C:\WINDOWS\system32\drivers\aswRdr.sys
    14:33:26.0812 2980 C:\WINDOWS\system32\drivers\aswRdr.sys - ok
    14:33:26.0812 2980 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
    14:33:26.0812 2980 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
    14:33:26.0828 2980 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
    14:33:26.0828 2980 C:\WINDOWS\system32\drivers\netbios.sys - ok
    14:33:26.0828 2980 [ 65A36563C0207824C8240662043C5304 ] C:\WINDOWS\system32\drivers\sbaphd.sys
    14:33:26.0828 2980 C:\WINDOWS\system32\drivers\sbaphd.sys - ok
    14:33:26.0828 2980 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
    14:33:26.0828 2980 C:\WINDOWS\system32\drivers\serial.sys - ok
    14:33:26.0843 2980 [ 39763504067962108505BFF25F024345 ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
    14:33:26.0843 2980 C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok
    14:33:26.0843 2980 [ 77B9FC20084B48408AD3E87570EB4A85 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    14:33:26.0843 2980 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
    14:33:26.0843 2980 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
    14:33:26.0843 2980 C:\WINDOWS\system32\drivers\rdbss.sys - ok
    14:33:26.0843 2980 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
    14:33:26.0843 2980 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
    14:33:26.0859 2980 [ CB6FF7012BB5D59D7C12350DB795CE1F ] C:\WINDOWS\system32\drivers\ctxusbm.sys
    14:33:26.0859 2980 C:\WINDOWS\system32\drivers\ctxusbm.sys - ok
    14:33:26.0859 2980 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
    14:33:26.0859 2980 C:\WINDOWS\system32\drivers\fips.sys - ok
    14:33:26.0859 2980 [ 67B558895695545FB0568B7541F3BCA7 ] C:\WINDOWS\system32\drivers\aswSP.sys
    14:33:26.0859 2980 C:\WINDOWS\system32\drivers\aswSP.sys - ok
    14:33:26.0875 2980 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] C:\WINDOWS\system32\drivers\aswSnx.sys
    14:33:26.0875 2980 C:\WINDOWS\system32\drivers\aswSnx.sys - ok
    14:33:26.0875 2980 [ 149A8F7ADF9742554DC323E290551E3E ] C:\WINDOWS\system32\drivers\aavmker4.sys
    14:33:26.0875 2980 C:\WINDOWS\system32\drivers\aavmker4.sys - ok
    14:33:26.0875 2980 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
    14:33:26.0875 2980 C:\WINDOWS\system32\ntdll.dll - ok
    14:33:26.0875 2980 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
    14:33:26.0875 2980 C:\WINDOWS\system32\smss.exe - ok
    14:33:26.0890 2980 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
    14:33:26.0890 2980 C:\WINDOWS\system32\autochk.exe - ok
    14:33:26.0890 2980 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
    14:33:26.0890 2980 C:\WINDOWS\system32\sfcfiles.dll - ok
    14:33:26.0890 2980 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
    14:33:26.0890 2980 C:\WINDOWS\system32\drivers\cdfs.sys - ok
    14:33:26.0906 2980 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
    14:33:26.0906 2980 C:\WINDOWS\system32\drivers\wmilib.sys - ok
    14:33:26.0906 2980 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
    14:33:26.0906 2980 C:\WINDOWS\system32\drivers\atapi.sys - ok
    14:33:26.0906 2980 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
    14:33:26.0906 2980 C:\WINDOWS\system32\drivers\wanarp.sys - ok
    14:33:26.0906 2980 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
    14:33:26.0906 2980 C:\WINDOWS\system32\drivers\dxapi.sys - ok
    14:33:26.0921 2980 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
    14:33:26.0921 2980 C:\WINDOWS\system32\watchdog.sys - ok
    14:33:26.0921 2980 [ 9A5E4D7820FF9A55B4639B32420B10EC ] C:\WINDOWS\system32\win32k.sys
    14:33:26.0921 2980 C:\WINDOWS\system32\win32k.sys - ok
    14:33:26.0921 2980 [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
    14:33:26.0921 2980 C:\WINDOWS\system32\drivers\arp1394.sys - ok
    14:33:26.0937 2980 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
    14:33:26.0937 2980 C:\WINDOWS\system32\csrsrv.dll - ok
    14:33:26.0937 2980 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
    14:33:26.0937 2980 C:\WINDOWS\system32\csrss.exe - ok
    14:33:26.0937 2980 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
    14:33:26.0937 2980 C:\WINDOWS\system32\basesrv.dll - ok
    14:33:26.0953 2980 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
    14:33:26.0953 2980 C:\WINDOWS\system32\winsrv.dll - ok
    14:33:26.0953 2980 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
    14:33:26.0953 2980 C:\WINDOWS\system32\gdi32.dll - ok
    14:33:26.0953 2980 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll
    14:33:26.0953 2980 C:\WINDOWS\system32\kernel32.dll - ok
    14:33:26.0953 2980 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
    14:33:26.0953 2980 C:\WINDOWS\system32\user32.dll - ok
    14:33:26.0968 2980 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
    14:33:26.0968 2980 C:\WINDOWS\system32\drivers\dxg.sys - ok
    14:33:26.0968 2980 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
    14:33:26.0968 2980 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
    14:33:26.0968 2980 [ E9A7C2CA8650E4B741F4C0F649077AD9 ] C:\WINDOWS\system32\ialmrnt5.dll
    14:33:26.0968 2980 C:\WINDOWS\system32\ialmrnt5.dll - ok
    14:33:26.0984 2980 [ FE6119094F9E690A32B4A7873C223653 ] C:\WINDOWS\system32\ialmdnt5.dll
    14:33:26.0984 2980 C:\WINDOWS\system32\ialmdnt5.dll - ok
    14:33:26.0984 2980 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
    14:33:26.0984 2980 C:\WINDOWS\system32\vga.dll - ok
    14:33:26.0984 2980 [ EC8DEC2C1FC37F10184CB7129A55601A ] C:\WINDOWS\system32\ialmdev5.dll
    14:33:26.0984 2980 C:\WINDOWS\system32\ialmdev5.dll - ok
    14:33:26.0984 2980 [ CB89A887E42D947C801AE2B8EF6AA6D7 ] C:\WINDOWS\system32\ialmdd5.dll
    14:33:26.0984 2980 C:\WINDOWS\system32\ialmdd5.dll - ok
    14:33:27.0000 2980 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
    14:33:27.0000 2980 C:\WINDOWS\system32\winlogon.exe - ok
    14:33:27.0000 2980 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
    14:33:27.0000 2980 C:\WINDOWS\system32\advapi32.dll - ok
    14:33:27.0000 2980 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
    14:33:27.0000 2980 C:\WINDOWS\system32\rpcrt4.dll - ok
    14:33:27.0015 2980 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
    14:33:27.0015 2980 C:\WINDOWS\system32\secur32.dll - ok
    14:33:27.0015 2980 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
    14:33:27.0015 2980 C:\WINDOWS\system32\authz.dll - ok
    14:33:27.0015 2980 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
    14:33:27.0015 2980 C:\WINDOWS\system32\msvcrt.dll - ok
    14:33:27.0031 2980 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
    14:33:27.0031 2980 C:\WINDOWS\system32\crypt32.dll - ok
    14:33:27.0031 2980 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
    14:33:27.0031 2980 C:\WINDOWS\system32\msasn1.dll - ok
    14:33:27.0031 2980 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
    14:33:27.0031 2980 C:\WINDOWS\system32\nddeapi.dll - ok
    14:33:27.0031 2980 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
    14:33:27.0031 2980 C:\WINDOWS\system32\netapi32.dll - ok
    14:33:27.0046 2980 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
    14:33:27.0046 2980 C:\WINDOWS\system32\profmap.dll - ok
    14:33:27.0046 2980 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
    14:33:27.0046 2980 C:\WINDOWS\system32\userenv.dll - ok
    14:33:27.0046 2980 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
    14:33:27.0046 2980 C:\WINDOWS\system32\psapi.dll - ok
    14:33:27.0062 2980 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
    14:33:27.0062 2980 C:\WINDOWS\system32\regapi.dll - ok
    14:33:27.0062 2980 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
    14:33:27.0062 2980 C:\WINDOWS\system32\setupapi.dll - ok
    14:33:27.0062 2980 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
    14:33:27.0062 2980 C:\WINDOWS\system32\version.dll - ok
    14:33:27.0062 2980 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
    14:33:27.0062 2980 C:\WINDOWS\system32\winsta.dll - ok
    14:33:27.0078 2980 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
    14:33:27.0078 2980 C:\WINDOWS\system32\wintrust.dll - ok
    14:33:27.0078 2980 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
    14:33:27.0078 2980 C:\WINDOWS\system32\imagehlp.dll - ok
    14:33:27.0078 2980 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
    14:33:27.0078 2980 C:\WINDOWS\system32\ws2help.dll - ok
    14:33:27.0093 2980 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
    14:33:27.0093 2980 C:\WINDOWS\system32\ws2_32.dll - ok
    14:33:27.0093 2980 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
    14:33:27.0093 2980 C:\WINDOWS\system32\imm32.dll - ok
    14:33:27.0093 2980 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
    14:33:27.0093 2980 C:\WINDOWS\system32\kbdus.dll - ok
    14:33:27.0109 2980 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
    14:33:27.0109 2980 C:\WINDOWS\system32\msgina.dll - ok
    14:33:27.0109 2980 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
    14:33:27.0109 2980 C:\WINDOWS\system32\comctl32.dll - ok
    14:33:27.0109 2980 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
    14:33:27.0109 2980 C:\WINDOWS\system32\odbc32.dll - ok
    14:33:27.0109 2980 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
    14:33:27.0109 2980 C:\WINDOWS\system32\comdlg32.dll - ok
    14:33:27.0125 2980 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
    14:33:27.0125 2980 C:\WINDOWS\system32\shell32.dll - ok
    14:33:27.0125 2980 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
    14:33:27.0125 2980 C:\WINDOWS\system32\shlwapi.dll - ok
    14:33:27.0125 2980 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
    14:33:27.0125 2980 C:\WINDOWS\system32\sxs.dll - ok
    14:33:27.0125 2980 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
    14:33:27.0125 2980 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
    14:33:27.0140 2980 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
    14:33:27.0140 2980 C:\WINDOWS\system32\odbcint.dll - ok
    14:33:27.0140 2980 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
    14:33:27.0140 2980 C:\WINDOWS\system32\shsvcs.dll - ok
    14:33:27.0140 2980 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
    14:33:27.0140 2980 C:\WINDOWS\system32\sfc.dll - ok
    14:33:27.0156 2980 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
    14:33:27.0156 2980 C:\WINDOWS\system32\sfc_os.dll - ok
    14:33:27.0156 2980 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
    14:33:27.0156 2980 C:\WINDOWS\system32\ole32.dll - ok
    14:33:27.0156 2980 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
    14:33:27.0156 2980 C:\WINDOWS\system32\apphelp.dll - ok
    14:33:27.0171 2980 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
    14:33:27.0171 2980 C:\WINDOWS\system32\lsass.exe - ok
    14:33:27.0171 2980 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
    14:33:27.0171 2980 C:\WINDOWS\system32\services.exe - ok
    14:33:27.0171 2980 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
    14:33:27.0171 2980 C:\WINDOWS\system32\ncobjapi.dll - ok
    14:33:27.0171 2980 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
    14:33:27.0171 2980 C:\WINDOWS\system32\lsasrv.dll - ok
    14:33:27.0187 2980 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
    14:33:27.0187 2980 C:\WINDOWS\system32\msvcp60.dll - ok
    14:33:27.0187 2980 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
    14:33:27.0187 2980 C:\WINDOWS\system32\scesrv.dll - ok
    14:33:27.0187 2980 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
    14:33:27.0187 2980 C:\WINDOWS\system32\mpr.dll - ok
    14:33:27.0203 2980 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
    14:33:27.0203 2980 C:\WINDOWS\system32\ntdsapi.dll - ok
    14:33:27.0203 2980 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
    14:33:27.0203 2980 C:\WINDOWS\system32\dnsapi.dll - ok
    14:33:27.0203 2980 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
    14:33:27.0203 2980 C:\WINDOWS\system32\umpnpmgr.dll - ok
    14:33:27.0203 2980 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
    14:33:27.0203 2980 C:\WINDOWS\system32\wldap32.dll - ok
    14:33:27.0218 2980 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
    14:33:27.0218 2980 C:\WINDOWS\system32\shimeng.dll - ok
    14:33:27.0218 2980 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
    14:33:27.0218 2980 C:\WINDOWS\AppPatch\acadproc.dll - ok
    14:33:27.0218 2980 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
    14:33:27.0218 2980 C:\WINDOWS\system32\samlib.dll - ok
