Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't stop Discount Buddy-bg.exe from starting


  • Please log in to reply
7 replies to this topic

#1 bb1776

bb1776

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 21 March 2013 - 09:35 PM

When I open iexplorer, Discount Buddy-bg.exe pops up in Windows Task Manager. I can stop the process but if I open a new iexplore window, the process starts again. When I first start my computer Updater 26766.exe starts in Windows Task Manager. I downloaded the latest update of Malwarebytes and ran the scan removing several problems, but these will not go away.



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:07 PM

Posted 21 March 2013 - 09:37 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules and Detect TDLFS file system. Do not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run
  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg
  • Click Reboot computer
  • Please post the contents of TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply
  • Due to forum upgrade you may face issues posting the TDSSkiller log.Just last few lines of log is sufficient

===================================================

RKILL
  • Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another.) and save it to your desktop:
  • Link 1
  • Link 2
  • Link 3
  • Link 4

  • In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.

===================================================

ESET Online Scanner

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    esetsmartinstaller_enu.png

    • Click on to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology

  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. Note: If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button

===================================================

Junkware Removal Tool by thisisu
  • Please download Junkware Removal Tool
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply.

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • TDSSKiller log
  • RKILL log
  • ESET log
  • Junkware removal tool log

 



#3 bb1776

bb1776
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 23 March 2013 - 10:19 AM

Looks like good results. Here are the logs.

 

