Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

aswr found suspicious files do I need to remove these and how?


  • This topic is locked This topic is locked
40 replies to this topic

#1 olkydrillsgt

olkydrillsgt

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 25 March 2014 - 09:12 AM

                        Module: C:\WINDOWS\System32\drivers\dxgthk.sys  **SUSPICIOUS**
21:36:12.453    Module: C:\WINDOWS\System32\nv4_disp.dll  **SUSPICIOUS**
 
Thanks in advance for any help you may provide.

Attached Files



BC AdBot (Login to Remove)

 


m

#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:25 AM

Posted 25 March 2014 - 09:49 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 olkydrillsgt

olkydrillsgt
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 25 March 2014 - 06:49 PM

19:44:54.0968 0x0f74  TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43

19:44:58.0765 0x0f74  ============================================================

19:44:58.0765 0x0f74  Current date / time: 2014/03/25 19:44:58.0765

19:44:58.0765 0x0f74  SystemInfo:

19:44:58.0765 0x0f74  

19:44:58.0765 0x0f74  OS Version: 5.1.2600 ServicePack: 3.0

19:44:58.0765 0x0f74  Product type: Workstation

19:44:58.0765 0x0f74  ComputerName: D3GQH231

19:44:58.0765 0x0f74  UserName: Galen

19:44:58.0765 0x0f74  Windows directory: C:\WINDOWS

19:44:58.0765 0x0f74  System windows directory: C:\WINDOWS

19:44:58.0765 0x0f74  Processor architecture: Intel x86

19:44:58.0765 0x0f74  Number of processors: 1

19:44:58.0765 0x0f74  Page size: 0x1000

19:44:58.0765 0x0f74  Boot type: Normal boot

19:44:58.0765 0x0f74  ============================================================

19:45:04.0078 0x0f74  KLMD registered as C:\WINDOWS\system32\drivers\68112975.sys

19:45:04.0453 0x0f74  System UUID: {DC8A1904-AB07-FF93-EDD9-7D671578B58F}

19:45:05.0468 0x0f74  Drive \Device\Harddisk0\DR0 - Size: 0xDF8475800 (55.88 Gb), SectorSize: 0x200, Cylinders: 0x1C7E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

19:45:05.0468 0x0f74  ============================================================

19:45:05.0468 0x0f74  \Device\Harddisk0\DR0:

19:45:05.0468 0x0f74  MBR partitions:

19:45:05.0468 0x0f74  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x6FAC539

19:45:05.0468 0x0f74  ============================================================

19:45:05.0515 0x0f74  C: <-> \Device\Harddisk0\DR0\Partition1

19:45:05.0515 0x0f74  ============================================================

19:45:05.0515 0x0f74  Initialize success

19:45:05.0515 0x0f74  ============================================================

19:45:22.0531 0x0f88  ============================================================

19:45:22.0531 0x0f88  Scan started

19:45:22.0531 0x0f88  Mode: Manual; 

19:45:22.0531 0x0f88  ============================================================

19:45:22.0531 0x0f88  KSN ping started

19:45:25.0187 0x0f88  KSN ping finished: true

19:45:26.0156 0x0f88  ================ Scan system memory ========================

19:45:26.0156 0x0f88  System memory - ok

19:45:26.0171 0x0f88  ================ Scan services =============================

19:45:26.0312 0x0f88  Abiosdsk - ok

19:45:26.0375 0x0f88  [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5        C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS

19:45:26.0375 0x0f88  abp480n5 - ok

19:45:26.0515 0x0f88  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:45:26.0515 0x0f88  ACPI - ok

19:45:26.0562 0x0f88  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

19:45:26.0562 0x0f88  ACPIEC - ok

19:45:26.0687 0x0f88  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

19:45:26.0703 0x0f88  AdobeFlashPlayerUpdateSvc - ok

19:45:26.0765 0x0f88  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\System32\DRIVERS\adpu160m.sys

19:45:26.0765 0x0f88  adpu160m - ok

19:45:26.0984 0x0f88  [ 993F7B0BA5188A0007C085AA10257B8E, D4F8B52DAD483287CDBA189ADCD027ABACE268E63C9A63E09A12A2E14CD36B88 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe

19:45:27.0000 0x0f88  AdvancedSystemCareService6 - ok

19:45:27.0062 0x0f88  [ 11C04B17ED2ABBB4833694BCD644AC90, 4F50E672B8C1CA951EF1E01E969C73968BDB656889849859881333ECD3751A24 ] aeaudio         C:\WINDOWS\system32\drivers\aeaudio.sys

19:45:27.0062 0x0f88  aeaudio - ok

19:45:27.0125 0x0f88  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

19:45:27.0125 0x0f88  aec - ok

19:45:27.0187 0x0f88  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

19:45:27.0203 0x0f88  AFD - ok

19:45:27.0218 0x0f88  [ 0EBB674888CBDEFD5773341C16DD6A07, EC87828DBD4E11079C1E7296EEC568917A7B4052AA3EFFA402DD5FAA7E45741D ] AFS2K           C:\WINDOWS\system32\drivers\AFS2K.sys

19:45:27.0218 0x0f88  AFS2K - ok

19:45:27.0281 0x0f88  [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440          C:\WINDOWS\System32\DRIVERS\agp440.sys

19:45:27.0281 0x0f88  agp440 - ok

19:45:27.0312 0x0f88  [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ          C:\WINDOWS\System32\DRIVERS\agpCPQ.sys

19:45:27.0328 0x0f88  agpCPQ - ok

19:45:27.0343 0x0f88  [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x         C:\WINDOWS\System32\DRIVERS\aha154x.sys

19:45:27.0343 0x0f88  Aha154x - ok

19:45:27.0421 0x0f88  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\System32\DRIVERS\aic78u2.sys

19:45:27.0421 0x0f88  aic78u2 - ok

19:45:27.0437 0x0f88  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\System32\DRIVERS\aic78xx.sys

19:45:27.0437 0x0f88  aic78xx - ok

19:45:27.0500 0x0f88  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

19:45:27.0500 0x0f88  Alerter - ok

19:45:27.0578 0x0f88  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe

19:45:27.0578 0x0f88  ALG - ok

19:45:27.0640 0x0f88  [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde          C:\WINDOWS\System32\DRIVERS\aliide.sys

19:45:27.0640 0x0f88  AliIde - ok

19:45:27.0656 0x0f88  [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541        C:\WINDOWS\System32\DRIVERS\alim1541.sys

19:45:27.0656 0x0f88  alim1541 - ok

19:45:27.0718 0x0f88  [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp          C:\WINDOWS\System32\DRIVERS\amdagp.sys

19:45:27.0734 0x0f88  amdagp - ok

19:45:27.0812 0x0f88  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint          C:\WINDOWS\System32\DRIVERS\amsint.sys

19:45:27.0812 0x0f88  amsint - ok

19:45:27.0828 0x0f88  AppMgmt - ok

19:45:27.0843 0x0f88  [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc             C:\WINDOWS\System32\DRIVERS\asc.sys

19:45:27.0843 0x0f88  asc - ok

19:45:27.0875 0x0f88  [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p        C:\WINDOWS\System32\DRIVERS\asc3350p.sys

19:45:27.0875 0x0f88  asc3350p - ok

19:45:27.0890 0x0f88  [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550         C:\WINDOWS\System32\DRIVERS\asc3550.sys

19:45:27.0890 0x0f88  asc3550 - ok

19:45:28.0000 0x0f88  [ ED8CEE58C1E4C5893F5B2FD686A272BF, D52C214F7AD27F14FC66B3D6049D4781006D77992D276D9E986AFD2E2A459B63 ] Aspi32          C:\WINDOWS\system32\drivers\Aspi32.sys

19:45:28.0000 0x0f88  Aspi32 - ok

19:45:28.0140 0x0f88  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

19:45:28.0140 0x0f88  aspnet_state - ok

19:45:28.0203 0x0f88  [ B347D2FEAE2D063943F16EC98634AB89, 2CA74745232607571ED088270B3B3FA555628455A257A6E52F133D650D861FD4 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys

19:45:28.0203 0x0f88  aswMonFlt - ok

19:45:28.0218 0x0f88  [ 71A7C3DB37ED3F6118AC7FEB50574C35, D14BFFF9E1FA77ACB4F011C68645D3961E3278ED445D574F49653BA45F0332E2 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr.sys

19:45:28.0234 0x0f88  aswRdr - ok

19:45:28.0250 0x0f88  [ 84B4C00AE8CDFC52CF68F322D821F34C, 9971A8ECDF2B81F4AA59E7680639A8B798430E1FDF5A39C6E05E522BF2DEF3F8 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys

19:45:28.0250 0x0f88  aswRvrt - ok

19:45:28.0343 0x0f88  [ 3A50AD6AE8D8A0F78F03316F5B93FE45, 6F3952EDA23E5FD7CACE152D3DA3B1F1238E9B9976CDD5193D21424463BAA0E9 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys

19:45:28.0375 0x0f88  aswSnx - ok

19:45:28.0468 0x0f88  [ B6381B4DC603C558419641BA969930E0, F6586B6D055C62942CD0E5702FFCC6F4DB7424DC551EB0041876C3544994EB59 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys

19:45:28.0484 0x0f88  aswSP - ok

19:45:28.0500 0x0f88  [ 4A90E597A9AF787C4CEA0DE95C1F74A7, 07A80674038F2C78DA5868CB4350C1E8618E3EAAA3E894E32FDF5C876D5280F4 ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys

19:45:28.0515 0x0f88  aswTdi - ok

19:45:28.0531 0x0f88  [ 680448905E27BBC6587ADB28597640D6, A55297D872162178FDCF2C64C2357DCE1D98418AB84CF5E8621DED73C7484629 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys

19:45:28.0546 0x0f88  aswVmm - ok

19:45:28.0593 0x0f88  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:45:28.0609 0x0f88  AsyncMac - ok

19:45:28.0671 0x0f88  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

19:45:28.0671 0x0f88  atapi - ok

19:45:28.0687 0x0f88  Atdisk - ok

19:45:28.0734 0x0f88  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:45:28.0734 0x0f88  Atmarpc - ok

19:45:28.0796 0x0f88  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

19:45:28.0796 0x0f88  AudioSrv - ok

19:45:28.0859 0x0f88  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

19:45:28.0859 0x0f88  audstub - ok

19:45:28.0953 0x0f88  [ BEA8D0FA8805CC2E6BB49728166699C7, 9A574A1E79DC2D472877443A92ACDA57A1206A2DAB3AF9110C844944EDC9D797 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

19:45:28.0953 0x0f88  avast! Antivirus - ok

19:45:29.0015 0x0f88  AVG Security Toolbar Service - ok

19:45:29.0140 0x0f88  [ 41347688046D49CDE0F6D138A534F73D, 3EF4157B47C103BC289E9C2BBDC2EFF3961EEAD0C40509076064FF7B9E75FF22 ] BCMModem        C:\WINDOWS\system32\DRIVERS\BCMSM.sys

19:45:29.0187 0x0f88  BCMModem - ok

19:45:29.0281 0x0f88  [ 90A87D49205B3893281203A477F66FE5, 47EB932F9700B6FEC0929E612C2462C14DCC8EDB20291993EC1AF704920507AA ] BCMNTIO         C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys

19:45:29.0281 0x0f88  BCMNTIO - ok

19:45:29.0343 0x0f88  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

19:45:29.0343 0x0f88  Beep - ok

19:45:29.0437 0x0f88  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll

19:45:29.0453 0x0f88  BITS - ok

19:45:29.0468 0x0f88  BLKWGU(Belkin) - ok

19:45:29.0515 0x0f88  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll

19:45:29.0515 0x0f88  Browser - ok

19:45:29.0531 0x0f88  bvrp_pci - ok

19:45:29.0578 0x0f88  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf           C:\WINDOWS\System32\DRIVERS\cbidf2k.sys

19:45:29.0578 0x0f88  cbidf - ok

19:45:29.0593 0x0f88  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

19:45:29.0593 0x0f88  cbidf2k - ok

19:45:29.0656 0x0f88  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

19:45:29.0656 0x0f88  CCDECODE - ok

19:45:29.0828 0x0f88  [ 0BECA1C57AD647A28145C61B8911C047, 2531243B47971B2DDDD267C7959DCB26E8E9AEFAC9B8668ABFCE4A7C8E5075C4 ] ccEvtMgr        C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

19:45:29.0828 0x0f88  ccEvtMgr - ok

19:45:29.0859 0x0f88  [ 13488A6AF50A151D4802897C185E83FA, 8F57E7EB6245DC2AABA8D00994520BDD0FE213CB2E68267079AF1C4171BE5365 ] ccSetMgr        C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

19:45:29.0859 0x0f88  ccSetMgr - ok

19:45:29.0921 0x0f88  [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt        C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys

19:45:29.0937 0x0f88  cd20xrnt - ok

19:45:29.0984 0x0f88  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

19:45:29.0984 0x0f88  Cdaudio - ok

19:45:30.0046 0x0f88  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

19:45:30.0046 0x0f88  Cdfs - ok

19:45:30.0109 0x0f88  [ 991FF38609ECB64E876F1301D30E6E0B, F3649C1BC92E003B9C88C20636C29863097BEF82DD686E20FF1483B4E524C260 ] Cdr4_xp         C:\WINDOWS\system32\drivers\Cdr4_xp.sys

19:45:30.0109 0x0f88  Cdr4_xp - ok

19:45:30.0125 0x0f88  [ 5E31ABF467A6FD857710C0927C88EE4C, 774B0AFD7584BC7FFC4BB6C15510CD968A60DB945468CE30A03F8643471977A0 ] Cdralw2k        C:\WINDOWS\system32\drivers\Cdralw2k.sys

19:45:30.0140 0x0f88  Cdralw2k - ok

19:45:30.0156 0x0f88  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:45:30.0171 0x0f88  Cdrom - ok

19:45:30.0203 0x0f88  [ CFD81F2140193FC7F1812E6D6EAF6795, 0A356DF83744D68F1DE981E6AC756246EE3FD44E18CF3D43C57CEE301B78047B ] cdudf_xp        C:\WINDOWS\system32\drivers\cdudf_xp.sys

19:45:30.0218 0x0f88  cdudf_xp - ok

19:45:30.0234 0x0f88  Changer - ok

19:45:30.0281 0x0f88  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

19:45:30.0281 0x0f88  CiSvc - ok

19:45:30.0328 0x0f88  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

19:45:30.0343 0x0f88  ClipSrv - ok

19:45:30.0390 0x0f88  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:45:30.0406 0x0f88  clr_optimization_v2.0.50727_32 - ok

19:45:30.0484 0x0f88  [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde          C:\WINDOWS\System32\DRIVERS\cmdide.sys

19:45:30.0484 0x0f88  CmdIde - ok

19:45:30.0500 0x0f88  COMSysApp - ok

19:45:30.0515 0x0f88  [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray        C:\WINDOWS\System32\DRIVERS\cpqarray.sys

19:45:30.0531 0x0f88  Cpqarray - ok

19:45:30.0578 0x0f88  [ 3C8B6609712F4FF78E521F6DCFC4032B, DFCFD5F2D35DDA25DD91B4D732BDF84D1526AB11084E22523D51ABB2A8608402 ] Creative Service for CDROM Access C:\WINDOWS\System32\CTsvcCDA.exe

19:45:30.0578 0x0f88  Creative Service for CDROM Access - ok

19:45:30.0640 0x0f88  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

19:45:30.0640 0x0f88  CryptSvc - ok

19:45:30.0687 0x0f88  [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k         C:\WINDOWS\System32\DRIVERS\dac2w2k.sys

19:45:30.0687 0x0f88  dac2w2k - ok

19:45:30.0703 0x0f88  [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt        C:\WINDOWS\System32\DRIVERS\dac960nt.sys

19:45:30.0718 0x0f88  dac960nt - ok

19:45:30.0781 0x0f88  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

19:45:30.0796 0x0f88  DcomLaunch - ok

19:45:30.0859 0x0f88  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

19:45:30.0859 0x0f88  Dhcp - ok

19:45:30.0921 0x0f88  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

19:45:30.0921 0x0f88  Disk - ok

19:45:30.0937 0x0f88  dmadmin - ok

19:45:31.0031 0x0f88  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

19:45:31.0062 0x0f88  dmboot - ok

19:45:31.0093 0x0f88  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

19:45:31.0109 0x0f88  dmio - ok

19:45:31.0171 0x0f88  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

19:45:31.0171 0x0f88  dmload - ok

19:45:31.0234 0x0f88  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll

19:45:31.0234 0x0f88  dmserver - ok

19:45:31.0296 0x0f88  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

19:45:31.0312 0x0f88  DMusic - ok

19:45:31.0359 0x0f88  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

19:45:31.0359 0x0f88  Dnscache - ok

19:45:31.0468 0x0f88  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

19:45:31.0468 0x0f88  Dot3svc - ok

19:45:31.0515 0x0f88  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\System32\DRIVERS\dpti2o.sys

19:45:31.0515 0x0f88  dpti2o - ok

19:45:31.0562 0x0f88  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

19:45:31.0562 0x0f88  drmkaud - ok

19:45:31.0593 0x0f88  [ 677829F7010768EEEED8D0083E510DAB, 03D45E16B0949E126D139A0414C9D659EFFCAF018C4319B7FA663DE73C972B8C ] dvd_2K          C:\WINDOWS\system32\drivers\dvd_2K.sys

19:45:31.0593 0x0f88  dvd_2K - ok

19:45:31.0609 0x0f88  [ 98B46B331404A951CABAD8B4877E1276, DC683271BFF3BCC40D656E8190A4BA25E76B5876FE3C22C66ED789068C7017A7 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys

19:45:31.0625 0x0f88  E100B - ok

19:45:31.0671 0x0f88  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll

19:45:31.0671 0x0f88  EapHost - ok

19:45:31.0734 0x0f88  [ 6E883BF518296A40959131C2304AF714, FCBDAB6C9220742821D1A1711D39688889B578E0992F8B41945027DB23E92777 ] EL90XBC         C:\WINDOWS\system32\DRIVERS\el90xbc5.sys

19:45:31.0734 0x0f88  EL90XBC - ok

19:45:31.0796 0x0f88  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

19:45:31.0796 0x0f88  ERSvc - ok

19:45:31.0859 0x0f88  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe

19:45:31.0859 0x0f88  Eventlog - ok

19:45:31.0937 0x0f88  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\System32\es.dll

19:45:31.0937 0x0f88  EventSystem - ok

19:45:32.0000 0x0f88  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

19:45:32.0015 0x0f88  Fastfat - ok

19:45:32.0062 0x0f88  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

19:45:32.0078 0x0f88  FastUserSwitchingCompatibility - ok

19:45:32.0156 0x0f88  [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe

19:45:32.0171 0x0f88  Fax - ok

19:45:32.0218 0x0f88  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys

19:45:32.0218 0x0f88  Fdc - ok

19:45:32.0281 0x0f88  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

19:45:32.0281 0x0f88  Fips - ok

19:45:32.0328 0x0f88  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys

19:45:32.0328 0x0f88  Flpydisk - ok

19:45:32.0390 0x0f88  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

19:45:32.0406 0x0f88  FltMgr - ok

19:45:32.0531 0x0f88  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

19:45:32.0531 0x0f88  FontCache3.0.0.0 - ok

19:45:32.0578 0x0f88  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:45:32.0578 0x0f88  Fs_Rec - ok

19:45:32.0640 0x0f88  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:45:32.0640 0x0f88  Ftdisk - ok

19:45:32.0687 0x0f88  [ 065639773D8B03F33577F6CDAEA21063, F20D0F3256F5F894CCA48755B23679619B5D02A0F64A142FC6CB619FC0952067 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys

19:45:32.0687 0x0f88  gameenum - ok

19:45:32.0750 0x0f88  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:45:32.0750 0x0f88  Gpc - ok

19:45:32.0875 0x0f88  [ FC80052194D5708254A346568F0E77C0, 70F81DD8115998BAB162D047FD6D098CA54DB44BF90B8A048DB68E169D89AB77 ] GTNDIS5         C:\PROGRA~1\Linksys\WMP300N\GTNDIS5.SYS

19:45:32.0875 0x0f88  GTNDIS5 - ok

19:45:32.0890 0x0f88  HidServ - ok

19:45:32.0953 0x0f88  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:45:32.0953 0x0f88  HidUsb - ok

19:45:33.0015 0x0f88  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

19:45:33.0031 0x0f88  hkmsvc - ok

19:45:33.0046 0x0f88  [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn             C:\WINDOWS\System32\DRIVERS\hpn.sys

19:45:33.0046 0x0f88  hpn - ok

19:45:33.0109 0x0f88  [ 863CC3A82C63C9F60ACF2E85D5310620, 51CBC73D696BB87FBF3F4CD31ADE38DF9B8476DFAC38356A5C0ABD8CA63A5494 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys

19:45:33.0109 0x0f88  HPZid412 - ok

19:45:33.0171 0x0f88  [ 08CB72E95DD75B61F2966B311D0E4366, 3C4CBCA84B67DBFD00C3A2470EE0CBE1F66AF549E9579B016C659BEE40219D24 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

19:45:33.0171 0x0f88  HPZipr12 - ok

19:45:33.0234 0x0f88  [ CA990306ED4EF732AF9695BFF24FC96F, 083532116547447D4A82CA02181AB4099944082405036EE38D7A3FB09CFDDC95 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys

19:45:33.0234 0x0f88  HPZius12 - ok

19:45:33.0312 0x0f88  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

19:45:33.0328 0x0f88  HTTP - ok

19:45:33.0375 0x0f88  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

19:45:33.0390 0x0f88  HTTPFilter - ok

19:45:33.0421 0x0f88  [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys

19:45:33.0421 0x0f88  i2omgmt - ok

19:45:33.0531 0x0f88  [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp           C:\WINDOWS\System32\DRIVERS\i2omp.sys

19:45:33.0531 0x0f88  i2omp - ok

19:45:33.0593 0x0f88  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:45:33.0593 0x0f88  i8042prt - ok

19:45:33.0671 0x0f88  [ 06B7EF73BA5F302EECC294CDF7E19702, 5EF396D70D69F8E86A0FC7311E634A8360A99DDEC39054DC3018624A1497836E ] i81x            C:\WINDOWS\system32\DRIVERS\i81xnt5.sys

19:45:33.0671 0x0f88  i81x - ok

19:45:33.0734 0x0f88  [ 7B5B44EFE5EB9DADFB8EE29700885D23, AC01EF344206A1303E03D11420CC31228C6480CF8F2A1733BE18F2E6D44D1807 ] iAimFP0         C:\WINDOWS\system32\DRIVERS\wADV01nt.sys