    14:33:27.0234 2980 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
    14:33:27.0234 2980 C:\WINDOWS\system32\samsrv.dll - ok
    14:33:27.0234 2980 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
    14:33:27.0234 2980 C:\WINDOWS\AppPatch\acgenral.dll - ok
    14:33:27.0234 2980 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
    14:33:27.0234 2980 C:\WINDOWS\system32\cryptdll.dll - ok
    14:33:27.0250 2980 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll
    14:33:27.0250 2980 C:\WINDOWS\system32\oleaut32.dll - ok
    14:33:27.0250 2980 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
    14:33:27.0250 2980 C:\WINDOWS\system32\winmm.dll - ok
    14:33:27.0250 2980 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
    14:33:27.0250 2980 C:\WINDOWS\system32\msacm32.dll - ok
    14:33:27.0250 2980 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
    14:33:27.0250 2980 C:\WINDOWS\system32\uxtheme.dll - ok
    14:33:27.0265 2980 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
    14:33:27.0265 2980 C:\WINDOWS\system32\msapsspc.dll - ok
    14:33:27.0265 2980 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
    14:33:27.0265 2980 C:\WINDOWS\system32\msvcrt40.dll - ok
    14:33:27.0265 2980 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
    14:33:27.0265 2980 C:\WINDOWS\system32\schannel.dll - ok
    14:33:27.0281 2980 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
    14:33:27.0281 2980 C:\WINDOWS\system32\digest.dll - ok
    14:33:27.0281 2980 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
    14:33:27.0281 2980 C:\WINDOWS\system32\msnsspc.dll - ok
    14:33:27.0281 2980 [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\system32\msctfime.ime
    14:33:27.0281 2980 C:\WINDOWS\system32\msctfime.ime - ok
    14:33:27.0296 2980 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
    14:33:27.0296 2980 C:\WINDOWS\system32\msprivs.dll - ok
    14:33:27.0296 2980 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
    14:33:27.0296 2980 C:\WINDOWS\system32\kerberos.dll - ok
    14:33:27.0296 2980 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
    14:33:27.0296 2980 C:\WINDOWS\system32\msv1_0.dll - ok
    14:33:27.0296 2980 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
    14:33:27.0296 2980 C:\WINDOWS\system32\iphlpapi.dll - ok
    14:33:27.0312 2980 [ 1E644E3533DCE2B580A663AE1ACBD539 ] C:\WINDOWS\system32\atmfd.dll
    14:33:27.0312 2980 C:\WINDOWS\system32\atmfd.dll - ok
    14:33:27.0312 2980 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
    14:33:27.0312 2980 C:\WINDOWS\system32\netlogon.dll - ok
    14:33:27.0312 2980 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
    14:33:27.0312 2980 C:\WINDOWS\system32\w32time.dll - ok
    14:33:27.0328 2980 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
    14:33:27.0328 2980 C:\WINDOWS\system32\wdigest.dll - ok
    14:33:27.0328 2980 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
    14:33:27.0328 2980 C:\WINDOWS\system32\rsaenh.dll - ok
    14:33:27.0328 2980 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
    14:33:27.0328 2980 C:\WINDOWS\system32\winscard.dll - ok
    14:33:27.0328 2980 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
    14:33:27.0328 2980 C:\WINDOWS\system32\wtsapi32.dll - ok
    14:33:27.0343 2980 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
    14:33:27.0343 2980 C:\WINDOWS\system32\scecli.dll - ok
    14:33:27.0343 2980 [ DE6ED95AEF259979B2830450072A627B ] C:\WINDOWS\system32\drivers\aswFsBlk.sys
    14:33:27.0343 2980 C:\WINDOWS\system32\drivers\aswFsBlk.sys - ok
    14:33:27.0343 2980 [ 500D089CE760D83DA2B6CBA681AA9949 ] C:\WINDOWS\system32\drivers\mbam.sys
    14:33:27.0343 2980 C:\WINDOWS\system32\drivers\mbam.sys - ok
    14:33:27.0359 2980 [ 3D6BA67C758735918E323D4D6F64449A ] C:\WINDOWS\system32\drivers\sbapifs.sys
    14:33:27.0359 2980 C:\WINDOWS\system32\drivers\sbapifs.sys - ok
    14:33:27.0359 2980 [ EAA6324F51214D2F6718977EC9CE0DEF ] C:\WINDOWS\system32\drivers\WudfPf.sys
    14:33:27.0359 2980 C:\WINDOWS\system32\drivers\WudfPf.sys - ok
    14:33:27.0359 2980 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
    14:33:27.0359 2980 C:\WINDOWS\system32\svchost.exe - ok
    14:33:27.0375 2980 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
    14:33:27.0375 2980 C:\WINDOWS\system32\ntmarta.dll - ok
    14:33:27.0375 2980 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
    14:33:27.0375 2980 C:\WINDOWS\system32\rpcss.dll - ok
    14:33:27.0375 2980 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
    14:33:27.0375 2980 C:\WINDOWS\system32\xpsp2res.dll - ok
    14:33:27.0375 2980 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
    14:33:27.0375 2980 C:\WINDOWS\system32\eventlog.dll - ok
    14:33:27.0390 2980 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
    14:33:27.0390 2980 C:\WINDOWS\system32\hnetcfg.dll - ok
    14:33:27.0390 2980 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
    14:33:27.0390 2980 C:\WINDOWS\system32\mswsock.dll - ok
    14:33:27.0390 2980 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
    14:33:27.0390 2980 C:\WINDOWS\system32\wshtcpip.dll - ok
    14:33:27.0390 2980 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
    14:33:27.0406 2980 C:\WINDOWS\system32\rasadhlp.dll - ok
    14:33:27.0406 2980 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
    14:33:27.0406 2980 C:\WINDOWS\system32\winrnr.dll - ok
    14:33:27.0406 2980 [ 708E6997420592E033CF01B60E6E4223 ] C:\WINDOWS\system32\WudfPlatform.dll
    14:33:27.0406 2980 C:\WINDOWS\system32\WudfPlatform.dll - ok
    14:33:27.0406 2980 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] C:\WINDOWS\system32\WudfSvc.dll
    14:33:27.0406 2980 C:\WINDOWS\system32\WudfSvc.dll - ok
    14:33:27.0421 2980 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
    14:33:27.0421 2980 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
    14:33:27.0421 2980 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
    14:33:27.0421 2980 C:\WINDOWS\system32\dhcpcsvc.dll - ok
    14:33:27.0421 2980 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
    14:33:27.0421 2980 C:\WINDOWS\system32\dnsrslvr.dll - ok
    14:33:27.0437 2980 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
    14:33:27.0437 2980 C:\WINDOWS\system32\wzcsvc.dll - ok
    14:33:27.0437 2980 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
    14:33:27.0437 2980 C:\WINDOWS\system32\rtutils.dll - ok
    14:33:27.0437 2980 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
    14:33:27.0437 2980 C:\WINDOWS\system32\atl.dll - ok
    14:33:27.0453 2980 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
    14:33:27.0453 2980 C:\WINDOWS\system32\eapolqec.dll - ok
    14:33:27.0453 2980 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
    14:33:27.0453 2980 C:\WINDOWS\system32\qutil.dll - ok
    14:33:27.0453 2980 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
    14:33:27.0453 2980 C:\WINDOWS\system32\wmi.dll - ok
    14:33:27.0453 2980 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
    14:33:27.0453 2980 C:\WINDOWS\system32\dot3api.dll - ok
    14:33:27.0468 2980 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
    14:33:27.0468 2980 C:\WINDOWS\system32\esent.dll - ok
    14:33:27.0468 2980 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
    14:33:27.0468 2980 C:\WINDOWS\system32\clbcatq.dll - ok
    14:33:27.0468 2980 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
    14:33:27.0468 2980 C:\WINDOWS\system32\comres.dll - ok
    14:33:27.0484 2980 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
    14:33:27.0484 2980 C:\WINDOWS\system32\rastls.dll - ok
    14:33:27.0484 2980 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
    14:33:27.0484 2980 C:\WINDOWS\system32\cscdll.dll - ok
    14:33:27.0484 2980 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
    14:33:27.0484 2980 C:\WINDOWS\system32\cryptui.dll - ok
    14:33:27.0484 2980 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
    14:33:27.0484 2980 C:\WINDOWS\system32\dimsntfy.dll - ok
    14:33:27.0500 2980 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
    14:33:27.0500 2980 C:\WINDOWS\system32\winspool.drv - ok
    14:33:27.0500 2980 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
    14:33:27.0500 2980 C:\WINDOWS\system32\wlnotify.dll - ok
    14:33:27.0500 2980 [ FF1C14BCA1A797CE45DD359FA2C9EDA8 ] C:\WINDOWS\system32\wininet.dll
    14:33:27.0500 2980 C:\WINDOWS\system32\wininet.dll - ok
    14:33:27.0515 2980 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
    14:33:27.0515 2980 C:\WINDOWS\system32\normaliz.dll - ok
    14:33:27.0515 2980 [ 9371862D37E8F0AF21E4DEA95E867C39 ] C:\WINDOWS\system32\urlmon.dll
    14:33:27.0515 2980 C:\WINDOWS\system32\urlmon.dll - ok
    14:33:27.0515 2980 [ 0579CC3B95EDD1CE664A35E016F3DD58 ] C:\WINDOWS\system32\iertutil.dll
    14:33:27.0515 2980 C:\WINDOWS\system32\iertutil.dll - ok
    14:33:27.0531 2980 [ D7DCFB4D0C58FFB569DE93E1681FD37A ] C:\WINDOWS\system32\WgaLogon.dll
    14:33:27.0531 2980 C:\WINDOWS\system32\WgaLogon.dll - ok
    14:33:27.0531 2980 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
    14:33:27.0531 2980 C:\WINDOWS\system32\msxml3.dll - ok
    14:33:27.0531 2980 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
    14:33:27.0531 2980 C:\WINDOWS\system32\mprapi.dll - ok
    14:33:27.0531 2980 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
    14:33:27.0531 2980 C:\WINDOWS\system32\activeds.dll - ok
    14:33:27.0546 2980 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
    14:33:27.0546 2980 C:\WINDOWS\system32\adsldpc.dll - ok
    14:33:27.0546 2980 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
    14:33:27.0546 2980 C:\WINDOWS\system32\rasapi32.dll - ok
    14:33:27.0546 2980 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
    14:33:27.0546 2980 C:\WINDOWS\system32\rasman.dll - ok
    14:33:27.0562 2980 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
    14:33:27.0562 2980 C:\WINDOWS\system32\tapi32.dll - ok
    14:33:27.0562 2980 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
    14:33:27.0562 2980 C:\WINDOWS\system32\riched20.dll - ok
    14:33:27.0562 2980 [ 84F0BE324EE111338589F448C3E8BAB2 ] C:\WINDOWS\system32\drivers\aswmon2.sys
    14:33:27.0562 2980 C:\WINDOWS\system32\drivers\aswmon2.sys - ok
    14:33:27.0578 2980 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
    14:33:27.0578 2980 C:\WINDOWS\system32\raschap.dll - ok
    14:33:27.0578 2980 [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    14:33:27.0578 2980 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
    14:33:27.0578 2980 [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
    14:33:27.0578 2980 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
    14:33:27.0578 2980 [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
    14:33:27.0578 2980 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
    14:33:27.0593 2980 [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
    14:33:27.0593 2980 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
    14:33:27.0593 2980 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
    14:33:27.0593 2980 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
    14:33:27.0593 2980 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
    14:33:27.0593 2980 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
    14:33:27.0609 2980 [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\AVAST Software\Avast\ashBase.dll
    14:33:27.0609 2980 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
    14:33:27.0609 2980 [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
    14:33:27.0609 2980 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
    14:33:27.0609 2980 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
    14:33:27.0609 2980 C:\WINDOWS\system32\wsock32.dll - ok
    14:33:27.0625 2980 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
    14:33:27.0625 2980 C:\WINDOWS\system32\dbghelp.dll - ok
    14:33:27.0625 2980 [ B316906B4A04DD39985350D29DE31068 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
    14:33:27.0625 2980 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
    14:33:27.0625 2980 [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\AVAST Software\Avast\ashServ.dll
    14:33:27.0625 2980 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
    14:33:27.0640 2980 [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
    14:33:27.0640 2980 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
    14:33:27.0640 2980 [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
    14:33:27.0640 2980 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
    14:33:27.0640 2980 [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