18:42:42.0296 1356  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:42:44.0437 1356  ============================================================
18:42:44.0437 1356  Current date / time: 2013/03/22 18:42:44.0437
18:42:44.0437 1356  SystemInfo:
18:42:44.0437 1356 
18:42:44.0437 1356  OS Version: 5.1.2600 ServicePack: 2.0
18:42:44.0437 1356  Product type: Workstation
18:42:44.0437 1356  ComputerName: JESSICA
18:42:44.0437 1356  UserName: Bobby
18:42:44.0437 1356  Windows directory: C:\WINDOWS
18:42:44.0437 1356  System windows directory: C:\WINDOWS
18:42:44.0437 1356  Processor architecture: Intel x86
18:42:44.0437 1356  Number of processors: 2
18:42:44.0437 1356  Page size: 0x1000
18:42:44.0437 1356  Boot type: Normal boot
18:42:44.0437 1356  ============================================================
18:43:02.0890 1356  BG loaded
18:43:05.0437 1356  Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:43:06.0984 1356  Drive \Device\Harddisk1\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:43:06.0984 1356  Drive \Device\Harddisk2\DR4 - Size: 0x2BAA1475000 (2794.52 Gb), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:43:06.0984 1356  Drive \Device\Harddisk3\DR5 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:43:07.0000 1356  ============================================================
18:43:07.0000 1356  \Device\Harddisk0\DR0:
18:43:07.0140 1356  MBR partitions:
18:43:07.0140 1356  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x94EAFF8
18:43:07.0140 1356  \Device\Harddisk1\DR3:
18:43:07.0156 1356  MBR partitions:
18:43:07.0156 1356  \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
18:43:07.0156 1356  \Device\Harddisk2\DR4:
18:43:07.0156 1356  MBR partitions:
18:43:07.0156 1356  \Device\Harddisk2\DR4\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2BAA0A20
18:43:07.0156 1356  \Device\Harddisk3\DR5:
18:43:07.0156 1356  MBR partitions:
18:43:07.0156 1356  \Device\Harddisk3\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
18:43:07.0156 1356  ============================================================
18:43:07.0812 1356  C: <-> \Device\Harddisk0\DR0\Partition1
18:43:07.0953 1356  F: <-> \Device\Harddisk2\DR4\Partition1
18:43:08.0109 1356  G: <-> \Device\Harddisk1\DR3\Partition1
18:43:09.0765 1356  H: <-> \Device\Harddisk3\DR5\Partition1
18:43:09.0812 1356  ============================================================
18:43:09.0812 1356  Initialize success
18:43:09.0812 1356  ============================================================
18:44:48.0453 2760  ============================================================
18:44:48.0453 2760  Scan started
18:44:48.0453 2760  Mode: Manual; TDLFS;
18:44:48.0453 2760  ============================================================
18:44:49.0156 2760  ================ Scan system memory ========================
18:44:49.0156 2760  System memory - ok
18:44:49.0171 2760  ================ Scan services =============================
18:44:49.0500 2760  Abiosdsk - ok
18:44:49.0515 2760  [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5        C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
18:44:53.0796 2760  abp480n5 - ok
18:44:53.0937 2760  ACDaemon - ok
18:44:53.0984 2760  [ A10C7534F7223F4A73A948967D00E69B ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:44:54.0000 2760  ACPI - ok
18:44:54.0062 2760  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
18:44:54.0875 2760  ACPIEC - ok
18:44:54.0921 2760  [ 9A11864873DA202C996558B2106B0BBC ] adpu160m        C:\WINDOWS\System32\DRIVERS\adpu160m.sys
18:44:55.0625 2760  adpu160m - ok
18:44:55.0687 2760  [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio         C:\WINDOWS\system32\drivers\aeaudio.sys
18:44:55.0921 2760  aeaudio - ok
18:44:55.0968 2760  [ 1EE7B434BA961EF845DE136224C30FEC ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:44:56.0015 2760  aec - ok
18:44:56.0078 2760  [ 55E6E1C51B6D30E54335750955453702 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:44:56.0734 2760  AFD - ok
18:44:56.0796 2760  [ 2C428FA0C3E3A01ED93C9B2A27D8D4BB ] agp440          C:\WINDOWS\System32\DRIVERS\agp440.sys
18:44:56.0796 2760  agp440 - ok
18:44:56.0843 2760  [ 67288B07D6ABA6C1267B626E67BC56FD ] agpCPQ          C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
18:44:57.0375 2760  agpCPQ - ok
18:44:57.0421 2760  [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x         C:\WINDOWS\System32\DRIVERS\aha154x.sys
18:44:57.0703 2760  Aha154x - ok
18:44:57.0750 2760  [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2         C:\WINDOWS\System32\DRIVERS\aic78u2.sys
18:44:57.0984 2760  aic78u2 - ok
18:44:58.0000 2760  [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx         C:\WINDOWS\System32\DRIVERS\aic78xx.sys
18:44:58.0218 2760  aic78xx - ok
18:44:58.0265 2760  [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:44:58.0718 2760  Alerter - ok
18:44:58.0781 2760  [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG             C:\WINDOWS\System32\alg.exe
18:44:58.0781 2760  ALG - ok
18:44:58.0828 2760  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\System32\DRIVERS\aliide.sys
18:44:58.0968 2760  AliIde - ok
18:44:59.0015 2760  [ F312B7CEF21EFF52FA23056B9D815FAD ] alim1541        C:\WINDOWS\System32\DRIVERS\alim1541.sys
18:44:59.0187 2760  alim1541 - ok
18:44:59.0218 2760  [ 675C16A3C1F8482F85EE4A97FC0DDE3D ] amdagp          C:\WINDOWS\System32\DRIVERS\amdagp.sys
18:44:59.0500 2760  amdagp - ok
18:44:59.0531 2760  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint          C:\WINDOWS\System32\DRIVERS\amsint.sys
18:44:59.0703 2760  amsint - ok
18:44:59.0796 2760  [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:44:59.0937 2760  Apple Mobile Device - ok
18:44:59.0937 2760  AppMgmt - ok
18:44:59.0984 2760  [ 62D318E9A0C8FC9B780008E724283707 ] asc             C:\WINDOWS\System32\DRIVERS\asc.sys
18:45:00.0093 2760  asc - ok
18:45:00.0125 2760  [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p        C:\WINDOWS\System32\DRIVERS\asc3350p.sys
18:45:00.0328 2760  asc3350p - ok
18:45:00.0375 2760  [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550         C:\WINDOWS\System32\DRIVERS\asc3550.sys
18:45:00.0515 2760  asc3550 - ok
18:45:00.0687 2760  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:45:00.0765 2760  aspnet_state - ok
18:45:00.0796 2760  [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:45:00.0796 2760  AsyncMac - ok
18:45:00.0812 2760  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:45:00.0828 2760  atapi - ok
18:45:00.0843 2760  Atdisk - ok
18:45:00.0890 2760  [ 6E996CF8459A2594E0E9609D0E34D41F ] atksgt          C:\WINDOWS\system32\DRIVERS\atksgt.sys
18:45:00.0968 2760  atksgt - ok
18:45:01.0000 2760  [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:45:01.0171 2760  Atmarpc - ok
18:45:01.0218 2760  [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:45:01.0234 2760  AudioSrv - ok
18:45:01.0296 2760  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:45:01.0421 2760  audstub - ok
18:45:01.0734 2760  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
18:45:02.0000 2760  AVGIDSAgent - ok
18:45:02.0046 2760  [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
18:45:02.0609 2760  AVGIDSDriver - ok
18:45:02.0656 2760  [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
18:45:02.0671 2760  AVGIDSHX - ok
18:45:02.0718 2760  [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
18:45:02.0859 2760  AVGIDSShim - ok
18:45:02.0937 2760  [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
18:45:03.0125 2760  Avgldx86 - ok
18:45:03.0203 2760  [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys
18:45:03.0203 2760  Avglogx - ok
18:45:03.0234 2760  [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
18:45:03.0234 2760  Avgmfx86 - ok
18:45:03.0265 2760  [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
18:45:03.0265 2760  Avgrkx86 - ok
18:45:03.0343 2760  [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
18:45:03.0468 2760  Avgtdix - ok
18:45:03.0515 2760  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
18:45:03.0546 2760  avgwd - ok
18:45:03.0593 2760  [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt         C:\WINDOWS\System32\Drivers\BANTExt.sys
18:45:03.0703 2760  BANTExt - ok
18:45:03.0718 2760  BCM42RLY - ok
18:45:03.0812 2760  [ 41347688046D49CDE0F6D138A534F73D ] BCMModem        C:\WINDOWS\system32\DRIVERS\BCMSM.sys
18:45:03.0921 2760  BCMModem - ok
18:45:04.0000 2760  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:45:04.0125 2760  Beep - ok
18:45:04.0187 2760  [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS            C:\WINDOWS\system32\qmgr.dll
18:45:04.0578 2760  BITS - ok
18:45:04.0671 2760  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:45:04.0718 2760  Bonjour Service - ok
18:45:04.0765 2760  [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser         C:\WINDOWS\System32\browser.dll
18:45:04.0781 2760  Browser - ok
18:45:04.0796 2760  bvrp_pci - ok
18:45:04.0843 2760  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf           C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
18:45:05.0046 2760  cbidf - ok
18:45:05.0078 2760  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:45:05.0078 2760  cbidf2k - ok
18:45:05.0140 2760  [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:45:05.0265 2760  CCDECODE - ok
18:45:05.0296 2760  [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt        C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
18:45:05.0406 2760  cd20xrnt - ok
18:45:05.0468 2760  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:45:05.0578 2760  Cdaudio - ok
18:45:05.0625 2760  [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:45:05.0625 2760  Cdfs - ok
18:45:05.0656 2760  [ 882B4257E5A5ADFB6B5C03E8A02D4BF1 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:45:05.0796 2760  Cdrom - ok
18:45:05.0812 2760  Changer - ok
18:45:05.0890 2760  [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:45:05.0890 2760  CiSvc - ok
18:45:05.0953 2760  [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:45:06.0250 2760  ClipSrv - ok
18:45:06.0296 2760  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:45:06.0468 2760  clr_optimization_v2.0.50727_32 - ok
18:45:06.0515 2760  [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde          C:\WINDOWS\System32\DRIVERS\cmdide.sys
18:45:06.0593 2760  CmdIde - ok
18:45:06.0609 2760  COMSysApp - ok
18:45:06.0640 2760  [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray        C:\WINDOWS\System32\DRIVERS\cpqarray.sys
18:45:06.0796 2760  Cpqarray - ok
18:45:06.0921 2760  cpuz134 - ok
18:45:06.0968 2760  [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:45:06.0968 2760  CryptSvc - ok
18:45:07.0031 2760  [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k         C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
18:45:07.0109 2760  dac2w2k - ok
18:45:07.0156 2760  [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt        C:\WINDOWS\System32\DRIVERS\dac960nt.sys
18:45:07.0218 2760  dac960nt - ok
18:45:07.0296 2760  [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:45:07.0375 2760  DcomLaunch - ok
18:45:07.0421 2760  [ EF545E1A4B043DA4C84E230DD471C55F ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:45:07.0437 2760  Dhcp - ok
18:45:07.0484 2760  [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:45:07.0500 2760  Disk - ok
18:45:07.0515 2760  dmadmin - ok
18:45:07.0562 2760  [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:45:07.0750 2760  dmboot - ok
18:45:07.0781 2760  [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
18:45:07.0937 2760  dmio - ok
18:45:07.0984 2760  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:45:08.0078 2760  dmload - ok
18:45:08.0140 2760  [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:45:08.0234 2760  dmserver - ok
18:45:08.0281 2760  [ A6F881284AC1150E37D9AE47FF601267 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:45:08.0296 2760  DMusic - ok
18:45:08.0359 2760  [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:45:08.0359 2760  Dnscache - ok
18:45:08.0406 2760  [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o          C:\WINDOWS\System32\DRIVERS\dpti2o.sys
18:45:08.0531 2760  dpti2o - ok
18:45:08.0562 2760  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:45:08.0562 2760  drmkaud - ok
18:45:08.0656 2760  [ 98B46B331404A951CABAD8B4877E1276 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
18:45:08.0671 2760  E100B - ok
18:45:08.0703 2760  [ 6E883BF518296A40959131C2304AF714 ] EL90XBC         C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
18:45:08.0796 2760  EL90XBC - ok
18:45:08.0843 2760  [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:45:08.0859 2760  ERSvc - ok
18:45:08.0890 2760  [ 37561F8D4160D62DA86D24AE41FAE8DE ] Eventlog        C:\WINDOWS\system32\services.exe
18:45:08.0906 2760  Eventlog - ok
18:45:08.0953 2760  [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem     C:\WINDOWS\System32\es.dll
18:45:08.0968 2760  EventSystem - ok
18:45:09.0015 2760  [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:45:09.0031 2760  Fastfat - ok
18:45:09.0078 2760  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:45:09.0093 2760  FastUserSwitchingCompatibility - ok
18:45:09.0156 2760  [ FCBD571FA0EE8DC238944AE5FAB74461 ] Fax             C:\WINDOWS\system32\fxssvc.exe
18:45:09.0171 2760  Fax - ok
18:45:09.0187 2760  [ CED2E8396A8838E59D8FD529C680E02C ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
18:45:09.0312 2760  Fdc - ok
18:45:09.0359 2760  [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:45:09.0484 2760  Fips - ok
18:45:09.0515 2760  [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:45:09.0609 2760  Flpydisk - ok
18:45:09.0671 2760  [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:45:09.0765 2760  FltMgr - ok
18:45:09.0875 2760  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:45:09.0921 2760  FontCache3.0.0.0 - ok
18:45:09.0953 2760  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:45:10.0015 2760  Fs_Rec - ok
18:45:10.0078 2760  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:45:10.0093 2760  Ftdisk - ok
18:45:10.0140 2760  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
18:45:10.0250 2760  GEARAspiWDM - ok
18:45:10.0328 2760  [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:45:10.0578 2760  Gpc - ok
18:45:10.0593 2760  GTNDIS5 - ok
18:45:10.0703 2760  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
18:45:10.0781 2760  gupdate - ok
18:45:10.0812 2760  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
18:45:10.0812 2760  gupdatem - ok
18:45:10.0906 2760  [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:45:10.0921 2760  helpsvc - ok
18:45:10.0921 2760  HidServ - ok
18:45:10.0984 2760  [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:45:11.0093 2760  HidUsb - ok
18:45:11.0125 2760  [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn             C:\WINDOWS\System32\DRIVERS\hpn.sys
18:45:11.0218 2760  hpn - ok
18:45:11.0296 2760  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
18:45:11.0296 2760  HPZid412 - ok
18:45:11.0375 2760  [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
18:45:11.0421 2760  HPZipr12 - ok
18:45:11.0500 2760  [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
18:45:11.0531 2760  HPZius12 - ok
18:45:11.0593 2760  [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:45:11.0609 2760  HTTP - ok
18:45:11.0656 2760  [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:45:11.0703 2760  HTTPFilter - ok
18:45:11.0750 2760  [ 8F09F91B5C91363B77BCD15599570F2C ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
18:45:11.0921 2760  i2omgmt - ok
18:45:11.0953 2760  [ ED6BF9E441FDEA13292A6D30A64A24C3 ] i2omp           C:\WINDOWS\System32\DRIVERS\i2omp.sys
18:45:12.0062 2760  i2omp - ok
18:45:12.0093 2760  [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:45:12.0187 2760  i8042prt - ok
18:45:12.0250 2760  [ 06B7EF73BA5F302EECC294CDF7E19702 ] i81x            C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
18:45:12.0437 2760  i81x - ok
18:45:12.0500 2760  [ 7B5B44EFE5EB9DADFB8EE29700885D23 ] iAimFP0         C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
18:45:12.0609 2760  iAimFP0 - ok
18:45:12.0640 2760  [ EB1F6BAB6C22EDE0BA551B527475F7E9 ] iAimFP1         C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
18:45:12.0718 2760  iAimFP1 - ok
18:45:12.0750 2760  [ 03CE989D846C1AA81145CB22FCB86D06 ] iAimFP2         C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
18:45:12.0812 2760  iAimFP2 - ok
18:45:12.0859 2760  [ 525849B4469DE021D5D61B4DB9BE3A9D ] iAimFP3         C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
18:45:12.0968 2760  iAimFP3 - ok
18:45:13.0000 2760  [ 589C2BCDB5BD602BF7B63D210407EF8C ] iAimFP4         C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
18:45:13.0140 2760  iAimFP4 - ok
18:45:13.0218 2760  [ D83BDD5C059667A2F647A6BE5703A4D2 ] iAimTV0         C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
18:45:13.0296 2760  iAimTV0 - ok
18:45:13.0312 2760  [ ED968D23354DAA0D7C621580C012A1F6 ] iAimTV1         C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
18:45:13.0500 2760  iAimTV1 - ok
18:45:13.0515 2760  iAimTV2 - ok
18:45:13.0531 2760  [ D738273F218A224C1DDAC04203F27A84 ] iAimTV3         C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
18:45:13.0593 2760  iAimTV3 - ok
18:45:13.0640 2760  [ 0052D118995CBAB152DAABE6106D1442 ] iAimTV4         C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
18:45:13.0718 2760  iAimTV4 - ok
18:45:13.0843 2760  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:45:14.0156 2760  IDriverT - ok
18:45:14.0265 2760  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:45:14.0890 2760  idsvc - ok
18:45:14.0921 2760  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:45:14.0968 2760  Imapi - ok
18:45:15.0015 2760  [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService    C:\WINDOWS\System32\imapi.exe
18:45:15.0031 2760  ImapiService - ok
18:45:15.0078 2760  [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u         C:\WINDOWS\System32\DRIVERS\ini910u.sys
18:45:15.0140 2760  ini910u - ok
18:45:15.0171 2760  [ 2D722B2B54AB55B2FA475EB58D7B2AAD ] IntelIde        C:\WINDOWS\System32\DRIVERS\intelide.sys
18:45:15.0218 2760  IntelIde - ok
18:45:15.0265 2760  [ 279FB78702454DFF2BB445F238C048D2 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:45:15.0328 2760  intelppm - ok
18:45:15.0359 2760  [ 4448006B6BC60E6C027932CFC38D6855 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys
18:45:15.0437 2760  ip6fw - ok
18:45:15.0500 2760  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:45:15.0500 2760  IpFilterDriver - ok
18:45:15.0531 2760  [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:45:15.0625 2760  IpInIp - ok
18:45:15.0671 2760  [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:45:15.0671 2760  IpNat - ok
18:45:15.0796 2760  [ 33642C17C232AA272C68E446A2619899 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:45:15.0859 2760  iPod Service - ok
18:45:15.0921 2760  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:45:15.0953 2760  IPSec - ok
18:45:15.0984 2760  [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:45:16.0046 2760  IRENUM - ok
18:45:16.0078 2760  [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:45:16.0078 2760  isapnp - ok
18:45:16.0093 2760  [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:45:16.0140 2760  Kbdclass - ok
18:45:16.0187 2760  [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:45:16.0187 2760  kmixer - ok
18:45:16.0234 2760  [ 674D3E5A593475915DC6643317192403 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:45:16.0234 2760  KSecDD - ok
18:45:16.0281 2760  [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
18:45:16.0296 2760  lanmanserver - ok
18:45:16.0343 2760  [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:45:16.0343 2760  lanmanworkstation - ok
18:45:16.0343 2760  lbrtfdc - ok
18:45:16.0421 2760  [ 975B6CF65F44E95883F3855BAE8CECAF ] lirsgt          C:\WINDOWS\system32\DRIVERS\lirsgt.sys
18:45:16.0421 2760  lirsgt - ok
18:45:16.0468 2760  [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:45:16.0468 2760  LmHosts - ok
18:45:16.0515 2760  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
18:45:16.0515 2760  MBAMProtector - ok
18:45:16.0609 2760  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:45:16.0625 2760  MBAMScheduler - ok
18:45:16.0671 2760  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:45:16.0687 2760  MBAMService - ok
18:45:16.0734 2760  [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:45:16.0796 2760  Messenger - ok
18:45:16.0859 2760  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:45:16.0906 2760  mnmdd - ok
18:45:16.0953 2760  [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
18:45:16.0953 2760  mnmsrvc - ok
18:45:17.0015 2760  [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:45:17.0015 2760  Modem - ok
18:45:17.0062 2760  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
18:45:17.0109 2760  MODEMCSA - ok
18:45:17.0140 2760  [ 34E1F0031153E491910E12551400192C ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:45:17.0187 2760  Mouclass - ok
18:45:17.0218 2760  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:45:17.0265 2760  mouhid - ok
18:45:17.0312 2760  [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:45:17.0312 2760  MountMgr - ok
18:45:17.0359 2760  [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x        C:\WINDOWS\System32\DRIVERS\mraid35x.sys
18:45:17.0468 2760  mraid35x - ok
18:45:17.0515 2760  [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:45:17.0562 2760  MRxDAV - ok
18:45:17.0625 2760  [ 6F2D483B97B395544E59749C47963C6A ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:45:17.0718 2760  MRxSmb - ok
18:45:17.0765 2760  [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
18:45:17.0765 2760  MSDTC - ok
18:45:17.0812 2760  [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:45:17.0812 2760  Msfs - ok
18:45:17.0828 2760  MSIServer - ok
18:45:17.0859 2760  [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:45:17.0906 2760  MSKSSRV - ok
18:45:17.0937 2760  [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:45:18.0015 2760  MSPCLOCK - ok
18:45:18.0015 2760  [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:45:18.0031 2760  MSPQM - ok
18:45:18.0062 2760  [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:45:18.0062 2760  mssmbios - ok
18:45:18.0140 2760  [ BF13612142995096AB084F2DB7F40F77 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:45:18.0203 2760  MSTEE - ok
18:45:18.0234 2760  [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:45:18.0250 2760  Mup - ok
18:45:18.0281 2760  [ E91FC8B52D21E38317DC61A3C7CCFA4B ] MxlW2k          C:\WINDOWS\system32\drivers\MxlW2k.sys
18:45:18.0328 2760  MxlW2k - ok
18:45:18.0343 2760  [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:45:18.0421 2760  NABTSFEC - ok
18:45:18.0453 2760  [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:45:18.0453 2760  NDIS - ok
18:45:18.0500 2760  [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:45:18.0546 2760  NdisIP - ok
18:45:18.0593 2760  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:45:18.0656 2760  NdisTapi - ok
18:45:18.0671 2760  [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:45:18.0671 2760  Ndisuio - ok
18:45:18.0703 2760  [ 0B90E255A9490166AB368CD55A529893 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:45:18.0796 2760  NdisWan - ok
18:45:18.0812 2760  [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:45:18.0859 2760  NDProxy - ok
18:45:18.0906 2760  [ 19715A9A573DAD2521348ABC74266A48 ] Net Driver HPZ12 C:\WINDOWS\System32\HPZinw12.dll
18:45:18.0906 2760  Net Driver HPZ12 - ok
18:45:18.0937 2760  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:45:18.0937 2760  NetBIOS - ok
18:45:18.0968 2760  [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:45:19.0031 2760  NetBT - ok
18:45:19.0078 2760  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:45:19.0125 2760  NetDDE - ok
18:45:19.0140 2760  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:45:19.0140 2760  NetDDEdsdm - ok
18:45:19.0187 2760  [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon        C:\WINDOWS\System32\lsass.exe
18:45:19.0187 2760  Netlogon - ok
18:45:19.0234 2760  [ 36739B39267914BA69AD0610A0299732 ] Netman          C:\WINDOWS\System32\netman.dll
18:45:19.0234 2760  Netman - ok
18:45:19.0406 2760  [ 737351F39FEF765234037770ABDD72BD ] NetSvc          C:\Program Files\Intel\NCS\Sync\NetSvc.exe
18:45:19.0421 2760  NetSvc - ok
18:45:19.0484 2760  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:45:19.0796 2760  NetTcpPortSharing - ok
18:45:19.0859 2760  [ 097722F235A1FB698BF9234E01B52637 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:45:19.0859 2760  Nla - ok
18:45:19.0875 2760  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:45:19.0890 2760  Npfs - ok
18:45:19.0937 2760  [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:45:20.0000 2760  Ntfs - ok
18:45:20.0015 2760  [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe
18:45:20.0015 2760  NtLmSsp - ok
18:45:20.0078 2760  [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:45:20.0203 2760  NtmsSvc - ok
18:45:20.0250 2760  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:45:20.0296 2760  Null - ok
18:45:20.0375 2760  [ B93EE8E8AD859DD1890CD5177C49017D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:45:20.0531 2760  nv - ok
18:45:20.0593 2760  [ 7B9F149AC69B67D235829DB601F1C526 ] NVSvc           C:\WINDOWS\System32\nvsvc32.exe
18:45:20.0593 2760  NVSvc - ok
18:45:20.0656 2760  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:45:20.0703 2760  NwlnkFlt - ok
18:45:20.0734 2760  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:45:20.0796 2760  NwlnkFwd - ok
18:45:20.0937 2760  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:45:20.0953 2760  odserv - ok
18:45:21.0015 2760  [ 53D5F1278D9EDB21689BBBCECC09108D ] omci            C:\WINDOWS\system32\DRIVERS\omci.sys
18:45:21.0062 2760  omci - ok
18:45:21.0140 2760  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:45:21.0203 2760  ose - ok
18:45:21.0218 2760  [ 3E16EFF2A6FED2D8D7F5A66DFE65D183 ] P3              C:\WINDOWS\system32\DRIVERS\p3.sys
18:45:21.0265 2760  P3 - ok
18:45:21.0296 2760  [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
18:45:21.0312 2760  Parport - ok
18:45:21.0375 2760  [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:45:21.0375 2760  PartMgr - ok
18:45:21.0437 2760  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:45:21.0437 2760  ParVdm - ok
18:45:21.0515 2760  [ 8086D9979234B603AD5BC2F5D890B234 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:45:21.0515 2760  PCI - ok
18:45:21.0531 2760  PCIDump - ok
18:45:21.0578 2760  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:45:21.0578 2760  PCIIde - ok
18:45:21.0640 2760  [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:45:21.0734 2760  Pcmcia - ok
18:45:21.0750 2760  PDCOMP - ok
18:45:21.0750 2760  PDFRAME - ok
18:45:21.0765 2760  PDRELI - ok
18:45:21.0765 2760  PDRFRAME - ok
18:45:21.0796 2760  [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2           C:\WINDOWS\System32\DRIVERS\perc2.sys
18:45:21.0859 2760  perc2 - ok
18:45:21.0875 2760  [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib        C:\WINDOWS\System32\DRIVERS\perc2hib.sys
18:45:21.0921 2760  perc2hib - ok
18:45:21.0968 2760  [ 37561F8D4160D62DA86D24AE41FAE8DE ] PlugPlay        C:\WINDOWS\system32\services.exe
18:45:21.0984 2760  PlugPlay - ok
18:45:22.0015 2760  [ B36CD3F2ECA751C0CA8B8868BD1C5449 ] Pml Driver HPZ12 C:\WINDOWS\System32\HPZipm12.dll
18:45:22.0015 2760  Pml Driver HPZ12 - ok
18:45:22.0031 2760  [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent     C:\WINDOWS\System32\lsass.exe
18:45:22.0031 2760  PolicyAgent - ok
18:45:22.0062 2760  [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:45:22.0109 2760  PptpMiniport - ok
18:45:22.0140 2760  [ 0D97D88720A4087EC93AF7DBB303B30A ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
18:45:22.0203 2760  Processor - ok
18:45:22.0218 2760  [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:45:22.0234 2760  ProtectedStorage - ok
18:45:22.0250 2760  [ 48671F327553DCF1D27F6197F622A668 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:45:22.0296 2760  PSched - ok
18:45:22.0359 2760  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:45:22.0406 2760  Ptilink - ok
18:45:22.0437 2760  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
18:45:22.0468 2760  PxHelp20 - ok
18:45:22.0500 2760  [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080          C:\WINDOWS\System32\DRIVERS\ql1080.sys
18:45:22.0578 2760  ql1080 - ok
18:45:22.0609 2760  [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt         C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
18:45:22.0718 2760  Ql10wnt - ok
18:45:22.0781 2760  [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160         C:\WINDOWS\System32\DRIVERS\ql12160.sys
18:45:22.0890 2760  ql12160 - ok
18:45:22.0921 2760  [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240          C:\WINDOWS\System32\DRIVERS\ql1240.sys
18:45:22.0968 2760  ql1240 - ok
18:45:23.0000 2760  [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280          C:\WINDOWS\System32\DRIVERS\ql1280.sys
18:45:23.0062 2760  ql1280 - ok
18:45:23.0093 2760  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:45:23.0156 2760  RasAcd - ok
18:45:23.0203 2760  [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:45:23.0359 2760  RasAuto - ok
18:45:23.0390 2760  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:45:23.0421 2760  Rasl2tp - ok
18:45:23.0453 2760  [ 49B5EED5FB89D39456A2F616CCD8BA5D ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:45:23.0468 2760  RasMan - ok
18:45:23.0500 2760  [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:45:23.0593 2760  RasPppoe - ok
18:45:23.0625 2760  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:45:23.0687 2760  Raspti - ok
18:45:23.0734 2760  [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:45:23.0734 2760  Rdbss - ok
18:45:23.0765 2760  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:45:23.0890 2760  RDPCDD - ok
18:45:23.0937 2760  [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:45:24.0046 2760  rdpdr - ok
18:45:24.0093 2760  [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:45:24.0203 2760  RDPWD - ok
18:45:24.0250 2760  [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:45:24.0265 2760  RDSessMgr - ok
18:45:24.0312 2760  [ B31B4588E4086D8D84ADBF9845C2402B ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:45:24.0359 2760  redbook - ok
18:45:24.0406 2760  [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:45:24.0453 2760  RemoteAccess - ok
18:45:24.0500 2760  [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator      C:\WINDOWS\System32\locator.exe
18:45:24.0500 2760  RpcLocator - ok
18:45:24.0546 2760  [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] RpcSs           C:\WINDOWS\System32\rpcss.dll
18:45:24.0546 2760  RpcSs - ok
18:45:24.0671 2760  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\System32\rsvp.exe