19:45:33.0750 0x0f88  iAimFP0 - ok

19:45:33.0765 0x0f88  [ EB1F6BAB6C22EDE0BA551B527475F7E9, 5680C2B124B2222371F8F1FF934723CE06EE37072C42066547173CB3050969C4 ] iAimFP1         C:\WINDOWS\system32\DRIVERS\wADV02NT.sys

19:45:33.0765 0x0f88  iAimFP1 - ok

19:45:33.0796 0x0f88  [ 03CE989D846C1AA81145CB22FCB86D06, 7A63EF1016B1F70BDD5EBCEB415D59CA8D40DE256DAD2511CFBD88C82C37F0D6 ] iAimFP2         C:\WINDOWS\system32\DRIVERS\wADV05NT.sys

19:45:33.0796 0x0f88  iAimFP2 - ok

19:45:33.0812 0x0f88  [ 525849B4469DE021D5D61B4DB9BE3A9D, 38F57D4F6A19F909764641384054216B136BEEC4A8F703A95A32583B1BA7D862 ] iAimFP3         C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys

19:45:33.0812 0x0f88  iAimFP3 - ok

19:45:33.0875 0x0f88  [ 589C2BCDB5BD602BF7B63D210407EF8C, 97AAC0F6AA4DACA904CAE02341105AC4BCB5B9D7274EF54F5C1E19BD7EC0C066 ] iAimFP4         C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys

19:45:33.0875 0x0f88  iAimFP4 - ok

19:45:33.0937 0x0f88  [ D83BDD5C059667A2F647A6BE5703A4D2, 6640B923BDF345294B4D4AAE24787CA2FA5A8F31603934747292805323E46BDD ] iAimTV0         C:\WINDOWS\system32\DRIVERS\wATV01nt.sys

19:45:33.0953 0x0f88  iAimTV0 - ok

19:45:33.0968 0x0f88  [ ED968D23354DAA0D7C621580C012A1F6, CE6A58D1D6DD1460625C88A491CB43136416633C4F51EC3CF5209E5FAAA03098 ] iAimTV1         C:\WINDOWS\system32\DRIVERS\wATV02NT.sys

19:45:33.0968 0x0f88  iAimTV1 - ok

19:45:34.0000 0x0f88  [ D738273F218A224C1DDAC04203F27A84, 94F1D11949A848E7699A2FDFEB8F9D9ABCE02DC86629C3A914DEF350EDDE426B ] iAimTV3         C:\WINDOWS\system32\DRIVERS\wATV04nt.sys

19:45:34.0000 0x0f88  iAimTV3 - ok

19:45:34.0015 0x0f88  [ 0052D118995CBAB152DAABE6106D1442, DF656EDFE5A59550FE2C41567CCB79484EE59DCE6703156DFDC0466F52A9B398 ] iAimTV4         C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys

19:45:34.0015 0x0f88  iAimTV4 - ok

19:45:34.0140 0x0f88  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

19:45:34.0140 0x0f88  IDriverT - ok

19:45:34.0250 0x0f88  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:45:34.0312 0x0f88  idsvc - ok

19:45:34.0359 0x0f88  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

19:45:34.0359 0x0f88  Imapi - ok

19:45:34.0421 0x0f88  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\System32\imapi.exe

19:45:34.0437 0x0f88  ImapiService - ok

19:45:34.0484 0x0f88  [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u         C:\WINDOWS\System32\DRIVERS\ini910u.sys

19:45:34.0484 0x0f88  ini910u - ok

19:45:34.0593 0x0f88  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\System32\DRIVERS\intelide.sys

19:45:34.0593 0x0f88  IntelIde - ok

19:45:34.0640 0x0f88  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

19:45:34.0656 0x0f88  intelppm - ok

19:45:34.0687 0x0f88  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys

19:45:34.0703 0x0f88  ip6fw - ok

19:45:34.0765 0x0f88  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:45:34.0765 0x0f88  IpFilterDriver - ok

19:45:34.0843 0x0f88  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:45:34.0843 0x0f88  IpInIp - ok

19:45:34.0906 0x0f88  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:45:34.0906 0x0f88  IpNat - ok

19:45:34.0937 0x0f88  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:45:34.0937 0x0f88  IPSec - ok

19:45:34.0968 0x0f88  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

19:45:34.0984 0x0f88  IRENUM - ok

19:45:35.0015 0x0f88  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:45:35.0031 0x0f88  isapnp - ok

19:45:35.0031 0x0f88  ivusb - ok

19:45:35.0187 0x0f88  [ E731921DB2E17DCD3DB472FAD5549C57, 0904E61B761C28940D3B13D1A3A8F53CEB8D27441FE83BD9E2DD436EBAA9F652 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe

19:45:35.0187 0x0f88  JavaQuickStarterService - ok

19:45:35.0250 0x0f88  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:45:35.0250 0x0f88  Kbdclass - ok

19:45:35.0312 0x0f88  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

19:45:35.0312 0x0f88  kmixer - ok

19:45:35.0375 0x0f88  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

19:45:35.0390 0x0f88  KSecDD - ok

19:45:35.0437 0x0f88  [ 20C919B52897B72EBCB2AD2FC29D8EF0, A98F7D1DD01D47E8D2DA60D77E3EE0EC43455E9984384D70584A23100E32D6D5 ] L8042mou        C:\WINDOWS\system32\DRIVERS\L8042mou.Sys

19:45:35.0437 0x0f88  L8042mou - ok

19:45:35.0562 0x0f88  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

19:45:35.0578 0x0f88  lanmanserver - ok

19:45:35.0640 0x0f88  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

19:45:35.0656 0x0f88  lanmanworkstation - ok

19:45:35.0656 0x0f88  lbrtfdc - ok

19:45:35.0734 0x0f88  [ 31B582394DA3290DFF300F10952E9A4D, 6600F365AB4DC77377B47343A5A3BA9398E0619E0C727F27E2CB90C9A05B26D8 ] LHidKe          C:\WINDOWS\system32\DRIVERS\LHidKE.Sys

19:45:35.0734 0x0f88  LHidKe - ok

19:45:35.0796 0x0f88  [ CBD1C6BFF70E170CEC6E1502E7FCFEF6, 5C55CD15087EED865DCF912F7019B8BC1D71C7195C4E6522023D64BCEC4ECDB6 ] LHidUsbK        C:\WINDOWS\system32\Drivers\LHidUsbK.Sys

19:45:35.0796 0x0f88  LHidUsbK - ok

19:45:35.0875 0x0f88  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

19:45:35.0875 0x0f88  LmHosts - ok

19:45:35.0921 0x0f88  [ 90A794D0A0BF3531C4BA1C0510449629, 736AACE0A5F152B4C7A547473FB20DF6758028B2AA427820FC2FD41F63D99787 ] LMouKE          C:\WINDOWS\system32\DRIVERS\LMouKE.Sys

19:45:35.0937 0x0f88  LMouKE - ok

19:45:35.0984 0x0f88  [ A9ABAD5FCB7011114082933B01E13FCE, C33B03ECE24003179D908C1B403AA74996BFB54E9B34A1C454129383BD83CD01 ] LVUSBSta        C:\WINDOWS\system32\drivers\lvusbsta.sys

19:45:35.0984 0x0f88  LVUSBSta - ok

19:45:36.0000 0x0f88  [ 61330A29BD4230505A7618BC41693CBB, 50782D1A4773E8566EDB7911D7C27E4F6ACD2F4F6BD9918CDDD85284B1CCFAB0 ] MAPMEM          C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys

19:45:36.0000 0x0f88  MAPMEM - ok

19:45:36.0109 0x0f88  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

19:45:36.0125 0x0f88  MDM - ok

19:45:36.0187 0x0f88  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

19:45:36.0187 0x0f88  Messenger - ok

19:45:36.0203 0x0f88  [ 9B90303A9C9405A6CE1466FF4AA20FDD, 86EEAC9FEBD5EBE0564D899FE74C1AABEDA45CD5EE0989AAC7CF8A1034B459E9 ] mmc_2K          C:\WINDOWS\system32\drivers\mmc_2K.sys

19:45:36.0203 0x0f88  mmc_2K - ok

19:45:36.0281 0x0f88  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

19:45:36.0281 0x0f88  mnmdd - ok

19:45:36.0343 0x0f88  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe

19:45:36.0343 0x0f88  mnmsrvc - ok

19:45:36.0406 0x0f88  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

19:45:36.0406 0x0f88  Modem - ok

19:45:36.0468 0x0f88  [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys

19:45:36.0468 0x0f88  MODEMCSA - ok

19:45:36.0515 0x0f88  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:45:36.0515 0x0f88  Mouclass - ok

19:45:36.0562 0x0f88  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

19:45:36.0562 0x0f88  mouhid - ok

19:45:36.0609 0x0f88  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

19:45:36.0625 0x0f88  MountMgr - ok

19:45:36.0656 0x0f88  [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x        C:\WINDOWS\System32\DRIVERS\mraid35x.sys

19:45:36.0656 0x0f88  mraid35x - ok

19:45:36.0718 0x0f88  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:45:36.0734 0x0f88  MRxDAV - ok

19:45:36.0812 0x0f88  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:45:36.0843 0x0f88  MRxSmb - ok

19:45:36.0937 0x0f88  [ 7419D631C390C558A5A87484567BABD5, 9A19D416071786505E4F2A9D815033E95CACFFAAF538B42FA8A097EB22C48F81 ] MSCSPTISRV      C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

19:45:36.0937 0x0f88  MSCSPTISRV - ok

19:45:37.0000 0x0f88  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe

19:45:37.0000 0x0f88  MSDTC - ok

19:45:37.0078 0x0f88  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

19:45:37.0078 0x0f88  Msfs - ok

19:45:37.0093 0x0f88  MSIServer - ok

19:45:37.0140 0x0f88  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:45:37.0156 0x0f88  MSKSSRV - ok

19:45:37.0203 0x0f88  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:45:37.0203 0x0f88  MSPCLOCK - ok

19:45:37.0234 0x0f88  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

19:45:37.0234 0x0f88  MSPQM - ok

19:45:37.0296 0x0f88  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:45:37.0296 0x0f88  mssmbios - ok

19:45:37.0359 0x0f88  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys

19:45:37.0375 0x0f88  MSTEE - ok

19:45:37.0437 0x0f88  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

19:45:37.0437 0x0f88  Mup - ok

19:45:37.0546 0x0f88  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

19:45:37.0546 0x0f88  NABTSFEC - ok

19:45:37.0625 0x0f88  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll

19:45:37.0640 0x0f88  napagent - ok

19:45:37.0703 0x0f88  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

19:45:37.0718 0x0f88  NDIS - ok

19:45:37.0796 0x0f88  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys

19:45:37.0812 0x0f88  NdisIP - ok

19:45:37.0812 0x0f88  NDISRD - ok

19:45:37.0875 0x0f88  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:45:37.0875 0x0f88  NdisTapi - ok

19:45:37.0921 0x0f88  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:45:37.0937 0x0f88  Ndisuio - ok

19:45:37.0953 0x0f88  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:45:37.0953 0x0f88  NdisWan - ok