    14:33:27.0640 2980 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
    14:33:27.0640 2980 [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
    14:33:27.0640 2980 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
    14:33:27.0656 2980 [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
    14:33:27.0656 2980 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
    14:33:27.0656 2980 [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
    14:33:27.0656 2980 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
    14:33:27.0656 2980 [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
    14:33:27.0656 2980 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
    14:33:27.0671 2980 [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
    14:33:27.0671 2980 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
    14:33:27.0671 2980 [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
    14:33:27.0671 2980 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
    14:33:27.0671 2980 [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\AVAST Software\Avast\aswDld.dll
    14:33:27.0671 2980 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
    14:33:27.0687 2980 [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
    14:33:27.0687 2980 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
    14:33:27.0687 2980 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
    14:33:27.0687 2980 C:\WINDOWS\system32\schedsvc.dll - ok
    14:33:27.0687 2980 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
    14:33:27.0687 2980 C:\WINDOWS\system32\msidle.dll - ok
    14:33:27.0687 2980 [ 5E3498F3D0146C0E275272B94369E3D2 ] C:\WINDOWS\system32\LEXBCES.EXE
    14:33:27.0687 2980 C:\WINDOWS\system32\LEXBCES.EXE - ok
    14:33:27.0703 2980 [ EAA44F7998BD84A8AD44A2633DBE406B ] C:\Program Files\AVAST Software\Avast\defs\12120101\aswEngin.dll
    14:33:27.0703 2980 C:\Program Files\AVAST Software\Avast\defs\12120101\aswEngin.dll - ok
    14:33:27.0703 2980 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
    14:33:27.0703 2980 C:\WINDOWS\system32\spoolsv.exe - ok
    14:33:27.0703 2980 [ 927754ABF077AEB5504BE4E0F2C60C1B ] C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
    14:33:27.0703 2980 C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe - ok
    14:33:27.0718 2980 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
    14:33:27.0718 2980 C:\WINDOWS\system32\audiosrv.dll - ok
    14:33:27.0718 2980 [ 4BAA2A65871C478CB45F11C948D9C539 ] C:\WINDOWS\system32\LEXPPS.EXE
    14:33:27.0718 2980 C:\WINDOWS\system32\LEXPPS.EXE - ok
    14:33:27.0718 2980 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
    14:33:27.0718 2980 C:\WINDOWS\system32\wkssvc.dll - ok
    14:33:27.0734 2980 [ A94AF354E4EA9C835DCF3E60EC75911C ] C:\Program Files\AVAST Software\Avast\defs\12120101\aswCmnOS.dll
    14:33:27.0734 2980 C:\Program Files\AVAST Software\Avast\defs\12120101\aswCmnOS.dll - ok
    14:33:27.0734 2980 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
    14:33:27.0734 2980 C:\WINDOWS\system32\mlang.dll - ok
    14:33:27.0734 2980 [ 287EEB5547B2AB7725A6326F57856471 ] C:\WINDOWS\system32\LEXBCE.DLL
    14:33:27.0734 2980 C:\WINDOWS\system32\LEXBCE.DLL - ok
    14:33:27.0734 2980 [ F8AC522C1DAEED05BDA7C0E4E394BCD7 ] C:\Program Files\AVAST Software\Avast\defs\12120101\aswCmnIS.dll
    14:33:27.0734 2980 C:\Program Files\AVAST Software\Avast\defs\12120101\aswCmnIS.dll - ok
    14:33:27.0750 2980 [ C0BAA16A618EBCFB86ED0FDED886506D ] C:\Program Files\AVAST Software\Avast\defs\12120101\aswCmnBS.dll
    14:33:27.0750 2980 C:\Program Files\AVAST Software\Avast\defs\12120101\aswCmnBS.dll - ok
    14:33:27.0750 2980 [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
    14:33:27.0750 2980 C:\WINDOWS\system32\xmlprovi.dll - ok
    14:33:27.0750 2980 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
    14:33:27.0750 2980 C:\WINDOWS\system32\wzcsapi.dll - ok
    14:33:27.0765 2980 [ 3D6BB22B9DEF7DB1CF340CCA6D514924 ] C:\Program Files\AVAST Software\Avast\defs\12120101\aswScan.dll
    14:33:27.0765 2980 C:\Program Files\AVAST Software\Avast\defs\12120101\aswScan.dll - ok
    14:33:27.0765 2980 [ 79371BEA92AB754E401B24E83270B3E4 ] C:\Program Files\AVAST Software\Avast\defs\12120101\aswRep.dll
    14:33:27.0765 2980 C:\Program Files\AVAST Software\Avast\defs\12120101\aswRep.dll - ok
    14:33:27.0765 2980 [ CE7828A0EA430338BBCFFC6914462BAA ] C:\Program Files\AVAST Software\Avast\defs\12120101\aswFiDb.dll
    14:33:27.0765 2980 C:\Program Files\AVAST Software\Avast\defs\12120101\aswFiDb.dll - ok
    14:33:27.0781 2980 [ 995FC1ED1A7440ED77D17A09AB9F2EBE ] C:\Program Files\AVAST Software\Avast\defs\12120101\algo.dll
    14:33:27.0781 2980 C:\Program Files\AVAST Software\Avast\defs\12120101\algo.dll - ok
    14:33:27.0781 2980 [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
    14:33:27.0781 2980 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
    14:33:27.0781 2980 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
    14:33:27.0781 2980 C:\WINDOWS\system32\fltlib.dll - ok
    14:33:27.0781 2980 [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
    14:33:27.0781 2980 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
    14:33:27.0796 2980 [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
    14:33:27.0796 2980 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
    14:33:27.0796 2980 [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
    14:33:27.0796 2980 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
    14:33:27.0796 2980 [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
    14:33:27.0796 2980 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
    14:33:27.0812 2980 [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
    14:33:27.0812 2980 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
    14:33:27.0812 2980 [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
    14:33:27.0812 2980 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
    14:33:27.0812 2980 [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
    14:33:27.0812 2980 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
    14:33:27.0828 2980 [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
    14:33:27.0828 2980 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
    14:33:27.0828 2980 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\12120101\ArPot.dll
    14:33:27.0828 2980 C:\Program Files\AVAST Software\Avast\defs\12120101\ArPot.dll - ok
    14:33:27.0828 2980 [ 1ABFFB6ABE8B70EDA4206F0F3D3D72F4 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
    14:33:27.0828 2980 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
    14:33:27.0828 2980 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\12120101\exts.dll
    14:33:27.0828 2980 C:\Program Files\AVAST Software\Avast\defs\12120101\exts.dll - ok
    14:33:27.0843 2980 [ 39EADCAA61372C038BCFED96DF5323DA ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
    14:33:27.0843 2980 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
    14:33:27.0843 2980 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
    14:33:27.0843 2980 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
    14:33:27.0843 2980 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
    14:33:27.0843 2980 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
    14:33:27.0859 2980 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
    14:33:27.0859 2980 C:\WINDOWS\system32\security.dll - ok
    14:33:27.0859 2980 [ 96386E75BCFED6F339BE01359D6CBFAF ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
    14:33:27.0859 2980 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
    14:33:27.0859 2980 [ 22B517844C6787842A83742388BB3E51 ] C:\Program Files\AVAST Software\Avast\defs\12120101\aswAR.dll
    14:33:27.0859 2980 C:\Program Files\AVAST Software\Avast\defs\12120101\aswAR.dll - ok
    14:33:27.0875 2980 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12120101\aswRawFS.dll
    14:33:27.0875 2980 C:\Program Files\AVAST Software\Avast\defs\12120101\aswRawFS.dll - ok
    14:33:27.0875 2980 [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
    14:33:27.0875 2980 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
    14:33:27.0875 2980 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
    14:33:27.0875 2980 C:\WINDOWS\system32\powrprof.dll - ok
    14:33:27.0875 2980 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
    14:33:27.0875 2980 C:\WINDOWS\system32\msimg32.dll - ok
    14:33:27.0890 2980 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
    14:33:27.0890 2980 C:\WINDOWS\system32\oledlg.dll - ok
    14:33:27.0890 2980 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
    14:33:27.0890 2980 C:\WINDOWS\system32\winhttp.dll - ok
    14:33:27.0890 2980 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
    14:33:27.0890 2980 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
    14:33:27.0906 2980 [ D79D3EABD4730970770EFA530D094E0F ] C:\Program Files\AVAST Software\Avast\snxhk.dll
    14:33:27.0906 2980 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
    14:33:27.0906 2980 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
    14:33:27.0906 2980 C:\WINDOWS\system32\webclnt.dll - ok
    14:33:27.0906 2980 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] C:\Program Files\SUPERAntiSpyware\SASCore.exe
    14:33:27.0906 2980 C:\Program Files\SUPERAntiSpyware\SASCore.exe - ok
    14:33:27.0921 2980 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    14:33:27.0921 2980 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
    14:33:27.0921 2980 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
    14:33:27.0921 2980 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
    14:33:27.0921 2980 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
    14:33:27.0921 2980 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
    14:33:27.0921 2980 [ 60C079CB2150760263D1FE5FF6218961 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
    14:33:27.0921 2980 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
    14:33:27.0937 2980 [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
    14:33:27.0937 2980 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
    14:33:27.0937 2980 [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
    14:33:27.0937 2980 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
    14:33:27.0937 2980 [ DF1C1CD0C7EE95CC00D71E9E415E7BCD ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
    14:33:27.0937 2980 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
    14:33:27.0953 2980 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
    14:33:27.0953 2980 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
    14:33:27.0953 2980 [ 09B7E7CD6F202247B3CF2306108589C2 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
    14:33:27.0953 2980 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
    14:33:27.0953 2980 [ FD86C605FD7AD4A41C01EC7A4A1E1C5D ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
    14:33:27.0953 2980 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
    14:33:27.0968 2980 [ A3609397EF273B03295DBB10274BE12C ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
    14:33:27.0968 2980 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
    14:33:27.0968 2980 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
    14:33:27.0968 2980 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
    14:33:27.0968 2980 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
    14:33:27.0968 2980 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
    14:33:27.0968 2980 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
    14:33:27.0968 2980 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
    14:33:27.0984 2980 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    14:33:27.0984 2980 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
    14:33:27.0984 2980 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
    14:33:27.0984 2980 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
    14:33:27.0984 2980 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
    14:33:27.0984 2980 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
    14:33:28.0000 2980 [ A56CCBBFCCEDCE2FD9C69FED24E035E3 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    14:33:28.0000 2980 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
    14:33:28.0000 2980 [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
    14:33:28.0000 2980 C:\WINDOWS\system32\mscoree.dll - ok
    14:33:28.0000 2980 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
    14:33:28.0000 2980 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
    14:33:28.0015 2980 [ 7DB5E3F44D797BD38B8E336CCC2E49D5 ] C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