18:45:24.0687 2760  RSVP - ok
18:45:24.0734 2760  [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:45:24.0734 2760  SamSs - ok
18:45:24.0828 2760  [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:45:24.0828 2760  SCardSvr - ok
18:45:24.0906 2760  [ 92360854316611F6CC471612213C3D92 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:45:24.0906 2760  Schedule - ok
18:45:24.0968 2760  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:45:25.0000 2760  Secdrv - ok
18:45:25.0046 2760  [ B1E0CE09895376871746F36DC5773B4F ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:45:25.0046 2760  seclogon - ok
18:45:25.0046 2760  [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS            C:\WINDOWS\system32\sens.dll
18:45:25.0062 2760  SENS - ok
18:45:25.0109 2760  [ A2D868AEEFF612E70E213C451A70CAFB ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
18:45:25.0171 2760  serenum - ok
18:45:25.0187 2760  [ CD9404D115A00D249F70A371B46D5A26 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
18:45:25.0296 2760  Serial - ok
18:45:25.0359 2760  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:45:25.0421 2760  Sfloppy - ok
18:45:25.0468 2760  [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:45:25.0468 2760  SharedAccess - ok
18:45:25.0484 2760  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:45:25.0500 2760  ShellHWDetection - ok
18:45:25.0500 2760  Simbad - ok
18:45:25.0546 2760  [ 732D859B286DA692119F286B21A2A114 ] sisagp          C:\WINDOWS\System32\DRIVERS\sisagp.sys
18:45:25.0625 2760  sisagp - ok
18:45:25.0656 2760  [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:45:25.0703 2760  SLIP - ok
18:45:25.0750 2760  [ 39F9595D2F6F7EB93F45A466789A6F49 ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
18:45:25.0765 2760  smwdm - ok
18:45:25.0812 2760  [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow         C:\WINDOWS\System32\DRIVERS\sparrow.sys
18:45:25.0875 2760  Sparrow - ok
18:45:25.0906 2760  [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:45:25.0906 2760  splitter - ok
18:45:25.0953 2760  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:45:25.0953 2760  Spooler - ok
18:45:26.0000 2760  [ 1BD690B1BE4C70107A48D73A7DEF6024 ] SQTECH913D      C:\WINDOWS\system32\Drivers\Capt913D.sys
18:45:26.0078 2760  SQTECH913D - ok
18:45:26.0109 2760  [ E41B6D037D6CD08461470AF04500DC24 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:45:26.0109 2760  sr - ok
18:45:26.0156 2760  [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice       C:\WINDOWS\System32\srsvc.dll
18:45:26.0156 2760  srservice - ok
18:45:26.0218 2760  [ AB9C79ED12D65E800AAAD3D72A04792F ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:45:26.0296 2760  Srv - ok
18:45:26.0343 2760  [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:45:26.0343 2760  SSDPSRV - ok
18:45:26.0421 2760  [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:45:26.0437 2760  stisvc - ok
18:45:26.0484 2760  [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:45:26.0531 2760  streamip - ok
18:45:26.0562 2760  [ 03C1BAE4766E2450219D20B993D6E046 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:45:26.0625 2760  swenum - ok
18:45:26.0656 2760  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:45:26.0656 2760  swmidi - ok
18:45:26.0656 2760  SwPrv - ok
18:45:26.0703 2760  [ 1FF3217614018630D0A6758630FC698C ] symc810         C:\WINDOWS\System32\DRIVERS\symc810.sys
18:45:26.0734 2760  symc810 - ok
18:45:26.0781 2760  [ 070E001D95CF725186EF8B20335F933C ] symc8xx         C:\WINDOWS\System32\DRIVERS\symc8xx.sys
18:45:26.0859 2760  symc8xx - ok
18:45:26.0890 2760  [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi          C:\WINDOWS\System32\DRIVERS\sym_hi.sys
18:45:26.0953 2760  sym_hi - ok
18:45:26.0984 2760  [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3          C:\WINDOWS\System32\DRIVERS\sym_u3.sys
18:45:27.0031 2760  sym_u3 - ok
18:45:27.0062 2760  [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:45:27.0062 2760  sysaudio - ok
18:45:27.0109 2760  [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:45:27.0125 2760  SysmonLog - ok
18:45:27.0171 2760  [ FB78839B36025AA286A51289ED28B73E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:45:27.0171 2760  TapiSrv - ok
18:45:27.0218 2760  [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:45:27.0343 2760  Tcpip - ok
18:45:27.0406 2760  [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:45:27.0515 2760  TDPIPE - ok
18:45:27.0562 2760  [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:45:27.0671 2760  TDTCP - ok
18:45:27.0718 2760  [ A540A99C281D933F3D69D55E48727F47 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:45:27.0828 2760  TermDD - ok
18:45:27.0890 2760  [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService     C:\WINDOWS\System32\termsrv.dll
18:45:27.0890 2760  TermService - ok
18:45:27.0906 2760  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:45:27.0921 2760  Themes - ok
18:45:27.0953 2760  [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde          C:\WINDOWS\System32\DRIVERS\toside.sys
18:45:28.0015 2760  TosIde - ok
18:45:28.0046 2760  [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:45:28.0062 2760  TrkWks - ok
18:45:28.0109 2760  [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:45:28.0203 2760  Udfs - ok
18:45:28.0234 2760  [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra           C:\WINDOWS\System32\DRIVERS\ultra.sys
18:45:28.0281 2760  ultra - ok
18:45:28.0359 2760  [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
18:45:28.0359 2760  UMWdf - ok
18:45:28.0406 2760  [ CED744117E91BDC0BEB810F7D8608183 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:45:28.0484 2760  Update - ok
18:45:28.0531 2760  [ ACA5D98663D879C6BAAFCEA7E2F1B710 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:45:28.0640 2760  upnphost - ok
18:45:28.0687 2760  [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS             C:\WINDOWS\System32\ups.exe
18:45:28.0687 2760  UPS - ok
18:45:28.0750 2760  [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
18:45:28.0812 2760  USBAAPL - ok
18:45:28.0859 2760  [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:45:28.0859 2760  usbccgp - ok
18:45:28.0890 2760  [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:45:28.0906 2760  usbehci - ok
18:45:28.0953 2760  [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:45:29.0015 2760  usbhub - ok
18:45:29.0078 2760  [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:45:29.0109 2760  usbprint - ok
18:45:29.0156 2760  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:45:29.0203 2760  usbscan - ok
18:45:29.0234 2760  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:45:29.0343 2760  USBSTOR - ok
18:45:29.0390 2760  [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:45:29.0453 2760  usbuhci - ok
18:45:29.0484 2760  [ AF090265EC388BAB320F1FF7E7A7D5EA ] USB_RNDIS       C:\WINDOWS\system32\DRIVERS\usb8023.sys
18:45:29.0531 2760  USB_RNDIS - ok
18:45:29.0562 2760  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:45:29.0640 2760  VgaSave - ok
18:45:29.0703 2760  [ D92E7C8A30CFD14D8E15B5F7F032151B ] viaagp          C:\WINDOWS\System32\DRIVERS\viaagp.sys
18:45:29.0750 2760  viaagp - ok
18:45:29.0781 2760  [ 59CB1338AD3654417BEA49636457F65D ] ViaIde          C:\WINDOWS\System32\DRIVERS\viaide.sys
18:45:29.0828 2760  ViaIde - ok
18:45:29.0859 2760  [ EE4660083DEBA849FF6C485D944B379B ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:45:29.0875 2760  VolSnap - ok
18:45:29.0921 2760  [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS             C:\WINDOWS\System32\vssvc.exe
18:45:29.0937 2760  VSS - ok
18:45:29.0984 2760  [ 2B281958F5D0CF99ED626E3EF39D5C8D ] w32time         C:\WINDOWS\system32\w32time.dll
18:45:29.0984 2760  w32time - ok
18:45:30.0000 2760  [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:45:30.0078 2760  Wanarp - ok
18:45:30.0078 2760  wanatw - ok
18:45:30.0093 2760  WDICA - ok
18:45:30.0125 2760  [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:45:30.0125 2760  wdmaud - ok
18:45:30.0171 2760  [ 265F534EF76832435AFBF771EC97176D ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:45:30.0171 2760  WebClient - ok
18:45:30.0281 2760  [ F399242A80C4066FD155EFA4CF96658E ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:45:30.0281 2760  winmgmt - ok
18:45:30.0359 2760  [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
18:45:30.0500 2760  WmdmPmSN - ok
18:45:30.0546 2760  [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
18:45:30.0546 2760  WmiApSrv - ok
18:45:30.0609 2760  [ 1385E5AA9C9821790D33A9563B8D2DD0 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys
18:45:30.0687 2760  WpdUsb - ok
18:45:30.0718 2760  [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:45:30.0734 2760  wscsvc - ok
18:45:30.0781 2760  [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:45:30.0828 2760  WSTCODEC - ok
18:45:30.0875 2760  [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:45:30.0906 2760  wuauserv - ok
18:45:30.0953 2760  [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:45:30.0968 2760  WZCSVC - ok
18:45:31.0015 2760  [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:45:31.0140 2760  xmlprov - ok
18:45:31.0140 2760  ================ Scan global ===============================
18:45:31.0187 2760  [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
18:45:31.0250 2760  [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
18:45:31.0265 2760  [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
18:45:31.0281 2760  [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
18:45:31.0296 2760  [Global] - ok
18:45:31.0296 2760  ================ Scan MBR ==================================
18:45:31.0343 2760  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:45:31.0656 2760  \Device\Harddisk0\DR0 - ok
18:45:31.0671 2760  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
18:45:31.0890 2760  \Device\Harddisk1\DR3 - ok
18:45:32.0625 2760  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR4
18:45:32.0812 2760  \Device\Harddisk2\DR4 - ok
18:45:32.0968 2760  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR5
18:45:33.0125 2760  \Device\Harddisk3\DR5 - ok
18:45:33.0125 2760  ================ Scan VBR ==================================
18:45:33.0140 2760  [ 17B7C4328FFA38187E51E0C193891C21 ] \Device\Harddisk0\DR0\Partition1
18:45:33.0140 2760  \Device\Harddisk0\DR0\Partition1 - ok
18:45:33.0140 2760  [ 18240FDF2EEDE1F677026AB13DC726A8 ] \Device\Harddisk1\DR3\Partition1
18:45:33.0156 2760  \Device\Harddisk1\DR3\Partition1 - ok
18:45:33.0156 2760  [ 248EFFEABF7B0B4E3B5137E7F9A0BDCB ] \Device\Harddisk2\DR4\Partition1
18:45:33.0156 2760  \Device\Harddisk2\DR4\Partition1 - ok
18:45:33.0171 2760  [ 883B8F97C8BE82A1F190F90E49986915 ] \Device\Harddisk3\DR5\Partition1
18:45:33.0171 2760  \Device\Harddisk3\DR5\Partition1 - ok
18:45:33.0171 2760  ================ Scan active images ========================
18:45:33.0171 2760  [ 279FB78702454DFF2BB445F238C048D2 ] C:\WINDOWS\SYSTEM32\DRIVERS\intelppm.sys
18:45:33.0171 2760  C:\WINDOWS\SYSTEM32\DRIVERS\intelppm.sys - ok
18:45:33.0187 2760  [ D5A9D123F5ED7C9965A481BD20CF66D8 ] C:\WINDOWS\SYSTEM32\DRIVERS\videoprt.sys
18:45:33.0187 2760  C:\WINDOWS\SYSTEM32\DRIVERS\videoprt.sys - ok
18:45:33.0187 2760  [ B93EE8E8AD859DD1890CD5177C49017D ] C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys
18:45:33.0187 2760  C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys - ok
18:45:33.0187 2760  [ 2034CA78F9C6E787B4B76D81AC888351 ] C:\WINDOWS\SYSTEM32\DRIVERS\usbport.sys
18:45:33.0187 2760  C:\WINDOWS\SYSTEM32\DRIVERS\usbport.sys - ok
18:45:33.0203 2760  [ F8FD1400092E23C8F2F31406EF06167B ] C:\WINDOWS\SYSTEM32\DRIVERS\usbuhci.sys
18:45:33.0203 2760  C:\WINDOWS\SYSTEM32\DRIVERS\usbuhci.sys - ok
18:45:33.0203 2760  [ 15E993BA2F6946B2BFBBFCD30398621E ] C:\WINDOWS\SYSTEM32\DRIVERS\usbehci.sys
18:45:33.0203 2760  C:\WINDOWS\SYSTEM32\DRIVERS\usbehci.sys - ok
18:45:33.0203 2760  [ B9540E258F952650DE8DEC68719A5C97 ] C:\WINDOWS\SYSTEM32\DRIVERS\ks.sys
18:45:33.0203 2760  C:\WINDOWS\SYSTEM32\DRIVERS\ks.sys - ok
18:45:33.0218 2760  [ 41347688046D49CDE0F6D138A534F73D ] C:\WINDOWS\SYSTEM32\DRIVERS\BCMSM.sys
18:45:33.0218 2760  C:\WINDOWS\SYSTEM32\DRIVERS\BCMSM.sys - ok
18:45:33.0218 2760  [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] C:\WINDOWS\SYSTEM32\DRIVERS\modem.sys
18:45:33.0218 2760  C:\WINDOWS\SYSTEM32\DRIVERS\modem.sys - ok
18:45:33.0234 2760  [ 98B46B331404A951CABAD8B4877E1276 ] C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys
18:45:33.0234 2760  C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys - ok
18:45:33.0234 2760  [ CED2E8396A8838E59D8FD529C680E02C ] C:\WINDOWS\SYSTEM32\DRIVERS\fdc.sys
18:45:33.0234 2760  C:\WINDOWS\SYSTEM32\DRIVERS\fdc.sys - ok
18:45:33.0234 2760  [ 5502B58EEF7486EE6F93F3F164DCB808 ] C:\WINDOWS\SYSTEM32\DRIVERS\i8042prt.sys
18:45:33.0234 2760  C:\WINDOWS\SYSTEM32\DRIVERS\i8042prt.sys - ok
18:45:33.0250 2760  [ EBDEE8A2EE5393890A1ACEE971C4C246 ] C:\WINDOWS\SYSTEM32\DRIVERS\kbdclass.sys
18:45:33.0250 2760  C:\WINDOWS\SYSTEM32\DRIVERS\kbdclass.sys - ok
18:45:33.0250 2760  [ 34E1F0031153E491910E12551400192C ] C:\WINDOWS\SYSTEM32\DRIVERS\mouclass.sys
18:45:33.0250 2760  C:\WINDOWS\SYSTEM32\DRIVERS\mouclass.sys - ok
18:45:33.0265 2760  [ CD9404D115A00D249F70A371B46D5A26 ] C:\WINDOWS\SYSTEM32\DRIVERS\serial.sys
18:45:33.0265 2760  C:\WINDOWS\SYSTEM32\DRIVERS\serial.sys - ok
18:45:33.0265 2760  [ A2D868AEEFF612E70E213C451A70CAFB ] C:\WINDOWS\SYSTEM32\DRIVERS\serenum.sys
18:45:33.0265 2760  C:\WINDOWS\SYSTEM32\DRIVERS\serenum.sys - ok
18:45:33.0265 2760  [ 29744EB4CE659DFE3B4122DEB45BC478 ] C:\WINDOWS\SYSTEM32\DRIVERS\parport.sys
18:45:33.0265 2760  C:\WINDOWS\SYSTEM32\DRIVERS\parport.sys - ok
18:45:33.0281 2760  [ E91FC8B52D21E38317DC61A3C7CCFA4B ] C:\WINDOWS\SYSTEM32\DRIVERS\MxlW2k.sys
18:45:33.0281 2760  C:\WINDOWS\SYSTEM32\DRIVERS\MxlW2k.sys - ok
18:45:33.0281 2760  [ 882B4257E5A5ADFB6B5C03E8A02D4BF1 ] C:\WINDOWS\SYSTEM32\DRIVERS\cdrom.sys
18:45:33.0281 2760  C:\WINDOWS\SYSTEM32\DRIVERS\cdrom.sys - ok
18:45:33.0296 2760  [ B31B4588E4086D8D84ADBF9845C2402B ] C:\WINDOWS\SYSTEM32\DRIVERS\redbook.sys
18:45:33.0296 2760  C:\WINDOWS\SYSTEM32\DRIVERS\redbook.sys - ok
18:45:33.0296 2760  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys
18:45:33.0296 2760  C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys - ok
18:45:33.0296 2760  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] C:\WINDOWS\SYSTEM32\DRIVERS\imapi.sys
18:45:33.0296 2760  C:\WINDOWS\SYSTEM32\DRIVERS\imapi.sys - ok
18:45:33.0312 2760  [ FF86422268DE771D571E123EB7092C6A ] C:\WINDOWS\SYSTEM32\DRIVERS\drmk.sys
18:45:33.0312 2760  C:\WINDOWS\SYSTEM32\DRIVERS\drmk.sys - ok
18:45:33.0312 2760  [ 5B0F00E43A7094C0B7E433CB42C79164 ] C:\WINDOWS\SYSTEM32\DRIVERS\portcls.sys
18:45:33.0312 2760  C:\WINDOWS\SYSTEM32\DRIVERS\portcls.sys - ok
18:45:33.0328 2760  [ 39F9595D2F6F7EB93F45A466789A6F49 ] C:\WINDOWS\SYSTEM32\DRIVERS\smwdm.sys
18:45:33.0328 2760  C:\WINDOWS\SYSTEM32\DRIVERS\smwdm.sys - ok
18:45:33.0328 2760  [ 11C04B17ED2ABBB4833694BCD644AC90 ] C:\WINDOWS\SYSTEM32\DRIVERS\aeaudio.sys
18:45:33.0328 2760  C:\WINDOWS\SYSTEM32\DRIVERS\aeaudio.sys - ok
18:45:33.0328 2760  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS
18:45:33.0343 2760  C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS - ok
18:45:33.0343 2760  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] C:\WINDOWS\SYSTEM32\DRIVERS\rasl2tp.sys
18:45:33.0343 2760  C:\WINDOWS\SYSTEM32\DRIVERS\rasl2tp.sys - ok
18:45:33.0343 2760  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS
18:45:33.0343 2760  C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS - ok
18:45:33.0359 2760  [ 0B90E255A9490166AB368CD55A529893 ] C:\WINDOWS\SYSTEM32\DRIVERS\ndiswan.sys
18:45:33.0359 2760  C:\WINDOWS\SYSTEM32\DRIVERS\ndiswan.sys - ok
18:45:33.0359 2760  [ 7306EEED8895454CBED4669BE9F79FAA ] C:\WINDOWS\SYSTEM32\DRIVERS\raspppoe.sys
18:45:33.0359 2760  C:\WINDOWS\SYSTEM32\DRIVERS\raspppoe.sys - ok
18:45:33.0375 2760  [ 6891B74AB9A016064E82A419388D0601 ] C:\WINDOWS\SYSTEM32\DRIVERS\tdi.sys
18:45:33.0375 2760  C:\WINDOWS\SYSTEM32\DRIVERS\tdi.sys - ok
18:45:33.0375 2760  [ 1C5CC65AAC0783C344F16353E60B72AC ] C:\WINDOWS\SYSTEM32\DRIVERS\raspptp.sys
18:45:33.0375 2760  C:\WINDOWS\SYSTEM32\DRIVERS\raspptp.sys - ok
18:45:33.0375 2760  [ 48671F327553DCF1D27F6197F622A668 ] C:\WINDOWS\SYSTEM32\DRIVERS\psched.sys
18:45:33.0375 2760  C:\WINDOWS\SYSTEM32\DRIVERS\psched.sys - ok
18:45:33.0390 2760  [ C0F1D4A21DE5A415DF8170616703DEBF ] C:\WINDOWS\SYSTEM32\DRIVERS\msgpc.sys
18:45:33.0390 2760  C:\WINDOWS\SYSTEM32\DRIVERS\msgpc.sys - ok
18:45:33.0390 2760  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS
18:45:33.0390 2760  C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS - ok
18:45:33.0406 2760  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS
18:45:33.0406 2760  C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS - ok
18:45:33.0406 2760  [ A540A99C281D933F3D69D55E48727F47 ] C:\WINDOWS\SYSTEM32\DRIVERS\termdd.sys
18:45:33.0406 2760  C:\WINDOWS\SYSTEM32\DRIVERS\termdd.sys - ok
18:45:33.0406 2760  [ 03C1BAE4766E2450219D20B993D6E046 ] C:\WINDOWS\SYSTEM32\DRIVERS\swenum.sys
18:45:33.0406 2760  C:\WINDOWS\SYSTEM32\DRIVERS\swenum.sys - ok
18:45:33.0421 2760  [ CED744117E91BDC0BEB810F7D8608183 ] C:\WINDOWS\SYSTEM32\DRIVERS\update.sys
18:45:33.0421 2760  C:\WINDOWS\SYSTEM32\DRIVERS\update.sys - ok
18:45:33.0421 2760  [ 53D5F1278D9EDB21689BBBCECC09108D ] C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys
18:45:33.0421 2760  C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys - ok
18:45:33.0437 2760  [ 469541F8BFD2B32659D5D463A6714BCE ] C:\WINDOWS\SYSTEM32\DRIVERS\mssmbios.sys
18:45:33.0437 2760  C:\WINDOWS\SYSTEM32\DRIVERS\mssmbios.sys - ok
18:45:33.0437 2760  [ 59FC3FB44D2669BC144FD87826BB571F ] C:\WINDOWS\SYSTEM32\DRIVERS\NDPROXY.SYS
18:45:33.0437 2760  C:\WINDOWS\SYSTEM32\DRIVERS\NDPROXY.SYS - ok
18:45:33.0437 2760  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\SYSTEM32\DRIVERS\USBD.SYS
18:45:33.0437 2760  C:\WINDOWS\SYSTEM32\DRIVERS\USBD.SYS - ok
18:45:33.0453 2760  [ C72F40947F92CEA56A8FB532EDF025F1 ] C:\WINDOWS\SYSTEM32\DRIVERS\usbhub.sys
18:45:33.0453 2760  C:\WINDOWS\SYSTEM32\DRIVERS\usbhub.sys - ok
18:45:33.0453 2760  [ 0DD1DE43115B93F4D85E889D7A86F548 ] C:\WINDOWS\SYSTEM32\DRIVERS\flpydisk.sys
18:45:33.0453 2760  C:\WINDOWS\SYSTEM32\DRIVERS\flpydisk.sys - ok
18:45:33.0453 2760  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] C:\WINDOWS\SYSTEM32\DRIVERS\sfloppy.sys
18:45:33.0453 2760  C:\WINDOWS\SYSTEM32\DRIVERS\sfloppy.sys - ok
18:45:33.0468 2760  [ 8F09F91B5C91363B77BCD15599570F2C ] C:\WINDOWS\SYSTEM32\DRIVERS\i2omgmt.sys
18:45:33.0468 2760  C:\WINDOWS\SYSTEM32\DRIVERS\i2omgmt.sys - ok
18:45:33.0468 2760  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\SYSTEM32\DRIVERS\CDAUDIO.SYS
18:45:33.0468 2760  C:\WINDOWS\SYSTEM32\DRIVERS\CDAUDIO.SYS - ok
18:45:33.0484 2760  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS
18:45:33.0484 2760  C:\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS - ok
18:45:33.0484 2760  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS
18:45:33.0484 2760  C:\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS - ok
18:45:33.0484 2760  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\SYSTEM32\DRIVERS\beep.sys
18:45:33.0484 2760  C:\WINDOWS\SYSTEM32\DRIVERS\beep.sys - ok
18:45:33.0500 2760  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] C:\WINDOWS\SYSTEM32\DRIVERS\vga.sys
18:45:33.0500 2760  C:\WINDOWS\SYSTEM32\DRIVERS\vga.sys - ok
18:45:33.0500 2760  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\SYSTEM32\DRIVERS\MNMDD.SYS
18:45:33.0500 2760  C:\WINDOWS\SYSTEM32\DRIVERS\MNMDD.SYS - ok
18:45:33.0515 2760  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
18:45:33.0515 2760  C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS - ok
18:45:33.0515 2760  [ 561B3A4333CA2DBDBA28B5B956822519 ] C:\WINDOWS\SYSTEM32\DRIVERS\msfs.sys
18:45:33.0515 2760  C:\WINDOWS\SYSTEM32\DRIVERS\msfs.sys - ok
18:45:33.0515 2760  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] C:\WINDOWS\SYSTEM32\DRIVERS\npfs.sys
18:45:33.0515 2760  C:\WINDOWS\SYSTEM32\DRIVERS\npfs.sys - ok
18:45:33.0531 2760  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
18:45:33.0531 2760  C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS - ok
18:45:33.0531 2760  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] C:\WINDOWS\SYSTEM32\DRIVERS\ipsec.sys
18:45:33.0531 2760  C:\WINDOWS\SYSTEM32\DRIVERS\ipsec.sys - ok
18:45:33.0546 2760  [ 2A5554FC5B1E04E131230E3CE035C3F9 ] C:\WINDOWS\SYSTEM32\DRIVERS\tcpip.sys
18:45:33.0546 2760  C:\WINDOWS\SYSTEM32\DRIVERS\tcpip.sys - ok
18:45:33.0546 2760  [ BA73B38E9033FC6018DB736B635706AE ] C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys
18:45:33.0546 2760  C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys - ok
18:45:33.0546 2760  [ E2168CBC7098FFE963C6F23F472A3593 ] C:\WINDOWS\SYSTEM32\DRIVERS\ipnat.sys
18:45:33.0546 2760  C:\WINDOWS\SYSTEM32\DRIVERS\ipnat.sys - ok
18:45:33.0562 2760  [ 984EF0B9788ABF89974CFED4BFBAACBC ] C:\WINDOWS\SYSTEM32\DRIVERS\wanarp.sys
18:45:33.0562 2760  C:\WINDOWS\SYSTEM32\DRIVERS\wanarp.sys - ok
18:45:33.0562 2760  [ 0C80E410CD2F47134407EE7DD19CC86B ] C:\WINDOWS\SYSTEM32\DRIVERS\netbt.sys
18:45:33.0562 2760  C:\WINDOWS\SYSTEM32\DRIVERS\netbt.sys - ok
18:45:33.0578 2760  [ 55E6E1C51B6D30E54335750955453702 ] C:\WINDOWS\SYSTEM32\DRIVERS\afd.sys
18:45:33.0578 2760  C:\WINDOWS\SYSTEM32\DRIVERS\afd.sys - ok
18:45:33.0578 2760  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] C:\WINDOWS\SYSTEM32\DRIVERS\netbios.sys
18:45:33.0578 2760  C:\WINDOWS\SYSTEM32\DRIVERS\netbios.sys - ok
18:45:33.0593 2760  [ 3E16EFF2A6FED2D8D7F5A66DFE65D183 ] C:\WINDOWS\SYSTEM32\DRIVERS\p3.sys
18:45:33.0593 2760  C:\WINDOWS\SYSTEM32\DRIVERS\p3.sys - ok
18:45:33.0593 2760  [ 0D97D88720A4087EC93AF7DBB303B30A ] C:\WINDOWS\SYSTEM32\DRIVERS\processr.sys
18:45:33.0593 2760  C:\WINDOWS\SYSTEM32\DRIVERS\processr.sys - ok
18:45:33.0593 2760  [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] C:\WINDOWS\SYSTEM32\DRIVERS\rdbss.sys
18:45:33.0593 2760  C:\WINDOWS\SYSTEM32\DRIVERS\rdbss.sys - ok
18:45:33.0609 2760  [ 6F2D483B97B395544E59749C47963C6A ] C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb.sys
18:45:33.0609 2760  C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb.sys - ok
18:45:33.0609 2760  [ D53D35031365A0ECCB1DC1BC1B15B18E ] C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys
18:45:33.0609 2760  C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys - ok
18:45:33.0625 2760  [ 5D7BE7B19E827125E016325334E58FF1 ] C:\WINDOWS\SYSTEM32\DRIVERS\BANTExt.sys
18:45:33.0625 2760  C:\WINDOWS\SYSTEM32\DRIVERS\BANTExt.sys - ok
18:45:33.0625 2760  [ E153AB8A11DE5452BCF5AC7652DBF3ED ] C:\WINDOWS\SYSTEM32\DRIVERS\FIPS.SYS
18:45:33.0625 2760  C:\WINDOWS\SYSTEM32\DRIVERS\FIPS.SYS - ok
18:45:33.0625 2760  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] C:\WINDOWS\SYSTEM32\DRIVERS\usbstor.sys
18:45:33.0625 2760  C:\WINDOWS\SYSTEM32\DRIVERS\usbstor.sys - ok
18:45:33.0640 2760  [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] C:\WINDOWS\SYSTEM32\DRIVERS\usbccgp.sys
18:45:33.0640 2760  C:\WINDOWS\SYSTEM32\DRIVERS\usbccgp.sys - ok
18:45:33.0640 2760  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] C:\WINDOWS\SYSTEM32\DRIVERS\usbscan.sys
18:45:33.0640 2760  C:\WINDOWS\SYSTEM32\DRIVERS\usbscan.sys - ok
18:45:33.0656 2760  [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] C:\WINDOWS\SYSTEM32\DRIVERS\usbprint.sys
18:45:33.0656 2760  C:\WINDOWS\SYSTEM32\DRIVERS\usbprint.sys - ok
18:45:33.0656 2760  [ ABCB05CCDBF03000354B9553820E39F8 ] C:\WINDOWS\SYSTEM32\DRIVERS\HPZius12.sys
18:45:33.0656 2760  C:\WINDOWS\SYSTEM32\DRIVERS\HPZius12.sys - ok
18:45:33.0656 2760  [ 7BB2C605094DBCA536D127B434214862 ] C:\WINDOWS\SYSTEM32\DRIVERS\avgidsdriverx.sys
18:45:33.0656 2760  C:\WINDOWS\SYSTEM32\DRIVERS\avgidsdriverx.sys - ok
18:45:33.0671 2760  [ A8DE230CC8536790CA07D37FBCD87A74 ] C:\WINDOWS\SYSTEM32\DRIVERS\avgidsshimx.sys
18:45:33.0671 2760  C:\WINDOWS\SYSTEM32\DRIVERS\avgidsshimx.sys - ok
18:45:33.0671 2760  [ BD7FB0957C716F1A60333AEE04DE2178 ] C:\WINDOWS\SYSTEM32\smss.exe
18:45:33.0671 2760  C:\WINDOWS\SYSTEM32\smss.exe - ok
18:45:33.0687 2760  [ C06986B55981B355090DD34DE809E4BB ] C:\WINDOWS\SYSTEM32\ntdll.dll
18:45:33.0687 2760  C:\WINDOWS\SYSTEM32\ntdll.dll - ok
18:45:33.0687 2760  [ B3415B9D6026F65E43089ABED096C38C ] C:\WINDOWS\SYSTEM32\autochk.exe
18:45:33.0687 2760  C:\WINDOWS\SYSTEM32\autochk.exe - ok
18:45:33.0687 2760  [ 544D486301588C8199187C9AB5778B4B ] C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
18:45:33.0687 2760  C:\PROGRA~1\AVG\AVG2013\avgrsx.exe - ok
18:45:33.0703 2760  [ 484987420BC8DED2CB26C6F4EC9BA7F2 ] C:\Program Files\AVG\AVG2013\avgsysx.dll
18:45:33.0703 2760  C:\Program Files\AVG\AVG2013\avgsysx.dll - ok
18:45:33.0703 2760  [ 42836D10270B1940F9A2FF77AE679537 ] C:\Program Files\AVG\AVG2013\avgntopensslx.dll
18:45:33.0703 2760  C:\Program Files\AVG\AVG2013\avgntopensslx.dll - ok
18:45:33.0703 2760  [ 1C2E1FC9F8ED794CC191E92F27D1391C ] C:\Program Files\AVG\AVG2013\avglogx.dll
18:45:33.0703 2760  C:\Program Files\AVG\AVG2013\avglogx.dll - ok
18:45:33.0718 2760  [ CD7D5152DF32B47F4E36F710B35AAE02 ] C:\WINDOWS\SYSTEM32\DRIVERS\cdfs.sys
18:45:33.0718 2760  C:\WINDOWS\SYSTEM32\DRIVERS\cdfs.sys - ok
18:45:33.0718 2760  [ 3117F595E9615E04F05A54FC15A03B20 ] C:\WINDOWS\SYSTEM32\DRIVERS\fastfat.sys
18:45:33.0718 2760  C:\WINDOWS\SYSTEM32\DRIVERS\fastfat.sys - ok
18:45:33.0734 2760  [ 83FADF5EEDE796F137B53FA45A85FD40 ] C:\Documents and Settings\Bobby\Desktop\vlcmediaplayer-setup.exe
18:45:33.0734 2760  C:\Documents and Settings\Bobby\Desktop\vlcmediaplayer-setup.exe - ok
18:45:33.0734 2760  [ 11CDD81560E766101F0032EB05872C1B ] C:\WINDOWS\SYSTEM32\ntoskrnl.exe
18:45:33.0734 2760  C:\WINDOWS\SYSTEM32\ntoskrnl.exe - ok
18:45:33.0734 2760  [ 30A609E00BD1D4FFC49D6B5A432BE7F2 ] C:\WINDOWS\SYSTEM32\sfcfiles.dll
18:45:33.0734 2760  C:\WINDOWS\SYSTEM32\sfcfiles.dll - ok
18:45:33.0750 2760  [ 1081C185AED0660B2B5F173C3E023B23 ] C:\WINDOWS\SYSTEM32\advapi32.dll
18:45:33.0750 2760  C:\WINDOWS\SYSTEM32\advapi32.dll - ok
18:45:33.0750 2760  [ 1EDB1BB89D021955E6F7265911175B8D ] C:\WINDOWS\SYSTEM32\comdlg32.dll
18:45:33.0750 2760  C:\WINDOWS\SYSTEM32\comdlg32.dll - ok
18:45:33.0765 2760  [ 0C07B16769E579F78C541773D0A2E7E0 ] C:\WINDOWS\SYSTEM32\gdi32.dll
18:45:33.0765 2760  C:\WINDOWS\SYSTEM32\gdi32.dll - ok
18:45:33.0765 2760  [ 5AFCE94E8286B2F57A04DA37F01BF21A ] C:\WINDOWS\SYSTEM32\imagehlp.dll
18:45:33.0765 2760  C:\WINDOWS\SYSTEM32\imagehlp.dll - ok
18:45:33.0781 2760  [ B6ACAED7588295129791E0E6A2B0FADE ] C:\WINDOWS\SYSTEM32\kernel32.dll
18:45:33.0781 2760  C:\WINDOWS\SYSTEM32\kernel32.dll - ok
18:45:33.0781 2760  [ AB8231D13692AC5088EB9C226B0C0576 ] C:\WINDOWS\SYSTEM32\ole32.dll
18:45:33.0781 2760  C:\WINDOWS\SYSTEM32\ole32.dll - ok
18:45:33.0781 2760  [ 0144ABC4C4A624B583D432EE478A711C ] C:\WINDOWS\SYSTEM32\oleaut32.dll
18:45:33.0781 2760  C:\WINDOWS\SYSTEM32\oleaut32.dll - ok
18:45:33.0796 2760  [ 2E52C5B451734EB095C21185675D9E76 ] C:\WINDOWS\SYSTEM32\olecli32.dll
18:45:33.0796 2760  C:\WINDOWS\SYSTEM32\olecli32.dll - ok
18:45:33.0796 2760  [ 980665E58317B29C9A0F7221D576CC51 ] C:\WINDOWS\SYSTEM32\olecnv32.dll
18:45:33.0796 2760  C:\WINDOWS\SYSTEM32\olecnv32.dll - ok
18:45:33.0812 2760  [ 461B6E2F04112E659280314B7A414F30 ] C:\WINDOWS\SYSTEM32\rpcrt4.dll
18:45:33.0812 2760  C:\WINDOWS\SYSTEM32\rpcrt4.dll - ok
18:45:33.0812 2760  [ 06DA8C5383AAF17127FC4B1658BA3F4F ] C:\WINDOWS\SYSTEM32\shell32.dll
18:45:33.0812 2760  C:\WINDOWS\SYSTEM32\shell32.dll - ok
18:45:33.0812 2760  [ 91617515AA185259694A1C4882080B99 ] C:\WINDOWS\SYSTEM32\url.dll
18:45:33.0812 2760  C:\WINDOWS\SYSTEM32\url.dll - ok
18:45:33.0828 2760  [ 05642AE6A7BDAA7541A7451F5A4C6512 ] C:\WINDOWS\SYSTEM32\urlmon.dll
18:45:33.0828 2760  C:\WINDOWS\SYSTEM32\urlmon.dll - ok
18:45:33.0828 2760  [ B409909F6E2E8A7067076ED748ABF1E7 ] C:\WINDOWS\SYSTEM32\user32.dll
18:45:33.0828 2760  C:\WINDOWS\SYSTEM32\user32.dll - ok
18:45:33.0843 2760  [ D38408967BE738D0C1B47005BCE8CEEB ] C:\WINDOWS\SYSTEM32\version.dll
18:45:33.0843 2760  C:\WINDOWS\SYSTEM32\version.dll - ok
18:45:33.0843 2760  [ 6CE32F7778061CCC5814D5E0F282D369 ] C:\WINDOWS\SYSTEM32\wininet.dll
18:45:33.0843 2760  C:\WINDOWS\SYSTEM32\wininet.dll - ok
18:45:33.0843 2760  [ 87FA74FD8289811ACCD43F3C24D312F2 ] C:\WINDOWS\SYSTEM32\shlwapi.dll
18:45:33.0843 2760  C:\WINDOWS\SYSTEM32\shlwapi.dll - ok
18:45:33.0859 2760  [ 10F36FA092D7A309A0647FCDC764AE6C ] C:\WINDOWS\SYSTEM32\wldap32.dll
18:45:33.0859 2760  C:\WINDOWS\SYSTEM32\wldap32.dll - ok
18:45:33.0859 2760  [ B0124CB21D28B1C9F678B566B6B57D92 ] C:\WINDOWS\SYSTEM32\comctl32.dll
18:45:33.0859 2760  C:\WINDOWS\SYSTEM32\comctl32.dll - ok
18:45:33.0875 2760  [ 2CFE80AA3428C09E6DE67FAC50DA65CF ] C:\WINDOWS\SYSTEM32\mpr.dll
18:45:33.0875 2760  C:\WINDOWS\SYSTEM32\mpr.dll - ok
18:45:33.0875 2760  [ B0FEFA816D61EC66AA765DDF534EAB5E ] C:\WINDOWS\SYSTEM32\msvcrt.dll
18:45:33.0875 2760  C:\WINDOWS\SYSTEM32\msvcrt.dll - ok
18:45:33.0875 2760  [ 0738F4B53D967E46CC5E51F84BC1EB39 ] C:\WINDOWS\SYSTEM32\ntvdm.exe
18:45:33.0875 2760  C:\WINDOWS\SYSTEM32\ntvdm.exe - ok
18:45:33.0890 2760  [ 174F3D2CA3C9E53643772A67C36BE5AF ] C:\WINDOWS\SYSTEM32\secur32.dll
18:45:33.0890 2760  C:\WINDOWS\SYSTEM32\secur32.dll - ok
18:45:33.0890 2760  [ C0226CF48B9299DE4C7B077B2568C333 ] C:\WINDOWS\SYSTEM32\wow32.dll
18:45:33.0890 2760  C:\WINDOWS\SYSTEM32\wow32.dll - ok
18:45:33.0906 2760  [ 58BD4689E1DCD40A903721D7EF45F2EC ] C:\WINDOWS\SYSTEM32\iertutil.dll
18:45:33.0906 2760  C:\WINDOWS\SYSTEM32\iertutil.dll - ok
18:45:33.0906 2760  [ 729DA5D23A9AD20A6AA353156A126420 ] C:\WINDOWS\SYSTEM32\ieframe.dll
18:45:33.0906 2760  C:\WINDOWS\SYSTEM32\ieframe.dll - ok
18:45:33.0906 2760  [ ECA24AB73FCFFA754D4070CDB03529E3 ] C:\WINDOWS\SYSTEM32\apphelp.dll
18:45:33.0906 2760  C:\WINDOWS\SYSTEM32\apphelp.dll - ok
18:45:33.0921 2760  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\SYSTEM32\normaliz.dll
18:45:33.0921 2760  C:\WINDOWS\SYSTEM32\normaliz.dll - ok
18:45:33.0921 2760  [ 2B9B56A89A8A42E917511972A6DB36E3 ] C:\WINDOWS\SYSTEM32\userenv.dll
18:45:33.0921 2760  C:\WINDOWS\SYSTEM32\userenv.dll - ok
18:45:33.0937 2760  [ D06EAA8B23BC1F671B11D18CFEA65115 ] C:\WINDOWS\SYSTEM32\csrsrv.dll
18:45:33.0937 2760  C:\WINDOWS\SYSTEM32\csrsrv.dll - ok
18:45:33.0937 2760  [ F12B178B1678D778CFD3FF1FC38C71FB ] C:\WINDOWS\SYSTEM32\csrss.exe
18:45:33.0937 2760  C:\WINDOWS\SYSTEM32\csrss.exe - ok
18:45:33.0937 2760  [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\SYSTEM32\basesrv.dll
18:45:33.0937 2760  C:\WINDOWS\SYSTEM32\basesrv.dll - ok
18:45:33.0953 2760  [ 458AB591E8CF240CC105A23671F2C3D6 ] C:\WINDOWS\SYSTEM32\nddeapi.dll
18:45:33.0953 2760  C:\WINDOWS\SYSTEM32\nddeapi.dll - ok
18:45:33.0953 2760  [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\SYSTEM32\winsrv.dll
18:45:33.0953 2760  C:\WINDOWS\SYSTEM32\winsrv.dll - ok
18:45:33.0953 2760  [ 1BA572613B54EF22B14AF2CF90A4158C ] C:\WINDOWS\SYSTEM32\nv4_disp.dll
18:45:33.0968 2760  C:\WINDOWS\SYSTEM32\nv4_disp.dll - ok
18:45:33.0968 2760  [ 01C3346C241652F43AED8E2149881BFE ] C:\WINDOWS\SYSTEM32\winlogon.exe