19:45:38.0000 0x0f88  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

19:45:38.0015 0x0f88  NDProxy - ok

19:45:38.0031 0x0f88  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

19:45:38.0031 0x0f88  NetBIOS - ok

19:45:38.0062 0x0f88  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

19:45:38.0078 0x0f88  NetBT - ok

19:45:38.0140 0x0f88  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe

19:45:38.0140 0x0f88  NetDDE - ok

19:45:38.0156 0x0f88  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

19:45:38.0171 0x0f88  NetDDEdsdm - ok

19:45:38.0218 0x0f88  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\System32\lsass.exe

19:45:38.0234 0x0f88  Netlogon - ok

19:45:38.0250 0x0f88  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll

19:45:38.0281 0x0f88  Netman - ok

19:45:38.0437 0x0f88  [ 737351F39FEF765234037770ABDD72BD, 12928F0B9230BFCCA9848217DC3470E302CD28006092A5C02EEE446BCDFFDC0C ] NetSvc          C:\Program Files\Intel\NCS\Sync\NetSvc.exe

19:45:38.0453 0x0f88  NetSvc - ok

19:45:38.0500 0x0f88  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:45:38.0500 0x0f88  NetTcpPortSharing - ok

19:45:38.0609 0x0f88  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll

19:45:38.0625 0x0f88  Nla - ok

19:45:38.0671 0x0f88  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

19:45:38.0671 0x0f88  Npfs - ok

19:45:38.0812 0x0f88  [ BDFD869422054A90372BF26FF4442C27, C1C3BFE69CA6E5B9EDDD233AF9D609F83E191FD8BB25FA303A132DEFABCD5D15 ] NSCService      C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

19:45:38.0843 0x0f88  NSCService - ok

19:45:38.0921 0x0f88  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

19:45:38.0953 0x0f88  Ntfs - ok

19:45:38.0968 0x0f88  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe

19:45:38.0968 0x0f88  NtLmSsp - ok

19:45:39.0046 0x0f88  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

19:45:39.0078 0x0f88  NtmsSvc - ok

19:45:39.0125 0x0f88  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

19:45:39.0125 0x0f88  Null - ok

19:45:39.0250 0x0f88  [ 1685A86CE8DC5A70D307DCA625FB50E7, 3B197069AD025BBC00BB5E5738D77E81752D0ACFE7A305BF572E6547FD30168F ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

19:45:39.0296 0x0f88  nv - ok

19:45:39.0359 0x0f88  [ 697A09635E30D3722E1124EC33FACE15, 050769DEED5AC6E70E1A265FE70F6FCF0B10C129E7AB297824076B4C58D7F27C ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe

19:45:39.0375 0x0f88  NVSvc - ok

19:45:39.0453 0x0f88  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:45:39.0468 0x0f88  NwlnkFlt - ok

19:45:39.0484 0x0f88  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:45:39.0484 0x0f88  NwlnkFwd - ok

19:45:39.0578 0x0f88  [ 53D5F1278D9EDB21689BBBCECC09108D, 561E1662B13E6F4DFE151267E351552CE340AC0D4BF74E31C4CACAD44BB2EBFA ] omci            C:\WINDOWS\system32\DRIVERS\omci.sys

19:45:39.0593 0x0f88  omci - ok

19:45:39.0718 0x0f88  [ E433C553D00D76FBC616294B60A7A530, 09F1DC13A98D4F955898E98A755338E4B1872C4D27F04941460CA280F81FD7DE ] P16X            C:\WINDOWS\system32\drivers\P16X.sys

19:45:39.0781 0x0f88  P16X - ok

19:45:39.0828 0x0f88  [ C90018BAFDC7098619A4A95B046B30F3, 1826E46F237AD65BA189B83803A46A6C2B29089C1BA146106ADD9F2B04D4A89D ] P3              C:\WINDOWS\system32\DRIVERS\p3.sys

19:45:39.0828 0x0f88  P3 - ok

19:45:39.0921 0x0f88  [ 778C309121067D83B8A48CDB658B4C17, DECB7D4A3857019F81A59460B8FFEC1832B58640582D80D37BF5F184535DC22D ] PACSPTISVR      C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

19:45:39.0937 0x0f88  PACSPTISVR - ok

19:45:40.0015 0x0f88  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

19:45:40.0031 0x0f88  Parport - ok

19:45:40.0078 0x0f88  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

19:45:40.0078 0x0f88  PartMgr - ok

19:45:40.0140 0x0f88  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

19:45:40.0140 0x0f88  ParVdm - ok

19:45:40.0203 0x0f88  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

19:45:40.0203 0x0f88  PCI - ok

19:45:40.0218 0x0f88  PCIDump - ok

19:45:40.0265 0x0f88  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

19:45:40.0265 0x0f88  PCIIde - ok

19:45:40.0328 0x0f88  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

19:45:40.0343 0x0f88  Pcmcia - ok

19:45:40.0359 0x0f88  PDCOMP - ok

19:45:40.0359 0x0f88  PDFRAME - ok

19:45:40.0375 0x0f88  PDRELI - ok

19:45:40.0390 0x0f88  PDRFRAME - ok

19:45:40.0453 0x0f88  [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2           C:\WINDOWS\System32\DRIVERS\perc2.sys

19:45:40.0453 0x0f88  perc2 - ok

19:45:40.0500 0x0f88  [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib        C:\WINDOWS\System32\DRIVERS\perc2hib.sys

19:45:40.0500 0x0f88  perc2hib - ok

19:45:40.0593 0x0f88  [ DA86016F0672ADA925F589EDE715F185, 6D15AD035FBD68BEC8D9FED89D5FAC082589B194326A8C1C6EB73C471244A446 ] pfc             C:\WINDOWS\system32\drivers\pfc.sys

19:45:40.0609 0x0f88  pfc - ok

19:45:40.0656 0x0f88  [ C8A2D6FF660AC601B7BB9A9B16A5C25E, BBF97622AB15943F614AE3901860DE4B1380D5878FCC6EAA2384B4C9432C0B4B ] PfModNT         C:\WINDOWS\system32\drivers\PfModNT.sys

19:45:40.0656 0x0f88  PfModNT - ok

19:45:40.0718 0x0f88  [ ECFBEA72977CC8D2C11F74AA07D8E7D0, 867F6AFD8E933E14EE009AEE0E2BF2D7BC7ABF495678F6A94596A26CD9A084E0 ] PhilCam8116_XP  C:\WINDOWS\system32\DRIVERS\CamDrL20.sys

19:45:40.0734 0x0f88  PhilCam8116_XP - ok

19:45:40.0781 0x0f88  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe

19:45:40.0796 0x0f88  PlugPlay - ok

19:45:40.0859 0x0f88  [ FB03F341FF5380394BF2EE52F1979925, 50795312FB3C90FFE3BF6F6C3FCDC489A3C8DA9801F13689C8A7B78C56D571A2 ] Pml Driver HPZ12 C:\WINDOWS\System32\HPZipm12.exe

19:45:40.0859 0x0f88  Pml Driver HPZ12 - ok

19:45:40.0890 0x0f88  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\System32\lsass.exe

19:45:40.0906 0x0f88  PolicyAgent - ok

19:45:40.0953 0x0f88  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:45:40.0968 0x0f88  PptpMiniport - ok

19:45:41.0015 0x0f88  [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys

19:45:41.0031 0x0f88  Processor - ok

19:45:41.0046 0x0f88  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

19:45:41.0046 0x0f88  ProtectedStorage - ok

19:45:41.0062 0x0f88  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

19:45:41.0062 0x0f88  PSched - ok

19:45:41.0093 0x0f88  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:45:41.0093 0x0f88  Ptilink - ok

19:45:41.0125 0x0f88  [ D8B90616A8BD53DE281DBDB664C0984A, C7E6631716E6BF8CCCE1D49961DE6BE824F44C3E9C4906BA61839600B27C9CD9 ] pwd_2k          C:\WINDOWS\system32\drivers\pwd_2k.sys

19:45:41.0125 0x0f88  pwd_2k - ok

19:45:41.0171 0x0f88  [ DB3B30C3A4CDCF07E164C14584D9D0F2, 6999E7DCB12206BCFA575994F993D7B10192A1E2D8359D041238905B9E44BB9E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys

19:45:41.0187 0x0f88  PxHelp20 - ok

19:45:41.0234 0x0f88  [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080          C:\WINDOWS\System32\DRIVERS\ql1080.sys

19:45:41.0234 0x0f88  ql1080 - ok

19:45:41.0265 0x0f88  [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt         C:\WINDOWS\System32\DRIVERS\ql10wnt.sys

19:45:41.0265 0x0f88  Ql10wnt - ok

19:45:41.0296 0x0f88  [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160         C:\WINDOWS\System32\DRIVERS\ql12160.sys

19:45:41.0296 0x0f88  ql12160 - ok

19:45:41.0312 0x0f88  [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240          C:\WINDOWS\System32\DRIVERS\ql1240.sys

19:45:41.0328 0x0f88  ql1240 - ok

19:45:41.0343 0x0f88  [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280          C:\WINDOWS\System32\DRIVERS\ql1280.sys

19:45:41.0343 0x0f88  ql1280 - ok

19:45:41.0390 0x0f88  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:45:41.0390 0x0f88  RasAcd - ok

19:45:41.0453 0x0f88  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll

19:45:41.0468 0x0f88  RasAuto - ok

19:45:41.0515 0x0f88  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:45:41.0515 0x0f88  Rasl2tp - ok

19:45:41.0640 0x0f88  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll

19:45:41.0687 0x0f88  RasMan - ok

19:45:41.0718 0x0f88  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:45:41.0718 0x0f88  RasPppoe - ok

19:45:41.0765 0x0f88  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

19:45:41.0765 0x0f88  Raspti - ok

19:45:41.0812 0x0f88  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:45:41.0828 0x0f88  Rdbss - ok

19:45:41.0890 0x0f88  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:45:41.0890 0x0f88  RDPCDD - ok

19:45:41.0953 0x0f88  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

19:45:41.0984 0x0f88  rdpdr - ok

19:45:42.0046 0x0f88  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

19:45:42.0062 0x0f88  RDPWD - ok

19:45:42.0125 0x0f88  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

19:45:42.0140 0x0f88  RDSessMgr - ok

19:45:42.0203 0x0f88  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

19:45:42.0203 0x0f88  redbook - ok

19:45:42.0265 0x0f88  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

19:45:42.0265 0x0f88  RemoteAccess - ok

19:45:42.0343 0x0f88  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\System32\locator.exe

19:45:42.0343 0x0f88  RpcLocator - ok

19:45:42.0437 0x0f88  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll

19:45:42.0453 0x0f88  RpcSs - ok

19:45:42.0515 0x0f88  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\System32\rsvp.exe

19:45:42.0531 0x0f88  RSVP - ok

19:45:42.0609 0x0f88  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe

19:45:42.0625 0x0f88  SamSs - ok

19:45:42.0671 0x0f88  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

19:45:42.0687 0x0f88  SCardSvr - ok

19:45:42.0750 0x0f88  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll

19:45:42.0765 0x0f88  Schedule - ok

19:45:42.0796 0x0f88  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:45:42.0812 0x0f88  Secdrv - ok