    14:33:28.0015 2980 C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe - ok
    14:33:28.0015 2980 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
    14:33:28.0015 2980 C:\WINDOWS\system32\cryptsvc.dll - ok
    14:33:28.0015 2980 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
    14:33:28.0015 2980 C:\WINDOWS\system32\certcli.dll - ok
    14:33:28.0015 2980 [ EC4718A0FF97252F99FC651CD06CADE3 ] C:\Program Files\Sony\PlayMemories Home\dfs.exe
    14:33:28.0015 2980 C:\Program Files\Sony\PlayMemories Home\dfs.exe - ok
    14:33:28.0031 2980 [ C28FD3B37B6F18751C99E6022A2A9782 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
    14:33:28.0031 2980 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
    14:33:28.0031 2980 [ 18301B40411B2108076AB685B4E4B6DC ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    14:33:28.0031 2980 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
    14:33:28.0031 2980 [ 4C937AA8261062ED9781885C6CB61D5E ] C:\WINDOWS\system32\dlcqcoms.exe
    14:33:28.0031 2980 C:\WINDOWS\system32\dlcqcoms.exe - ok
    14:33:28.0046 2980 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] C:\WINDOWS\ehome\ehrecvr.exe
    14:33:28.0046 2980 C:\WINDOWS\ehome\ehrecvr.exe - ok
    14:33:28.0046 2980 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
    14:33:28.0046 2980 C:\WINDOWS\system32\faultrep.dll - ok
    14:33:28.0046 2980 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
    14:33:28.0046 2980 C:\WINDOWS\system32\upnp.dll - ok
    14:33:28.0062 2980 [ 6D280BC969218AE4A72180F907C32913 ] C:\WINDOWS\ehome\ehTrace.dll
    14:33:28.0062 2980 C:\WINDOWS\ehome\ehTrace.dll - ok
    14:33:28.0062 2980 [ A53243709439AC2A4C216B817F8D7411 ] C:\WINDOWS\ehome\ehSched.exe
    14:33:28.0062 2980 C:\WINDOWS\ehome\ehSched.exe - ok
    14:33:28.0062 2980 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
    14:33:28.0062 2980 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
    14:33:28.0062 2980 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
    14:33:28.0062 2980 C:\WINDOWS\system32\ersvc.dll - ok
    14:33:28.0078 2980 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
    14:33:28.0078 2980 C:\WINDOWS\system32\ssdpapi.dll - ok
    14:33:28.0078 2980 [ 008DF0C9D81BD814480DD9C052893E8C ] C:\WINDOWS\ehome\ehRec.exe
    14:33:28.0078 2980 C:\WINDOWS\ehome\ehRec.exe - ok
    14:33:28.0078 2980 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
    14:33:28.0078 2980 C:\WINDOWS\system32\es.dll - ok
    14:33:28.0093 2980 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll
    14:33:28.0093 2980 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok
    14:33:28.0093 2980 [ 83BA5E873164A3711B44052F58C8FE9F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
    14:33:28.0093 2980 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
    14:33:28.0093 2980 [ 926AFC4848FF3297BB264333BF51E21F ] C:\WINDOWS\system32\sbe.dll
    14:33:28.0093 2980 C:\WINDOWS\system32\sbe.dll - ok
    14:33:28.0093 2980 [ E325BCDBB6DED6C89F679B8AE89E975C ] C:\WINDOWS\system32\msvidctl.dll
    14:33:28.0093 2980 C:\WINDOWS\system32\msvidctl.dll - ok
    14:33:28.0109 2980 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
    14:33:28.0109 2980 C:\WINDOWS\system32\msi.dll - ok
    14:33:28.0109 2980 [ 7C87A5FB95777E4132B11FC3D92CAAF5 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
    14:33:28.0109 2980 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll - ok
    14:33:28.0109 2980 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
    14:33:28.0109 2980 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll - ok
    14:33:28.0125 2980 [ CE07EC3A1BE1EA0CCDE20C45D757FE32 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
    14:33:28.0125 2980 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll - ok
    14:33:28.0125 2980 [ D3B05D063A0929BFCA6C6D7FE2F3129C ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
    14:33:28.0125 2980 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - ok
    14:33:28.0125 2980 [ 34FFB6ABA2DA398BB33422E1E9275BA9 ] C:\WINDOWS\system32\quartz.dll
    14:33:28.0125 2980 C:\WINDOWS\system32\quartz.dll - ok
    14:33:28.0125 2980 [ 79F2BE12966BF729EE1D8A2B5CE4E7DB ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_db1e1c49\mscorlib.dll
    14:33:28.0125 2980 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_db1e1c49\mscorlib.dll - ok
    14:33:28.0140 2980 [ 773E0B3E52D00AAE61AAAD1DD87FEBEF ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
    14:33:28.0140 2980 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - ok
    14:33:28.0140 2980 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
    14:33:28.0140 2980 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
    14:33:28.0140 2980 [ 515383A387685564CA99542739D48E55 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
    14:33:28.0140 2980 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - ok
    14:33:28.0156 2980 [ AA5E22854F56C68148EB3345DBD62970 ] C:\WINDOWS\system32\devenum.dll
    14:33:28.0156 2980 C:\WINDOWS\system32\devenum.dll - ok
    14:33:28.0156 2980 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
    14:33:28.0156 2980 C:\WINDOWS\system32\hidserv.dll - ok
    14:33:28.0156 2980 [ 73B44FE5423982B2709D6EA2F674B807 ] C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
    14:33:28.0156 2980 C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll - ok
    14:33:28.0171 2980 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
    14:33:28.0171 2980 C:\WINDOWS\system32\drivers\http.sys - ok
    14:33:28.0171 2980 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
    14:33:28.0171 2980 C:\WINDOWS\system32\hid.dll - ok
    14:33:28.0171 2980 [ D25C03D04159D462D69F294BA7142BDB ] C:\WINDOWS\system32\msdmo.dll
    14:33:28.0171 2980 C:\WINDOWS\system32\msdmo.dll - ok
    14:33:28.0171 2980 [ 2975C66459C426C20BC22D639DF6B611 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
    14:33:28.0171 2980 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
    14:33:28.0187 2980 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
    14:33:28.0187 2980 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
    14:33:28.0187 2980 [ B591E761161D1EF547D76EF236EAA6A5 ] C:\Program Files\Java\jre7\bin\jqs.exe
    14:33:28.0187 2980 C:\Program Files\Java\jre7\bin\jqs.exe - ok
    14:33:28.0187 2980 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
    14:33:28.0187 2980 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
    14:33:28.0203 2980 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
    14:33:28.0203 2980 C:\WINDOWS\system32\mstask.dll - ok
    14:33:28.0203 2980 [ 28BD81378C1D1B267E66827B628114DD ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
    14:33:28.0203 2980 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - ok
    14:33:28.0203 2980 [ CF9EEA7F51101A281B99FCA7AFFA2524 ] C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll
    14:33:28.0203 2980 C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll - ok
    14:33:28.0203 2980 [ 8BA39E5F79366F45AF9759C1DAE346AE ] C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll
    14:33:28.0218 2980 C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll - ok
    14:33:28.0218 2980 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
    14:33:28.0218 2980 C:\WINDOWS\system32\pdh.dll - ok
    14:33:28.0218 2980 [ 0967D9749326622FA8FDE688CA126736 ] C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll
    14:33:28.0218 2980 C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll - ok
    14:33:28.0218 2980 [ B6335A2EFBF0B4B7D4080E8B933A9F9B ] C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll
    14:33:28.0218 2980 C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll - ok
    14:33:28.0234 2980 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
    14:33:28.0234 2980 C:\WINDOWS\system32\odbcbcp.dll - ok
    14:33:28.0234 2980 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    14:33:28.0234 2980 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
    14:33:28.0234 2980 [ 52ABC8C57DFEE5A7AAA210CE2E9DFE73 ] C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll
    14:33:28.0234 2980 C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll - ok
    14:33:28.0250 2980 [ 2F1C8714F66F3F0DDCB6D5A16F8CB32E ] C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
    14:33:28.0250 2980 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - ok
    14:33:28.0250 2980 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
    14:33:28.0250 2980 C:\WINDOWS\system32\srvsvc.dll - ok
    14:33:28.0250 2980 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
    14:33:28.0250 2980 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
    14:33:28.0250 2980 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
    14:33:28.0250 2980 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
    14:33:28.0265 2980 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
    14:33:28.0265 2980 C:\WINDOWS\system32\netmsg.dll - ok
    14:33:28.0265 2980 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
    14:33:28.0265 2980 C:\WINDOWS\system32\perfos.dll - ok
    14:33:28.0265 2980 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
    14:33:28.0265 2980 C:\WINDOWS\system32\drivers\srv.sys - ok
    14:33:28.0281 2980 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    14:33:28.0281 2980 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
    14:33:28.0281 2980 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
    14:33:28.0281 2980 C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
    14:33:28.0281 2980 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
    14:33:28.0281 2980 C:\WINDOWS\system32\perfdisk.dll - ok
    14:33:28.0296 2980 [ 85DDC1D3EBD3D99299E239E3FC0F2D2D ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_d384b10e\System.dll
    14:33:28.0296 2980 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_d384b10e\System.dll - ok
    14:33:28.0296 2980 [ 254CCDC043DFADC5D5EF99B533BB1DC2 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
    14:33:28.0296 2980 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll - ok
    14:33:28.0296 2980 [ 66946DE593185983B6D05F837D452262 ] C:\WINDOWS\ehome\ehui.dll
    14:33:28.0296 2980 C:\WINDOWS\ehome\ehui.dll - ok
    14:33:28.0296 2980 [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
    14:33:28.0296 2980 C:\WINDOWS\system32\msftedit.dll - ok
    14:33:28.0312 2980 [ 7AC813E17BD960987C5DA788AF295361 ] C:\WINDOWS\ehome\EhDebug.dll
    14:33:28.0312 2980 C:\WINDOWS\ehome\EhDebug.dll - ok
    14:33:28.0312 2980 [ A5205B3AF85B1477AB2C2A1E12201598 ] C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
    14:33:28.0312 2980 C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll - ok
    14:33:28.0312 2980 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
    14:33:28.0312 2980 C:\WINDOWS\system32\shfolder.dll - ok
    14:33:28.0328 2980 [ 3F25C686E9EF3943199A08809F0BBD18 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_b7889099\System.Xml.dll
    14:33:28.0328 2980 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_b7889099\System.Xml.dll - ok
    14:33:28.0328 2980 [ 3550DFA6FFFBD7604DABB28DF4ABF096 ] C:\WINDOWS\ehome\custsat.dll
    14:33:28.0328 2980 C:\WINDOWS\ehome\custsat.dll - ok
    14:33:28.0328 2980 [ 576FF75D51B79536C3AE7659B482B7D5 ] C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll
    14:33:28.0328 2980 C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll - ok
    14:33:28.0343 2980 [ 0F0F5B564C5A3C9B38A6220230252567 ] C:\WINDOWS\ehome\ehProxy.dll
    14:33:28.0343 2980 C:\WINDOWS\ehome\ehProxy.dll - ok
    14:33:28.0343 2980 [ 6F640DC052CF77161A23E29261593793 ] C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
    14:33:28.0343 2980 C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll - ok
    14:33:28.0343 2980 [ 30D9CFDDDE206082A5A3CF71AAB6C9C3 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
    14:33:28.0343 2980 C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - ok
    14:33:28.0343 2980 [ EA08C74D9BE05E53D3C92456413AA656 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
    14:33:28.0343 2980 C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll - ok
    14:33:28.0359 2980 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
    14:33:28.0359 2980 C:\WINDOWS\system32\comsvcs.dll - ok
    14:33:28.0359 2980 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
    14:33:28.0359 2980 C:\WINDOWS\system32\colbact.dll - ok
    14:33:28.0359 2980 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
    14:33:28.0359 2980 C:\WINDOWS\system32\mtxclu.dll - ok
    14:33:28.0375 2980 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
    14:33:28.0375 2980 C:\WINDOWS\system32\clusapi.dll - ok
    14:33:28.0375 2980 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