18:45:33.0968 2760  C:\WINDOWS\SYSTEM32\winlogon.exe - ok
18:45:33.0968 2760  [ 5C3DF25926729EBEEF5CC7FF1933B360 ] C:\WINDOWS\SYSTEM32\authz.dll
18:45:33.0968 2760  C:\WINDOWS\SYSTEM32\authz.dll - ok
18:45:33.0984 2760  [ EFC958396A7A7EF7E6D4A52B97512E18 ] C:\WINDOWS\SYSTEM32\crypt32.dll
18:45:33.0984 2760  C:\WINDOWS\SYSTEM32\crypt32.dll - ok
18:45:33.0984 2760  [ DDE959EFC7CD79D1AC4BDA320A959DC0 ] C:\WINDOWS\SYSTEM32\msasn1.dll
18:45:33.0984 2760  C:\WINDOWS\SYSTEM32\msasn1.dll - ok
18:45:34.0000 2760  [ FE4F71711CF5C17ADE5E506348132D24 ] C:\WINDOWS\SYSTEM32\profmap.dll
18:45:34.0000 2760  C:\WINDOWS\SYSTEM32\profmap.dll - ok
18:45:34.0000 2760  [ 0A457307006530FD03A797F572A067FA ] C:\WINDOWS\SYSTEM32\netapi32.dll
18:45:34.0000 2760  C:\WINDOWS\SYSTEM32\netapi32.dll - ok
18:45:34.0000 2760  [ 96E48C7EB9089D1DBF6F85CA11B264DF ] C:\WINDOWS\SYSTEM32\psapi.dll
18:45:34.0000 2760  C:\WINDOWS\SYSTEM32\psapi.dll - ok
18:45:34.0015 2760  [ 899ED710FDC37EB7D0115C2932C2B1EB ] C:\WINDOWS\SYSTEM32\regapi.dll
18:45:34.0015 2760  C:\WINDOWS\SYSTEM32\regapi.dll - ok
18:45:34.0015 2760  [ 7808313CBC634EE08346D5DDFEF1CC5F ] C:\WINDOWS\SYSTEM32\setupapi.dll
18:45:34.0015 2760  C:\WINDOWS\SYSTEM32\setupapi.dll - ok
18:45:34.0031 2760  [ 87CA7CE6469577F059297B9D6556D66D ] C:\WINDOWS\SYSTEM32\imm32.dll
18:45:34.0031 2760  C:\WINDOWS\SYSTEM32\imm32.dll - ok
18:45:34.0031 2760  [ A29AF639AA180CC68C59242A10E1D3B1 ] C:\WINDOWS\SYSTEM32\msgina.dll
18:45:34.0031 2760  C:\WINDOWS\SYSTEM32\msgina.dll - ok
18:45:34.0031 2760  [ 7BC4BA4C33ADF3EF5CD370D99BC60B04 ] C:\WINDOWS\SYSTEM32\winsta.dll
18:45:34.0031 2760  C:\WINDOWS\SYSTEM32\winsta.dll - ok
18:45:34.0046 2760  [ B015A20C60D2A751777A9C8207A7BA82 ] C:\WINDOWS\SYSTEM32\wintrust.dll
18:45:34.0046 2760  C:\WINDOWS\SYSTEM32\wintrust.dll - ok
18:45:34.0046 2760  [ 9BEACB911CA61E5881102188AB7FB431 ] C:\WINDOWS\SYSTEM32\ws2help.dll
18:45:34.0046 2760  C:\WINDOWS\SYSTEM32\ws2help.dll - ok
18:45:34.0062 2760  [ 2ED0B7F12A60F90092081C50FA0EC2B2 ] C:\WINDOWS\SYSTEM32\ws2_32.dll
18:45:34.0062 2760  C:\WINDOWS\SYSTEM32\ws2_32.dll - ok
18:45:34.0062 2760  [ F79D7D98CD764499ECCBAAF3F800D349 ] C:\WINDOWS\SYSTEM32\odbc32.dll
18:45:34.0062 2760  C:\WINDOWS\SYSTEM32\odbc32.dll - ok
18:45:34.0062 2760  [ 0FF9FA27706FBE9048990C108C0D62F0 ] C:\WINDOWS\SYSTEM32\sxs.dll
18:45:34.0062 2760  C:\WINDOWS\SYSTEM32\sxs.dll - ok
18:45:34.0078 2760  [ C237FB08F52F27823C4E4E6705ECD196 ] C:\WINDOWS\SYSTEM32\odbcint.dll
18:45:34.0078 2760  C:\WINDOWS\SYSTEM32\odbcint.dll - ok
18:45:34.0078 2760  [ 5AF68A5E44734A082442668E9C787743 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
18:45:34.0078 2760  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - ok
18:45:34.0093 2760  [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\SYSTEM32\services.exe
18:45:34.0093 2760  C:\WINDOWS\SYSTEM32\services.exe - ok
18:45:34.0093 2760  [ E8A12A12EA9088B4327D49EDCA3ADD3E ] C:\WINDOWS\SYSTEM32\sfc.dll
18:45:34.0093 2760  C:\WINDOWS\SYSTEM32\sfc.dll - ok
18:45:34.0093 2760  [ 9858CC4D73A4CCF2F852FAE07C11A0B5 ] C:\WINDOWS\SYSTEM32\sfc_os.dll
18:45:34.0093 2760  C:\WINDOWS\SYSTEM32\sfc_os.dll - ok
18:45:34.0109 2760  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] C:\WINDOWS\SYSTEM32\shsvcs.dll
18:45:34.0109 2760  C:\WINDOWS\SYSTEM32\shsvcs.dll - ok
18:45:34.0109 2760  [ 84885F9B82F4D55C6146EBF6065D75D2 ] C:\WINDOWS\SYSTEM32\lsass.exe
18:45:34.0109 2760  C:\WINDOWS\SYSTEM32\lsass.exe - ok
18:45:34.0125 2760  [ DA201A0A309B96381FD674D0FAB5DA86 ] C:\WINDOWS\SYSTEM32\ncobjapi.dll
18:45:34.0125 2760  C:\WINDOWS\SYSTEM32\ncobjapi.dll - ok
18:45:34.0125 2760  [ 9A42C1F3154545A4D32E5043038B01FA ] C:\WINDOWS\SYSTEM32\scesrv.dll
18:45:34.0125 2760  C:\WINDOWS\SYSTEM32\scesrv.dll - ok
18:45:34.0125 2760  [ 1F57EB5B92B2AC7F9D71A77D184D8C13 ] C:\WINDOWS\SYSTEM32\msvcp60.dll
18:45:34.0125 2760  C:\WINDOWS\SYSTEM32\msvcp60.dll - ok
18:45:34.0140 2760  [ 43DA983415EA533F9E667FDB415F4655 ] C:\WINDOWS\SYSTEM32\shimeng.dll
18:45:34.0140 2760  C:\WINDOWS\SYSTEM32\shimeng.dll - ok
18:45:34.0140 2760  [ 586211F4FF4BC49CC215C956919CD33B ] C:\WINDOWS\SYSTEM32\umpnpmgr.dll
18:45:34.0140 2760  C:\WINDOWS\SYSTEM32\umpnpmgr.dll - ok
18:45:34.0156 2760  [ 39F3B6CC2932E103D72C4564F8A680AC ] C:\WINDOWS\SYSTEM32\lsasrv.dll
18:45:34.0156 2760  C:\WINDOWS\SYSTEM32\lsasrv.dll - ok
18:45:34.0156 2760  [ FB537F29A827D78F756154CF397A113F ] C:\WINDOWS\AppPatch\acgenral.dll
18:45:34.0156 2760  C:\WINDOWS\AppPatch\acgenral.dll - ok
18:45:34.0156 2760  [ 975D12353B1D525C0F3444C447FB3B9A ] C:\WINDOWS\SYSTEM32\msacm32.dll
18:45:34.0171 2760  C:\WINDOWS\SYSTEM32\msacm32.dll - ok
18:45:34.0171 2760  [ 6201BACF384292A5FE94CE73364AE53A ] C:\WINDOWS\SYSTEM32\ntdsapi.dll
18:45:34.0171 2760  C:\WINDOWS\SYSTEM32\ntdsapi.dll - ok
18:45:34.0171 2760  [ 2CDE496666A975A2CE8F969F3042C8DB ] C:\WINDOWS\SYSTEM32\uxtheme.dll
18:45:34.0171 2760  C:\WINDOWS\SYSTEM32\uxtheme.dll - ok
18:45:34.0187 2760  [ 90FDAA22F38D9E911F91FA3B8A1F7E5D ] C:\WINDOWS\SYSTEM32\winmm.dll
18:45:34.0187 2760  C:\WINDOWS\SYSTEM32\winmm.dll - ok
18:45:34.0187 2760  [ 176497D0E7AE618860552A4B5635B206 ] C:\WINDOWS\SYSTEM32\dnsapi.dll
18:45:34.0187 2760  C:\WINDOWS\SYSTEM32\dnsapi.dll - ok
18:45:34.0187 2760  [ EBE12F403FDE45E7312E7BF764BFB6C6 ] C:\WINDOWS\SYSTEM32\samlib.dll
18:45:34.0187 2760  C:\WINDOWS\SYSTEM32\samlib.dll - ok
18:45:34.0203 2760  [ E15154E7FDA8A580A8F74C7CC16B1FFE ] C:\WINDOWS\SYSTEM32\samsrv.dll
18:45:34.0203 2760  C:\WINDOWS\SYSTEM32\samsrv.dll - ok
18:45:34.0203 2760  [ EF5B64A9CD71ED27E837165C08DA4CC1 ] C:\WINDOWS\SYSTEM32\cryptdll.dll
18:45:34.0203 2760  C:\WINDOWS\SYSTEM32\cryptdll.dll - ok
18:45:34.0218 2760  [ 7F2310210256C0AC04A82285DEBC0F51 ] C:\WINDOWS\SYSTEM32\digest.dll
18:45:34.0218 2760  C:\WINDOWS\SYSTEM32\digest.dll - ok
18:45:34.0218 2760  [ E484F006380A89A52CCC7828ECE5DCA0 ] C:\WINDOWS\SYSTEM32\msapsspc.dll
18:45:34.0218 2760  C:\WINDOWS\SYSTEM32\msapsspc.dll - ok
18:45:34.0218 2760  [ BB1367FECA810F06B1AEA06D610B1E4F ] C:\WINDOWS\SYSTEM32\msnsspc.dll
18:45:34.0218 2760  C:\WINDOWS\SYSTEM32\msnsspc.dll - ok
18:45:34.0234 2760  [ 6BEC17053284E847CF1FBB8C9A181E1E ] C:\WINDOWS\SYSTEM32\msprivs.dll
18:45:34.0234 2760  C:\WINDOWS\SYSTEM32\msprivs.dll - ok
18:45:34.0234 2760  [ 146D198E3AD9D4B69C9EB0AEA6EF333B ] C:\WINDOWS\SYSTEM32\msvcrt40.dll
18:45:34.0234 2760  C:\WINDOWS\SYSTEM32\msvcrt40.dll - ok
18:45:34.0250 2760  [ 7B47C36B4F0170B8EF4F3B4EFD371F67 ] C:\WINDOWS\SYSTEM32\schannel.dll
18:45:34.0250 2760  C:\WINDOWS\SYSTEM32\schannel.dll - ok
18:45:34.0250 2760  [ C0FE34F85B6D29368133587B1D6FA039 ] C:\WINDOWS\SYSTEM32\kerberos.dll
18:45:34.0250 2760  C:\WINDOWS\SYSTEM32\kerberos.dll - ok
18:45:34.0250 2760  [ 011EACF9153EF90E6CBCE2987ACAE411 ] C:\WINDOWS\SYSTEM32\iphlpapi.dll
18:45:34.0250 2760  C:\WINDOWS\SYSTEM32\iphlpapi.dll - ok
18:45:34.0265 2760  [ 4E49D244C178505FEB090E37989D4045 ] C:\WINDOWS\SYSTEM32\msv1_0.dll
18:45:34.0265 2760  C:\WINDOWS\SYSTEM32\msv1_0.dll - ok
18:45:34.0265 2760  [ 96353FCECBA774BB8DA74A1C6507015A ] C:\WINDOWS\SYSTEM32\netlogon.dll
18:45:34.0265 2760  C:\WINDOWS\SYSTEM32\netlogon.dll - ok
18:45:34.0281 2760  [ FB6359FE8864D0CE06B79CD33D188411 ] C:\WINDOWS\SYSTEM32\atmfd.dll
18:45:34.0281 2760  C:\WINDOWS\SYSTEM32\atmfd.dll - ok
18:45:34.0281 2760  [ 2B281958F5D0CF99ED626E3EF39D5C8D ] C:\WINDOWS\SYSTEM32\w32time.dll
18:45:34.0281 2760  C:\WINDOWS\SYSTEM32\w32time.dll - ok
18:45:34.0281 2760  [ DBB2E47723A164B178836668A6CA4C1B ] C:\WINDOWS\SYSTEM32\wdigest.dll
18:45:34.0281 2760  C:\WINDOWS\SYSTEM32\wdigest.dll - ok
18:45:34.0296 2760  [ 26ACBD865F8CFF730F1791C4D0854352 ] C:\WINDOWS\SYSTEM32\rsaenh.dll
18:45:34.0296 2760  C:\WINDOWS\SYSTEM32\rsaenh.dll - ok
18:45:34.0296 2760  [ 7BCB23FA39CE266AF4347A6BEAB60F8C ] C:\WINDOWS\SYSTEM32\winscard.dll
18:45:34.0296 2760  C:\WINDOWS\SYSTEM32\winscard.dll - ok
18:45:34.0312 2760  [ A9753F3343EB7A8BC3B498841C8BE6FD ] C:\WINDOWS\SYSTEM32\msctf.dll
18:45:34.0312 2760  C:\WINDOWS\SYSTEM32\msctf.dll - ok
18:45:34.0312 2760  [ E832C72D32FA117CB0D033C5EA95B58F ] C:\WINDOWS\SYSTEM32\ntkrnlpa.exe
18:45:34.0312 2760  C:\WINDOWS\SYSTEM32\ntkrnlpa.exe - ok
18:45:34.0312 2760  [ 67F2D109AB373FECEB819F420DB11F03 ] C:\WINDOWS\SYSTEM32\wtsapi32.dll
18:45:34.0328 2760  C:\WINDOWS\SYSTEM32\wtsapi32.dll - ok
18:45:34.0328 2760  [ 0F78E27F563F2AAF74B91A49E2ABF19A ] C:\WINDOWS\SYSTEM32\scecli.dll
18:45:34.0328 2760  C:\WINDOWS\SYSTEM32\scecli.dll - ok
18:45:34.0328 2760  [ DAA91B358E685FC6CCA9ACA72BE6FE85 ] C:\WINDOWS\SYSTEM32\ntmarta.dll
18:45:34.0328 2760  C:\WINDOWS\SYSTEM32\ntmarta.dll - ok
18:45:34.0343 2760  [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] C:\WINDOWS\SYSTEM32\rpcss.dll
18:45:34.0343 2760  C:\WINDOWS\SYSTEM32\rpcss.dll - ok
18:45:34.0343 2760  [ 8F078AE4ED187AAABC0A305146DE6716 ] C:\WINDOWS\SYSTEM32\svchost.exe
18:45:34.0343 2760  C:\WINDOWS\SYSTEM32\svchost.exe - ok
18:45:34.0359 2760  [ 1320AEA7057A26A671D9548CC7BEBDA5 ] C:\WINDOWS\SYSTEM32\xpsp2res.dll
18:45:34.0359 2760  C:\WINDOWS\SYSTEM32\xpsp2res.dll - ok
18:45:34.0359 2760  [ 82B24CB70E5944E6E34662205A2A5B78 ] C:\WINDOWS\SYSTEM32\eventlog.dll
18:45:34.0359 2760  C:\WINDOWS\SYSTEM32\eventlog.dll - ok
18:45:34.0359 2760  [ 097722F235A1FB698BF9234E01B52637 ] C:\WINDOWS\SYSTEM32\mswsock.dll
18:45:34.0359 2760  C:\WINDOWS\SYSTEM32\mswsock.dll - ok
18:45:34.0375 2760  [ 5F098BD2AE6B03044B085DECFFDF91EC ] C:\WINDOWS\SYSTEM32\rasadhlp.dll
18:45:34.0375 2760  C:\WINDOWS\SYSTEM32\rasadhlp.dll - ok
18:45:34.0375 2760  [ 2C8FDB176F22629EA5342DB474FAC391 ] C:\WINDOWS\SYSTEM32\winrnr.dll
18:45:34.0375 2760  C:\WINDOWS\SYSTEM32\winrnr.dll - ok
18:45:34.0390 2760  [ A7F95A53EE055115DF03588997A47D4D ] C:\WINDOWS\SYSTEM32\wshtcpip.dll
18:45:34.0390 2760  C:\WINDOWS\SYSTEM32\wshtcpip.dll - ok
18:45:34.0390 2760  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
18:45:34.0390 2760  C:\Program Files\Bonjour\mdnsNSP.dll - ok
18:45:34.0390 2760  [ 765B30C776A1780B46B479FE614F707C ] C:\WINDOWS\SYSTEM32\hnetcfg.dll
18:45:34.0390 2760  C:\WINDOWS\SYSTEM32\hnetcfg.dll - ok
18:45:34.0406 2760  [ 587729679B4FE04CE06A5C61D6C56DCD ] C:\WINDOWS\SYSTEM32\cscdll.dll
18:45:34.0406 2760  C:\WINDOWS\SYSTEM32\cscdll.dll - ok
18:45:34.0406 2760  [ A599E5E366C1408E48AA5D37882D4E3E ] C:\WINDOWS\SYSTEM32\wlnotify.dll
18:45:34.0406 2760  C:\WINDOWS\SYSTEM32\wlnotify.dll - ok
18:45:34.0421 2760  [ D7DCFB4D0C58FFB569DE93E1681FD37A ] C:\WINDOWS\SYSTEM32\WgaLogon.dll
18:45:34.0421 2760  C:\WINDOWS\SYSTEM32\WgaLogon.dll - ok
18:45:34.0421 2760  [ EC8A848FC4F17F3B3D9DA4A0C43FB930 ] C:\WINDOWS\SYSTEM32\clbcatq.dll
18:45:34.0421 2760  C:\WINDOWS\SYSTEM32\clbcatq.dll - ok
18:45:34.0421 2760  [ 6728270CB7DBB776ED086F5AC4C82310 ] C:\WINDOWS\SYSTEM32\comres.dll
18:45:34.0421 2760  C:\WINDOWS\SYSTEM32\comres.dll - ok
18:45:34.0437 2760  [ 524F073B1241F5D37CD70FF389B3B7FD ] C:\WINDOWS\SYSTEM32\msxml3.dll
18:45:34.0437 2760  C:\WINDOWS\SYSTEM32\msxml3.dll - ok
18:45:34.0437 2760  [ EF545E1A4B043DA4C84E230DD471C55F ] C:\WINDOWS\SYSTEM32\dhcpcsvc.dll
18:45:34.0437 2760  C:\WINDOWS\SYSTEM32\dhcpcsvc.dll - ok
18:45:34.0437 2760  [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] C:\WINDOWS\SYSTEM32\dnsrslvr.dll
18:45:34.0437 2760  C:\WINDOWS\SYSTEM32\dnsrslvr.dll - ok
18:45:34.0453 2760  [ B3EFF6D938C572E90A07B3D87A3C7657 ] C:\WINDOWS\SYSTEM32\lmhsvc.dll
18:45:34.0453 2760  C:\WINDOWS\SYSTEM32\lmhsvc.dll - ok
18:45:34.0453 2760  [ 5A91E6FEAB9F901302FA7FF768C0120F ] C:\WINDOWS\SYSTEM32\wzcsvc.dll
18:45:34.0453 2760  C:\WINDOWS\SYSTEM32\wzcsvc.dll - ok
18:45:34.0468 2760  [ 50DE118DA580208B914B40DD47C90D52 ] C:\WINDOWS\SYSTEM32\esent.dll
18:45:34.0468 2760  C:\WINDOWS\SYSTEM32\esent.dll - ok
18:45:34.0468 2760  [ 2030FA027E7C3E0A145649C03171457B ] C:\WINDOWS\SYSTEM32\rtutils.dll
18:45:34.0468 2760  C:\WINDOWS\SYSTEM32\rtutils.dll - ok
18:45:34.0468 2760  [ E682696D7F982494A8CFC80C5B59D422 ] C:\WINDOWS\SYSTEM32\wmi.dll
18:45:34.0468 2760  C:\WINDOWS\SYSTEM32\wmi.dll - ok
18:45:34.0484 2760  [ 72F2CFC7653FB5ABB85789D28E26A643 ] C:\WINDOWS\SYSTEM32\atl.dll
18:45:34.0484 2760  C:\WINDOWS\SYSTEM32\atl.dll - ok
18:45:34.0484 2760  [ 92360854316611F6CC471612213C3D92 ] C:\WINDOWS\SYSTEM32\schedsvc.dll
18:45:34.0484 2760  C:\WINDOWS\SYSTEM32\schedsvc.dll - ok
18:45:34.0500 2760  [ 5414CCF382E4FCC6819ABA84F5BFEFD4 ] C:\WINDOWS\SYSTEM32\rastls.dll
18:45:34.0500 2760  C:\WINDOWS\SYSTEM32\rastls.dll - ok
18:45:34.0500 2760  [ 4AC302BF714DC163E685D0A187A36D0F ] C:\WINDOWS\SYSTEM32\cryptui.dll
18:45:34.0500 2760  C:\WINDOWS\SYSTEM32\cryptui.dll - ok
18:45:34.0500 2760  [ 9F78F329B1858E845087B923B4DBA0F3 ] C:\WINDOWS\SYSTEM32\mprapi.dll
18:45:34.0500 2760  C:\WINDOWS\SYSTEM32\mprapi.dll - ok
18:45:34.0515 2760  [ 875D770F477E0AE0088BE1810D537B23 ] C:\WINDOWS\SYSTEM32\activeds.dll
18:45:34.0515 2760  C:\WINDOWS\SYSTEM32\activeds.dll - ok
18:45:34.0515 2760  [ 12A581CA44E53B09D24C5B94F252C78D ] C:\WINDOWS\SYSTEM32\adsldpc.dll
18:45:34.0515 2760  C:\WINDOWS\SYSTEM32\adsldpc.dll - ok
18:45:34.0531 2760  [ CD1F7ED9842138BEADF9ECBF37818BEF ] C:\WINDOWS\SYSTEM32\rasapi32.dll
18:45:34.0531 2760  C:\WINDOWS\SYSTEM32\rasapi32.dll - ok
18:45:34.0531 2760  [ 30E244A707E6CE0A4B099CD6384EC6CA ] C:\WINDOWS\SYSTEM32\rasman.dll
18:45:34.0531 2760  C:\WINDOWS\SYSTEM32\rasman.dll - ok
18:45:34.0531 2760  [ 6307A1B82F6CA87D7E0CDF49E6E7BC00 ] C:\WINDOWS\SYSTEM32\tapi32.dll
18:45:34.0546 2760  C:\WINDOWS\SYSTEM32\tapi32.dll - ok
18:45:34.0546 2760  [ B78F5E78D50216A1302F50C12ABEE801 ] C:\WINDOWS\SYSTEM32\riched20.dll
18:45:34.0546 2760  C:\WINDOWS\SYSTEM32\riched20.dll - ok
18:45:34.0546 2760  [ 0B8EB60C983666C3F09AB770EDFD2F96 ] C:\WINDOWS\SYSTEM32\raschap.dll
18:45:34.0546 2760  C:\WINDOWS\SYSTEM32\raschap.dll - ok
18:45:34.0562 2760  [ 249817F51C84D283E96E6B2580D21FFD ] C:\WINDOWS\SYSTEM32\msidle.dll
18:45:34.0562 2760  C:\WINDOWS\SYSTEM32\msidle.dll - ok
18:45:34.0562 2760  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] C:\WINDOWS\SYSTEM32\spoolsv.exe
18:45:34.0562 2760  C:\WINDOWS\SYSTEM32\spoolsv.exe - ok
18:45:34.0578 2760  [ DB66DB626E4882EBEF55F136F12C1829 ] C:\WINDOWS\SYSTEM32\audiosrv.dll
18:45:34.0578 2760  C:\WINDOWS\SYSTEM32\audiosrv.dll - ok
18:45:34.0578 2760  [ 1B5F6923ABB450692E9FE0672C897AED ] C:\WINDOWS\SYSTEM32\powrprof.dll
18:45:34.0578 2760  C:\WINDOWS\SYSTEM32\powrprof.dll - ok
18:45:34.0578 2760  [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] C:\WINDOWS\SYSTEM32\wkssvc.dll
18:45:34.0578 2760  C:\WINDOWS\SYSTEM32\wkssvc.dll - ok
18:45:34.0593 2760  [ 51230212AE7F8159A90F06A7EA30DD8A ] C:\WINDOWS\SYSTEM32\cscui.dll
18:45:34.0593 2760  C:\WINDOWS\SYSTEM32\cscui.dll - ok
18:45:34.0593 2760  [ 2D7ADA0265BECAB304C1DB95248E8610 ] C:\WINDOWS\SYSTEM32\dpcdll.dll
18:45:34.0593 2760  C:\WINDOWS\SYSTEM32\dpcdll.dll - ok
18:45:34.0609 2760  [ B5331F2B6F37C66C29C847F3B94FF900 ] C:\WINDOWS\SYSTEM32\msimg32.dll
18:45:34.0609 2760  C:\WINDOWS\SYSTEM32\msimg32.dll - ok
18:45:34.0609 2760  [ 39B1FFB03C2296323832ACBAE50D2AFF ] C:\WINDOWS\SYSTEM32\userinit.exe
18:45:34.0609 2760  C:\WINDOWS\SYSTEM32\userinit.exe - ok
18:45:34.0609 2760  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
18:45:34.0609 2760  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
18:45:34.0625 2760  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
18:45:34.0625 2760  C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
18:45:34.0625 2760  [ 3B4702155BB2AE9DC00C06A68834BDFA ] C:\WINDOWS\SYSTEM32\midimap.dll
18:45:34.0625 2760  C:\WINDOWS\SYSTEM32\midimap.dll - ok
18:45:34.0640 2760  [ 892F4BC54D486FEB4DF03E4E2ECB14E0 ] C:\WINDOWS\SYSTEM32\msi.dll
18:45:34.0640 2760  C:\WINDOWS\SYSTEM32\msi.dll - ok
18:45:34.0640 2760  [ 6479A184873F7CA797FF0375D711E9A6 ] C:\WINDOWS\SYSTEM32\dbghelp.dll
18:45:34.0640 2760  C:\WINDOWS\SYSTEM32\dbghelp.dll - ok
18:45:34.0640 2760  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
18:45:34.0640 2760  C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
18:45:34.0656 2760  [ 97BD6515465659FF8F3B7BE375B2EA87 ] C:\WINDOWS\explorer.exe
18:45:34.0656 2760  C:\WINDOWS\explorer.exe - ok
18:45:34.0656 2760  [ DAD1CEF1B77539B4EF734A1041CF95ED ] C:\WINDOWS\SYSTEM32\mstask.dll
18:45:34.0656 2760  C:\WINDOWS\SYSTEM32\mstask.dll - ok
18:45:34.0671 2760  [ 0593AB2E8B94E4CD9E9C563597C02C98 ] C:\WINDOWS\SYSTEM32\browseui.dll
18:45:34.0671 2760  C:\WINDOWS\SYSTEM32\browseui.dll - ok
18:45:34.0671 2760  [ 79FFD6DFC74E7FE96B99D67E5B8A435C ] C:\WINDOWS\SYSTEM32\shdocvw.dll
18:45:34.0671 2760  C:\WINDOWS\SYSTEM32\shdocvw.dll - ok
18:45:34.0671 2760  [ E6796D51CED309E46D29C0B787735615 ] C:\WINDOWS\SYSTEM32\themeui.dll
18:45:34.0671 2760  C:\WINDOWS\SYSTEM32\themeui.dll - ok
18:45:34.0687 2760  [ D3AD4F21DD60B4B9BFEB415564A6C308 ] C:\WINDOWS\SYSTEM32\msimtf.dll
18:45:34.0687 2760  C:\WINDOWS\SYSTEM32\msimtf.dll - ok
18:45:34.0687 2760  [ 13510490BEA0997DB625DAA0178CBFCA ] C:\WINDOWS\SYSTEM32\actxprxy.dll
18:45:34.0687 2760  C:\WINDOWS\SYSTEM32\actxprxy.dll - ok
18:45:34.0687 2760  [ A1A688EE56CF3BBD24EDEB815D48E9BA ] C:\WINDOWS\SYSTEM32\linkinfo.dll
18:45:34.0687 2760  C:\WINDOWS\SYSTEM32\linkinfo.dll - ok
18:45:34.0703 2760  [ 385E9AEC6E100DBEBEE5BD1F27A55E1D ] C:\WINDOWS\SYSTEM32\ntshrui.dll
18:45:34.0703 2760  C:\WINDOWS\SYSTEM32\ntshrui.dll - ok
18:45:34.0703 2760  [ B60DDDD2D63CE41CB8C487FCFBB6419E ] C:\Program Files\Internet Explorer\iexplore.exe
18:45:34.0703 2760  C:\Program Files\Internet Explorer\iexplore.exe - ok
18:45:34.0718 2760  [ BCAD4872C35A10ADE58E879664EBDFD1 ] C:\Program Files\VideoLAN\VLC\vlc.exe
18:45:34.0718 2760  C:\Program Files\VideoLAN\VLC\vlc.exe - ok
18:45:34.0718 2760  [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
18:45:34.0718 2760  C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe - ok
18:45:34.0734 2760  [ 6CEA08419C3BD4F68BDAF051AF7993A5 ] C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
18:45:34.0734 2760  C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe - ok
18:45:34.0734 2760  [ 971E0537B7F8CEE87BF083AB603EFDAD ] C:\Documents and Settings\Bobby\Desktop\vlc-0.9.4-win32.exe
18:45:34.0734 2760  C:\Documents and Settings\Bobby\Desktop\vlc-0.9.4-win32.exe - ok
18:45:34.0734 2760  [ DC3126C76C2D8AE142F71B15A5DFD7D1 ] C:\Documents and Settings\Bobby\Desktop\ccsetup304.exe
18:45:34.0734 2760  C:\Documents and Settings\Bobby\Desktop\ccsetup304.exe - ok
18:45:34.0750 2760  [ AD7ADADC77482FCB855B279CA0204E2A ] C:\Program Files\Winamp\winamp.exe
18:45:34.0750 2760  C:\Program Files\Winamp\winamp.exe - ok
18:45:34.0750 2760  [ 077295B004A59A0F1E0D866C5B9E69CB ] C:\WINDOWS\Installer\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}\NewShortcut4_A7389806D4B24C66908F42D6EB015DF1.exe
18:45:34.0750 2760  C:\WINDOWS\Installer\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}\NewShortcut4_A7389806D4B24C66908F42D6EB015DF1.exe - ok
18:45:34.0765 2760  [ 339DFA98DDDA7DDF735CE21C82E6F1DD ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
18:45:34.0765 2760  C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe - ok
18:45:34.0765 2760  [ 24232996A38C0B0CF151C2140AE29FC8 ] C:\WINDOWS\SYSTEM32\ctfmon.exe
18:45:34.0765 2760  C:\WINDOWS\SYSTEM32\ctfmon.exe - ok
18:45:34.0765 2760  [ 32A71F37940DE5997FBB8F7BF76BD246 ] C:\WINDOWS\SYSTEM32\verclsid.exe
18:45:34.0765 2760  C:\WINDOWS\SYSTEM32\verclsid.exe - ok
18:45:34.0781 2760  [ F34D53BF00C241726DB61BAD23A2233E ] C:\WINDOWS\Installer\{29ED20C9-5E15-4969-9279-25BF3727A3DA}\iTunesIco.exe
18:45:34.0781 2760  C:\WINDOWS\Installer\{29ED20C9-5E15-4969-9279-25BF3727A3DA}\iTunesIco.exe - ok
18:45:34.0781 2760  [ 92DB2B52CBF460D65EDA9C347A4E9A63 ] C:\Program Files\Belarc\Advisor\BelarcAdvisor.exe
18:45:34.0781 2760  C:\Program Files\Belarc\Advisor\BelarcAdvisor.exe - ok
18:45:34.0796 2760  [ F3F709C2D49DD6636F4EDE5C2CAE5448 ] C:\Program Files\eMule\emule.exe
18:45:34.0796 2760  C:\Program Files\eMule\emule.exe - ok
18:45:34.0796 2760  [ BBC96DD339F91956ADBD3312EA853516 ] C:\Program Files\CCleaner\CCleaner.exe
18:45:34.0796 2760  C:\Program Files\CCleaner\CCleaner.exe - ok
18:45:34.0796 2760  [ F02764D2E8C5DBE24446033177429281 ] C:\Program Files\Amazon\Utilities\Amazon Music Importer\Amazon Music Importer.exe
18:45:34.0796 2760  C:\Program Files\Amazon\Utilities\Amazon Music Importer\Amazon Music Importer.exe - ok
18:45:34.0812 2760  [ DD6D5ABAD9B8C13CEDA4752370BA982C ] C:\WINDOWS\SYSTEM32\mydocs.dll
18:45:34.0812 2760  C:\WINDOWS\SYSTEM32\mydocs.dll - ok
18:45:34.0812 2760  [ 1ECB753D7CEEC8F5A94C9781CA64EC44 ] C:\WINDOWS\SYSTEM32\credui.dll
18:45:34.0812 2760  C:\WINDOWS\SYSTEM32\credui.dll - ok
18:45:34.0828 2760  [ 0046BA5C2F1965EF95E1FB178E66E4E7 ] C:\WINDOWS\SYSTEM32\moricons.dll
18:45:34.0828 2760  C:\WINDOWS\SYSTEM32\moricons.dll - ok
18:45:34.0828 2760  [ 314C76642049DD4E9B964BC333A620B1 ] C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
18:45:34.0828 2760  C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe - ok
18:45:34.0828 2760  [ 3A6AD7329B7F4DB36098F321D3756492 ] C:\Program Files\Adobe\PhotoDeluxe Home Edition 4.0\PD4.exe
18:45:34.0828 2760  C:\Program Files\Adobe\PhotoDeluxe Home Edition 4.0\PD4.exe - ok
18:45:34.0843 2760  [ BF52A4D4EB4CFB3109667E429B93E21A ] C:\WINDOWS\SYSTEM32\netshell.dll
18:45:34.0843 2760  C:\WINDOWS\SYSTEM32\netshell.dll - ok
18:45:34.0843 2760  [ 0AEE5668EB59912F32FF245BFA72465F ] C:\Program Files\QuickTime\QTTask.exe
18:45:34.0843 2760  C:\Program Files\QuickTime\QTTask.exe - ok
18:45:34.0859 2760  [ 9EEA0CA999A33C9D2EABE82E4C624CC3 ] C:\WINDOWS\SYSTEM32\msutb.dll
18:45:34.0859 2760  C:\WINDOWS\SYSTEM32\msutb.dll - ok
18:45:34.0859 2760  [ 3B85D88EC7C263084CA39CA9129A8453 ] C:\Documents and Settings\Bobby\Local Settings\Application Data\Updater26766\Updater26766.exe
18:45:34.0859 2760  C:\Documents and Settings\Bobby\Local Settings\Application Data\Updater26766\Updater26766.exe - ok
18:45:34.0875 2760  [ D024D07F9F51C647F3527EA72BA5328C ] C:\Program Files\Winamp Detect\UninstWaDetect.exe
18:45:34.0875 2760  C:\Program Files\Winamp Detect\UninstWaDetect.exe - ok
18:45:34.0875 2760  [ 4038EE8AC13C15A067536D292A93D697 ] C:\WINDOWS\IME\sptip.dll
18:45:34.0875 2760  C:\WINDOWS\IME\sptip.dll - ok
18:45:34.0875 2760  [ CB4C9A6B1353167578B813DE929B7161 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
18:45:34.0875 2760  C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
18:45:34.0890 2760  [ CA1779E22072B6C53E51F548D6B0BA45 ] C:\Program Files\Adobe\PhotoDeluxe Home Edition 4.0\Registration\AdobeReg32.exe
18:45:34.0890 2760  C:\Program Files\Adobe\PhotoDeluxe Home Edition 4.0\Registration\AdobeReg32.exe - ok
18:45:34.0890 2760  [ 6CEA08419C3BD4F68BDAF051AF7993A5 ] C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
18:45:34.0890 2760  C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe - ok
18:45:34.0906 2760  [ 515E4684008E955DE0C81E6A7AEA1C2A ] C:\WINDOWS\IsUninst.exe
18:45:34.0906 2760  C:\WINDOWS\IsUninst.exe - ok
18:45:34.0906 2760  [ 6CEA08419C3BD4F68BDAF051AF7993A5 ] C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
18:45:34.0906 2760  C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe - ok
18:45:34.0906 2760  [ 6CEA08419C3BD4F68BDAF051AF7993A5 ] C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
18:45:34.0906 2760  C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe - ok
18:45:34.0921 2760  [ 0346DA24DE3C85909717D5997510A31F ] C:\WINDOWS\SYSTEM32\mlang.dll
18:45:34.0921 2760  C:\WINDOWS\SYSTEM32\mlang.dll - ok
18:45:34.0921 2760  [ 3287AFFC2CB27F5AE72A679221AA2016 ] C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
18:45:34.0921 2760  C:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe - ok
18:45:34.0937 2760  [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] C:\WINDOWS\SYSTEM32\ersvc.dll
18:45:34.0937 2760  C:\WINDOWS\SYSTEM32\ersvc.dll - ok
18:45:34.0937 2760  [ 13D72740963CBA12D9FF76A7F218BCD8 ] C:\WINDOWS\SYSTEM32\wuauserv.dll
18:45:34.0937 2760  C:\WINDOWS\SYSTEM32\wuauserv.dll - ok
18:45:34.0937 2760  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
18:45:34.0937 2760  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
18:45:34.0953 2760  [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
18:45:34.0953 2760  C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe - ok
18:45:34.0953 2760  [ E1AB2AC4A4D50B479DF1B1CEA4A7409B ] C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
18:45:34.0953 2760  C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe - ok
18:45:34.0953 2760  [ 3E5AA6A816FA331E64C38A45C6FF5637 ] C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
18:45:34.0953 2760  C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe - ok
18:45:34.0968 2760  [ 0C14484D312A3ABDCEFFFD9466277268 ] C:\Program Files\LightWork Design\Kazoo Player\Player.exe
18:45:34.0968 2760  C:\Program Files\LightWork Design\Kazoo Player\Player.exe - ok
18:45:34.0968 2760  [ 7E2CF680C69680064D43F4FFE5831DD1 ] C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
18:45:34.0968 2760  C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe - ok
18:45:34.0984 2760  [ FF6669F7A1782D54E338F5C6EC806E1E ] C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
18:45:34.0984 2760  C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe - ok
18:45:34.0984 2760  [ A337B2417324571CE20E4A48FAEC4DE8 ] C:\WINDOWS\Installer\{0D2E80C8-0875-43EB-9623-47118E2DFBCA}\NewShortcut7_E715633012F6421883A4BCE59058C2A8.exe
18:45:34.0984 2760  C:\WINDOWS\Installer\{0D2E80C8-0875-43EB-9623-47118E2DFBCA}\NewShortcut7_E715633012F6421883A4BCE59058C2A8.exe - ok
18:45:35.0000 2760  [ F956D8B5D14FF304B023687379E72CEF ] C:\WINDOWS\Installer\{0D2E80C8-0875-43EB-9623-47118E2DFBCA}\QuickenOLBackupLaunc_0D2E80C8087543EB962347118E2DFBCA.exe
18:45:35.0000 2760  C:\WINDOWS\Installer\{0D2E80C8-0875-43EB-9623-47118E2DFBCA}\QuickenOLBackupLaunc_0D2E80C8087543EB962347118E2DFBCA.exe - ok
18:45:35.0000 2760  [ BB4AD1CE37EF839C56FCAC7EB5BEB077 ] C:\WINDOWS\Installer\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}\New_Shortcut_9D55BA3AEE02449A908F666ADAD566F4.exe
18:45:35.0000 2760  C:\WINDOWS\Installer\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}\New_Shortcut_9D55BA3AEE02449A908F666ADAD566F4.exe - ok
18:45:35.0000 2760  [ 8827911A8C37E40C027CBFC88E69D967 ] C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:45:35.0000 2760  C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll - ok
18:45:35.0015 2760  [ 3AB4213BF48F9062E087B909832AA8E6 ] C:\WINDOWS\SYSTEM32\uniplat.dll
18:45:35.0015 2760  C:\WINDOWS\SYSTEM32\uniplat.dll - ok
18:45:35.0015 2760  [ C0F4A57BA5E09A28AE3D2F67ED219EEA ] C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
18:45:35.0015 2760  C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe - ok
18:45:35.0031 2760  [ 4E6EEEA8EB9302D604603D4758C05E75 ] C:\WINDOWS\SYSTEM32\batmeter.dll
18:45:35.0031 2760  C:\WINDOWS\SYSTEM32\batmeter.dll - ok
18:45:35.0031 2760  [ 19715A9A573DAD2521348ABC74266A48 ] C:\WINDOWS\SYSTEM32\HPZinw12.dll
18:45:35.0031 2760  C:\WINDOWS\SYSTEM32\HPZinw12.dll - ok
18:45:35.0031 2760  [ C5EF2A4F6CB968B3119B43F43C64A1A6 ] C:\WINDOWS\SYSTEM32\ntlsapi.dll
18:45:35.0031 2760  C:\WINDOWS\SYSTEM32\ntlsapi.dll - ok
18:45:35.0046 2760  [ 265F534EF76832435AFBF771EC97176D ] C:\WINDOWS\SYSTEM32\webclnt.dll
18:45:35.0046 2760  C:\WINDOWS\SYSTEM32\webclnt.dll - ok
18:45:35.0046 2760  [ 53AF9F2B2CE4B6EFF41C70417359D010 ] C:\WINDOWS\SYSTEM32\wsock32.dll
18:45:35.0046 2760  C:\WINDOWS\SYSTEM32\wsock32.dll - ok
18:45:35.0062 2760  [ E0FF38D8C01B52F8AF07B43FCA182A5F ] C:\WINDOWS\Installer\{B014EE44-9197-4513-9613-71E6EB1B514E}\NewShortcut1_205DE669FE4D464586AB7C8893422164.exe
18:45:35.0062 2760  C:\WINDOWS\Installer\{B014EE44-9197-4513-9613-71E6EB1B514E}\NewShortcut1_205DE669FE4D464586AB7C8893422164.exe - ok
18:45:35.0062 2760  [ 2B2F31E3F2CE3723C1B0F3700C8BE28B ] C:\WINDOWS\SYSTEM32\winipsec.dll
18:45:35.0062 2760  C:\WINDOWS\SYSTEM32\winipsec.dll - ok
18:45:35.0062 2760  [ 84A5644AE4731202A4A02E6342D29BA6 ] C:\WINDOWS\SYSTEM32\netrap.dll
18:45:35.0062 2760  C:\WINDOWS\SYSTEM32\netrap.dll - ok
18:45:35.0078 2760  [ 306B30A036DB25FCB76B507FEDE07D58 ] C:\WINDOWS\SYSTEM32\pstorsvc.dll
18:45:35.0078 2760  C:\WINDOWS\SYSTEM32\pstorsvc.dll - ok
18:45:35.0078 2760  [ 077295B004A59A0F1E0D866C5B9E69CB ] C:\WINDOWS\Installer\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}\NewShortcut1_6B19358FC53642B4B5387EF0F1E8B7DD.exe
18:45:35.0078 2760  C:\WINDOWS\Installer\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}\NewShortcut1_6B19358FC53642B4B5387EF0F1E8B7DD.exe - ok
18:45:35.0093 2760  [ 37E7DB460A5315E4609B212C6C014527 ] C:\WINDOWS\SYSTEM32\icaapi.dll
18:45:35.0093 2760  C:\WINDOWS\SYSTEM32\icaapi.dll - ok
18:45:35.0093 2760  [ B1E0CE09895376871746F36DC5773B4F ] C:\WINDOWS\SYSTEM32\seclogon.dll
18:45:35.0093 2760  C:\WINDOWS\SYSTEM32\seclogon.dll - ok
18:45:35.0109 2760  [ DFD9870CF39C791D86C4C209DA9FA919 ] C:\WINDOWS\SYSTEM32\sens.dll
18:45:35.0109 2760  C:\WINDOWS\SYSTEM32\sens.dll - ok
18:45:35.0109 2760  [ 1352FA031B19D2328A5B987BDDF481B5 ] C:\Program Files\Winamp\UninstWA.exe
18:45:35.0109 2760  C:\Program Files\Winamp\UninstWA.exe - ok
18:45:35.0109 2760  [ 10654F9DDCEA9C46CFB77554231BE73B ] C:\WINDOWS\SYSTEM32\cryptsvc.dll
18:45:35.0109 2760  C:\WINDOWS\SYSTEM32\cryptsvc.dll - ok
18:45:35.0125 2760  [ C44BC10BA73575C91FF50CDAF4D8E370 ] C:\WINDOWS\SYSTEM32\pjlmon.dll
18:45:35.0125 2760  C:\WINDOWS\SYSTEM32\pjlmon.dll - ok
18:45:35.0125 2760  [ 670709F5BC284AABF4E1B603FA1B3095 ] C:\WINDOWS\SYSTEM32\ie4uinit.exe
18:45:35.0125 2760  C:\WINDOWS\SYSTEM32\ie4uinit.exe - ok
18:45:35.0140 2760  [ B36CD3F2ECA751C0CA8B8868BD1C5449 ] C:\WINDOWS\SYSTEM32\HPZipm12.dll
18:45:35.0140 2760  C:\WINDOWS\SYSTEM32\HPZipm12.dll - ok
18:45:35.0140 2760  [ 0FCB11B39AF688035E1CDE754684EE5C ] C:\WINDOWS\SYSTEM32\cfgmgr32.dll
18:45:35.0140 2760  C:\WINDOWS\SYSTEM32\cfgmgr32.dll - ok
18:45:35.0140 2760  [ 9CC834BDDFFD69FFBF3C58408C4E47B3 ] C:\WINDOWS\SYSTEM32\fxsevent.dll
18:45:35.0140 2760  C:\WINDOWS\SYSTEM32\fxsevent.dll - ok
18:45:35.0156 2760  [ AB0A7CA90D9E3D6A193905DC1715DED0 ] C:\WINDOWS\SYSTEM32\wdfmgr.exe
18:45:35.0156 2760  C:\WINDOWS\SYSTEM32\wdfmgr.exe - ok
18:45:35.0156 2760  [ AD44C5BC21213F394F6AFCB55CC39293 ] C:\WINDOWS\SYSTEM32\certcli.dll
18:45:35.0156 2760  C:\WINDOWS\SYSTEM32\certcli.dll - ok
18:45:35.0171 2760  [ 60D1A6342238378BFB7545C81EE3606C ] C:\WINDOWS\SYSTEM32\es.dll
18:45:35.0171 2760  C:\WINDOWS\SYSTEM32\es.dll - ok
18:45:35.0171 2760  [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] C:\WINDOWS\SYSTEM32\srvsvc.dll
18:45:35.0171 2760  C:\WINDOWS\SYSTEM32\srvsvc.dll - ok
18:45:35.0171 2760  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:45:35.0171 2760  C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
18:45:35.0187 2760  [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
18:45:35.0187 2760  C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
18:45:35.0187 2760  [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
18:45:35.0187 2760  C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
18:45:35.0203 2760  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:45:35.0203 2760  C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
18:45:35.0203 2760  [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
18:45:35.0203 2760  C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
18:45:35.0203 2760  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\SYSTEM32\webcheck.dll
18:45:35.0203 2760  C:\WINDOWS\SYSTEM32\webcheck.dll - ok