19:45:42.0828 0x0f88  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll

19:45:42.0843 0x0f88  seclogon - ok

19:45:42.0890 0x0f88  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll

19:45:42.0890 0x0f88  SENS - ok

19:45:42.0937 0x0f88  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

19:45:42.0953 0x0f88  serenum - ok

19:45:42.0968 0x0f88  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

19:45:42.0968 0x0f88  Serial - ok

19:45:43.0015 0x0f88  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

19:45:43.0015 0x0f88  Sfloppy - ok

19:45:43.0078 0x0f88  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

19:45:43.0093 0x0f88  SharedAccess - ok

19:45:43.0140 0x0f88  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

19:45:43.0140 0x0f88  ShellHWDetection - ok

19:45:43.0156 0x0f88  Simbad - ok

19:45:43.0203 0x0f88  [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp          C:\WINDOWS\System32\DRIVERS\sisagp.sys

19:45:43.0203 0x0f88  sisagp - ok

19:45:43.0218 0x0f88  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys

19:45:43.0218 0x0f88  SLIP - ok

19:45:43.0312 0x0f88  [ 31FD0707C7DBE715234F2823B27214FE, 9277F6AA025BF80D7AD3338D4EB33FAF899EC0157AE37160007D56E2F3CAFFBC ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys

19:45:43.0328 0x0f88  smwdm - ok

19:45:43.0375 0x0f88  [ A1ECEEAA5C5E74B2499EB51D38185B84, BB866DDA4D1F85A68A652204DAC7378456793E096A15F88B9C153BECD3D18C27 ] SONYPVU1        C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS

19:45:43.0390 0x0f88  SONYPVU1 - ok

19:45:43.0421 0x0f88  [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow         C:\WINDOWS\System32\DRIVERS\sparrow.sys

19:45:43.0421 0x0f88  Sparrow - ok

19:45:43.0468 0x0f88  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

19:45:43.0468 0x0f88  splitter - ok

19:45:43.0593 0x0f88  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

19:45:43.0609 0x0f88  Spooler - ok

19:45:43.0656 0x0f88  [ 9CAB0A38DEEBD30F3C8FE9D9826F43B1, 7A1A3B9776CCCFC77F1285103EC24F1A66C5695C18C249F37B3A07D024E936E2 ] SPTISRV         C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

19:45:43.0671 0x0f88  SPTISRV - ok

19:45:43.0718 0x0f88  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

19:45:43.0734 0x0f88  sr - ok

19:45:43.0781 0x0f88  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\System32\srsvc.dll

19:45:43.0796 0x0f88  srservice - ok

19:45:43.0875 0x0f88  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

19:45:43.0890 0x0f88  Srv - ok

19:45:43.0921 0x0f88  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

19:45:43.0921 0x0f88  SSDPSRV - ok

19:45:43.0984 0x0f88  [ 45B83808BF5C9968C3259A48898C7DD5, 1D4380EE4E0718AD785709C37E572302CE26AEFD3BED1DDC9A08E392F7999A1A ] SSScsiSV        C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

19:45:43.0984 0x0f88  SSScsiSV - ok

19:45:44.0062 0x0f88  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

19:45:44.0093 0x0f88  stisvc - ok

19:45:44.0140 0x0f88  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys

19:45:44.0140 0x0f88  streamip - ok

19:45:44.0171 0x0f88  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

19:45:44.0171 0x0f88  swenum - ok

19:45:44.0203 0x0f88  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

19:45:44.0203 0x0f88  swmidi - ok

19:45:44.0218 0x0f88  SwPrv - ok

19:45:44.0390 0x0f88  [ C1C706751F0499747DA9442C2679A0B7, 7EA7D844E894BF1BB26EBEBF9F6EE38AD826E2633B87C4F1C68E1748F21CEDD6 ] Symantec Core LC C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

19:45:44.0437 0x0f88  Symantec Core LC - ok

19:45:44.0515 0x0f88  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\System32\DRIVERS\symc810.sys

19:45:44.0515 0x0f88  symc810 - ok

19:45:44.0531 0x0f88  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\System32\DRIVERS\symc8xx.sys

19:45:44.0531 0x0f88  symc8xx - ok

19:45:44.0562 0x0f88  [ 403BD24FA5C55FC648ABDD039629A954, 16EE9E5253DEBA053522788AAF333CCEF1E2640AFE29E81CB6D12B4E6C6F743C ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

19:45:44.0578 0x0f88  SymEvent - ok

19:45:44.0593 0x0f88  SYMIDSCO - ok

19:45:44.0625 0x0f88  [ B226F8A4D780ACDF76145B58BB791D5B, 6E8304956E9FD827A2FCAB0CB9D200500E8E71CE79C9909684666DD548D3FD31 ] symlcbrd        C:\WINDOWS\system32\drivers\symlcbrd.sys

19:45:44.0640 0x0f88  symlcbrd - ok

19:45:44.0640 0x0f88  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\System32\DRIVERS\sym_hi.sys

19:45:44.0656 0x0f88  sym_hi - ok

19:45:44.0671 0x0f88  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\System32\DRIVERS\sym_u3.sys

19:45:44.0671 0x0f88  sym_u3 - ok

19:45:44.0703 0x0f88  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

19:45:44.0703 0x0f88  sysaudio - ok

19:45:44.0750 0x0f88  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

19:45:44.0765 0x0f88  SysmonLog - ok

19:45:44.0843 0x0f88  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

19:45:44.0859 0x0f88  TapiSrv - ok

19:45:44.0921 0x0f88  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:45:44.0953 0x0f88  Tcpip - ok

19:45:44.0968 0x0f88  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

19:45:44.0984 0x0f88  TDPIPE - ok

19:45:45.0000 0x0f88  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

19:45:45.0000 0x0f88  TDTCP - ok

19:45:45.0031 0x0f88  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

19:45:45.0031 0x0f88  TermDD - ok

19:45:45.0093 0x0f88  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll

19:45:45.0125 0x0f88  TermService - ok

19:45:45.0171 0x0f88  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll

19:45:45.0187 0x0f88  Themes - ok

19:45:45.0234 0x0f88  [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde          C:\WINDOWS\System32\DRIVERS\toside.sys

19:45:45.0234 0x0f88  TosIde - ok

19:45:45.0296 0x0f88  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll

19:45:45.0296 0x0f88  TrkWks - ok

19:45:45.0359 0x0f88  [ 4E75005B74BE901C30F2636DF40B0C15, 367C665D5ECC6A1DCAC7124DA202A2EB6ABCE287C6FB60599995130806946755 ] UdfReadr_xp     C:\WINDOWS\system32\drivers\UdfReadr_xp.sys

19:45:45.0375 0x0f88  UdfReadr_xp - ok

19:45:45.0390 0x0f88  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

19:45:45.0390 0x0f88  Udfs - ok

19:45:45.0406 0x0f88  [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra           C:\WINDOWS\System32\DRIVERS\ultra.sys

19:45:45.0406 0x0f88  ultra - ok

19:45:45.0484 0x0f88  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

19:45:45.0500 0x0f88  Update - ok

19:45:45.0562 0x0f88  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll

19:45:45.0578 0x0f88  upnphost - ok

19:45:45.0625 0x0f88  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe

19:45:45.0625 0x0f88  UPS - ok

19:45:45.0671 0x0f88  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys

19:45:45.0687 0x0f88  usbaudio - ok

19:45:45.0718 0x0f88  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

19:45:45.0734 0x0f88  usbccgp - ok

19:45:45.0765 0x0f88  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:45:45.0781 0x0f88  usbehci - ok

19:45:45.0796 0x0f88  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:45:45.0796 0x0f88  usbhub - ok

19:45:45.0828 0x0f88  [ F2EADC6A8F9BCE582AF6BA855426A47E, 6846642B118BD229FB150443AF5214166FEF5858DDEA7AC9D8BABF0FA9DA9C80 ] USBNET_XP       C:\WINDOWS\system32\DRIVERS\netusbxp.sys

19:45:45.0843 0x0f88  USBNET_XP - ok

19:45:45.0859 0x0f88  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

19:45:45.0859 0x0f88  usbprint - ok

19:45:45.0906 0x0f88  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

19:45:45.0906 0x0f88  usbscan - ok

19:45:45.0953 0x0f88  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:45:45.0953 0x0f88  USBSTOR - ok

19:45:46.0015 0x0f88  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys

19:45:46.0015 0x0f88  usbuhci - ok

19:45:46.0078 0x0f88  [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys

19:45:46.0078 0x0f88  usbvideo - ok

19:45:46.0109 0x0f88  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

19:45:46.0125 0x0f88  VgaSave - ok

19:45:46.0171 0x0f88  [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp          C:\WINDOWS\System32\DRIVERS\viaagp.sys

19:45:46.0171 0x0f88  viaagp - ok

19:45:46.0203 0x0f88  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\System32\DRIVERS\viaide.sys

19:45:46.0203 0x0f88  ViaIde - ok

19:45:46.0250 0x0f88  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

19:45:46.0250 0x0f88  VolSnap - ok

19:45:46.0312 0x0f88  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe

19:45:46.0328 0x0f88  VSS - ok

19:45:46.0390 0x0f88  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time         C:\WINDOWS\system32\w32time.dll

19:45:46.0406 0x0f88  w32time - ok

19:45:46.0500 0x0f88  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:45:46.0515 0x0f88  Wanarp - ok

19:45:46.0562 0x0f88  [ 56242D5BE3BFC8F2A212E6D1F9A16697, 2ACA5991FED8E7D4D44F00157BC4B6404E595C2BFB4A58FF745B8C973E58C210 ] wceusbsh        C:\WINDOWS\system32\DRIVERS\wceusbsh.sys

19:45:46.0562 0x0f88  wceusbsh - ok

19:45:46.0578 0x0f88  WDC_SAM - ok

19:45:46.0671 0x0f88  [ 997F2E3B66F1A987DEE83947FB40A033, 2AAE12096C5E8966B585DA19FF879B0537A77549DCB383823BB7191892D169F0 ] WDDMService     C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

19:45:46.0687 0x0f88  WDDMService - ok

19:45:46.0750 0x0f88  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys

19:45:46.0765 0x0f88  Wdf01000 - ok

19:45:46.0984 0x0f88  [ 5BB2ED6A1070001038276C814BC8C1DE, 716A7E492626496203D4E557C0BE05ABFE4952DFA698071387B6ACC89359488F ] WDFME           C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe

19:45:47.0078 0x0f88  WDFME - ok

19:45:47.0109 0x0f88  WDICA - ok

19:45:47.0156 0x0f88  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

19:45:47.0171 0x0f88  wdmaud - ok

19:45:47.0250 0x0f88  [ 3BA6FAF9276294285B88C2E6C85A4A09, 5B5828BE301883FC215BB11B7B26C32D141EBCB823EEBD4ACCE72BCD80064AAD ] WDSC            C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

19:45:47.0265 0x0f88  WDSC - ok

19:45:47.0312 0x0f88  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll

19:45:47.0328 0x0f88  WebClient - ok

19:45:47.0437 0x0f88  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

19:45:47.0437 0x0f88  winmgmt - ok

19:45:47.0578 0x0f88  [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM           C:\WINDOWS\system32\WsmSvc.dll

19:45:47.0625 0x0f88  WinRM - ok

19:45:47.0703 0x0f88  [ FD600B032E741EB6AAB509FC630F7C42, 2AF671D0648A5C2D2C4A7D0FDE803F07CC079CF1FA4E237DB912A8C77D9EC1F6 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys

19:45:47.0703 0x0f88  WinUSB - ok

19:45:47.0718 0x0f88  wltrysvc - ok

19:45:47.0781 0x0f88  [ 581176F60885AEF8F78C6E38DCC3CDF9, C175F84936964EC7AE7EA24025C4003E0907E7EA2BEAA0930BA2CB01360A5B79 ] WMDM PMSP Service C:\WINDOWS\System32\MsPMSPSv.exe

19:45:47.0781 0x0f88  WMDM PMSP Service - ok

19:45:47.0843 0x0f88  [ 051B1BDECD6DEE18C771B5D5EC7F044D, E9D4870C7E4E6119B274CF788D564BE9C48EA63790F5D6A2E987EB6DF7C93200 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

19:45:47.0859 0x0f88  WmdmPmSN - ok

19:45:47.0937 0x0f88  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe

19:45:47.0937 0x0f88  WmiApSrv - ok

19:45:48.0000 0x0f88  [ CCFDECD6060EA8EB0F8466782A97FF21, B478F2BB78BC5351BCD33C27F4A974CC76B90200F150DF1D9047F260164E2FC8 ] WMP300NSvc      C:\Program Files\Linksys\WMP300N\WLService.exe

19:45:48.0000 0x0f88  WMP300NSvc - ok

19:45:48.0109 0x0f88  [ EE44FE4C6388EAE2EC5749E2C5D781F2, 4436855E907F85778AFF4AE4F0504F29DBDFA16407557EF2D5DD034DEBDCBA31 ] WMP300Nv1       C:\WINDOWS\system32\DRIVERS\WMP300Nv1.sys

19:45:48.0140 0x0f88  WMP300Nv1 - ok

19:45:48.0281 0x0f88  [ 6BAB4DC65515A098505F8B3D01FB6FE5, 52AA14777920753A8AF76072216A266F5D0036F112F671E7104E1F4C04AE499E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe

19:45:48.0328 0x0f88  WMPNetworkSvc - ok

19:45:48.0453 0x0f88  [ 017695393AFFFED8DE58ABD1B085BE6D, 447D65499426A745A85289F3EB7CABBC0CC64D2C6B60D612ED34885CFF94B765 ] WMZuneComm      c:\Program Files\Zune\WMZuneComm.exe

19:45:48.0453 0x0f88  WMZuneComm - ok

19:45:48.0531 0x0f88  [ C60DC16D4E406810FAD54B98DC92D5EC, 43E7DF323BBD7C889CAD078176E239319A40EE4BEBC7BD753012B94CF5E48551 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys

19:45:48.0546 0x0f88  WpdUsb - ok

19:45:48.0562 0x0f88  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys

19:45:48.0562 0x0f88  WS2IFSL - ok

19:45:48.0625 0x0f88  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

19:45:48.0640 0x0f88  wscsvc - ok

19:45:48.0687 0x0f88  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

19:45:48.0687 0x0f88  WSTCODEC - ok

19:45:48.0750 0x0f88  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

19:45:48.0750 0x0f88  wuauserv - ok

19:45:48.0812 0x0f88  [ EAA6324F51214D2F6718977EC9CE0DEF, B9DE1521395E09233FE519873702979C3EAF65FEC4B94B12A46CECB16C488543 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys

19:45:48.0812 0x0f88  WudfPf - ok

19:45:48.0843 0x0f88  [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys

19:45:48.0859 0x0f88  WudfRd - ok

19:45:48.0875 0x0f88  [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll

19:45:48.0875 0x0f88  WudfSvc - ok

19:45:48.0953 0x0f88  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

19:45:48.0984 0x0f88  WZCSVC - ok

19:45:49.0046 0x0f88  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

19:45:49.0062 0x0f88  xmlprov - ok

19:45:49.0078 0x0f88  ZDPSp50 - ok

19:45:49.0140 0x0f88  [ AE279CD76B38FC079EEC3CA6D65A5926, 6C5B22BA59732D2A1E6017447ABCCD3987C49ED9899819B6BA2EB2E1030CD044 ] zumbus          C:\WINDOWS\system32\DRIVERS\zumbus.sys

19:45:49.0140 0x0f88  zumbus - ok

19:45:49.0187 0x0f88  [ 37F339B64F19E2775284ED7161B96683, 24116248DC96A3C4B76489C7E8BF4AD5F4DF4A1C124A993E9FF92B0505278850 ] ZuneBusEnum     c:\Program Files\Zune\ZuneBusEnum.exe

19:45:49.0203 0x0f88  ZuneBusEnum - ok

19:45:49.0781 0x0f88  [ 1076DF9ADE4E13EA3BF39D2165AEB903, 2CC94E658D02A97D8C02D7748F30A87AD16005720EBE29B7D55B80012BBA63A2 ] ZuneNetworkSvc  c:\Program Files\Zune\ZuneNss.exe

19:45:50.0125 0x0f88  ZuneNetworkSvc - ok

19:45:50.0203 0x0f88  [ DE1CDB333A402B279F04D627122FA08E, 4ACBC70BBF67F1DE4375543EE3F0D08C9FFCE6736A437E8B237D593F00DD3888 ] ZuneWlanCfgSvc  c:\Program Files\Zune\ZuneWlanCfgSvc.exe

19:45:50.0218 0x0f88  ZuneWlanCfgSvc - ok

19:45:50.0265 0x0f88  ================ Scan global ===============================

19:45:50.0328 0x0f88  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll

19:45:50.0390 0x0f88  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

19:45:50.0437 0x0f88  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

19:45:50.0500 0x0f88  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe

19:45:50.0515 0x0f88  [ Global ] - ok

19:45:50.0515 0x0f88  ================ Scan MBR ==================================

19:45:50.0546 0x0f88  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

19:45:50.0859 0x0f88  \Device\Harddisk0\DR0 - ok

19:45:50.0859 0x0f88  ================ Scan VBR ==================================

19:45:50.0859 0x0f88  [ F0DC93B4EA77FAF50C07C7DD3B8C30C6 ] \Device\Harddisk0\DR0\Partition1

19:45:50.0859 0x0f88  \Device\Harddisk0\DR0\Partition1 - ok

19:45:50.0875 0x0f88  Waiting for KSN requests completion. In queue: 285

19:45:51.0875 0x0f88  Waiting for KSN requests completion. In queue: 285

19:45:52.0875 0x0f88  Waiting for KSN requests completion. In queue: 285

19:45:53.0921 0x0f88  AV detected via SS1: Norton Internet Security 2006, 2006, enabled, updated

19:45:53.0921 0x0f88  AV detected via SS1: avast! Antivirus, 5.0.150996960, enabled, updated

19:45:53.0921 0x0f88  AV detected via SS1: Microsoft Security Essentials, 2.1.6805.0, disabled, updated

19:45:53.0921 0x0f88  FW detected via SS1: Norton Internet Security 2006, 2006, enabled

19:45:56.0484 0x0f88  ============================================================

19:45:56.0484 0x0f88  Scan finished

19:45:56.0484 0x0f88  ============================================================

19:45:56.0484 0x02cc  Detected object count: 0

19:45:56.0484 0x02cc  Actual detected object count: 0



#4 olkydrillsgt

olkydrillsgt
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 25 March 2014 - 07:07 PM

Thanks for your help Marius! I was reading a post last night as I struggled to do it myself where you helped a lady named Karen in 2012. Glad to see you are still around helping!!



#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:25 AM

Posted 26 March 2014 - 05:10 AM

 

Thanks for your help Marius! I was reading a post last night as I struggled to do it myself where you helped a lady named Karen in 2012. Glad to see you are still around helping!!

Kickin´ malware´s butt since 2010! :lol:

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

Edited by TB-Psychotic, 26 March 2014 - 05:11 AM.

Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 olkydrillsgt

olkydrillsgt
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 26 March 2014 - 05:39 AM

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Galen at 2014-03-26 06:36:04
Running from C:\Documents and Settings\Galen\My Documents\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Norton Internet Security 2006 (Disabled - Up to date) {E10A9785-9598-4754-B552-92431C1C35F8}
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials (Disabled - Up to date) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: Norton Internet Security 2006 (Disabled) {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
 