    14:33:28.0375 2980 C:\WINDOWS\system32\resutils.dll - ok
    14:33:28.0375 2980 [ 5BB01B9F582259D1FB7653C5C1DA3653 ] C:\WINDOWS\system32\drivers\mcstrm.sys
    14:33:28.0375 2980 C:\WINDOWS\system32\drivers\mcstrm.sys - ok
    14:33:28.0390 2980 [ 11F714F85530A2BD134074DC30E99FCA ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    14:33:28.0390 2980 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE - ok
    14:33:28.0390 2980 [ E246A32C445056996074A397DA56E815 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
    14:33:28.0390 2980 C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
    14:33:28.0390 2980 [ A7566DA7AA8B74F1CEBC18AFD6B6CFA0 ] C:\WINDOWS\system32\drivers\MrtRate.sys
    14:33:28.0390 2980 C:\WINDOWS\system32\drivers\MrtRate.sys - ok
    14:33:28.0390 2980 [ A21C2A8E47D40FCC40A2B1573E666A53 ] C:\Program Files\Java\jre7\bin\awt.dll
    14:33:28.0390 2980 C:\Program Files\Java\jre7\bin\awt.dll - ok
    14:33:28.0421 2980 [ 1B959A0614D575D0AB3B09095F0A8B83 ] C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
    14:33:28.0421 2980 C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe - ok
    14:33:28.0421 2980 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\MSVCP71.DLL
    14:33:28.0421 2980 C:\WINDOWS\system32\MSVCP71.DLL - ok
    14:33:28.0421 2980 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\MSVCR71.DLL
    14:33:28.0421 2980 C:\WINDOWS\system32\MSVCR71.DLL - ok
    14:33:28.0437 2980 [ 4C90DC07F50D3928EC5176098A811E82 ] C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\opends60.dll
    14:33:28.0437 2980 C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\opends60.dll - ok
    14:33:28.0437 2980 [ 966CD21542A62F9AB237D84C451CC137 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
    14:33:28.0437 2980 C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
    14:33:28.0437 2980 [ 0E3388BC341FCAF843E85541FCCCDD83 ] C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlsort.dll
    14:33:28.0437 2980 C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlsort.dll - ok
    14:33:28.0437 2980 [ 90760987BCCCF34D05EF6093EC278A96 ] C:\Program Files\Java\jre7\bin\dcpr.dll
    14:33:28.0437 2980 C:\Program Files\Java\jre7\bin\dcpr.dll - ok
    14:33:28.0453 2980 [ 6BD0412235B2A16FC3C333CE7E93BDF2 ] C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\ums.dll
    14:33:28.0453 2980 C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\ums.dll - ok
    14:33:28.0453 2980 [ D2D31D7A394A70040FCAC5F54A130FBA ] C:\Program Files\Java\jre7\bin\deploy.dll
    14:33:28.0453 2980 C:\Program Files\Java\jre7\bin\deploy.dll - ok
    14:33:28.0453 2980 [ 109BF99C6CA4C590D4ABB4F67B499099 ] C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\Resources\1033\sqlevn70.rll
    14:33:28.0453 2980 C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\Resources\1033\sqlevn70.rll - ok
    14:33:28.0468 2980 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
    14:33:28.0468 2980 C:\WINDOWS\system32\netman.dll - ok
    14:33:28.0468 2980 [ 3E73B088F57666A8F0F15496F0A602EE ] C:\Program Files\Common Files\Motive\pcCMService.exe
    14:33:28.0468 2980 C:\Program Files\Common Files\Motive\pcCMService.exe - ok
    14:33:28.0468 2980 [ 356731FF5F3B5E8CC9B87B99CC148A69 ] C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\SQLBOOT.dll
    14:33:28.0468 2980 C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\SQLBOOT.dll - ok
    14:33:28.0468 2980 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
    14:33:28.0484 2980 C:\WINDOWS\system32\netshell.dll - ok
    14:33:28.0484 2980 [ 288BAE65C61BCEE6A5E7E7362D2CD417 ] C:\Program Files\PCPitstop\PC MaticRT\PCPitstopRTService.exe
    14:33:28.0484 2980 C:\Program Files\PCPitstop\PC MaticRT\PCPitstopRTService.exe - ok
    14:33:28.0484 2980 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
    14:33:28.0484 2980 C:\WINDOWS\system32\credui.dll - ok
    14:33:28.0484 2980 [ C09775FEB73BDF16BB87A509C5FF12AD ] C:\Program Files\Java\jre7\bin\fontmanager.dll
    14:33:28.0484 2980 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
    14:33:28.0500 2980 [ F0F26A48165EDB26E33C5598ACD1F019 ] C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\SSnetlib.dll
    14:33:28.0500 2980 C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\SSnetlib.dll - ok
    14:33:28.0500 2980 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
    14:33:28.0500 2980 C:\WINDOWS\system32\dot3dlg.dll - ok
    14:33:28.0500 2980 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
    14:33:28.0500 2980 C:\WINDOWS\system32\onex.dll - ok
    14:33:28.0515 2980 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
    14:33:28.0515 2980 C:\WINDOWS\system32\eappcfg.dll - ok
    14:33:28.0515 2980 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
    14:33:28.0515 2980 C:\WINDOWS\system32\eappprxy.dll - ok
    14:33:28.0515 2980 [ DC646689267C3965F179D96145981623 ] C:\Program Files\PCPitstop\PC MaticRT\spursdownload.dll
    14:33:28.0515 2980 C:\Program Files\PCPitstop\PC MaticRT\spursdownload.dll - ok
    14:33:28.0515 2980 [ 86BF40F2AB08BE8B358738A04715B55A ] C:\Program Files\PCPitstop\PC MaticRT\sbte.dll
    14:33:28.0515 2980 C:\Program Files\PCPitstop\PC MaticRT\sbte.dll - ok
    14:33:28.0531 2980 [ B98F28229D292B99FF449FF3647F31BA ] C:\Program Files\Java\jre7\bin\java.dll
    14:33:28.0531 2980 C:\Program Files\Java\jre7\bin\java.dll - ok
    14:33:28.0531 2980 [ EB8FB76C3D69385AB24E7F15EFBEC761 ] C:\Program Files\PCPitstop\PC MaticRT\sbap.dll
    14:33:28.0531 2980 C:\Program Files\PCPitstop\PC MaticRT\sbap.dll - ok
    14:33:28.0531 2980 [ F22066CE95253BC57A054623A65EDA06 ] C:\Program Files\PCPitstop\PC MaticRT\sqlite3.dll
    14:33:28.0531 2980 C:\Program Files\PCPitstop\PC MaticRT\sqlite3.dll - ok
    14:33:28.0546 2980 [ 2C04FD22C5E2BCBD612D1EA4F4046274 ] C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\SSmsLPCn.dll
    14:33:28.0546 2980 C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\SSmsLPCn.dll - ok
    14:33:28.0546 2980 [ 23C84DBECF3BD95687623F23BCD66441 ] C:\Program Files\Java\jre7\bin\javaw.exe
    14:33:28.0546 2980 C:\Program Files\Java\jre7\bin\javaw.exe - ok
    14:33:28.0546 2980 [ 8D45BF21A269B379C86A02928EB617DD ] C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
    14:33:28.0546 2980 C:\Program Files\PCPitstop\PCPitstopScheduleService.exe - ok
    14:33:28.0562 2980 [ 0384126B913AC2E090804C642302945E ] C:\Program Files\Java\jre7\bin\jp2native.dll
    14:33:28.0562 2980 C:\Program Files\Java\jre7\bin\jp2native.dll - ok
    14:33:28.0562 2980 [ A4D6449CEBB5931685AE310DC2D7966D ] C:\Program Files\Common Files\Motive\pcServiceHost.exe
    14:33:28.0562 2980 C:\Program Files\Common Files\Motive\pcServiceHost.exe - ok
    14:33:28.0562 2980 [ CB91CCFA95601066772A004550B55A85 ] C:\Program Files\Java\jre7\bin\jpeg.dll
    14:33:28.0562 2980 C:\Program Files\Java\jre7\bin\jpeg.dll - ok
    14:33:28.0578 2980 [ 2E4A927544CDA0279501AA757FFFB538 ] C:\Program Files\Java\jre7\bin\net.dll
    14:33:28.0578 2980 C:\Program Files\Java\jre7\bin\net.dll - ok
    14:33:28.0578 2980 [ 3072137896BFCCF4B190D248F583B48E ] C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
    14:33:28.0578 2980 C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe - ok
    14:33:28.0578 2980 [ C85670AB64068F8080998AEBA6C5019C ] C:\WINDOWS\system32\atl100.dll
    14:33:28.0578 2980 C:\WINDOWS\system32\atl100.dll - ok
    14:33:28.0578 2980 [ 805766A11E747A44C7C5FBD7F26E9001 ] C:\Program Files\Java\jre7\bin\nio.dll
    14:33:28.0578 2980 C:\Program Files\Java\jre7\bin\nio.dll - ok
    14:33:28.0593 2980 [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\system32\msvcp100.dll
    14:33:28.0593 2980 C:\WINDOWS\system32\msvcp100.dll - ok
    14:33:28.0593 2980 [ 2D168A9627CFCE9C5AC20A90E54D66D4 ] C:\Program Files\Java\jre7\bin\verify.dll
    14:33:28.0593 2980 C:\Program Files\Java\jre7\bin\verify.dll - ok
    14:33:28.0593 2980 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\system32\msvcr100.dll
    14:33:28.0593 2980 C:\WINDOWS\system32\msvcr100.dll - ok
    14:33:28.0609 2980 [ 9D54D4A8C18081F398FEC0D839340542 ] C:\Program Files\Java\jre7\bin\zip.dll
    14:33:28.0609 2980 C:\Program Files\Java\jre7\bin\zip.dll - ok
    14:33:28.0609 2980 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
    14:33:28.0609 2980 C:\WINDOWS\system32\ipsecsvc.dll - ok
    14:33:28.0609 2980 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
    14:33:28.0609 2980 C:\WINDOWS\system32\oakley.dll - ok
    14:33:28.0625 2980 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
    14:33:28.0625 2980 C:\WINDOWS\system32\winipsec.dll - ok
    14:33:28.0625 2980 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
    14:33:28.0625 2980 C:\WINDOWS\system32\pstorsvc.dll - ok
    14:33:28.0625 2980 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
    14:33:28.0625 2980 C:\WINDOWS\system32\psbase.dll - ok
    14:33:28.0640 2980 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
    14:33:28.0640 2980 C:\WINDOWS\system32\seclogon.dll - ok
    14:33:28.0640 2980 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] C:\Program Files\Skype\Updater\Updater.exe
    14:33:28.0640 2980 C:\Program Files\Skype\Updater\Updater.exe - ok
    14:33:28.0640 2980 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
    14:33:28.0640 2980 C:\WINDOWS\system32\regsvc.dll - ok
    14:33:28.0640 2980 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
    14:33:28.0640 2980 C:\WINDOWS\system32\dssenh.dll - ok
    14:33:28.0656 2980 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
    14:33:28.0656 2980 C:\WINDOWS\system32\sens.dll - ok
    14:33:28.0656 2980 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
    14:33:28.0656 2980 C:\WINDOWS\system32\ssdpsrv.dll - ok
    14:33:28.0656 2980 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
    14:33:28.0656 2980 C:\WINDOWS\system32\tapisrv.dll - ok
    14:33:28.0671 2980 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
    14:33:28.0671 2980 C:\WINDOWS\system32\wiaservc.dll - ok
    14:33:28.0671 2980 [ 3199A477F0F06EEDE41BD55179F8EB05 ] C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    14:33:28.0671 2980 C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe - ok
    14:33:28.0671 2980 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
    14:33:28.0671 2980 C:\WINDOWS\system32\cfgmgr32.dll - ok
    14:33:28.0671 2980 [ DF0A511F38F16016BF658FCA0090CB87 ] C:\WINDOWS\ehome\mcrdsvc.exe
    14:33:28.0671 2980 C:\WINDOWS\ehome\mcrdsvc.exe - ok
    14:33:28.0687 2980 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
    14:33:28.0687 2980 C:\WINDOWS\system32\wuauserv.dll - ok
    14:33:28.0687 2980 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
    14:33:28.0687 2980 C:\WINDOWS\system32\mscms.dll - ok
    14:33:28.0687 2980 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
    14:33:28.0687 2980 C:\WINDOWS\system32\wuaueng.dll - ok
    14:33:28.0703 2980 [ E97D6A8684466DF94FF3BC24FB787A07 ] C:\WINDOWS\system32\fxssvc.exe
    14:33:28.0703 2980 C:\WINDOWS\system32\fxssvc.exe - ok
    14:33:28.0703 2980 [ BDB83C844EDEC9BD01A94750D2C38DDF ] C:\WINDOWS\system32\fxsevent.dll
    14:33:28.0703 2980 C:\WINDOWS\system32\fxsevent.dll - ok
    14:33:28.0703 2980 [ 1144EF6B4BB72E33B41912AE1AE4F97A ] C:\WINDOWS\system32\fxstiff.dll
    14:33:28.0703 2980 C:\WINDOWS\system32\fxstiff.dll - ok
    14:33:28.0718 2980 [ 0329D0A4F230094B669A87BB3B85606E ] C:\WINDOWS\system32\fxsapi.dll
    14:33:28.0718 2980 C:\WINDOWS\system32\fxsapi.dll - ok
    14:33:28.0718 2980 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
    14:33:28.0718 2980 C:\WINDOWS\system32\cabinet.dll - ok
    14:33:28.0718 2980 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
    14:33:28.0718 2980 C:\WINDOWS\system32\mspatcha.dll - ok
    14:33:28.0718 2980 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
    14:33:28.0718 2980 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
    14:33:28.0734 2980 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
    14:33:28.0734 2980 C:\WINDOWS\system32\spoolss.dll - ok
    14:33:28.0734 2980 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
    14:33:28.0734 2980 C:\WINDOWS\system32\vssapi.dll - ok
    14:33:28.0734 2980 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
    14:33:28.0734 2980 C:\WINDOWS\system32\trkwks.dll - ok
    14:33:28.0750 2980 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
    14:33:28.0750 2980 C:\WINDOWS\system32\localspl.dll - ok
    14:33:28.0750 2980 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
    14:33:28.0750 2980 C:\WINDOWS\system32\browser.dll - ok
    14:33:28.0750 2980 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
    14:33:28.0750 2980 C:\WINDOWS\system32\ipnathlp.dll - ok
    14:33:28.0765 2980 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