18:45:35.0218 2760  [ 7B9F149AC69B67D235829DB601F1C526 ] C:\WINDOWS\SYSTEM32\nvsvc32.exe
18:45:35.0218 2760  C:\WINDOWS\SYSTEM32\nvsvc32.exe - ok
18:45:35.0218 2760  [ 297101A925ECFFDCDF7F6341FFBB6C1A ] C:\WINDOWS\SYSTEM32\stobject.dll
18:45:35.0218 2760  C:\WINDOWS\SYSTEM32\stobject.dll - ok
18:45:35.0234 2760  [ FD9E668664E8E398F046159964C4077E ] C:\WINDOWS\SYSTEM32\nvcpl.dll
18:45:35.0234 2760  C:\WINDOWS\SYSTEM32\nvcpl.dll - ok
18:45:35.0234 2760  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] C:\WINDOWS\SYSTEM32\DRIVERS\HPZid412.sys
18:45:35.0234 2760  C:\WINDOWS\SYSTEM32\DRIVERS\HPZid412.sys - ok
18:45:35.0234 2760  [ D1E299962B5956005113EC4AB1E0D9B7 ] C:\WINDOWS\SYSTEM32\ipsecsvc.dll
18:45:35.0234 2760  C:\WINDOWS\SYSTEM32\ipsecsvc.dll - ok
18:45:35.0250 2760  [ E7E39B9152E6C27E5F608574EA6C5A52 ] C:\WINDOWS\SYSTEM32\oakley.dll
18:45:35.0250 2760  C:\WINDOWS\SYSTEM32\oakley.dll - ok
18:45:35.0250 2760  [ 4D3CCDF22D2B4BAE229BA73B81D13E26 ] C:\WINDOWS\SYSTEM32\psbase.dll
18:45:35.0250 2760  C:\WINDOWS\SYSTEM32\psbase.dll - ok
18:45:35.0265 2760  [ CACD2C63A79268D131EA37E85524CC44 ] C:\WINDOWS\SYSTEM32\dssenh.dll
18:45:35.0265 2760  C:\WINDOWS\SYSTEM32\dssenh.dll - ok
18:45:35.0265 2760  [ 92BDF74F12D6CBEC43C94D4B7F804838 ] C:\WINDOWS\SYSTEM32\srsvc.dll
18:45:35.0265 2760  C:\WINDOWS\SYSTEM32\srsvc.dll - ok
18:45:35.0265 2760  [ 6D9AC544B30F96C57F8206566C1FB6A1 ] C:\WINDOWS\SYSTEM32\trkwks.dll
18:45:35.0265 2760  C:\WINDOWS\SYSTEM32\trkwks.dll - ok
18:45:35.0281 2760  [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] C:\WINDOWS\SYSTEM32\wiaservc.dll
18:45:35.0281 2760  C:\WINDOWS\SYSTEM32\wiaservc.dll - ok
18:45:35.0281 2760  [ FB78839B36025AA286A51289ED28B73E ] C:\WINDOWS\SYSTEM32\tapisrv.dll
18:45:35.0281 2760  C:\WINDOWS\SYSTEM32\tapisrv.dll - ok
18:45:35.0296 2760  [ 4ED87C9C1F9EA9FC68C2E22C3A2DB286 ] C:\WINDOWS\SYSTEM32\mscms.dll
18:45:35.0296 2760  C:\WINDOWS\SYSTEM32\mscms.dll - ok
18:45:35.0296 2760  [ FCBD571FA0EE8DC238944AE5FAB74461 ] C:\WINDOWS\SYSTEM32\fxssvc.exe
18:45:35.0296 2760  C:\WINDOWS\SYSTEM32\fxssvc.exe - ok
18:45:35.0296 2760  [ BB12027B8CA0EF11E094CB8AD911ADDD ] C:\WINDOWS\SYSTEM32\fxstiff.dll
18:45:35.0296 2760  C:\WINDOWS\SYSTEM32\fxstiff.dll - ok
18:45:35.0312 2760  [ D4DB912260F0CE3D10B20F3A24BAA14F ] C:\WINDOWS\SYSTEM32\fxsapi.dll
18:45:35.0312 2760  C:\WINDOWS\SYSTEM32\fxsapi.dll - ok
18:45:35.0312 2760  [ 79DABB124D00ADF19852AE879C201890 ] C:\WINDOWS\SYSTEM32\vssapi.dll
18:45:35.0312 2760  C:\WINDOWS\SYSTEM32\vssapi.dll - ok
18:45:35.0328 2760  [ F399242A80C4066FD155EFA4CF96658E ] C:\WINDOWS\SYSTEM32\WBEM\wmisvc.dll
18:45:35.0328 2760  C:\WINDOWS\SYSTEM32\WBEM\wmisvc.dll - ok
18:45:35.0328 2760  [ 6298277B73C77FA99106B271A7525163 ] C:\WINDOWS\SYSTEM32\wuaueng.dll
18:45:35.0328 2760  C:\WINDOWS\SYSTEM32\wuaueng.dll - ok
18:45:35.0328 2760  [ DCE3C277C4C9ADBC11850DBC4AD131B3 ] C:\WINDOWS\SYSTEM32\winhttp.dll
18:45:35.0328 2760  C:\WINDOWS\SYSTEM32\winhttp.dll - ok
18:45:35.0343 2760  [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] C:\WINDOWS\SYSTEM32\browser.dll
18:45:35.0343 2760  C:\WINDOWS\SYSTEM32\browser.dll - ok
18:45:35.0343 2760  [ 08F0190AE201EC331B4CA3B0FA2D2CCE ] C:\WINDOWS\SYSTEM32\cabinet.dll
18:45:35.0343 2760  C:\WINDOWS\SYSTEM32\cabinet.dll - ok
18:45:35.0359 2760  [ 633C197292B4051D986903827DE561A3 ] C:\WINDOWS\SYSTEM32\mspatcha.dll
18:45:35.0359 2760  C:\WINDOWS\SYSTEM32\mspatcha.dll - ok
18:45:35.0359 2760  [ 87B85BC1E1F6E0228876204A20A9C24C ] C:\WINDOWS\SYSTEM32\spoolss.dll
18:45:35.0359 2760  C:\WINDOWS\SYSTEM32\spoolss.dll - ok
18:45:35.0359 2760  [ E3AE8DC04643850D2DFD431443558B28 ] C:\WINDOWS\SYSTEM32\netcfgx.dll
18:45:35.0359 2760  C:\WINDOWS\SYSTEM32\netcfgx.dll - ok
18:45:35.0375 2760  [ 49B5EED5FB89D39456A2F616CCD8BA5D ] C:\WINDOWS\SYSTEM32\rasmans.dll
18:45:35.0375 2760  C:\WINDOWS\SYSTEM32\rasmans.dll - ok
18:45:35.0375 2760  [ 98C1FF6676E02D43DA208802286A6EE7 ] C:\WINDOWS\SYSTEM32\clusapi.dll
18:45:35.0375 2760  C:\WINDOWS\SYSTEM32\clusapi.dll - ok
18:45:35.0390 2760  [ 7853D2AB445C10F97610B2B05FA4CF0A ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
18:45:35.0390 2760  C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
18:45:35.0390 2760  [ 4D59DAA66C60858CDF4F67A900F42D4A ] C:\WINDOWS\SYSTEM32\wscsvc.dll
18:45:35.0390 2760  C:\WINDOWS\SYSTEM32\wscsvc.dll - ok
18:45:35.0390 2760  [ 75DEB92422D955373825A11F9F74EC6A ] C:\WINDOWS\SYSTEM32\comsvcs.dll
18:45:35.0390 2760  C:\WINDOWS\SYSTEM32\comsvcs.dll - ok
18:45:35.0406 2760  [ 01A04FB59E76697C9171B6327274D371 ] C:\WINDOWS\SYSTEM32\colbact.dll
18:45:35.0406 2760  C:\WINDOWS\SYSTEM32\colbact.dll - ok
18:45:35.0406 2760  [ 99F43B9B76C88ACEAD42FE84744F8C87 ] C:\WINDOWS\SYSTEM32\mtxclu.dll
18:45:35.0406 2760  C:\WINDOWS\SYSTEM32\mtxclu.dll - ok
18:45:35.0421 2760  [ 2738C8A33FF07DD3C99C7C8F0A85DA72 ] C:\WINDOWS\SYSTEM32\resutils.dll
18:45:35.0421 2760  C:\WINDOWS\SYSTEM32\resutils.dll - ok
18:45:35.0421 2760  [ 4E39C36213E95FB971A61A247BDE2F61 ] C:\WINDOWS\SYSTEM32\WBEM\wbemcomn.dll
18:45:35.0421 2760  C:\WINDOWS\SYSTEM32\WBEM\wbemcomn.dll - ok
18:45:35.0421 2760  [ 851547797C2A7F8A04841644C471A567 ] C:\WINDOWS\SYSTEM32\WBEM\wbemprox.dll
18:45:35.0421 2760  C:\WINDOWS\SYSTEM32\WBEM\wbemprox.dll - ok
18:45:35.0437 2760  [ 1D326842006C4BE77ECD848CF89F01AB ] C:\WINDOWS\SYSTEM32\wups.dll
18:45:35.0437 2760  C:\WINDOWS\SYSTEM32\wups.dll - ok
18:45:35.0437 2760  [ 5BD1234E11B39C63BBA87022AF6D43C2 ] C:\WINDOWS\SYSTEM32\wups2.dll
18:45:35.0437 2760  C:\WINDOWS\SYSTEM32\wups2.dll - ok
18:45:35.0437 2760  [ 36360B625D7290BBA2CD03AD4975E1BC ] C:\WINDOWS\SYSTEM32\WBEM\wbemcore.dll
18:45:35.0437 2760  C:\WINDOWS\SYSTEM32\WBEM\wbemcore.dll - ok
18:45:35.0453 2760  [ DE578E4E6844954823FC7688625F00C8 ] C:\WINDOWS\SYSTEM32\WBEM\esscli.dll
18:45:35.0453 2760  C:\WINDOWS\SYSTEM32\WBEM\esscli.dll - ok
18:45:35.0453 2760  [ 950DF6295D3C6B5F2D508DCB1B275B87 ] C:\WINDOWS\SYSTEM32\WBEM\fastprox.dll
18:45:35.0453 2760  C:\WINDOWS\SYSTEM32\WBEM\fastprox.dll - ok
18:45:35.0468 2760  [ 7D676AC8CC19341117C77C261647BA07 ] C:\WINDOWS\SYSTEM32\WBEM\wbemsvc.dll
18:45:35.0468 2760  C:\WINDOWS\SYSTEM32\WBEM\wbemsvc.dll - ok
18:45:35.0468 2760  [ 2E632F071817AD3758C386571CBD9858 ] C:\WINDOWS\SYSTEM32\localspl.dll
18:45:35.0468 2760  C:\WINDOWS\SYSTEM32\localspl.dll - ok
18:45:35.0484 2760  [ 1D536BEBC30DD8D0D3B6FF3B0CD2D32B ] C:\WINDOWS\SYSTEM32\rastapi.dll
18:45:35.0484 2760  C:\WINDOWS\SYSTEM32\rastapi.dll - ok
18:45:35.0484 2760  [ 0A1161DB4FCCF7821736C70D70A0F5A3 ] C:\WINDOWS\SYSTEM32\WBEM\wmiutils.dll
18:45:35.0484 2760  C:\WINDOWS\SYSTEM32\WBEM\wmiutils.dll - ok
18:45:35.0484 2760  [ 9A66728EFE501D855D0FFE3DE023CE32 ] C:\WINDOWS\SYSTEM32\WBEM\repdrvfs.dll
18:45:35.0484 2760  C:\WINDOWS\SYSTEM32\WBEM\repdrvfs.dll - ok
18:45:35.0500 2760  [ 7105749E78925FDFFD078DD54A8C2B70 ] C:\WINDOWS\SYSTEM32\cnbjmon.dll
18:45:35.0500 2760  C:\WINDOWS\SYSTEM32\cnbjmon.dll - ok
18:45:35.0500 2760  [ 3183BFA7BDF50662F9094BC720EB7AF9 ] C:\WINDOWS\SYSTEM32\hpzll5ha.dll
18:45:35.0500 2760  C:\WINDOWS\SYSTEM32\hpzll5ha.dll - ok
18:45:35.0515 2760  [ B308A9E18079A73E7AD135DCA06703AD ] C:\WINDOWS\SYSTEM32\KPDLM.dll
18:45:35.0515 2760  C:\WINDOWS\SYSTEM32\KPDLM.dll - ok
18:45:35.0515 2760  [ 80B1AA84CD23724C284AD5988F208EB3 ] C:\WINDOWS\SYSTEM32\WBEM\wmiprvsd.dll
18:45:35.0515 2760  C:\WINDOWS\SYSTEM32\WBEM\wmiprvsd.dll - ok
18:45:35.0515 2760  [ 6708E1DDF12CAB2D5B5A2B66B76E0038 ] C:\WINDOWS\SYSTEM32\WBEM\wbemess.dll
18:45:35.0515 2760  C:\WINDOWS\SYSTEM32\WBEM\wbemess.dll - ok
18:45:35.0531 2760  [ 62BB79160F86CD962F312C68C6239BFD ] C:\WINDOWS\SYSTEM32\wuauclt.exe
18:45:35.0531 2760  C:\WINDOWS\SYSTEM32\wuauclt.exe - ok
18:45:35.0531 2760  [ F517BD3B95FB375B42AEDBB386615392 ] C:\WINDOWS\SYSTEM32\fxsmon.dll
18:45:35.0531 2760  C:\WINDOWS\SYSTEM32\fxsmon.dll - ok
18:45:35.0546 2760  [ BE3CD116130174657EAD2731AB3DAA5D ] C:\WINDOWS\SYSTEM32\hpz3l5ha.dll
18:45:35.0546 2760  C:\WINDOWS\SYSTEM32\hpz3l5ha.dll - ok
18:45:35.0546 2760  [ B9B3F6D8B8F1E0029C58B304632A729B ] C:\WINDOWS\SYSTEM32\msonpmon.dll
18:45:35.0546 2760  C:\WINDOWS\SYSTEM32\msonpmon.dll - ok
18:45:35.0546 2760  [ A3F853629F7F2537157EA6EA9857EA56 ] C:\WINDOWS\SYSTEM32\tcpmon.dll
18:45:35.0546 2760  C:\WINDOWS\SYSTEM32\tcpmon.dll - ok
18:45:35.0562 2760  [ 242D07D7FC72AD897944BFF932D57C3C ] C:\WINDOWS\SYSTEM32\usbmon.dll
18:45:35.0562 2760  C:\WINDOWS\SYSTEM32\usbmon.dll - ok
18:45:35.0562 2760  [ 009758CC06B7F55B4A4D16A66E243C24 ] C:\WINDOWS\SYSTEM32\wuapi.dll
18:45:35.0562 2760  C:\WINDOWS\SYSTEM32\wuapi.dll - ok
18:45:35.0578 2760  [ 75BF87E542C1368DBD6768AE6E6ED507 ] C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\hpzpp5ha.dll
18:45:35.0578 2760  C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\hpzpp5ha.dll - ok
18:45:35.0578 2760  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\filterpipelineprintproc.dll
18:45:35.0578 2760  C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\filterpipelineprintproc.dll - ok
18:45:35.0578 2760  [ F348280907B38FDBDB3CEF55D456E149 ] C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\msonpppr.dll
18:45:35.0578 2760  C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\msonpppr.dll - ok
18:45:35.0593 2760  [ A1C10F87248529173F39F4B4734DF14B ] C:\WINDOWS\SYSTEM32\win32spl.dll
18:45:35.0593 2760  C:\WINDOWS\SYSTEM32\win32spl.dll - ok
18:45:35.0593 2760  [ 645DC85B5C933F32852402725F7315F2 ] C:\WINDOWS\SYSTEM32\fxst30.dll
18:45:35.0593 2760  C:\WINDOWS\SYSTEM32\fxst30.dll - ok
18:45:35.0609 2760  [ F14A6BD840E4D7CD4C0535CB3CEF2887 ] C:\WINDOWS\SYSTEM32\inetpp.dll
18:45:35.0609 2760  C:\WINDOWS\SYSTEM32\inetpp.dll - ok
18:45:35.0609 2760  [ 7C8F371C924DAA376217E553378275BA ] C:\WINDOWS\SYSTEM32\shfolder.dll
18:45:35.0609 2760  C:\WINDOWS\SYSTEM32\shfolder.dll - ok
18:45:35.0609 2760  [ 2D583E2844FDD592D1629EB6B10E5702 ] C:\WINDOWS\SYSTEM32\fxsroute.dll
18:45:35.0609 2760  C:\WINDOWS\SYSTEM32\fxsroute.dll - ok
18:45:35.0625 2760  [ 6AE613FFF9F9DFEE552652662BFABE41 ] C:\WINDOWS\SYSTEM32\WBEM\ncprov.dll
18:45:35.0625 2760  C:\WINDOWS\SYSTEM32\WBEM\ncprov.dll - ok
18:45:35.0625 2760  [ 5EB4B3A7F2F736DF61206982A8A1F694 ] C:\WINDOWS\SYSTEM32\modemui.dll
18:45:35.0625 2760  C:\WINDOWS\SYSTEM32\modemui.dll - ok
18:45:35.0640 2760  [ 2DBFBD419C332E4361E35528E611B0A0 ] C:\WINDOWS\SYSTEM32\unimdmat.dll
18:45:35.0640 2760  C:\WINDOWS\SYSTEM32\unimdmat.dll - ok
18:45:35.0640 2760  [ 18AFEE0EDE045B6255408D634372DC29 ] C:\WINDOWS\SYSTEM32\hid.dll
18:45:35.0640 2760  C:\WINDOWS\SYSTEM32\hid.dll - ok
18:45:35.0640 2760  [ 1F0A071307EFEA578B61EE1DB7ADD3A4 ] C:\WINDOWS\SYSTEM32\mdminst.dll
18:45:35.0640 2760  C:\WINDOWS\SYSTEM32\mdminst.dll - ok
18:45:35.0656 2760  [ 36CC8C01B5E50163037BEF56CB96DEFF ] C:\WINDOWS\SYSTEM32\ipnathlp.dll
18:45:35.0656 2760  C:\WINDOWS\SYSTEM32\ipnathlp.dll - ok
18:45:35.0656 2760  [ 04ECEC0447F79419AD25227205B8277D ] C:\WINDOWS\SYSTEM32\rasppp.dll
18:45:35.0656 2760  C:\WINDOWS\SYSTEM32\rasppp.dll - ok
18:45:35.0671 2760  [ FC160ACE21C81837692B339D230DD4BE ] C:\WINDOWS\SYSTEM32\taskmgr.exe
18:45:35.0671 2760  C:\WINDOWS\SYSTEM32\taskmgr.exe - ok
18:45:35.0671 2760  [ D18D28CEF9FEA09359C7DE7BE3669F66 ] C:\WINDOWS\SYSTEM32\WBEM\wbemcons.dll
18:45:35.0671 2760  C:\WINDOWS\SYSTEM32\WBEM\wbemcons.dll - ok
18:45:35.0671 2760  [ FA788520BCAC0F5D9D5CDE5615C0D931 ] C:\WINDOWS\SYSTEM32\imapi.exe
18:45:35.0671 2760  C:\WINDOWS\SYSTEM32\imapi.exe - ok
18:45:35.0687 2760  [ B60C877D16D9C880B952FDA04ADF16E6 ] C:\WINDOWS\SYSTEM32\termsrv.dll
18:45:35.0687 2760  C:\WINDOWS\SYSTEM32\termsrv.dll - ok
18:45:35.0687 2760  [ F5EE7CACD1784241F138A5E55B715897 ] C:\WINDOWS\SYSTEM32\mstlsapi.dll
18:45:35.0687 2760  C:\WINDOWS\SYSTEM32\mstlsapi.dll - ok
18:45:35.0687 2760  [ 36739B39267914BA69AD0610A0299732 ] C:\WINDOWS\SYSTEM32\netman.dll
18:45:35.0703 2760  C:\WINDOWS\SYSTEM32\netman.dll - ok
18:45:35.0703 2760  [ E7F6CD0194DCF6EA6AAD87C6406496D3 ] C:\WINDOWS\SYSTEM32\vdmdbg.dll
18:45:35.0703 2760  C:\WINDOWS\SYSTEM32\vdmdbg.dll - ok
18:45:35.0703 2760  [ 5B8DFA748FA4845BC04445A30126F2E9 ] C:\WINDOWS\SYSTEM32\ssdpapi.dll
18:45:35.0703 2760  C:\WINDOWS\SYSTEM32\ssdpapi.dll - ok
18:45:35.0718 2760  [ 339089D6C3FC3BC5CED8D9049C4D2101 ] C:\WINDOWS\SYSTEM32\upnp.dll
18:45:35.0718 2760  C:\WINDOWS\SYSTEM32\upnp.dll - ok
18:45:35.0718 2760  [ 9A9BBC71D0EBCD400A33ABCD5F0AB39C ] C:\WINDOWS\SYSTEM32\wzcsapi.dll
18:45:35.0718 2760  C:\WINDOWS\SYSTEM32\wzcsapi.dll - ok
18:45:35.0734 2760  [ 047CD344AC7B76BA3C224FAE1A4627C9 ] C:\WINDOWS\SYSTEM32\WgaTray.exe
18:45:35.0734 2760  C:\WINDOWS\SYSTEM32\WgaTray.exe - ok
18:45:35.0734 2760  [ 49911DD39E023BB6C45E4E436CFBD297 ] C:\WINDOWS\SYSTEM32\wscntfy.exe
18:45:35.0734 2760  C:\WINDOWS\SYSTEM32\wscntfy.exe - ok
18:45:35.0734 2760  [ CAD4AA32E7ECA00C23CC39C0EB833F9D ] C:\WINDOWS\SYSTEM32\cryptnet.dll
18:45:35.0734 2760  C:\WINDOWS\SYSTEM32\cryptnet.dll - ok
18:45:35.0750 2760  [ 6E205319848B8AF2A0DA52B8D63DB91E ] C:\WINDOWS\SYSTEM32\sensapi.dll
18:45:35.0750 2760  C:\WINDOWS\SYSTEM32\sensapi.dll - ok
18:45:35.0750 2760  [ 31FA172657E941E7CB15C5CCFE36A03E ] C:\WINDOWS\SYSTEM32\WBEM\wmiprvse.exe
18:45:35.0750 2760  C:\WINDOWS\SYSTEM32\WBEM\wmiprvse.exe - ok
18:45:35.0765 2760  [ 16DFA0AB483CBC1F382C90ABFCADA947 ] C:\WINDOWS\SYSTEM32\licwmi.dll
18:45:35.0765 2760  C:\WINDOWS\SYSTEM32\licwmi.dll - ok
18:45:35.0765 2760  [ 89DC595A3AB5BE9C506A0F474F6725ED ] C:\WINDOWS\SYSTEM32\msxml6r.dll
18:45:35.0765 2760  C:\WINDOWS\SYSTEM32\msxml6r.dll - ok
18:45:35.0765 2760  [ F1958FBF86D5C004CF19A5951A9514B7 ] C:\WINDOWS\SYSTEM32\alg.exe
18:45:35.0765 2760  C:\WINDOWS\SYSTEM32\alg.exe - ok
18:45:35.0781 2760  [ 4B8D61792F7175BED48859CC18CE4E38 ] C:\WINDOWS\SYSTEM32\ssdpsrv.dll
18:45:35.0781 2760  C:\WINDOWS\SYSTEM32\ssdpsrv.dll - ok
18:45:35.0781 2760  [ 064D8581ADF77C25133E7D751D917D83 ] C:\WINDOWS\SYSTEM32\w3ssl.dll
18:45:35.0781 2760  C:\WINDOWS\SYSTEM32\w3ssl.dll - ok
18:45:35.0796 2760  [ 05CB782F2C7024AA92B1722A926BBD3A ] C:\WINDOWS\SYSTEM32\WBEM\framedyn.dll
18:45:35.0796 2760  C:\WINDOWS\SYSTEM32\WBEM\framedyn.dll - ok
18:45:35.0796 2760  [ 148834E4A69A92A85EB56428862B90D3 ] C:\WINDOWS\SYSTEM32\licdll.dll
18:45:35.0796 2760  C:\WINDOWS\SYSTEM32\licdll.dll - ok
18:45:35.0796 2760  [ 06B81D98A16A3B5DC776AE31148CC556 ] C:\WINDOWS\SYSTEM32\msxml6.dll
18:45:35.0796 2760  C:\WINDOWS\SYSTEM32\msxml6.dll - ok
18:45:35.0812 2760  [ B83DAB6BA597E8079854632909A96DC2 ] C:\WINDOWS\SYSTEM32\WBEM\cimwin32.dll
18:45:35.0812 2760  C:\WINDOWS\SYSTEM32\WBEM\cimwin32.dll - ok
18:45:35.0812 2760  [ BA5D5FD3CCA6F64A429E2E0E1A1A0917 ] C:\WINDOWS\SYSTEM32\rasdlg.dll
18:45:35.0812 2760  C:\WINDOWS\SYSTEM32\rasdlg.dll - ok
18:45:35.0828 2760  [ 634BD178592169D7890B5AC105A8F208 ] C:\WINDOWS\SYSTEM32\fxsst.dll
18:45:35.0828 2760  C:\WINDOWS\SYSTEM32\fxsst.dll - ok
18:45:35.0828 2760  [ 065B2F67EBF71130E9126B161F3740DC ] C:\Program Files\Internet Explorer\xpshims.dll
18:45:35.0828 2760  C:\Program Files\Internet Explorer\xpshims.dll - ok
18:45:35.0828 2760  [ 8D9210E9858D525646251DFA1FE37EBE ] C:\WINDOWS\SYSTEM32\d3d8thk.dll
18:45:35.0828 2760  C:\WINDOWS\SYSTEM32\d3d8thk.dll - ok
18:45:35.0843 2760  [ D0933C7B9763098B16E6BB0B823AE844 ] C:\WINDOWS\SYSTEM32\dciman32.dll
18:45:35.0843 2760  C:\WINDOWS\SYSTEM32\dciman32.dll - ok
18:45:35.0843 2760  [ AD805DA7015D155EF9899F73A1C27753 ] C:\WINDOWS\SYSTEM32\ddrawex.dll
18:45:35.0843 2760  C:\WINDOWS\SYSTEM32\ddrawex.dll - ok
18:45:35.0859 2760  [ DB03982B3E2C045990CACB3F11931519 ] C:\WINDOWS\SYSTEM32\httpapi.dll
18:45:35.0859 2760  C:\WINDOWS\SYSTEM32\httpapi.dll - ok
18:45:35.0859 2760  [ DA23A12845607133ACF1DB3502D4E575 ] C:\WINDOWS\SYSTEM32\msisip.dll
18:45:35.0859 2760  C:\WINDOWS\SYSTEM32\msisip.dll - ok
18:45:35.0859 2760  [ A624930228B698CF5B89F91CAF23A908 ] C:\WINDOWS\SYSTEM32\security.dll
18:45:35.0859 2760  C:\WINDOWS\SYSTEM32\security.dll - ok
18:45:35.0875 2760  [ 375B121A06C6034463AF593F784BE9E9 ] C:\WINDOWS\SYSTEM32\strmfilt.dll
18:45:35.0875 2760  C:\WINDOWS\SYSTEM32\strmfilt.dll - ok
18:45:35.0875 2760  [ F7832740E40E29E32ECB4D410EB34C91 ] C:\WINDOWS\SYSTEM32\WBEM\wmipcima.dll
18:45:35.0875 2760  C:\WINDOWS\SYSTEM32\WBEM\wmipcima.dll - ok
18:45:35.0890 2760  [ A42C79BF8C1921CE37DAF0C2AD708CCD ] C:\WINDOWS\SYSTEM32\wshext.dll
18:45:35.0890 2760  C:\WINDOWS\SYSTEM32\wshext.dll - ok
18:45:35.0890 2760  [ 39AA47A1ACBB6A92BF875B535EEAF911 ] C:\WINDOWS\SYSTEM32\wucltui.dll
18:45:35.0890 2760  C:\WINDOWS\SYSTEM32\wucltui.dll - ok
18:45:35.0890 2760  [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\SYSTEM32\advpack.dll
18:45:35.0890 2760  C:\WINDOWS\SYSTEM32\advpack.dll - ok
18:45:35.0906 2760  [ 42B928FC8518D793BF7A5EAFC57B1D8B ] C:\WINDOWS\SYSTEM32\imgutil.dll
18:45:35.0906 2760  C:\WINDOWS\SYSTEM32\imgutil.dll - ok
18:45:35.0906 2760  [ 5EB87BA0B93CA7E894FC8002E3CE4C2A ] C:\Program Files\Internet Explorer\sqmapi.dll
18:45:35.0906 2760  C:\Program Files\Internet Explorer\sqmapi.dll - ok
18:45:35.0921 2760  [ 559D9CBFC29DEE2773B28D38851683BA ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
18:45:35.0921 2760  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
18:45:35.0921 2760  [ 11734790410900D2CD6B7839020E4DD9 ] C:\WINDOWS\SYSTEM32\ieui.dll
18:45:35.0921 2760  C:\WINDOWS\SYSTEM32\ieui.dll - ok
18:45:35.0921 2760  [ D1E18F4AE94FFEC7270BE0A10C0B295E ] C:\WINDOWS\SYSTEM32\xmllite.dll
18:45:35.0921 2760  C:\WINDOWS\SYSTEM32\xmllite.dll - ok
18:45:35.0937 2760  [ 2AD2E831FB023915188008F5B3103F5B ] C:\Program Files\Internet Explorer\ieproxy.dll
18:45:35.0937 2760  C:\Program Files\Internet Explorer\ieproxy.dll - ok
18:45:35.0937 2760  [ 731F3DAD2F5D7A7334357D8F84A6EB56 ] C:\WINDOWS\SYSTEM32\xpsp3res.dll
18:45:35.0937 2760  C:\WINDOWS\SYSTEM32\xpsp3res.dll - ok
18:45:35.0937 2760  [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] C:\WINDOWS\SYSTEM32\msls31.dll
18:45:35.0937 2760  C:\WINDOWS\SYSTEM32\msls31.dll - ok
18:45:35.0953 2760  [ 4602907535FD682195DFFF9117365826 ] C:\WINDOWS\SYSTEM32\mfc42.dll
18:45:35.0953 2760  C:\WINDOWS\SYSTEM32\mfc42.dll - ok
18:45:35.0953 2760  [ 80C412B3E7304FE87C9CDB1836F0160A ] C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
18:45:35.0953 2760  C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll - ok
18:45:35.0968 2760  [ 63F6826E5C59CB04C5835BF95BC87B52 ] C:\WINDOWS\SYSTEM32\msfeeds.dll
18:45:35.0968 2760  C:\WINDOWS\SYSTEM32\msfeeds.dll - ok
18:45:35.0968 2760  [ 4925C1164585B950EACE20CB8536CC10 ] C:\Program Files\Discount Buddy\Discount Buddy.dll
18:45:35.0968 2760  C:\Program Files\Discount Buddy\Discount Buddy.dll - ok
18:45:35.0968 2760  [ 4721AB485E0C29CD1617A5F296B9CC47 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
18:45:35.0968 2760  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll - ok
18:45:35.0984 2760  [ 38FFEC2CD31441A6B57D7A0B490D7299 ] C:\WINDOWS\SYSTEM32\jscript.dll
18:45:35.0984 2760  C:\WINDOWS\SYSTEM32\jscript.dll - ok
18:45:35.0984 2760  [ 6D14169F0DCF44710061A090921B9446 ] C:\Program Files\Discount Buddy\Discount Buddy-bg.exe
18:45:35.0984 2760  C:\Program Files\Discount Buddy\Discount Buddy-bg.exe - ok
18:45:36.0000 2760  [ 89F41658929393487B6B7D13C8528CE3 ] C:\WINDOWS\SYSTEM32\DRIVERS\HPZipr12.sys
18:45:36.0000 2760  C:\WINDOWS\SYSTEM32\DRIVERS\HPZipr12.sys - ok
18:45:36.0000 2760  [ 6D14169F0DCF44710061A090921B9446 ] C:\Program Files\Discount Buddy\Discount Buddy.exe
18:45:36.0000 2760  C:\Program Files\Discount Buddy\Discount Buddy.exe - ok
18:45:36.0000 2760  [ D469A0EBA2EF5C6BEE8065B7E3196E5E ] C:\WINDOWS\SYSTEM32\mshtml.dll
18:45:36.0000 2760  C:\WINDOWS\SYSTEM32\mshtml.dll - ok
18:45:36.0015 2760  [ 66F1C930F4572816BB15C3A863590305 ] C:\WINDOWS\SYSTEM32\ieapfltr.dll
18:45:36.0015 2760  C:\WINDOWS\SYSTEM32\ieapfltr.dll - ok
18:45:36.0015 2760  [ 55E148C01296696588EAFA425782C3E8 ] C:\WINDOWS\SYSTEM32\dsound.dll
18:45:36.0015 2760  C:\WINDOWS\SYSTEM32\dsound.dll - ok
18:45:36.0031 2760  [ D67BDBBDA86CC9AEEBBAF3217C1717D8 ] C:\WINDOWS\SYSTEM32\d3d9.dll
18:45:36.0031 2760  C:\WINDOWS\SYSTEM32\d3d9.dll - ok
18:45:36.0031 2760  [ 254CA8F8B2A387CD59E659991E3E3DBD ] C:\WINDOWS\SYSTEM32\iepeers.dll
18:45:36.0031 2760  C:\WINDOWS\SYSTEM32\iepeers.dll - ok
18:45:36.0031 2760  [ 5E1A0476E009A1930A524DFF4CA13982 ] C:\WINDOWS\SYSTEM32\dxtrans.dll
18:45:36.0031 2760  C:\WINDOWS\SYSTEM32\dxtrans.dll - ok
18:45:36.0046 2760  [ 7ED462F353B3D915A418A689FA881F96 ] C:\WINDOWS\SYSTEM32\ddraw.dll
18:45:36.0046 2760  C:\WINDOWS\SYSTEM32\ddraw.dll - ok
18:45:36.0046 2760  [ 057D53F1490598D41D9D4DEE9A92B0B1 ] C:\WINDOWS\SYSTEM32\dxtmsft.dll
18:45:36.0046 2760  C:\WINDOWS\SYSTEM32\dxtmsft.dll - ok
18:45:36.0062 2760  [ 95EFDCB44DD093EDAD447F1D21C8A3F7 ] C:\Program Files\AVG\AVG2013\avgcertx.dll
18:45:36.0062 2760  C:\Program Files\AVG\AVG2013\avgcertx.dll - ok
18:45:36.0062 2760  [ 716A078B2FC6CC0BB3030B2559EC143F ] C:\WINDOWS\SYSTEM32\davclnt.dll
18:45:36.0062 2760  C:\WINDOWS\SYSTEM32\davclnt.dll - ok
18:45:36.0062 2760  [ C39CD25443CCCDD121BF1F807564DCFA ] C:\WINDOWS\SYSTEM32\drprov.dll
18:45:36.0062 2760  C:\WINDOWS\SYSTEM32\drprov.dll - ok
18:45:36.0078 2760  [ 6539CED6E5AB5684AA09E6B0ABBF4124 ] C:\WINDOWS\SYSTEM32\ntlanman.dll
18:45:36.0078 2760  C:\WINDOWS\SYSTEM32\ntlanman.dll - ok
18:45:36.0078 2760  [ 9DADF1A809ECEC86F04BDE35190D59FE ] C:\Program Files\AVG\AVG2013\avgui.exe
18:45:36.0078 2760  C:\Program Files\AVG\AVG2013\avgui.exe - ok
18:45:36.0093 2760  [ 01520B46830C8178E1B2C05A4F3F6C16 ] C:\WINDOWS\SYSTEM32\netui0.dll
18:45:36.0093 2760  C:\WINDOWS\SYSTEM32\netui0.dll - ok
18:45:36.0093 2760  [ 88B918E7FB3B09595DD8A0FD09A35B8F ] C:\WINDOWS\SYSTEM32\netui1.dll
18:45:36.0093 2760  C:\WINDOWS\SYSTEM32\netui1.dll - ok
18:45:36.0093 2760  [ 0E297F71CBFAA611F830407D1054DC70 ] C:\PROGRA~1\AVG\AVG2013\avgchjwx.dll
18:45:36.0109 2760  C:\PROGRA~1\AVG\AVG2013\avgchjwx.dll - ok
18:45:36.0109 2760  [ 76FFA2433FEB42E78FB5421A50C8FBE3 ] C:\PROGRA~1\AVG\AVG2013\avgclitx.dll
18:45:36.0109 2760  C:\PROGRA~1\AVG\AVG2013\avgclitx.dll - ok
18:45:36.0109 2760  [ CCF775179F42797A3EE8BA5678543621 ] C:\PROGRA~1\AVG\AVG2013\avgcclix.dll
18:45:36.0109 2760  C:\PROGRA~1\AVG\AVG2013\avgcclix.dll - ok
18:45:36.0125 2760  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\SYSTEM32\DRIVERS\WMILIB.SYS
18:45:36.0125 2760  C:\WINDOWS\SYSTEM32\DRIVERS\WMILIB.SYS - ok
18:45:36.0125 2760  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys
18:45:36.0125 2760  C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys - ok
18:45:36.0140 2760  [ 99997FA9056ACB38AA388BDA134CEF6E ] C:\Program Files\AVG\AVG2013\avgcsrvx.exe
18:45:36.0140 2760  C:\Program Files\AVG\AVG2013\avgcsrvx.exe - ok
18:45:36.0140 2760  [ 43D8779059D848BB26D725D4E6C3350C ] C:\Program Files\AVG\AVG2013\avgcorex.dll
18:45:36.0140 2760  C:\Program Files\AVG\AVG2013\avgcorex.dll - ok
18:45:36.0140 2760  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\SYSTEM32\DRIVERS\DXAPI.SYS
18:45:36.0140 2760  C:\WINDOWS\SYSTEM32\DRIVERS\DXAPI.SYS - ok
18:45:36.0156 2760  [ C9BF2F12C4E6C12F8A85FBA4B6BC6208 ] C:\WINDOWS\SYSTEM32\watchdog.sys
18:45:36.0156 2760  C:\WINDOWS\SYSTEM32\watchdog.sys - ok
18:45:36.0156 2760  [ 1EFBC43B33B83FD7376E63A71830CC69 ] C:\WINDOWS\SYSTEM32\win32k.sys
18:45:36.0156 2760  C:\WINDOWS\SYSTEM32\win32k.sys - ok
18:45:36.0171 2760  [ D3DAC8432110AAD0B02A58B4459AB835 ] C:\WINDOWS\SYSTEM32\DRIVERS\dxg.sys
18:45:36.0171 2760  C:\WINDOWS\SYSTEM32\DRIVERS\dxg.sys - ok
18:45:36.0171 2760  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\SYSTEM32\DRIVERS\DXGTHK.SYS
18:45:36.0171 2760  C:\WINDOWS\SYSTEM32\DRIVERS\DXGTHK.SYS - ok
18:45:36.0171 2760  [ 6F19639188F792BBB234B2A3FCB0C8C9 ] C:\Program Files\AVG\AVG2013\avgchclx.dll
18:45:36.0171 2760  C:\Program Files\AVG\AVG2013\avgchclx.dll - ok
18:45:36.0187 2760  [ A6251155B7017D4B4A77A3531A8DA6D8 ] C:\Program Files\AVG\AVG2013\avgcommx.dll
18:45:36.0187 2760  C:\Program Files\AVG\AVG2013\avgcommx.dll - ok
18:45:36.0187 2760  [ F820B93E4ABCCABD698A175FD5FC83FE ] C:\Program Files\AVG\AVG2013\avgntsqlitex.dll
18:45:36.0187 2760  C:\Program Files\AVG\AVG2013\avgntsqlitex.dll - ok
18:45:36.0187 2760  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\SYSTEM32\VGA.DLL
18:45:36.0187 2760  C:\WINDOWS\SYSTEM32\VGA.DLL - ok
18:45:36.0203 2760  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\SYSTEM32\KBDUS.DLL
18:45:36.0203 2760  C:\WINDOWS\SYSTEM32\KBDUS.DLL - ok
18:45:36.0203 2760  [ D87041EAA67ECA4394F6D5D09C0C2885 ] C:\WINDOWS\SYSTEM32\msctfime.ime
18:45:36.0203 2760  C:\WINDOWS\SYSTEM32\msctfime.ime - ok
18:45:36.0218 2760  [ 629CABB0421668C9D3D402A3C3D77E14 ] C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys
18:45:36.0218 2760  C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys - ok
18:45:36.0218 2760  [ 34D6CD56409DA9A7ED573E1C90A308BF ] C:\WINDOWS\SYSTEM32\DRIVERS\ndisuio.sys
18:45:36.0218 2760  C:\WINDOWS\SYSTEM32\DRIVERS\ndisuio.sys - ok
18:45:36.0218 2760  [ 777EB29D0135D81AD9828A2B05443496 ] C:\WINDOWS\SYSTEM32\winspool.drv
18:45:36.0218 2760  C:\WINDOWS\SYSTEM32\winspool.drv - ok
18:45:36.0234 2760  [ D6A8DC8C374EEA24744F2D4E87CA0E7E ] C:\WINDOWS\SYSTEM32\wdmaud.drv
18:45:36.0234 2760  C:\WINDOWS\SYSTEM32\wdmaud.drv - ok
18:45:36.0234 2760  [ 650AD082D46BAC0E64C9C0E0928492FD ] C:\WINDOWS\SYSTEM32\DRIVERS\sysaudio.sys
18:45:36.0234 2760  C:\WINDOWS\SYSTEM32\DRIVERS\sysaudio.sys - ok
18:45:36.0250 2760  [ EFD235CA22B57C81118C1AEB4798F1C1 ] C:\WINDOWS\SYSTEM32\DRIVERS\wdmaud.sys
18:45:36.0250 2760  C:\WINDOWS\SYSTEM32\DRIVERS\wdmaud.sys - ok
18:45:36.0250 2760  [ 0CE218578FFF5F4F7E4201539C45C78F ] C:\WINDOWS\SYSTEM32\DRIVERS\splitter.sys
18:45:36.0250 2760  C:\WINDOWS\SYSTEM32\DRIVERS\splitter.sys - ok
18:45:36.0250 2760  [ 1EE7B434BA961EF845DE136224C30FEC ] C:\WINDOWS\SYSTEM32\DRIVERS\aec.sys
18:45:36.0250 2760  C:\WINDOWS\SYSTEM32\DRIVERS\aec.sys - ok
18:45:36.0265 2760  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] C:\WINDOWS\SYSTEM32\DRIVERS\swmidi.sys
18:45:36.0265 2760  C:\WINDOWS\SYSTEM32\DRIVERS\swmidi.sys - ok
18:45:36.0265 2760  [ A6F881284AC1150E37D9AE47FF601267 ] C:\WINDOWS\SYSTEM32\DRIVERS\dmusic.sys
18:45:36.0265 2760  C:\WINDOWS\SYSTEM32\DRIVERS\dmusic.sys - ok
18:45:36.0281 2760  [ BA5DEDA4D934E6288C2F66CAF58D2562 ] C:\WINDOWS\SYSTEM32\DRIVERS\kmixer.sys
18:45:36.0281 2760  C:\WINDOWS\SYSTEM32\DRIVERS\kmixer.sys - ok
18:45:36.0281 2760  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] C:\WINDOWS\SYSTEM32\DRIVERS\drmkaud.sys
18:45:36.0281 2760  C:\WINDOWS\SYSTEM32\DRIVERS\drmkaud.sys - ok
18:45:36.0281 2760  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\SYSTEM32\MSACM32.DRV
18:45:36.0281 2760  C:\WINDOWS\SYSTEM32\MSACM32.DRV - ok
18:45:36.0296 2760  [ 29414447EB5BDE2F8397DC965DBB3156 ] C:\WINDOWS\SYSTEM32\DRIVERS\mrxdav.sys
18:45:36.0296 2760  C:\WINDOWS\SYSTEM32\DRIVERS\mrxdav.sys - ok
18:45:36.0296 2760  [ E931B4DD87DFACE46468FD506FDCD262 ] C:\WINDOWS\SYSTEM32\desk.cpl
18:45:36.0296 2760  C:\WINDOWS\SYSTEM32\desk.cpl - ok
18:45:36.0312 2760  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\SYSTEM32\DRIVERS\PARVDM.SYS
18:45:36.0312 2760  C:\WINDOWS\SYSTEM32\DRIVERS\PARVDM.SYS - ok
18:45:36.0312 2760  [ 6E996CF8459A2594E0E9609D0E34D41F ] C:\WINDOWS\SYSTEM32\DRIVERS\atksgt.sys
18:45:36.0312 2760  C:\WINDOWS\SYSTEM32\DRIVERS\atksgt.sys - ok
18:45:36.0312 2760  [ 975B6CF65F44E95883F3855BAE8CECAF ] C:\WINDOWS\SYSTEM32\DRIVERS\lirsgt.sys
18:45:36.0328 2760  C:\WINDOWS\SYSTEM32\DRIVERS\lirsgt.sys - ok
18:45:36.0328 2760  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\SYSTEM32\NETMSG.DLL
18:45:36.0328 2760  C:\WINDOWS\SYSTEM32\NETMSG.DLL - ok
18:45:36.0328 2760  [ EEB024F2C81F0D55936FB825D21A91D6 ] C:\WINDOWS\SYSTEM32\cmd.exe
18:45:36.0328 2760  C:\WINDOWS\SYSTEM32\cmd.exe - ok
18:45:36.0343 2760  [ AB9C79ED12D65E800AAAD3D72A04792F ] C:\WINDOWS\SYSTEM32\DRIVERS\srv.sys
18:45:36.0343 2760  C:\WINDOWS\SYSTEM32\DRIVERS\srv.sys - ok
18:45:36.0343 2760  [ 90A3935D05B494A5A39D37E71F09A677 ] C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys
18:45:36.0343 2760  C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys - ok
18:45:36.0359 2760  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Bobby\LOCALS~1\Temp\5F810F7D-367C-46EE-ABED-2DD2D32F2360.exe
18:45:36.0359 2760  C:\DOCUME~1\Bobby\LOCALS~1\Temp\5F810F7D-367C-46EE-ABED-2DD2D32F2360.exe - ok
18:45:36.0359 2760  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\SYSTEM32\DRIVERS\62830894.sys
18:45:36.0359 2760  C:\WINDOWS\SYSTEM32\DRIVERS\62830894.sys - ok
18:45:36.0359 2760  [ 1DFD6E8DA0FE2D14A5FA12CFCFB162C1 ] C:\WINDOWS\SYSTEM32\unimdm.tsp
18:45:36.0359 2760  C:\WINDOWS\SYSTEM32\unimdm.tsp - ok
18:45:36.0375 2760  [ 63368D3E65AACE7D26F69D8B29384243 ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
18:45:36.0375 2760  C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
18:45:36.0375 2760  [ 741B6B597E8C99E1938809F64F7BF13C ] C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll
18:45:36.0375 2760  C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll - ok
18:45:36.0390 2760  [ 7735385C0FA821961F9A1EBA94F2AC98 ] C:\WINDOWS\SYSTEM32\kmddsp.tsp
18:45:36.0390 2760  C:\WINDOWS\SYSTEM32\kmddsp.tsp - ok
18:45:36.0390 2760  [ 37D7005A87F6405DEA87F50098CE03F7 ] C:\WINDOWS\SYSTEM32\ndptsp.tsp
18:45:36.0390 2760  C:\WINDOWS\SYSTEM32\ndptsp.tsp - ok
18:45:36.0390 2760  [ A4C40AF21BF9F90E08A3C1DD0DC79E0B ] C:\WINDOWS\SYSTEM32\ipconf.tsp
18:45:36.0390 2760  C:\WINDOWS\SYSTEM32\ipconf.tsp - ok
18:45:36.0406 2760  [ 49361F295DF887AC32CD660CA94ACAA5 ] C:\WINDOWS\SYSTEM32\h323.tsp
18:45:36.0406 2760  C:\WINDOWS\SYSTEM32\h323.tsp - ok
18:45:36.0406 2760  [ 3182F47A67F86B5DD991E0FB7659D0E3 ] C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrvui.dll
18:45:36.0406 2760  C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrvui.dll - ok
18:45:36.0421 2760  [ 83168270F2E73A20E981B0F38A34958F ] C:\WINDOWS\SYSTEM32\hidphone.tsp
18:45:36.0421 2760  C:\WINDOWS\SYSTEM32\hidphone.tsp - ok
18:45:36.0421 2760  [ 9ACC58CC382F93D53E862762CDD4B6F2 ] C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\hpzui5ha.dll
18:45:36.0421 2760  C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\hpzui5ha.dll - ok
18:45:36.0421 2760  [ 790D6DD1BD3893FA025042C5F589EBBE ] C:\WINDOWS\SYSTEM32\compstui.dll
18:45:36.0421 2760  C:\WINDOWS\SYSTEM32\compstui.dll - ok
18:45:36.0437 2760  [ 5F2DBE3CB563741C8084657BF956CE64 ] C:\WINDOWS\SYSTEM32\OLEACC.DLL
18:45:36.0437 2760  C:\WINDOWS\SYSTEM32\OLEACC.DLL - ok
18:45:36.0437 2760  [ C66A7B836254550331FB32BD0E117C90 ] C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\hpzst5ha.dll
18:45:36.0437 2760  C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\hpzst5ha.dll - ok
18:45:36.0437 2760  [ 731F22BA402EE4B62748ADAF6363C182 ] C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS
18:45:36.0437 2760  C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS - ok
18:45:36.0453 2760  [ 9F8B0F4276F618964FD118BE4289B7CD ] C:\WINDOWS\SYSTEM32\DRIVERS\http.sys
18:45:36.0453 2760  C:\WINDOWS\SYSTEM32\DRIVERS\http.sys - ok
18:45:36.0453 2760  [ F41FA54CD85AF8AACF8C7E084F6742F4 ] C:\WINDOWS\SYSTEM32\LegitCheckControl.dll
18:45:36.0453 2760  C:\WINDOWS\SYSTEM32\LegitCheckControl.dll - ok
18:45:36.0468 2760  ============================================================
18:45:36.0468 2760  Scan finished
18:45:36.0468 2760  ============================================================
18:45:36.0468 3228  Detected object count: 0
18:45:36.0468 3228  Actual detected object count: 0
18:49:07.0875 0480  Deinitialize success