==================== Installed Programs ======================
 
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (Version: 8.1.2 - Adobe Systems, Inc) Hidden
Adobe Atmosphere Player for Acrobat and Adobe Reader (HKLM\...\Adobe Atmosphere Player) (Version:  - )
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 8.1.2 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
Advanced SystemCare 6 (HKLM\...\Advanced SystemCare 6_is1) (Version: 6.0 - IObit)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2016 - Avast Software)
Banctec Service Agreement (Version: 1.00.0004 - Dell) Hidden
BCM V.92 56K Modem (HKLM\...\BCM V.92 56K Modem) (Version:  - )
ccCommon (Version: 104.0.5.3 - Symantec) Hidden
Centricity Workstation (HKLM\...\{B04F36B2-03E3-11D6-ABA9-00B0D0C8DE98}) (Version:  - )
CheckIt  Diagnostics (HKLM\...\CheckIt  Diagnostics) (Version: 7.1 - Smith Micro Software, Inc.)
Consumer Complete Care Services Agreement (Version: 1.00.0004 - Dell) Hidden
Creative Diagnostics (HKLM\...\Diagnostics3) (Version:  - )
Creative Mixer 3 (HKLM\...\Creative Mixer 3) (Version:  - )
Creative Restore Defaults (HKLM\...\Creative Restore Defaults) (Version:  - )
Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version:  - )
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.0.0.0 - Dell Inc.)
Dell Picture Studio - Dell Image Expert (HKLM\...\{151C555A-A9E7-4A2E-B6D7-165D04A3C956}) (Version: 3.4.1 - Jasc Software Inc)
Dell Solution Center (HKLM\...\{11F1920A-56A2-4642-B6E0-3B31A12C9288}) (Version: 1.00.0000 - Dell)
DVDSentry (HKLM\...\{98DF85D9-96C0-4F57-A92E-C3539477EF5E}) (Version: 1.00.0001 - Dell)
Easy CD Creator 5 Basic (HKLM\...\{609F7AC8-C510-11D4-A788-009027ABA5D0}) (Version: 5.3.4.21 - Roxio Inc)
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Help and Support Customization (Version: 1.00.0000 - Dell) Hidden
HP Memories Disc (HKLM\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
hp officejet 6100 series (Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Photo and Imaging 2.0 - All-in-One (Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Photo and Imaging 2.0 - All-in-One Drivers (Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Photo and Imaging 2.0 - hp officejet 6100 series (HKLM\...\HP OfficeJet 6100 Series) (Version:  - )
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 4.00.0000 - Hewlett-Packard Company)
Image Transfer (HKLM\...\{564A8DD3-70BC-4018-A5C3-7CEB10BBB6E9}) (Version:  - )
Intel® PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version:  - )
Intel® PROSet (HKLM\...\{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}) (Version: 6.05.2001 - Intel)
Internet Updater (HKLM\...\InternetUpdater) (Version: 2.6.57 - Parallel Lines Development, LLC) <==== ATTENTION
Java Auto Updater (Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 23 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.230 - Sun Microsystems, Inc.)
Linksys Wireless-N PCI Adapter WMP300N (HKLM\...\{AA20E409-BDB4-439B-B75B-D5B193546779}) (Version: 1.00.000 - Linksys Corporation)
Logitech SetPoint (HKLM\...\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}) (Version: 2.40 - Logitech)
Logitech® Camera Driver (HKLM\...\QcDrv) (Version:  - )
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework (English) (Version: 1.0.3705 - Microsoft) Hidden
Microsoft .NET Framework (English) v1.0.3705 (HKLM\...\Microsoft .NET Framework Full v1.0.3705 (1033)) (Version:  - )
Microsoft .NET Framework 1.0 Hotfix (KB928367) (HKLM\...\M928367) (Version:  - )
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Data Access Components KB870669 (HKLM\...\KB870669) (Version:  - Microsoft Corporation)
Microsoft Default Manager (Version: 2.1.54.0 - Microsoft Corporation) Hidden
Microsoft Interactive Training (HKLM\...\Microsoft Press Interactive Training) (Version:  - )
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office Converter Pack (HKLM\...\{6EECB283-E65F-40EF-86D3-D51BF02A8D43}) (Version: 11.0.0.0 - Microsoft Corporation - Office Resource Kit Group)
Microsoft Office XP Media Content (HKLM\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM\...\{91110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Outlook 2002 (HKLM\...\{911A0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Publisher 2002 (HKLM\...\{91190409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft UI Engine (Version: 4.0.0318.1 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version:  - Microsoft Corporation)
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version:  - )
MSRedist (Version: 1.0.0.0 - Symantec Corporation) Hidden
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Musicmatch® Jukebox (HKLM\...\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}) (Version: 9.00.5100 - )
MyDVD (HKLM\...\{5E835305-63BB-4E55-BBB7-EEBBE67774DB}) (Version:  - )
Norton Protection Center (Version: 1.4.4 - Symantec Corp) Hidden
Norton SystemWorks (Version: 1.0.0 - Symantec Corp.) Hidden
Norton SystemWorks 2006 Basic Edition (Symantec Corporation) (HKLM\...\SymSetup.{707D28BF-E145-4a9b-B97E-94FA586D05F3}) (Version: 9.01.19 - Symantec Corporation)
Norton SystemWorks 2006 Basic Edition (Version: 9.01.19 - Symantec Corporation) Hidden
Norton Utilities (Version: 19.0.0 - <no manufacturer>) Hidden
NSW_DRM_COLLECTION (Version: 1.0.0 - Symantec Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NVIDIA Windows 2000/XP Display Drivers (HKLM\...\NVIDIA) (Version:  - )
OpenMG Limited Patch 4.1-05-13-31-01 (HKLM\...\OpenMG HotFix4.1-05-13-31-01) (Version:  - )
OpenMG Secure Module 4.1.00 (HKLM\...\InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E}) (Version: 4.1.00.13261 - Sony Corporation)
OpenMG Secure Module 4.1.00 (Version: 4.1.00.13261 - Sony Corporation) Hidden
PerformanceTest v4.0 (HKLM\...\PerformanceTest_is1) (Version: 4.0 - Passmark Software)
PIXELA ImageMixer (HKLM\...\{13413C6C-C640-40B8-917E-CA3062826B18}) (Version:  - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rocket Piano Audio Ebooks (HKLM\...\{C3FDD160-D815-4F49-A912-190AC6717A2C}) (Version: 1.6 - Rocket Piano)
Rocket Piano Bonus Software (HKLM\...\{5D5637DD-DCBC-4DA7-A505-14528039F5DF}) (Version: 1.3 - Rocket Piano)
Rocket Piano MP3 Audio Files (HKLM\...\{091C5A56-58BD-4F1D-9CC2-13050389232C}) (Version: 3.0 - Rocket Piano)
Search Protect (Version: 2.10.31.0 - Conduit) Hidden <==== ATTENTION
SonicStage 3.0 (HKLM\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 3.0 - Sony Corporation)
Sony USB Driver (HKLM\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version:  - )
Sound Blaster Live! (HKLM\...\{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}) (Version:  - )
Symantec KB-DocID:2003093015493306 (Version: 1.0.0.1 - Symantec Corporation) Hidden
Trader Workstation (HKCU\...\Trader Workstation) (Version:  - Interactive Brokers)
Tweak UI (HKLM\...\Tweak UI 2.10) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Windows (KB971513) (HKLM\...\KB971513) (Version:  - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2447568) (HKLM\...\KB2447568-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976749) (HKLM\...\KB976749-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Updater (Version: 2.6.53 - Creative Island Media, LLC) Hidden <==== ATTENTION
Video Converter Bundle (HKLM\...\Video Converter Bundle) (Version: 2.0.0.3 - Video Converter Bundle)
WD SmartWare (HKLM\...\{2AA48AFA-79CA-4043-BFFC-BB5BA23A9FCF}) (Version: 1.3.0.16 - Western Digital)
WebCam Driver for Panasonic DVC (HKLM\...\InstallShield_{EBE171CC-C465-43FE-AA82-F0B4333764DD}) (Version: 1.00.0000 - Panasonic)
WebCam Driver for Panasonic DVC (Version: 1.00.0000 - Panasonic) Hidden
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version:  - WebEx Communications, Inc)
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Websteroids (Version: 2.6.53 - Creative Island Media, LLC) Hidden <==== ATTENTION
Windows Backup Utility (HKLM\...\{76EFFC7C-17A6-479D-9E47-8E658C1695AE}) (Version: 5.1 - Microsoft Corporation)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0 - Microsoft) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20061107.210142 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
 
==================== Restore Points  =========================
 
02-01-2014 00:20:05 Software Distribution Service 3.0
08-02-2014 20:00:17 Software Distribution Service 3.0
09-02-2014 20:00:20 Software Distribution Service 3.0
10-02-2014 20:00:21 Software Distribution Service 3.0
22-02-2014 15:29:04 Software Distribution Service 3.0
26-02-2014 20:52:19 Software Distribution Service 3.0
26-02-2014 23:24:52 Software Distribution Service 3.0
27-02-2014 00:44:29 Software Distribution Service 3.0
27-02-2014 21:04:52 Software Distribution Service 3.0
01-03-2014 18:08:17 Software Distribution Service 3.0
01-03-2014 20:59:50 Software Distribution Service 3.0
02-03-2014 00:22:22 Software Distribution Service 3.0
02-03-2014 20:56:35 Software Distribution Service 3.0
03-03-2014 01:10:39 Software Distribution Service 3.0
03-03-2014 09:37:31 Software Distribution Service 3.0
05-03-2014 20:51:28 Software Distribution Service 3.0
05-03-2014 21:51:20 Software Distribution Service 3.0
06-03-2014 23:44:30 Software Distribution Service 3.0
08-03-2014 13:05:50 Software Distribution Service 3.0
25-03-2014 04:00:50 Software Distribution Service 3.0
25-03-2014 10:31:26 avast! antivirus system restore point
25-03-2014 10:45:00 Removed AVG 2013
25-03-2014 10:48:03 Removed AVG 2013
25-03-2014 19:00:20 Software Distribution Service 3.0
26-03-2014 00:22:55 Software Distribution Service 3.0
26-03-2014 00:45:48 Software Distribution Service 3.0
26-03-2014 01:19:36 Software Distribution Service 3.0
26-03-2014 01:27:01 Software Distribution Service 3.0
26-03-2014 01:44:24 Software Distribution Service 3.0
 
==================== Hosts content: ==========================
 
2002-08-29 06:00 - 2002-08-29 06:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job => C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
Task: C:\WINDOWS\Tasks\ASC6_PerformanceMonitor.job => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\DriverCure.job => C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338380426-3967360501-2782490205-1006Core1cb71848c36636c.job => C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338380426-3967360501-2782490205-1006UA.job => C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Registration.job => C:\Program Files\Common Files\ParetoLogic\UUS2\UUS.dll
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version2.job => C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe
Task: C:\WINDOWS\Tasks\ROC_SYS_TASK.job => C:\Documents and Settings\All Users\Application Data\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\ROC_SYS_TASK_DELETE.job => C:\Documents and Settings\All Users\Application Data\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\{0CD49CF2-304E-4CC1-83B5-6E23E28E2CCC}_D3GQH231_Galen.job => C:\WINDOWS\system32\mobsync.exe
Task: C:\WINDOWS\Tasks\{83617369-7146-4780-8A4F-486E1ED2D917}_D3GQH231_Galen.job => C:\WINDOWS\system32\mobsync.exe
Task: C:\WINDOWS\Tasks\{C1BFC67B-2BEA-4BC1-8623-F8329E934FCD}_D3GQH231_Galen.job => C:\WINDOWS\system32\mobsync.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-12-31 21:33 - 2012-09-19 18:19 - 00142208 _____ () C:\Program Files\IObit\Advanced SystemCare 6\ASCExtMenu.dll
2012-12-31 21:33 - 2012-09-19 18:18 - 00105344 _____ () C:\Program Files\IObit\Advanced SystemCare 6\ASCComputerMenu.dll
2009-11-06 00:43 - 2007-07-23 16:18 - 00024064 _____ () C:\WINDOWS\System32\WLTRYSVC.EXE
2009-11-06 00:43 - 2007-07-23 16:18 - 00753664 _____ () C:\WINDOWS\System32\bcm1xsup.dll
2014-03-25 19:28 - 2014-03-25 19:28 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14032501\algo.dll
2014-03-26 06:30 - 2014-03-26 06:30 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14032601\algo.dll
2013-05-05 10:14 - 2013-03-27 11:57 - 01277464 _____ () C:\Documents and Settings\All Users\Application Data\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe
2012-12-31 21:33 - 2012-10-30 16:37 - 00348032 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madExcept_.bpl
2012-12-31 21:33 - 2012-10-30 16:37 - 00182656 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madBasic_.bpl
2012-12-31 21:33 - 2012-10-30 16:37 - 00050048 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2010-05-10 11:32 - 2010-05-10 11:32 - 01858048 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
2010-05-10 11:32 - 2010-05-10 11:32 - 00482304 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
2006-05-21 13:21 - 2005-01-24 19:58 - 00081920 _____ () C:\Program Files\Sony\SonicStage\SSAAD.exe
2014-03-25 06:32 - 2014-03-25 06:32 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-11-06 00:43 - 2006-03-22 01:19 - 00045056 _____ () C:\Program Files\Linksys\WMP300N\Security.dll
2009-11-06 00:43 - 2002-04-23 10:00 - 00110592 _____ () C:\Program Files\Linksys\WMP300N\GEMWEP.DLL
2009-11-06 00:43 - 2003-10-13 01:30 - 00094208 _____ () C:\Program Files\Linksys\WMP300N\GTW32N50.DLL
2009-11-06 00:43 - 2006-04-12 20:20 - 00069704 _____ () C:\Program Files\Linksys\WMP300N\BCMDLLIF.dll
2009-11-06 00:43 - 2005-10-06 23:37 - 00086016 _____ () C:\Program Files\Linksys\WMP300N\preflib.dll
2014-02-22 12:20 - 2014-02-19 21:02 - 00051016 _____ () C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-22 12:20 - 2014-02-19 21:03 - 04060488 _____ () C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-22 12:20 - 2014-02-19 21:03 - 00394568 _____ () C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-22 12:20 - 2014-02-19 21:02 - 01647432 _____ () C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => 
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Cisco Systems VPN Client.lnk => C:\WINDOWS\pss\Cisco Systems VPN Client.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hpoddt01.exe.lnk => C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Image Transfer.lnk => C:\WINDOWS\pss\Image Transfer.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk => C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^officejet 6100.lnk => C:\WINDOWS\pss\officejet 6100.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WDDMStatus.lnk => C:\WINDOWS\pss\WDDMStatus.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WDSmartWare.lnk => C:\WINDOWS\pss\WDSmartWare.lnkCommon Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AVG8_TRAY => 
MSCONFIG\startupreg: diagent => "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
MSCONFIG\startupreg: errorkiller => 
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: H/PC Connection Agent => 
MSCONFIG\startupreg: ISTray => 
MSCONFIG\startupreg: Logitech Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: LogitechVideoRepair => 
MSCONFIG\startupreg: LogitechVideoTray => 
MSCONFIG\startupreg: mmtask => C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
MSCONFIG\startupreg: MMTray => "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
MSCONFIG\startupreg: MSN Toolbar => 
MSCONFIG\startupreg: PersonalAV => 
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: RegistryMechanic => C:\Program Files\Registry Mechanic\RegMech.exe /H
MSCONFIG\startupreg: RegistrySmart => 
MSCONFIG\startupreg: Secure Online Account Numbers => 
MSCONFIG\startupreg: SpyHunter => 
MSCONFIG\startupreg: SpywareBot => 
MSCONFIG\startupreg: SsAAD.exe => C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/24/2014 10:35:13 PM) (Source: LoadPerf) (User: )
Description: The performance counter explain text string value in the registry is
incorrectly formatted. The bogus string is 24, the bogus index value
is the first DWORD in Data section while the last valid index values are
the second and third DWORD in Data section.
 