    14:33:28.0765 2980 C:\WINDOWS\system32\cnbjmon.dll - ok
    14:33:28.0765 2980 [ E9EB121EB5B7A85C06C91B689ABB8667 ] C:\WINDOWS\system32\dlcqlmpm.dll
    14:33:28.0765 2980 C:\WINDOWS\system32\dlcqlmpm.dll - ok
    14:33:28.0765 2980 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
    14:33:28.0765 2980 C:\WINDOWS\system32\wscsvc.dll - ok
    14:33:28.0765 2980 [ F0AE692B5137640B573D22FF90F38FC3 ] C:\WINDOWS\system32\dlcqcomc.dll
    14:33:28.0765 2980 C:\WINDOWS\system32\dlcqcomc.dll - ok
    14:33:28.0781 2980 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
    14:33:28.0781 2980 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
    14:33:28.0781 2980 [ 906E85B7DDFF8AF4FB5B8F39EDB187A4 ] C:\WINDOWS\system32\dlcqserv.dll
    14:33:28.0781 2980 C:\WINDOWS\system32\dlcqserv.dll - ok
    14:33:28.0781 2980 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
    14:33:28.0781 2980 C:\WINDOWS\system32\wbem\esscli.dll - ok
    14:33:28.0796 2980 [ 15F8FF59ECA198F4404759A481E17FA0 ] C:\WINDOWS\system32\dlcqinpa.dll
    14:33:28.0796 2980 C:\WINDOWS\system32\dlcqinpa.dll - ok
    14:33:28.0796 2980 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
    14:33:28.0796 2980 C:\WINDOWS\system32\wbem\fastprox.dll - ok
    14:33:28.0796 2980 [ 6A88AAA6E2A7866D1E1D2C8FB8DD5B92 ] C:\WINDOWS\system32\dlcqiesc.dll
    14:33:28.0796 2980 C:\WINDOWS\system32\dlcqiesc.dll - ok
    14:33:28.0796 2980 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
    14:33:28.0796 2980 C:\WINDOWS\system32\wups.dll - ok
    14:33:28.0812 2980 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
    14:33:28.0812 2980 C:\WINDOWS\system32\wups2.dll - ok
    14:33:28.0812 2980 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
    14:33:28.0812 2980 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
    14:33:28.0812 2980 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
    14:33:28.0812 2980 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
    14:33:28.0828 2980 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
    14:33:28.0828 2980 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
    14:33:28.0828 2980 [ AF28DADFA9CE266068F5B960CD8456F3 ] C:\WINDOWS\system32\dlcqusb1.dll
    14:33:28.0828 2980 C:\WINDOWS\system32\dlcqusb1.dll - ok
    14:33:28.0828 2980 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
    14:33:28.0828 2980 C:\WINDOWS\system32\wuauclt.exe - ok
    14:33:28.0843 2980 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
    14:33:28.0843 2980 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
    14:33:28.0843 2980 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
    14:33:28.0843 2980 C:\WINDOWS\system32\wbem\wbemess.dll - ok
    14:33:28.0843 2980 [ C4325CA52037BD89BDA75AB30CD470B9 ] C:\WINDOWS\system32\dlcqhbn3.dll
    14:33:28.0843 2980 C:\WINDOWS\system32\dlcqhbn3.dll - ok
    14:33:28.0843 2980 [ A1155047AFA986EED03D1D87CF56A08F ] C:\Program Files\PCPitstop\PC MaticRT\vipre.dll
    14:33:28.0843 2980 C:\Program Files\PCPitstop\PC MaticRT\vipre.dll - ok
    14:33:28.0859 2980 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
    14:33:28.0859 2980 C:\WINDOWS\system32\wuapi.dll - ok
    14:33:28.0859 2980 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
    14:33:28.0859 2980 C:\WINDOWS\system32\wbem\ncprov.dll - ok
    14:33:28.0859 2980 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
    14:33:28.0859 2980 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
    14:33:28.0875 2980 [ C731FC78CB6546C7FE189C9A40D7EED0 ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\remediation.dll
    14:33:28.0875 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\remediation.dll - ok
    14:33:28.0875 2980 [ 8CC1E3DE187CBAEF7A27A8EA8708B3D9 ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\vcore.dll
    14:33:28.0875 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\vcore.dll - ok
    14:33:28.0875 2980 [ 86E07DF4F973DDEC495DE10700052AEB ] C:\WINDOWS\system32\lexlmpm.dll
    14:33:28.0875 2980 C:\WINDOWS\system32\lexlmpm.dll - ok
    14:33:28.0875 2980 [ 078ABC078653AA76640C51A6BECBAC6C ] C:\WINDOWS\system32\LEXP2P32.DLL
    14:33:28.0875 2980 C:\WINDOWS\system32\LEXP2P32.DLL - ok
    14:33:28.0890 2980 [ DD9991774F5D5D3A31C6FADDD90BAACE ] C:\WINDOWS\system32\LEX2KUSB.DLL
    14:33:28.0890 2980 C:\WINDOWS\system32\LEX2KUSB.DLL - ok
    14:33:28.0890 2980 [ E1FA02EDF4B0A028DC6CA0519B84B183 ] C:\WINDOWS\system32\DLPRMON.DLL
    14:33:28.0890 2980 C:\WINDOWS\system32\DLPRMON.DLL - ok
    14:33:28.0890 2980 [ D1B01B7933F26211E80EAC667A909E1B ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\patchw32.dll
    14:33:28.0890 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\patchw32.dll - ok
    14:33:28.0906 2980 [ 86C5AAC31EA7909121327701045F74BD ] C:\WINDOWS\system32\IMGMAN32.DLL
    14:33:28.0906 2980 C:\WINDOWS\system32\IMGMAN32.DLL - ok
    14:33:28.0906 2980 [ 9F22E3CE1639917EB07DCC730CD0D410 ] C:\WINDOWS\system32\IM31IMG.DIL
    14:33:28.0906 2980 C:\WINDOWS\system32\IM31IMG.DIL - ok
    14:33:28.0906 2980 [ 79F4250E099096C25797F1BAD35921FE ] C:\WINDOWS\system32\IM31XPNG.DEL
    14:33:28.0906 2980 C:\WINDOWS\system32\IM31XPNG.DEL - ok
    14:33:28.0906 2980 [ 6A858BCA55DBAB2E5884A1592B4EAEBB ] C:\WINDOWS\system32\IM31XTIF.DEL
    14:33:28.0906 2980 C:\WINDOWS\system32\IM31XTIF.DEL - ok
    14:33:28.0921 2980 [ 232565D4769CE44745A87CF466E91952 ] C:\WINDOWS\system32\IMHOST32.DLL
    14:33:28.0921 2980 C:\WINDOWS\system32\IMHOST32.DLL - ok
    14:33:28.0921 2980 [ 03271B94B73BEB7747828C5CEE07B0BE ] C:\Program Files\Dell PC Fax\dlctrstr.dll
    14:33:28.0921 2980 C:\Program Files\Dell PC Fax\dlctrstr.dll - ok
    14:33:28.0921 2980 [ 4541280D277742653E1027DC5CA13E71 ] C:\Program Files\Dell PC Fax\ipcmt.dll
    14:33:28.0921 2980 C:\Program Files\Dell PC Fax\ipcmt.dll - ok
    14:33:28.0937 2980 [ F69CAE2B7A756D8C8BEDC27E54CED23C ] C:\WINDOWS\system32\hpzlnt03.dll
    14:33:28.0937 2980 C:\WINDOWS\system32\hpzlnt03.dll - ok
    14:33:28.0937 2980 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\WINDOWS\system32\mdimon.dll
    14:33:28.0937 2980 C:\WINDOWS\system32\mdimon.dll - ok
    14:33:28.0937 2980 [ CC6292CA575E851E5B74BF8883AB967A ] C:\WINDOWS\system32\fxsmon.dll
    14:33:28.0937 2980 C:\WINDOWS\system32\fxsmon.dll - ok
    14:33:28.0953 2980 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
    14:33:28.0953 2980 C:\WINDOWS\system32\pjlmon.dll - ok
    14:33:28.0953 2980 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
    14:33:28.0953 2980 C:\WINDOWS\system32\tcpmon.dll - ok
    14:33:28.0953 2980 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
    14:33:28.0953 2980 C:\WINDOWS\system32\usbmon.dll - ok
    14:33:28.0953 2980 [ 4D6827A71C69A75B185691301B9ED81C ] C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcqdrpp.dll
    14:33:28.0953 2980 C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcqdrpp.dll - ok
    14:33:28.0968 2980 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
    14:33:28.0968 2980 C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
    14:33:28.0968 2980 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
    14:33:28.0968 2980 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
    14:33:28.0968 2980 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
    14:33:28.0968 2980 C:\WINDOWS\system32\win32spl.dll - ok
    14:33:28.0984 2980 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
    14:33:28.0984 2980 C:\WINDOWS\system32\netrap.dll - ok
    14:33:28.0984 2980 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
    14:33:28.0984 2980 C:\WINDOWS\system32\inetpp.dll - ok
    14:33:28.0984 2980 [ 0CE5F8AE9C371A965D17E3F2ED134809 ] C:\WINDOWS\system32\fxst30.dll
    14:33:28.0984 2980 C:\WINDOWS\system32\fxst30.dll - ok
    14:33:29.0000 2980 [ 2D583E2844FDD592D1629EB6B10E5702 ] C:\WINDOWS\system32\fxsroute.dll
    14:33:29.0000 2980 C:\WINDOWS\system32\fxsroute.dll - ok
    14:33:29.0000 2980 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
    14:33:29.0000 2980 C:\WINDOWS\system32\unimdm.tsp - ok
    14:33:29.0000 2980 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
    14:33:29.0000 2980 C:\WINDOWS\system32\uniplat.dll - ok
    14:33:29.0000 2980 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
    14:33:29.0000 2980 C:\WINDOWS\system32\kmddsp.tsp - ok
    14:33:29.0015 2980 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
    14:33:29.0015 2980 C:\WINDOWS\system32\ndptsp.tsp - ok
    14:33:29.0015 2980 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
    14:33:29.0015 2980 C:\WINDOWS\system32\ipconf.tsp - ok
    14:33:29.0015 2980 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
    14:33:29.0015 2980 C:\WINDOWS\system32\h323.tsp - ok
    14:33:29.0031 2980 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
    14:33:29.0031 2980 C:\WINDOWS\system32\hidphone.tsp - ok
    14:33:29.0031 2980 [ 3E8FE7E72E4C269771BC25FDAF9184C6 ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\lgpl.dll
    14:33:29.0031 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\lgpl.dll - ok
    14:33:29.0031 2980 [ 7DC7D177B59D55B1A09F3A8E14FDFB58 ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\lib7zip.dll
    14:33:29.0031 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\lib7zip.dll - ok
    14:33:29.0031 2980 [ 50BC994B5BD8A2F905A69F601FC3DC1D ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libBase64.dll
    14:33:29.0031 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libBase64.dll - ok
    14:33:29.0046 2980 [ 0EFC248A61B604DC84C89F400CA1C1F0 ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libCHM.dll
    14:33:29.0046 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libCHM.dll - ok
    14:33:29.0046 2980 [ C8EA2E332EC6884D08CE2D5EEFCB8440 ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libEmail.dll
    14:33:29.0046 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libEmail.dll - ok
    14:33:29.0046 2980 [ BF47C9A5372E4DF8F435AB2F03BE3C32 ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libMachoUniv.dll
    14:33:29.0046 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libMachoUniv.dll - ok
    14:33:29.0062 2980 [ 28188263A5D451261ECBFA6303D4D702 ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libMsCab.dll
    14:33:29.0062 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libMsCab.dll - ok
    14:33:29.0062 2980 [ 3225B53B1C53672E97295861947ED3DE ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libMsi.dll
    14:33:29.0062 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libMsi.dll - ok
    14:33:29.0062 2980 [ 5798D98B64240F18A012AA76F632734A ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libNSIS.dll
    14:33:29.0062 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libNSIS.dll - ok
    14:33:29.0078 2980 [ 1F8A4BE6C00F689A6FE3A678B5C2B603 ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libOleA.dll
    14:33:29.0078 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libOleA.dll - ok
    14:33:29.0078 2980 [ FB5C1ED6BBA79291FDA664CF142EEA4D ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libRar.dll
    14:33:29.0078 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libRar.dll - ok
    14:33:29.0078 2980 [ 56DD7D9679A86EFC4C31A03A92C3237D ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libRTF.dll
    14:33:29.0078 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libRTF.dll - ok
    14:33:29.0078 2980 [ 5D2638498DEA94F0D65136D49625A8DC ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libtd.dll
    14:33:29.0078 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libtd.dll - ok
    14:33:29.0093 2980 [ 477E3D0DF9DC60957CB9E0C0D8B47019 ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libVvs.dll
    14:33:29.0093 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libVvs.dll - ok
    14:33:29.0093 2980 [ 0E47902C881A09DC64D5DEBA611B370A ] C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libZip.dll
    14:33:29.0093 2980 C:\Documents and Settings\All Users\Application Data\PCPitstopDat\datRT\libZip.dll - ok
    14:33:29.0093 2980 [ CEA8F7E45B7B098F5FB085BB6A6A4432 ] C:\WINDOWS\system32\wscript.exe
    14:33:29.0093 2980 C:\WINDOWS\system32\wscript.exe - ok
    14:33:29.0109 2980 [ 63AE668F783DF28772D200F41CB40873 ] C:\WINDOWS\system32\scrobj.dll
    14:33:29.0109 2980 C:\WINDOWS\system32\scrobj.dll - ok
    14:33:29.0109 2980 [ 0ECB0609A35E35E159D77E48528A8CEC ] C:\Program Files\Common Files\Motive\MECDiscoveryServiceX.dll
    14:33:29.0109 2980 C:\Program Files\Common Files\Motive\MECDiscoveryServiceX.dll - ok
    14:33:29.0109 2980 [ A234CEC0C09E8FA71E45141E53073710 ] C:\Program Files\Common Files\Motive\MREW32N55_550-1804-3.dll
    14:33:29.0109 2980 C:\Program Files\Common Files\Motive\MREW32N55_550-1804-3.dll - ok