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/22/2013 07:04:36 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 2

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\WINDOWS\System32\nvsvc32.exe (PID: 216) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 03/22/2013 07:06:36 PM
Execution time: 0 hours(s), 1 minute(s), and 59 seconds(s)

 

C:\Documents and Settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Documents and Settings\Bobby\Application Data\Sun\Java\Deployment\cache\6.0\21\30263fd5-263704fd multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Bobby\Application Data\Sun\Java\Deployment\cache\6.0\56\9b47178-3893f5c9 a variant of Java/TrojanDownloader.Agent.NAN trojan cleaned by deleting - quarantined
C:\Documents and Settings\Bobby\Local Settings\Application Data\Updater26766\Updater26766.exe a variant of Win32/Toolbar.CrossRider.C application cleaned by deleting - quarantined
C:\Documents and Settings\Bobby\My Documents\Downloads\Setup_FreeBurner.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files\Discount Buddy\Discount Buddy.dll a variant of Win32/Toolbar.CrossRider.A application cleaned by deleting (after the next restart) - quarantined
C:\Program Files\Discount Buddy\Uninstall.exe multiple threats cleaned by deleting - quarantined
Operating memory a variant of Win32/Toolbar.CrossRider.A application contained infected files
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.2 (03.15.2013:1)
OS: Microsoft Windows XP x86
Ran by Bobby on Fri 03/22/2013 at 22:45:25.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL

 

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\crossrider
Successfully deleted: [Registry Key] hkey_current_user\software\installedbrowserextensions
Successfully deleted: [Registry Key] hkey_local_machine\software\systweak
Successfully deleted: [Registry Key] hkey_local_machine\software\tarma installer
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\axmetastream.metastreamctl
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\axmetastream.metastreamctl.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\axmetastream.metastreamctlsecondary
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\axmetastream.metastreamctlsecondary.1
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\active setup\installed components\{03f998b2-0e00-11d3-a498-00104b6eb52e}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\active setup\installed components\{1b00725b-c455-4de6-bfb6-ad540ad427cd}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0026766.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0026766.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0026766.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0026766.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0026766.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0026766.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0026766.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0026766.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{11111111-1111-1111-1111-110211671166}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{d824f0de-3d60-4f57-9eb1-66033ecd8abb}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\tarma installer"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\viewpoint"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\wecarereminder"
Successfully deleted: [Folder] "C:\Documents and Settings\Bobby\Application Data\viewpoint"
Successfully deleted: [Folder] "C:\Program Files\viewpoint"

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 03/22/2013 at 22:55:59.84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:07 PM

Posted 23 March 2013 - 10:35 AM

Malwarebytes

Please download Malwarebytes Anti-Malware and save it to your desktop. If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

===================================================

Farbar's MiniToolBox

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply

===================================================

Farbar's Service Scanner

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

===================================================

AdwCleaner by Xplode - Search for Adware

  • Please download AdwCleaner by Xplode onto your desktop.
  • Security softwares may flag it as malicious.This is a false positive and can be ignored.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • Click YES if you receive a warning for reboot
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well

===================================================

Malwarebytes Anti-Rootkit

Download Malwarebytes Anti-Rootkit from HERE

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt
  • Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • MBAR log


#5 bb1776

bb1776
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 23 March 2013 - 11:27 PM

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.23.11

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
Bobby :: JESSICA [administrator]

Protection: Enabled

3/23/2013 8:13:56 PM
mbam-log-2013-03-23 (20-13-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 236440
Time elapsed: 29 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Bobby (administrator) on 23-03-2013 at 20:50:33
Running from "C:\Documents and Settings\Bobby\Desktop"
Microsoft Windows XP Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration

 


Windows IP Configuration

 

        Host Name . . . . . . . . . . . . : Jessica

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Local Area Connection:

 

        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

        Physical Address. . . . . . . . . : 00-07-E9-3B-1F-A9

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.103

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 192.168.1.1

        Lease Obtained. . . . . . . . . . : Saturday, March 23, 2013 5:29:11 PM

        Lease Expires . . . . . . . . . . : Sunday, March 24, 2013 5:29:11 AM

Server:  home.gateway
Address:  192.168.1.1

Name:    google.com
Addresses:  74.125.227.136, 74.125.227.128, 74.125.227.134, 74.125.227.133
   74.125.227.142, 74.125.227.132, 74.125.227.130, 74.125.227.129, 74.125.227.137
   74.125.227.135, 74.125.227.131

 

Pinging google.com [74.125.227.136] with 32 bytes of data:

 

Reply from 74.125.227.136: bytes=32 time=152ms TTL=55

Reply from 74.125.227.136: bytes=32 time=179ms TTL=55

 

Ping statistics for 74.125.227.136:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 152ms, Maximum = 179ms, Average = 165ms

Server:  home.gateway
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45

 

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

 

Reply from 98.138.253.109: bytes=32 time=230ms TTL=52

Reply from 98.138.253.109: bytes=32 time=342ms TTL=52

 

Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 230ms, Maximum = 342ms, Average = 286ms

 

Pinging 127.0.0.1 with 32 bytes of data:

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 07 e9 3b 1f a9 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.103   20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      192.168.1.0    255.255.255.0    192.168.1.103   192.168.1.103   20
    192.168.1.103  255.255.255.255        127.0.0.1       127.0.0.1   20
    192.168.1.255  255.255.255.255    192.168.1.103   192.168.1.103   20
        224.0.0.0        240.0.0.0    192.168.1.103   192.168.1.103   20
  255.255.255.255  255.255.255.255    192.168.1.103   192.168.1.103   1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/22/2013 10:44:40 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/22/2013 10:44:40 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/21/2013 06:24:14 PM) (Source: Microsoft Office 12) (User: )
Description: Rejected Safe Mode action : Microsoft Office Excel.

Error: (03/20/2013 09:09:47 PM) (Source: Application Hang) (User: )
Description: Hanging application rundll32.exe, version 5.1.2600.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/19/2013 08:56:58 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.18702, fault address 0x0015c86a.
Processing media-specific event for [iexplore.exe!ws!]

Error: (03/19/2013 07:12:58 PM) (Source: Microsoft Office 12) (User: )
Description: Faulting application winword.exe, version 12.0.4518.1014, stamp 45428028, faulting module hpz3r5ha.dll, version 61.71.246.0, stamp 460a27bd, debug? 0, fault address 0x000467e8.

Error: (03/16/2013 07:16:14 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.18702, fault address 0x0009da70.
Processing media-specific event for [iexplore.exe!ws!]

Error: (03/16/2013 07:08:35 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.18702, fault address 0x00265067.
Processing media-specific event for [iexplore.exe!ws!]

Error: (03/12/2013 07:06:44 PM) (Source: Application Hang) (User: )
Description: Hanging application PD4.exe, version 1.1.128.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/12/2013 07:06:19 PM) (Source: Microsoft Office 12) (User: )
Description: Faulting application winword.exe, version 12.0.4518.1014, stamp 45428028, faulting module hpz3r5ha.dll, version 61.71.246.0, stamp 460a27bd, debug? 0, fault address 0x000467e8.


System errors:
=============
Error: (03/23/2013 07:20:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (03/23/2013 02:20:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (03/23/2013 09:20:02 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (03/22/2013 07:05:03 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Driver Helper Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/22/2013 06:42:31 PM) (Source: 0) (User: )
Description: 0xC000024365778999.sysHarddiskVolume2

Error: (03/22/2013 06:20:02 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (03/22/2013 04:20:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (03/22/2013 00:02:42 AM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (03/21/2013 11:20:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (03/21/2013 06:20:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}


Microsoft Office Sessions:
=========================
Error: (01/19/2013 05:26:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1956 seconds with 720 seconds of active time.  This session ended with a crash.

Error: (01/12/2013 02:13:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1864 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (01/12/2013 01:39:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 834 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (10/30/2012 06:36:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 82 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (10/13/2012 01:04:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 36 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/13/2012 00:59:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 218 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (10/13/2012 00:53:53 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 96 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/26/2012 11:00:32 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 538 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (05/03/2012 09:28:46 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 46 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/27/2012 00:27:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2759 seconds with 360 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 2.1.0)
913D Camera (Version: 1.0)
ABBYY FineReader 5.0 Sprint (Version: 5.0.482.3421)
Adobe Acrobat 4.0 (Version: 4.0)
Adobe AIR (Version: 3.5.0.880)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe PhotoDeluxe Home Edition 4.0 (Version: 4.0)
Adobe Reader 8.1.1 (Version: 8.1.1)
AGEIA PhysX v6.10.25 (Version: 6.10.25)
Amazon Music Importer (Version: 2.0.1)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.2641)
AVG 2013 (Version: 13.0.2904)
AVG 2013 (Version: 2013.0.2904)
Banctec Service Agreement (Version: 1.00.00)
Banctec Service Agreement (Version: 1.00.0004)
BCM V.92 56K Modem
Bonjour (Version: 3.0.0.10)
Cakewalk VST Adapter 4
CardRd81 (Version: 4.00.0000.0004)
CCleaner (Version: 3.04)
CCScore (Version: 8.02.0000.0001)
CR2 (Version: 4.00.0000.0003)
DA920EN (Version: 1.0.0.0)
Dell Digital Jukebox Driver
Dell Media Experience
Dell Networking Guide (Version: 1.00.0001)
Dell Support (Version: 2.0.1.205)
dj_sf_software (Version: 90.0.200.000)
DreamStation DXi2
DS21Patch (Version: 1.00.0000)
DVDSentry (Version: 1.00.0000)
EarthLink Setup Files (Version: 2003.3.84.0)
eMule
EPSON TWAIN 5
ESET Online Scanner v3
ESSBrwr (Version: 8.02.0000.0001)
ESSCDBK (Version: 8.02.0000.0001)
ESScore (Version: 8.02.0000.0001)
ESSgui (Version: 8.02.0000.0001)
ESSini (Version: 8.02.0000.0001)
ESSPCD (Version: 8.02.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 8.00.0000.0001)
File Uploader (Version: 1.2.1)
Google Earth (Version: 7.0.3.8542)
Google Update Helper (Version: 1.3.21.135)
Help and Support Customization (Version: 1.00.0000)
Home Studio 2
HP Photosmart All-In-One Driver Software 10.0 Rel .2 (Version: 10.0)
Indeo® software
Intel® PRO Network Adapters and Drivers
Intel® PROSet (Version: 6.05.2001)
Internet Explorer Default Page (Version: 1.00.03)
iPhone Configuration Utility (Version: 2.1.0.163)
iTunes (Version: 10.5.0.142)
Jasc Paint Shop Photo Album (Version: 4.0.3)
Jasc Paint Shop Pro 8 Dell Edition (Version: 8.10.0000)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
Kazoo Player
Kodak EasyShare software
Learn2 Player (Uninstall Only)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Encarta Encyclopedia Standard 2004 (Version: 2004)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2004 (Version: 12.0.50)
Microsoft Money 2004 System Pack (Version: 12.0.80)
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.4518.1014)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Modem Helper
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
MUSICMATCH® Jukebox
Nancy Drew: Danger by Design
netbrdg (Version: 7.01.0000.0001)
Network Play System (Patching)
Nikon Message Center (Version: 0.92.000)
Nikon Message Center 2 (Version: 2.1.0)
Nikon Movie Editor (Version: 2.7.0)
Nikon Transfer (Version: 1.5.3)
NVIDIA Windows 2000/XP Display Drivers
OfotoXMI (Version: 8.02.1000.0001)
PhoTags Express  (Version: )
Picture Control Utility (Version: 1.4.10)
PowerDVD
PS_AIO_02_Software_Min (Version: 100.0.206.000)
Quicken 2007 (Version: 16.1.1.27)
QuickTime (Version: 7.69.80.9)
RealOne Player
Safari (Version: 5.33.16.0)
Scan (Version: 10.1.0.0)
SFR (Version: 8.01.0000.0001)
SHASTA (Version: 7.01.0000.0001)
Shockwave
skin0001 (Version: 8.02.0000.0001)
SKINXSDK (Version: 8.02.0000.0001)
staticcr (Version: 8.02.0000.0001)
Toolbox (Version: 100.0.170.000)
UnloadSupport (Version: 9.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB900485) (Version: 2)
Update for Windows XP (KB904942) (Version: 2)
Update for Windows XP (KB908531) (Version: 2)
Update for Windows XP (KB910437) (Version: 1)
Update for Windows XP (KB911280) (Version: 2)
Update for Windows XP (KB916595) (Version: 1)
Update for Windows XP (KB920872) (Version: 1)
Update for Windows XP (KB922582) (Version: 1)
Update for Windows XP (KB925720) (Version: 1)
Update for Windows XP (KB927891) (Version: 3)
Update for Windows XP (KB930916) (Version: 1)
Update for Windows XP (KB931836) (Version: 1)
Update for Windows XP (KB932823-v3) (Version: 3)
Update for Windows XP (KB933360) (Version: 1)
Update for Windows XP (KB936357) (Version: 1)
Update for Windows XP (KB938828) (Version: 1)
Update for Windows XP (KB942763) (Version: 1)
Update for Windows XP (KB942840) (Version: 1)
Update for Windows XP (KB946627) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
ViewNX (Version: 1.4.0)
ViewNX 2 (Version: 2.7.2)
Viewpoint Media Player
Virtual Sound Canvas DXi
VLC media player 2.0.0 (Version: 2.0.0)
VPRINTOL (Version: 8.02.0000.0001)
WebFldrs XP (Version: 9.50.6513)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0036.0)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB885836 (Version: 20041028.173203)
Windows XP Hotfix - KB886185 (Version: 20041021.090540)
Windows XP Hotfix - KB887472 (Version: 20041014.162858)
Windows XP Hotfix - KB888302 (Version: 20041207.111426)
Windows XP Hotfix - KB890859 (Version: 1)
Windows XP Hotfix - KB891781 (Version: 20050110.165439)
Windows XP Service Pack 2 (Version: 20040803.231319)
WIRELESS (Version: 8.02.0000.0001)
WordPerfect Office 11 (Version: 11.0)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 69%
Total physical RAM: 511 MB
Available physical RAM: 153.84 MB
Total Pagefile: 993.51 MB
Available Pagefile: 376.27 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.05 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:74.46 GB) (Free:40.35 GB) NTFS
5 Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:2794.51 GB) (Free:2417.77 GB) NTFS
6 Drive g: (FreeAgent Drive) (Fixed) (Total:931.51 GB) (Free:333.68 GB) NTFS
7 Drive h: (FreeAgent Drive) (Fixed) (Total:149.05 GB) (Free:12.97 GB) NTFS

========================= Users: ========================================

User accounts for \\JESSICA

Administrator            ASPNET                   Bobby                   
Guest                    HelpAssistant            SUPPORT_388945a0        
SUPPORT_3f151ab9        


**** End of log ****

 

Farbar Service Scanner Version: 03-03-2013
Ran by Bobby (administrator) on 23-03-2013 at 21:03:09
Running from "C:\Documents and Settings\Bobby\Desktop"
Microsoft Windows XP Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2002-08-29 05:00] - [2006-05-19 06:59] - 0111616 ____A (Microsoft Corporation) EF545E1A4B043DA4C84E230DD471C55F

C:\WINDOWS\system32\Drivers\afd.sys
[2002-08-29 05:00] - [2008-08-14 03:51] - 0138368 ____A (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\system32\Drivers\netbt.sys
[2002-08-29 05:00] - [2004-08-04 00:14] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2002-08-29 05:00] - [2008-06-20 04:45] - 0360320 ____A (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2002-08-29 05:00] - [2004-08-04 00:14] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2002-08-29 05:00] - [2008-02-19 23:32] - 0045568 ____A (Microsoft Corporation) AAC8FFBFD61E784FA3BAC851D4A0BD5F

C:\WINDOWS\system32\ipnathlp.dll
[2007-06-17 19:43] - [2004-08-04 01:56] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2005-08-22 12:36] - [2005-08-22 12:29] - 0197632 ____A (Microsoft Corporation) 36739B39267914BA69AD0610A0299732

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2002-08-29 05:00] - [2004-08-04 01:56] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2002-08-29 05:00] - [2004-08-04 01:56] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2002-08-29 05:00] - [2004-08-04 00:06] - 0073472 ___AC (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2004-08-04 01:56] - [2004-08-04 01:56] - 0081408 ____N (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2002-08-29 05:00] - [2004-08-04 01:56] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2002-08-29 05:00] - [2004-08-04 01:56] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2002-08-29 05:00] - [2004-08-04 01:56] - 0382464 ____A (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2005-07-25 22:31] - [2008-07-07 14:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2002-08-29 05:00] - [2004-08-04 01:56] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2002-08-29 05:00] - [2004-08-04 01:56] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2005-07-25 22:31] - [2009-02-09 04:20] - 0399360 ____A (Microsoft Corporation) 01095FEBF33BEEA00C2A0730B9B3EC28

C:\WINDOWS\system32\services.exe
[2002-08-29 05:00] - [2009-02-06 11:14] - 0110592 ____A (Microsoft Corporation) 37561F8D4160D62DA86D24AE41FAE8DE


Extra List:
=======
Avgtdix(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x09000000040000000100000002000000030000000900000005000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

 

# AdwCleaner v2.115 - Logfile created 03/23/2013 at 21:06:31
# Updated 17/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Bobby - JESSICA
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Bobby\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [2966 octets] - [23/03/2013 21:06:31]

########## EOF - C:\AdwCleaner[S1].txt - [3026 octets] ##########

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1021

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 2 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED, H:\ DRIVE_FIXED
CPU speed: 2.793000 GHz
Memory total: 535818240, free: 40083456

------------ Kernel report ------------
     03/23/2013 21:29:44
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\System32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
pciide.sys
\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\System32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
Mup.sys
avgrkx86.sys
avglogx.sys
avgmfx86.sys
avgidshx.sys
agp440.sys
\SystemRoot\System32\DRIVERS\intelppm.sys
\SystemRoot\System32\DRIVERS\nv4_mini.sys
\SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\usbuhci.sys
\SystemRoot\System32\DRIVERS\USBPORT.SYS
\SystemRoot\System32\DRIVERS\usbehci.sys
\SystemRoot\System32\DRIVERS\BCMSM.sys
\SystemRoot\System32\DRIVERS\ks.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\System32\DRIVERS\e100b325.sys
\SystemRoot\System32\DRIVERS\fdc.sys
\SystemRoot\System32\DRIVERS\i8042prt.sys
\SystemRoot\System32\DRIVERS\kbdclass.sys
\SystemRoot\System32\DRIVERS\mouclass.sys
\SystemRoot\System32\DRIVERS\serial.sys
\SystemRoot\System32\DRIVERS\serenum.sys
\SystemRoot\System32\DRIVERS\parport.sys
\SystemRoot\System32\Drivers\MxlW2k.SYS
\SystemRoot\System32\DRIVERS\cdrom.sys
\SystemRoot\System32\DRIVERS\redbook.sys
\SystemRoot\System32\Drivers\GEARAspiWDM.sys
\SystemRoot\System32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\smwdm.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\aeaudio.sys
\SystemRoot\System32\DRIVERS\audstub.sys
\SystemRoot\System32\DRIVERS\rasl2tp.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\DRIVERS\ndiswan.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\raspptp.sys
\SystemRoot\System32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\psched.sys
\SystemRoot\System32\DRIVERS\msgpc.sys
\SystemRoot\System32\DRIVERS\ptilink.sys
\SystemRoot\System32\DRIVERS\raspti.sys
\SystemRoot\System32\DRIVERS\termdd.sys
\SystemRoot\System32\DRIVERS\swenum.sys
\SystemRoot\System32\DRIVERS\update.sys
\SystemRoot\System32\DRIVERS\omci.sys
\SystemRoot\System32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\DRIVERS\usbhub.sys
\SystemRoot\System32\DRIVERS\USBD.SYS
\SystemRoot\System32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\i2omgmt.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\System32\DRIVERS\ipsec.sys
\SystemRoot\System32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\System32\DRIVERS\ipnat.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbios.sys
\SystemRoot\System32\DRIVERS\rdbss.sys
\SystemRoot\System32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\System32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\??\C:\WINDOWS\system32\drivers\mbam.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\System32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\System32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\system32\DRIVERS\atksgt.sys
\SystemRoot\system32\DRIVERS\lirsgt.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\DRIVERS\secdrv.sys
\SystemRoot\System32\DRIVERS\ipfltdrv.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\SYSTEM32\ntdll.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR5
Upper Device Object: 0xffffffff82f2eab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000064\
Lower Device Object: 0xffffffff8307f830
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR4
Upper Device Object: 0xffffffff82f2fab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000063\
Lower Device Object: 0xffffffff83063030
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR3
Upper Device Object: 0xffffffff82f30218
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000062\
Lower Device Object: 0xffffffff82f108d8
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8335fab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\
Lower Device Object: 0xffffffff8337dd98
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Load Function returned 0x0
Downloaded database version: v2013.03.24.01
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8335fab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8338bb70, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8335fab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8337dd98, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffe1aae5c0, 0xffffffff8335fab8, 0xffffffff82884488
Lower DeviceData: 0xffffffffe104f3f8, 0xffffffff8337dd98, 0xffffffff827ce660
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\WINDOWS\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Read File: File "C:\WINDOWS\system32\drivers\TOSIDE.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\TSBVCAP.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tunmp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\uagp35.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\udfs.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ULTRA.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\usb8023.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\usb8023x.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\usbaapl.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\USBCAMD.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\USBCAMD2.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\usbintel.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\usbvideo.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\vchnt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\VDMINDVD.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ipinip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\iqvw32.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\irenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ISAPNP.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ksecdd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\logo.gif" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\MCD.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mdmxsdk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mf.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\MODEMCSA.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mouhid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mountmgr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mpe.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\OPRGHDLR.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\PARTMGR.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\pci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\pciide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\pciidex.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\pcmcia.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\PERC2.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ccdecode.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\CD20XRNT.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cdr4_xp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cdralw2k.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ch7xxnt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\CINEMST2.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\classpnp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\CMDIDE.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\CPQARRAY.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\CPQDAP01.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\crusoe.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cxthsfs2.cty" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\DAC2W2K.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\DAC960NT.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\msdv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mskssrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mspclock.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mspqm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mstee.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mtlmnt5.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mtlstrm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mtxparhm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mup.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mutohpen.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\nabtsfec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ndis.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ndisip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\amdk6.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati2mtag.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atv04nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\CBIDF2K.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hidir.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\IPFLTDRV.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\MRAID35X.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\NWLNKSPX.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\PERC2HIB.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\SPARROW.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\SYMC810.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\TOSDVD.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\StMp3Rec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\stream.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\streamip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\1028_Dell_DIM_8300.mrk" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ABP480N5.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\acpi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ACPIEC.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ADPU160M.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv01nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv02nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv05nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv07nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv08nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv09nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv11nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\agp440.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\agpcpq.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\AHA154X.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\AIC78U2.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\AIC78XX.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ALIIDE.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\alim1541.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\amdagp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\fastfat.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\fltmgr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\FSVGA.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\FTDISK.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\gagp30kx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\GM.DLS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\GMREADME.TXT" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hidbth.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hidclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rdpdr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rdpwd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\recagent.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\remove_spyware_button.gif" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rfcomm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\RIO8DRV.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\RIODRV.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rmcast.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rndismp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rndismpx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ROOTMDM.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\s3gnbm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\scsiport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sdbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\viaagp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\viaide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\volsnap.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wacompen.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wadv01nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wadv02nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wadv05nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wadv07nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wadv08nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wadv09nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wadv11nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\watv01nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\watv02nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\watv04nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\watv06nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\watv10nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wch7xxnt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wpdusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\WS2IFSL.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wsiintxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wstcodec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wvchntxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\disk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\diskdump.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\dmboot.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\dmio.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\DMLOAD.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\DPTI2O.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\EL90XBC5.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\amdk7.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\AMSINT.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\arp1394.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ASC.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ASC3350P.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ASC3550.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\asctrm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1btxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1mdxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1pdxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1raxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1rvxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1snxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1ttxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1tuxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1xbxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1xsxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati2mtaa.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\pxhelp20.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\QL1080.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\QL10WNT.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\QL12160.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\QL1240.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\QL1280.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\RAWWAN.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\SYMC8XX.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\SYM_HI.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\SYM_U3.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\system_stable_box.jpg" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\system_stable_box_small.jpg" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\system_stable_header.gif" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\system_stable_header_small.gif" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tape.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tcpip6.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tdpipe.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tdtcp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\netwlan5.img" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\nic1394.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\NIKEDRV.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\nmnt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ntfs.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ntmtlfax.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\NWLNKFLT.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\NWLNKFWD.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\nwlnkipx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\NWLNKNB.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atv06nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atv10nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\BCMDM.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bdasup.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bridge.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bthenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bthmodem.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bthpan.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bthport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bthprint.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bthusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\Camd913D.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\Capt913D.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinbtxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinmdxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinpdxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinraxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinrvxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinsnxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinttxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atintuxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinxbxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinxsxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ativmc20.cod" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atmarpc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ATMEPVC.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atmlane.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ATMUNI.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atv01nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atv02nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hidparse.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hidusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\HPN.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hsfbs2s2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hsfcxts2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hsfdpsp2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\i2omp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\i81xnt5.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\INI910U.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\intelide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ip6fw.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sffdisk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sffp_sd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\siint5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sisagp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\slip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\slnt7554.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\slntamr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\slnthal.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\slwdmsup.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\smbali.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\SMCLIB.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\smsens.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sonydcam.sys" is compressed (flags = 1)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9DC96E9E

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 80262

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 80325  Numsec = 156151800
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 80000000000 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-156230000-156250000)...
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff82f30218, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff82efd020, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff82f30218, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff82f108d8, DeviceName: \Device\00000062\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffe2e80ef0, 0xffffffff82f30218, 0xffffffff82533ab8
Lower DeviceData: 0xffffffffe204d810, 0xffffffff82f108d8, 0xffffffff82ddb0a0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A4B57300

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 1953520002

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Physical Sector Size: 4096
Drive: 2, DevicePointer: 0xffffffff82f2fab8, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff82f2f890, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff82f2fab8, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff83063030, DeviceName: \Device\00000063\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffe2c87b10, 0xffffffff82f2fab8, 0xffffffff8254e828
Lower DeviceData: 0xffffffffe20dd568, 0xffffffff83063030, 0xffffffff830ba250
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 6E8452F

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 732564000

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 3000592977920 bytes
Sector size: 4096 bytes

Physical Sector Size: 512
Drive: 3, DevicePointer: 0xffffffff82f2eab8, DeviceName: \Device\Harddisk3\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff82f2e3a8, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff82f2eab8, DeviceName: \Device\Harddisk3\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8307f830, DeviceName: \Device\00000064\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk3\DR5\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffe1ff1110, 0xffffffff82f2eab8, 0xffffffff825489e8
Lower DeviceData: 0xffffffffe2062900, 0xffffffff8307f830, 0xffffffff82573a98
Drive 3
Scanning MBR on drive 3...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9E21EFDC

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 312576642

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 160041885696 bytes
Sector size: 512 bytes

Done!
Performing system, memory and registry scan...
Read File: File "c:\Documents and Settings\Administrator\Application Data\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\BRNDLOG.BAK" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Administrator\Application Data\Sonic\Update Manager\sumdb.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\AccountTypes" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Action Clauses" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\addr_file.html" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\PKP_DLes.DAT" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\PKP_DLet.DAT" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\PKP_DLev.DAT" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Dell\DSLogDB\extractContent.log" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.070619-2144.log" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.070629-2223.log" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.100206-1507.log" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Apple Computer\QuickTime\QuickTimeFavorites.qtr" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Contextual Menu Items\Analog Mono" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.RIBBON.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\Hx_1033_MValidator.Lck" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.GRAPH.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSTORE.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.OIS.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.SETLANG.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.WINWORD.12.1033_1033_MValidator.Lck" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\QuickTime\QuickTimeFavorites.qtr" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\bookmrk.dbf" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Grpsyll.dbf" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Progress.dbf" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Settings.dbf" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Syllabus.dbf" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Digital Light\Animals" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Driver Manager\Driver Manager\dd.lic" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\EnterNHelp\hxdu.xxb" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\EnterNHelp\hxdv.xxb" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\EnterNHelp\hxdx.xxb" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\EnterNHelp\hxes.xxb" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\EnterNHelp\hxeu.xxb" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Kodak\Registration\DataStore.db" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\news.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Ultima_T15\reg_configec.stn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Ultima_T15\reg_configee.stn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Ultima_T15\reg_configek.stn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Ultima_T15\reg_configel.stn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Ultima_T15\reg_configen.stn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\WEBREG\WebRegData.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrps.lacy_da_dancer13.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ystats_B.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\YUPDATER\components.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\manual" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\vhosts" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Apple Computer\Preferences\com.apple.MobileDeviceCrashCopy.plist" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Apple Computer\Preferences\com.apple.WindowsContacts.client.exe.plist" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Apple Computer\Preferences\com.apple.WindowsContactsSync.plist" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Apple Computer\Preferences\iTunes.exe.plist" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\ArcSoft\InstallTemp\instdesc.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\FreeBurner\config.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\KodakCredentialStore\CredentialFile.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Microsoft\Office\MSO1043.acl" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Microsoft\Office\MSO2057.acl" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Microsoft\Office\OrgDB12.pip" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Microsoft\UProof\ExcludeDictionaryEN0809.lex" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Microsoft\UProof\ExcludeDictionaryFR040c.lex" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Microsoft\UProof\ExcludeDictionaryFR080c.lex" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\MX\MX Entertainment\rompath.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Nikon\Nikon_Shared.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\PlayFirst\dinerdash2\survey.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Real\Msg\Category.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Real\Msg\SCategory.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Real\RealMediaSDK\c0a80200.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Real\RealOne Player\Nti_CDBByte.out" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Application Data\Real\RealOne Player\Nti_SenseArea.out" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Application Data\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\BRNDLOG.BAK" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Application Data\Sonic\Update Manager\sumdb.dat" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Microsoft\Internet Explorer\BRNDLOG.BAK" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Sonic\Update Manager\sumdb.dat" is compressed (flags = 1)
Read File: File "c:\Program Files\Outlook Express\MSOE.TXT" is compressed (flags = 1)
Read File: File "c:\Program Files\Windows Media Player\NPDRMV2.ZIP" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Administrator\Start Menu\Programs\Startup\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Start Menu\Programs\Startup\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\CMOS.RAM" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\$NCSP$.INF" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\logonui.exe.manifest" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\L_EXCEPT.NLS" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\PCL.SEP" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\results.txt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\PSCRIPT.SEP" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\DSOUND.VXD" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\spupdwxp.log" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\MRT.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\BDEMERGE.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\iniasd.txt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\PERFCI.H" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\PERFWCI.H" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\DLBKPLC.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\PRODSPEC.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\PERFFILT.H" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\lfd32.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\llps350.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\llps601.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\View Channels.scf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\DRIVERS\ETC\NETWORKS" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\OOBE\msobe.isp" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\OOBE\obeip.dun" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\OOBE\REG.ISP" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\OOBE\migip.dun" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\OOBE\MIGRATE.ISP" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\9080VTDW\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\FG1CGKOH\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\TNJ5FHTK\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\ZUVD3RAX\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Administrator\NTUSER.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\NTUSER.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\NTUSER.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\NetworkService\NTUSER.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Administrator\Local Settings\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Local Settings\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)
Read File: File "c:\WINDOWS\smscfg.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\VB.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\DVDSentry.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\msoffice.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\VistaEmail.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\QUICKEN.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\EReg072.dat" is compressed (flags = 1)
Read File: File "c:\WINDOWS\dellstat.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Adobereg.db" is compressed (flags = 1)
Read File: File "c:\WINDOWS\nsreg.dat" is compressed (flags = 1)
Read File: File "c:\WINDOWS\VBADDIN.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\lexstat.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\EXPLORER.SCF" is compressed (flags = 1)
Read File: File "c:\WINDOWS\_delis32.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\IACore\1.7.6223.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Downloaded Program Files\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Fonts\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\UPDATE.CNT" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\CIADMIN.HTM" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\CONF.CNT" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\CONNECT.CNT" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\WINDOWS.CNT" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\MSHEARTS.CNT" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\MSNAUTH.CNT" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\NOCONTNT.CNT" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\RATINGS.CNT" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\WINHLP32.CNT" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\wmerr.htm" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\installutil.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\regsvcs.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\regsvcs.exe.rtm.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet.mof.uninstall" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\caspol.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ieexec.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\jsc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\l_except.nlp" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\XPThemes.manifest" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\regasm.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\regsvcs.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\SetupENU1.txt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\SetupENU2.txt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ASP.NETClientFiles\SmartNav.htm" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\_dataperfcounters_shared12_neutral.h" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_regsql.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state_perf.h" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\caspol.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet.mof.uninstall" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\_DataOracleClientPerfCounters_shared12_neutral.h" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ieexec.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regasm.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\XPThemes.manifest" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\webAdminNoNavBar.master" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\AddInProcess.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\AddInProcess32.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\AddInUtil.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\csc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\default.win32manifest" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\EdmGen.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\vbc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Tasks\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Web\BULLET.GIF" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Administrator\Local Settings\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Local Settings\Application Data\Powercinema\Dell_UserName.sys" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Local Settings\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Local Settings\History\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\History\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\DESKTOP.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Local Settings\Application Data\Adobe\Updater5\AUTrans.sig" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Local Settings\Application Data\Apple Computer\QuickTime\QuickTimeFavorites.qtr" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Local Settings\Application Data\Microsoft\Feeds Cache\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Local Settings\Application Data\Powercinema\Dell_UserName.sys" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Desktop\Stocks\~$Stock Summary.xlsx" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Bobby\Desktop\Stocks\~$Windstream.xlsx" is compressed (flags = 1)
Done!
Scan finished
=======================================

 

Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.24.01

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
Bobby :: JESSICA [administrator]

3/23/2013 10:16:36 PM
mbar-log-2013-03-23 (22-16-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 27123
Time elapsed: 45 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:07 PM

Posted 24 March 2013 - 11:23 AM

Current issues?



#7 bb1776

bb1776
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 24 March 2013 - 02:26 PM

Compter has never worked better. :bananas:

 

Thank you very much for the help.



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:07 PM

Posted 24 March 2013 - 08:58 PM

That looks good

Remove temporary and junk files

Download Temp file cleaner from HERE.Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode
 

Create a new restore point

Follow this guide to turn off and turn on your restore points

Windows XP

Vista & windows 7

Windows 8

Turn off your system restore-It deletes old infected restore points.Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old versions of java and flash player from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/ & http://www.adobe.com/support/flashplayer/downloads.html

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

Best Practices for Safe Computing - Prevention of Malware Infection

Simple and easy ways to keep your computer safe and secure on the Internet


Safe surfing :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users