    14:33:29.0125 2980 [ 148DB940A74269CCDE1E4C51B06C39CA ] C:\Program Files\Common Files\Motive\MECHNDataServiceX.dll
    14:33:29.0125 2980 C:\Program Files\Common Files\Motive\MECHNDataServiceX.dll - ok
    14:33:29.0125 2980 [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe
    14:33:29.0125 2980 C:\WINDOWS\system32\mpnotify.exe - ok
    14:33:29.0125 2980 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
    14:33:29.0125 2980 C:\WINDOWS\system32\cscui.dll - ok
    14:33:29.0125 2980 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
    14:33:29.0140 2980 C:\WINDOWS\system32\dpcdll.dll - ok
    14:33:29.0140 2980 [ 12E33DD823D74680DE6F33BFA359EFB3 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    14:33:29.0140 2980 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
    14:33:29.0140 2980 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
    14:33:29.0140 2980 C:\WINDOWS\system32\userinit.exe - ok
    14:33:29.0140 2980 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
    14:33:29.0140 2980 C:\WINDOWS\explorer.exe - ok
    14:33:29.0156 2980 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
    14:33:29.0156 2980 C:\WINDOWS\system32\browseui.dll - ok
    14:33:29.0156 2980 [ FD5EAC0C148E96DF4E2160354C54360C ] C:\WINDOWS\system32\shdocvw.dll
    14:33:29.0156 2980 C:\WINDOWS\system32\shdocvw.dll - ok
    14:33:29.0156 2980 [ 4D153BDE01AA3FD33414199052051549 ] C:\Program Files\AVAST Software\Avast\ashShell.dll
    14:33:29.0156 2980 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
    14:33:29.0171 2980 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
    14:33:29.0171 2980 C:\WINDOWS\system32\desk.cpl - ok
    14:33:29.0171 2980 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
    14:33:29.0171 2980 C:\WINDOWS\system32\themeui.dll - ok
    14:33:29.0171 2980 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
    14:33:29.0171 2980 C:\WINDOWS\system32\cmd.exe - ok
    14:33:29.0171 2980 [ D573DEB87CB2DF4E5116D2A4E284EAB4 ] C:\WINDOWS\system32\ieframe.dll
    14:33:29.0171 2980 C:\WINDOWS\system32\ieframe.dll - ok
    14:33:29.0187 2980 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
    14:33:29.0187 2980 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
    14:33:29.0187 2980 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
    14:33:29.0187 2980 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
    14:33:29.0187 2980 [ 037EA930F3908506B2D9F9BDC6258554 ] C:\Program Files\Common Files\Motive\pcSMX.dll
    14:33:29.0187 2980 C:\Program Files\Common Files\Motive\pcSMX.dll - ok
    14:33:29.0203 2980 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
    14:33:29.0203 2980 C:\WINDOWS\system32\wbem\framedyn.dll - ok
    14:33:29.0203 2980 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
    14:33:29.0203 2980 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
    14:33:29.0203 2980 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
    14:33:29.0203 2980 C:\WINDOWS\system32\netcfgx.dll - ok
    14:33:29.0218 2980 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
    14:33:29.0218 2980 C:\WINDOWS\system32\icmp.dll - ok
    14:33:29.0218 2980 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
    14:33:29.0218 2980 C:\WINDOWS\system32\drprov.dll - ok
    14:33:29.0218 2980 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
    14:33:29.0218 2980 C:\WINDOWS\system32\ntlanman.dll - ok
    14:33:29.0218 2980 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
    14:33:29.0218 2980 C:\WINDOWS\system32\netui0.dll - ok
    14:33:29.0234 2980 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
    14:33:29.0234 2980 C:\WINDOWS\system32\netui1.dll - ok
    14:33:29.0234 2980 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
    14:33:29.0234 2980 C:\WINDOWS\system32\davclnt.dll - ok
    14:33:29.0234 2980 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
    14:33:29.0234 2980 C:\WINDOWS\system32\cryptnet.dll - ok
    14:33:29.0250 2980 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
    14:33:29.0250 2980 C:\WINDOWS\system32\sensapi.dll - ok
    14:33:29.0250 2980 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\DOCUME~1\TODDSE~1\LOCALS~1\temp\C92E4A90-4191-4B87-B157-846F12E795C4.exe
    14:33:29.0250 2980 C:\DOCUME~1\TODDSE~1\LOCALS~1\temp\C92E4A90-4191-4B87-B157-846F12E795C4.exe - ok
    14:33:29.0250 2980 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\96323847.sys
    14:33:29.0250 2980 C:\WINDOWS\system32\drivers\96323847.sys - ok
    14:33:29.0250 2980 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
    14:33:29.0265 2980 C:\WINDOWS\system32\rasmans.dll - ok
    14:33:29.0265 2980 [ 0A9BA6AF531AFE7FA5E4FB973852D863 ] C:\WINDOWS\system32\dllhost.exe
    14:33:29.0265 2980 C:\WINDOWS\system32\dllhost.exe - ok
    14:33:29.0265 2980 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
    14:33:29.0265 2980 C:\WINDOWS\system32\rastapi.dll - ok
    14:33:29.0265 2980 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
    14:33:29.0265 2980 C:\WINDOWS\system32\rasppp.dll - ok
    14:33:29.0281 2980 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
    14:33:29.0281 2980 C:\WINDOWS\system32\ntlsapi.dll - ok
    14:33:29.0281 2980 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] C:\PROGRA~1\COMMON~1\Motive\MRESP50.sys
    14:33:29.0281 2980 C:\PROGRA~1\COMMON~1\Motive\MRESP50.sys - ok
    14:33:29.0281 2980 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
    14:33:29.0281 2980 C:\WINDOWS\system32\termsrv.dll - ok
    14:33:29.0296 2980 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
    14:33:29.0296 2980 C:\WINDOWS\system32\icaapi.dll - ok
    14:33:29.0296 2980 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
    14:33:29.0296 2980 C:\WINDOWS\system32\rasqec.dll - ok
    14:33:29.0296 2980 [ 17E0CF9C8CBB717D05948656BCD86EFA ] C:\WINDOWS\system32\txflog.dll
    14:33:29.0296 2980 C:\WINDOWS\system32\txflog.dll - ok
    14:33:29.0296 2980 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
    14:33:29.0296 2980 C:\WINDOWS\system32\mstlsapi.dll - ok
    14:33:29.0312 2980 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
    14:33:29.0312 2980 C:\WINDOWS\system32\actxprxy.dll - ok
    14:33:29.0312 2980 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
    14:33:29.0312 2980 C:\WINDOWS\system32\alg.exe - ok
    14:33:29.0312 2980 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
    14:33:29.0312 2980 C:\WINDOWS\system32\msutb.dll - ok
    14:33:29.0328 2980 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
    14:33:29.0328 2980 C:\WINDOWS\system32\msctf.dll - ok
    14:33:29.0328 2980 [ 9627EE26C7F3FD023D87DB50C62F5111 ] C:\WINDOWS\ehome\sqldb20.dll
    14:33:29.0328 2980 C:\WINDOWS\ehome\sqldb20.dll - ok
    14:33:29.0328 2980 [ 160762386084A0BB69F91BB694114D14 ] C:\WINDOWS\ehome\sqlse20.dll
    14:33:29.0328 2980 C:\WINDOWS\ehome\sqlse20.dll - ok
    14:33:29.0343 2980 [ A3AE51C21160328EA11F734392A0F269 ] C:\WINDOWS\ehome\sqlqp20.dll
    14:33:29.0343 2980 C:\WINDOWS\ehome\sqlqp20.dll - ok
    14:33:29.0343 2980 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
    14:33:29.0343 2980 C:\WINDOWS\system32\linkinfo.dll - ok
    14:33:29.0343 2980 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
    14:33:29.0343 2980 C:\WINDOWS\system32\ntshrui.dll - ok
    14:33:29.0343 2980 [ F92E1076C42FCD6DB3D72D8CFE9816D5 ] C:\WINDOWS\system32\wscntfy.exe
    14:33:29.0343 2980 C:\WINDOWS\system32\wscntfy.exe - ok
    14:33:29.0359 2980 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
    14:33:29.0359 2980 C:\WINDOWS\system32\verclsid.exe - ok
    14:33:29.0359 2980 [ 047CD344AC7B76BA3C224FAE1A4627C9 ] C:\WINDOWS\system32\WgaTray.exe
    14:33:29.0359 2980 C:\WINDOWS\system32\WgaTray.exe - ok
    14:33:29.0359 2980 ============================================================
    14:33:29.0359 2980 Scan finished
    14:33:29.0359 2980 ============================================================
    14:33:29.0515 2972 Detected object count: 15
    14:33:29.0515 2972 Actual detected object count: 15
    14:40:22.0656 2972 Creative Labs Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0656 2972 Creative Labs Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0656 2972 LexBceS ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0656 2972 LexBceS ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0671 2972 MCSTRM ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0671 2972 MCSTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0671 2972 MHN ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0671 2972 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0671 2972 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0671 2972 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0671 2972 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0671 2972 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0671 2972 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0671 2972 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0671 2972 mrtRate ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0671 2972 mrtRate ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0687 2972 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0687 2972 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0687 2972 pcCMService ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0687 2972 pcCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0687 2972 PCPitstop Realtime ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0687 2972 PCPitstop Realtime ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0687 2972 pcServiceHost ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0687 2972 pcServiceHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0687 2972 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0687 2972 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0687 2972 SQLAgent$MICROSOFTSMLBIZ ( UnsignedFile.Multi.Generic ) - skipped by user
    14:40:22.0687 2972 SQLAgent$MICROSOFTSMLBIZ ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:40:22.0703 2972 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
    14:40:22.0703 2972 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
    14:40:42.0875 3476 Deinitialize success

    ComboFix 12-12-02.01 - Todd Seiders 12/02/2012 15:14:27.3.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.392 [GMT -7:00]
    Running from: c:\documents and settings\Todd Seiders\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Application Data\TEMP
    c:\documents and settings\All Users\Application Data\TEMP\DFC5A2B2.TMP
    c:\documents and settings\Todd Seiders\Favorites\ehthumbs.db
    c:\documents and settings\Todd Seiders\GoToAssistDownloadHelper.exe
    c:\documents and settings\Todd Seiders\WINDOWS
    c:\windows\system32\_000006_.tmp.dll
    c:\windows\system32\avgfwdx.dll
    c:\windows\system32\Cache
    c:\windows\system32\Cache\272512937d9e61a4.fb
    c:\windows\system32\Cache\287204568329e189.fb
    c:\windows\system32\Cache\28bc8f716fd76a47.fb
    c:\windows\system32\Cache\2c53092c95605355.fb
    c:\windows\system32\Cache\2d0c326e61fef9fa.fb
    c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
    c:\windows\system32\Cache\32c84fe32bb74d60.fb
    c:\windows\system32\Cache\389c214452a15107.fb
    c:\windows\system32\Cache\3917078cb68ec657.fb
    c:\windows\system32\Cache\5001c3d28214b8ed.fb
    c:\windows\system32\Cache\590ba23ce359fd0c.fb
    c:\windows\system32\Cache\610289e025a3ee9a.fb
    c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
    c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
    c:\windows\system32\Cache\6d03dad1035885d3.fb
    c:\windows\system32\Cache\90b02e0b9a05d11d.fb
    c:\windows\system32\Cache\a8556537add6dfc5.fb
    c:\windows\system32\Cache\ad10a52aff5e038d.fb
    c:\windows\system32\Cache\bdbffbe35df9b0f1.fb
    c:\windows\system32\Cache\c1fa887b03019701.fb
    c:\windows\system32\Cache\c4d28dca2e7648be.fb
    c:\windows\system32\Cache\ce6c71b7bfd25cd0.fb
    c:\windows\system32\Cache\d201ef9910cd39de.fb
    c:\windows\system32\Cache\d2e94710a5708128.fb
    c:\windows\system32\Cache\d79b9dfe81484ec4.fb
    c:\windows\system32\Cache\e0de16f883bea794.fb
    c:\windows\system32\Cache\f998975c9cc711ee.fb
    c:\windows\system32\drivers\etc\hosts.ics
    c:\windows\system32\SET1003.tmp
    c:\windows\system32\SET10E.tmp
    c:\windows\system32\SET110.tmp
    c:\windows\system32\SET11E.tmp
    c:\windows\system32\URTTemp
    c:\windows\system32\URTTemp\fusion.dll
    c:\windows\system32\URTTemp\mscoree.dll
    c:\windows\system32\URTTemp\mscoree.dll.local
    c:\windows\system32\URTTemp\mscorsn.dll
    c:\windows\system32\URTTemp\mscorwks.dll
    c:\windows\system32\URTTemp\msvcr71.dll
    c:\windows\system32\URTTemp\regtlib.exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-11-02 to 2012-12-02 )))))))))))))))))))))))))))))))
    .
    .
    2012-11-29 15:16 . 2012-11-29 15:16 -------- d-----w- C:\TDSSKiller_Quarantine
    2012-11-28 18:03 . 2012-12-02 22:08 -------- d-----w- c:\documents and settings\All Users\Application Data\boost_interprocess
    2012-11-26 00:57 . 2012-11-26 00:57 -------- d-----w- c:\program files\Common Files\Skype
    2012-11-26 00:27 . 2012-11-26 00:26 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2012-11-26 00:23 . 2012-11-26 00:23 388096 ----a-r- c:\documents and settings\Todd Seiders\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-11-21 17:33 . 2012-11-21 17:33 -------- d-----w- C:\Malwarebytes
    2012-11-19 03:06 . 2012-11-19 03:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Package Cache
    2012-11-19 02:36 . 2012-11-24 23:41 13024 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
    2012-11-19 02:36 . 2012-11-19 02:36 -------- d-----w- c:\documents and settings\Todd Seiders\Local Settings\Application Data\SlimWare Utilities Inc
    2012-11-19 02:19 . 2012-10-02 18:04 58368 ------w- c:\windows\system32\dllcache\synceng.dll
    2012-11-18 23:45 . 2012-10-09 01:59 74968 ----a-w- c:\windows\system32\drivers\sbapifs.sys
    2012-11-18 23:45 . 2012-10-09 01:59 21592 ----a-w- c:\windows\system32\drivers\sbaphd.sys
    2012-11-18 16:48 . 2012-10-30 23:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2012-11-18 16:48 . 2012-10-30 23:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2012-11-18 16:47 . 2012-10-30 23:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2012-11-18 16:47 . 2012-10-30 23:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2012-11-18 16:47 . 2012-10-30 23:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2012-11-18 16:47 . 2012-10-30 23:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
    2012-11-18 16:47 . 2012-10-30 23:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
    2012-11-18 16:47 . 2012-10-30 23:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
    2012-11-18 16:46 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
    2012-11-18 16:46 . 2012-10-30 23:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
    2012-11-18 16:45 . 2012-11-18 16:45 -------- d-----w- c:\program files\AVAST Software
    2012-11-18 16:45 . 2012-11-18 16:45 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
    2012-11-16 05:51 . 2012-11-16 05:51 -------- d-----w- C:\ce1393291911a5112e1c5eb34b8791
    2012-11-10 18:22 . 2012-12-02 20:54 -------- d-----w- c:\documents and settings\All Users\Application Data\PCPitstop
    2012-11-10 18:22 . 2012-11-18 23:42 -------- d-----w- c:\program files\PCPitstop
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-11-28 18:57 . 2012-10-07 00:44 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-11-28 18:57 . 2012-10-07 00:44 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-11-26 00:26 . 2012-04-27 18:00 143872 ----a-w- c:\windows\system32\javacpl.cpl
    2012-11-26 00:26 . 2011-12-16 17:29 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
    2012-11-26 00:26 . 2010-04-27 00:53 746984 ----a-w- c:\windows\system32\deployJava1.dll
    2012-10-22 08:37 . 2005-08-16 10:18 1866368 ----a-w- c:\windows\system32\win32k.sys
    2012-10-02 18:04 . 2005-08-16 10:18 58368 ----a-w- c:\windows\system32\synceng.dll
    2012-09-30 01:54 . 2011-05-15 03:40 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-09-13 06:05 . 2012-09-28 19:13 124240 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
    2009-09-13 06:06 . 2012-09-28 19:13 13136 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
    2009-09-13 06:06 . 2012-09-28 19:13 70488 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
    2009-09-13 06:06 . 2012-09-28 19:13 91480 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
    2009-09-13 06:06 . 2012-09-28 19:13 22360 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
    2009-09-13 06:07 . 2012-09-28 19:13 255312 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
    2009-09-13 06:06 . 2012-09-28 19:13 31064 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
    2009-09-13 06:06 . 2012-09-28 19:13 40280 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
    2009-08-14 20:33 . 2012-09-28 19:13 652640 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
    2009-09-13 06:06 . 2012-09-28 19:13 23896 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2012-10-30 23:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-10-13 39408]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-11-09 17877168]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-19 421888]
    "Comcast_McciTrayApp"="c:\program files\Comcast\pcTrayApp.exe" [2012-06-12 1966592]
    "Info Center"="c:\program files\PCPitstop\Info Center\InfoCenter.exe" [2012-06-15 26816]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
    "PC MaticRT"="c:\program files\PCPitstop\PC MaticRT\PCMaticRT.exe" [2012-10-09 1518080]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2011-08-19 465944]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2012-09-24 03:43 926896 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
    2012-08-28 03:32 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConnectionCenter]
    2009-09-13 06:09 103768 ----a-w- c:\program files\Citrix\ICA Client\concentr.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileHippo.com]
    2012-03-26 07:34 306688 ----a-w- c:\program files\FileHippo.com\UpdateChecker.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater]
    2012-06-04 15:31 1466760 ----a-w- c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
    2005-06-10 17:44 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
    2011-08-12 19:18 205336 ----a-w- c:\program files\Logitech\LWS\Webcam Software\LWS.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2012-04-19 02:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2012-07-03 15:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
    2012-11-17 21:26 4763008 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2012-10-13 22:55 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
    2012-01-23 04:43 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe]
    2006-09-20 14:35 20480 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "DisableNotifications"= 1 (0x1)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\WINDOWS\\system32\\dlcqcoms.exe"=
    "c:\\WINDOWS\\system32\\LEXPPS.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\File Type Assistant\\tsassist.exe"=
    "c:\\Program Files\\Common Files\\Motive\\pcServiceHost.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    .
    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [1/25/2009 2:39 PM 64288]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11/18/2012 9:47 AM 738504]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11/18/2012 9:48 AM 361032]
    R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [9/8/2009 6:13 PM 65584]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 9:27 AM 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 2:55 PM 67664]
    R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [11/18/2012 4:45 PM 21592]
    R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [7/11/2012 11:54 AM 116608]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11/18/2012 9:48 AM 21256]
    R2 DeviceFinderService;DeviceFinderService;c:\program files\Sony\PlayMemories Home\dfs.exe [4/22/2012 9:07 AM 149048]
    R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [9/16/2012 7:35 PM 399432]
    R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [11/17/2006 12:28 PM 34712]
    R2 pcCMService;pcCMService;c:\program files\Common Files\Motive\pcCMService.exe [10/14/2012 5:23 PM 368640]
    R2 PCPitstop Realtime;PCPitstop Realtime;c:\program files\PCPitstop\PC MaticRT\PCPitstopRTService.exe [11/18/2012 4:42 PM 3828736]
    R2 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [11/10/2012 11:22 AM 91848]
    R2 pcServiceHost;pcServiceHost;c:\program files\Common Files\Motive\pcServiceHost.exe [10/14/2012 5:24 PM 342016]
    R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [4/22/2012 9:05 AM 474168]
    R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [11/18/2012 4:45 PM 74968]
    R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [1/22/2012 9:43 PM 92592]
    R2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [8/19/2011 2:26 AM 450848]
    R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [1/12/2012 6:52 PM 30944]
    S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5/14/2011 8:40 PM 676936]
    S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [11/9/2012 11:21 AM 160944]
    S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [1/12/2012 6:52 PM 30944]
    S3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [5/14/2010 2:58 PM 22176]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5/14/2011 8:40 PM 22856]
    S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [11/18/2012 7:36 PM 13024]
    S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [5/6/2008 3:06 PM 11520]
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - 06289727
    *NewlyCreated* - 97947199
    *Deregistered* - 06289727
    *Deregistered* - 97947199
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-12-02 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2011-11-10 18:57]
    .
    2012-12-02 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]
    .
    2012-12-02 c:\windows\Tasks\avast! Emergency Update.job
    - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-11-18 23:50]
    .
    2012-12-01 c:\windows\Tasks\Final Media Player Update Checker.job
    - c:\program files\FinalMediaPlayer\FMPCheckForUpdates.exe [2012-10-14 01:40]
    .
    2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-10-13 22:54]
    .
    2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-10-13 22:54]
    .
    2012-12-02 c:\windows\Tasks\ParetoLogic Registration3.job
    - c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-10-12 05:01]
    .
    2012-07-05 c:\windows\Tasks\ParetoLogic Update Version3.job
    - c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-12 05:01]
    .
    2012-12-01 c:\windows\Tasks\ProgramUpdateCheck.job
    - c:\program files\File Type Assistant\tsassist.exe [2012-10-14 18:44]
    .
    .
    ------- Supplementary Scan -------
    .
    uDefault_Search_URL = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    Trusted Zone: comcast.net\www
    TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{97530FB2-C597-453E-A305-DD227253DA9A}: NameServer = 208.67.222.222,208.67.220.220
    .
    - - - - ORPHANS REMOVED - - - -
    .
    BHO-{7F6AFBF1-E065-4627-A2FD-810366367D01} - c:\documents and settings\Todd Seiders\Application Data\DefaultTab\DefaultTab\DefaultTabBHO.dll
    Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    Toolbar-Locked - (no file)
    WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    SafeBoot-06289727.sys
    SafeBoot-64921410.sys
    SafeBoot-66774469.sys
    SafeBoot-WudfPf
    SafeBoot-WudfRd
    MSConfigStartUp-AVG_TRAY - c:\program files\AVG\AVG2012\avgtray.exe
    MSConfigStartUp-ComcastAntispyClient - c:\program files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe
    MSConfigStartUp-Messenger (Yahoo!) - c:\program files\Yahoo!\Messenger\YahooMessenger.exe
    MSConfigStartUp-OpwareSE4 - c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe
    MSConfigStartUp-ROC_roc_dec12 - c:\program files\AVG Secure Search\ROC_roc_dec12.exe
    MSConfigStartUp-SSBkgdUpdate - c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
    MSConfigStartUp-WinPatrol - c:\program files\BillP Studios\WinPatrol\winpatrol.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
    Rootkit scan 2012-12-02 15:28
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_131_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_131_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
    @="?????????????????? v1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
    @="?????????????????? v2"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
    .
    Completion time: 2012-12-02 15:32:34
    ComboFix-quarantined-files.txt 2012-12-02 22:32
    .
    Pre-Run: 400,584,704 bytes free
    Post-Run: 674,435,072 bytes free
    .
    - - End Of File - - 5E0A09C1CD7677CC37E907329F67F120

Page 1 of 2 12 LastLast