Error: (03/24/2014 07:07:20 PM) (Source: LoadPerf) (User: )
Description: The performance counter explain text string value in the registry is
incorrectly formatted. The bogus string is 24, the bogus index value
is the first DWORD in Data section while the last valid index values are
the second and third DWORD in Data section.
 
Error: (03/24/2014 07:06:59 PM) (Source: LoadPerf) (User: )
Description: The performance counter explain text string value in the registry is
incorrectly formatted. The bogus string is 24, the bogus index value
is the first DWORD in Data section while the last valid index values are
the second and third DWORD in Data section.
 
Error: (03/24/2014 07:02:15 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
 
Error: (03/08/2014 07:57:16 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
 
Error: (03/05/2014 04:51:29 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
 
Error: (03/04/2014 06:14:17 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
 
Error: (03/02/2014 06:54:06 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
 
Error: (03/02/2014 05:41:34 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
 
Error: (03/02/2014 04:57:02 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
 
 
System errors:
=============
Error: (03/26/2014 06:28:05 AM) (Source: DCOM) (User: D3GQH231)
Description: DCOM got error "%%1058" attempting to start the service SSScsiSV with arguments "-Service"
in order to run the server:
{C671F780-ADB4-4D15-A97C-F0F5596DB6C9}
 
Error: (03/26/2014 06:28:05 AM) (Source: DCOM) (User: D3GQH231)
Description: DCOM got error "%%1058" attempting to start the service SSScsiSV with arguments "-Service"
in order to run the server:
{C671F780-ADB4-4D15-A97C-F0F5596DB6C9}
 
Error: (03/26/2014 06:27:04 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service hung on starting.
 
Error: (03/26/2014 06:25:39 AM) (Source: Service Control Manager) (User: )
Description: The Fax service depends on the Print Spooler service which failed to start because of the following error: 
%%1058
 
Error: (03/25/2014 09:43:58 PM) (Source: DCOM) (User: D3GQH231)
Description: DCOM got error "%%1058" attempting to start the service SSScsiSV with arguments "-Service"
in order to run the server:
{C671F780-ADB4-4D15-A97C-F0F5596DB6C9}
 
Error: (03/25/2014 09:43:58 PM) (Source: DCOM) (User: D3GQH231)
Description: DCOM got error "%%1058" attempting to start the service SSScsiSV with arguments "-Service"
in order to run the server:
{C671F780-ADB4-4D15-A97C-F0F5596DB6C9}
 
Error: (03/25/2014 09:42:34 PM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service hung on starting.
 
Error: (03/25/2014 09:41:10 PM) (Source: Service Control Manager) (User: )
Description: The Fax service depends on the Print Spooler service which failed to start because of the following error: 
%%1058
 
Error: (03/25/2014 09:40:06 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (03/25/2014 09:37:19 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
Fips
intelppm
 
 
Microsoft Office Sessions:
=========================
Error: (03/24/2014 10:35:13 PM) (Source: LoadPerf)(User: )
Description: 24
 
Error: (03/24/2014 07:07:20 PM) (Source: LoadPerf)(User: )
Description: 24
 
Error: (03/24/2014 07:06:59 PM) (Source: LoadPerf)(User: )
Description: 24
 
Error: (03/24/2014 07:02:15 PM) (Source: crypt32)(User: )
 
Error: (03/08/2014 07:57:16 AM) (Source: crypt32)(User: )
 
Error: (03/05/2014 04:51:29 PM) (Source: crypt32)(User: )
 
Error: (03/04/2014 06:14:17 PM) (Source: crypt32)(User: )
 
Error: (03/02/2014 06:54:06 PM) (Source: crypt32)(User: )
 
Error: (03/02/2014 05:41:34 PM) (Source: crypt32)(User: )
 
Error: (03/02/2014 04:57:02 PM) (Source: crypt32)(User: )
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 31%
Total physical RAM: 3071 MB
Available physical RAM: 2117.52 MB
Total Pagefile: 5985.93 MB
Available Pagefile: 5039.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.32 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:55.84 GB) (Free:15.82 GB) NTFS ==>[Drive with boot components (Windows XP)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 56 GB) (Disk ID: 9DC96E9E)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=56 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Galen (administrator) on D3GQH231 on 26-03-2014 06:34:52
Running from C:\Documents and Settings\Galen\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
() C:\WINDOWS\System32\WLTRYSVC.EXE
(Broadcom Corporation) C:\WINDOWS\System32\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Creative Technology Ltd) C:\WINDOWS\System32\CTsvcCDA.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
() C:\Documents and Settings\All Users\Application Data\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
() C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
() C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(GEMTEKS) C:\Program Files\Linksys\WMP300N\WLService.exe
(Microsoft Corporation) c:\Program Files\Zune\ZuneBusEnum.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Dell - Advanced Desktop Engineering) C:\WINDOWS\System32\DSentry.exe
(Broadcom Corporation) C:\WINDOWS\BCMSMMSG.exe
(Logitech Inc.) C:\WINDOWS\system32\LVCOMSX.EXE
() C:\Program Files\Sony\SonicStage\SSAAD.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
(Linksys) C:\Program Files\Linksys\WMP300N\WMP300N.exe
(Google Inc.) C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [49152 2003-07-28] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [4841472 2003-07-28] (NVIDIA Corporation)
HKLM\...\Run: [ccApp] - C:\Program Files\Common Files\Symantec Shared\ccApp.exe [52840 2007-01-22] (Symantec Corporation)
HKLM\...\Run: [DVDSentry] - C:\WINDOWS\System32\DSentry.exe [28672 2002-08-14] (Dell - Advanced Desktop Engineering)
HKLM\...\Run: [BCMSMMSG] - C:\WINDOWS\BCMSMMSG.exe [122880 2003-08-29] (Broadcom Corporation)
HKLM\...\Run: [LVCOMSX] - C:\WINDOWS\system32\LVCOMSX.EXE [221184 2004-05-21] (Logitech Inc.)
HKLM\...\Run: [Microsoft Default Manager] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM\...\Run: [SsAAD.exe] - C:\Program Files\Sony\SonicStage\SSAAD.exe [81920 2005-01-24] ()
HKLM\...\Run: [Zune Launcher] - c:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-25] (AVAST Software)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\d9f7dc55-ff6d-451c-b55c-0b5169a667bd.exe /check [181136 2014-03-26] (AVAST Software)
HKLM\...\Policies\Explorer: [] 
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x5F000000
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [RunNarrator] - C:\WINDOWS\system32\Narrator.exe [53760 2008-04-13] (Microsoft Corporation)
HKU\.DEFAULT\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Run: [Google Update] - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2010-05-25] (Google Inc.)
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Run: [Advanced SystemCare 6] - C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [490880 2012-09-24] (IObit)
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\MountPoints2: {01e6d164-c9ec-11de-a541-0007e96fdb84} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\MountPoints2: {ad580842-7711-11df-a5bc-0007e96fdb84} - "F:\WD SmartWare.exe" autoplay=true
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/webhp?sourceid=navclient&ie=UTF-8
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} -  No File
SearchScopes: HKCU - DefaultScope {926A59F5-E2F5-4010-9D5D-5343050995EE} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {926A59F5-E2F5-4010-9D5D-5343050995EE} URL = https://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO: No Name - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} -  No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} -  No File
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -  No File
Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} -  No File
Toolbar: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
Toolbar: HKCU - No Name - {C4069E3A-68F1-403E-B40E-20066696354B} -  No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab
DPF: {1FBD11EF-1260-11D1-87A7-444553540001} http://172.18.1.61/osd/synapseWorkstation.cab
DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} http://transweb.trihealth.com/Citrix/ICAWEB/en/ica32/ica32t.exe
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab
DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} http://10.18.200.123/WSWebDownload/ws/isetup.cab
DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterfly.com/downloads/Uploader.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://fujimed.webex.com/client/T25L/support/ieatgpc.cab
DPF: {F88E6FA9-579E-4AE9-8DDA-C48BB36B0A32} http://ms15-crsv01dc/osd/x86/win95/FujiInst.cab
DPF: {F965D65B-7C09-4EDD-82BE-6E6A6ADE181E} http://www.opvrs.co.kr/cab/Open3DPlayer/VRPlayer.cab
Handler: linkscanner - No CLSID Value - 
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default
FF user.js: detected! => C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default\user.js
FF Homepage: hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Galen\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Websteroids - C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default\Extensions\support@websteroidsapp.com [2014-02-26]
FF Extension: Smartest Bookmarks Bar - C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default\Extensions\{b442f4c0-c292-4998-aabe-48608a73ba75}.xpi [2011-05-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-06-06]
 
Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U23) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-10]
CHR Extension: (Google Search) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-10]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-25]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-26]
CHR Extension: (Gmail) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-10]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-25]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-25] (AVAST Software)
S4 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [192104 2007-01-22] (Symantec Corporation)
S4 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [169576 2007-01-22] (Symantec Corporation)
R2 Creative Service for CDROM Access; C:\WINDOWS\System32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd)
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-11-12] (Sun Microsystems, Inc.)
S4 NetSvc; C:\Program Files\Intel\NCS\Sync\NetSvc.exe [143360 2003-03-03] (Intel® Corporation)
S4 NSCService; C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE [750720 2006-12-15] (Symantec Corporation)
S4 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69718 2005-01-26] (Sony Corporation)
S4 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [69632 2005-01-24] (Sony Corporation)
S4 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1174152 2007-03-16] (Symantec Corporation)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2010-05-10] (WDC)
R2 WDFME; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1858048 2010-05-10] ()
R2 WDSC; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [482304 2010-05-10] ()
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [1265664 2007-07-23] (Broadcom Corporation)
S4 WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation)
R2 ZuneBusEnum; c:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [X]
R2 WMP300NSvc; "C:\Program Files\Linksys\WMP300N\WLService.exe" "WMP300N.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
S4 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.)
R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [17005 2002-08-14] (Adaptec)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-03-25] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-03-25] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-03-25] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [776976 2014-03-25] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411552 2014-03-25] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-03-25] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180760 2014-03-25] ()
R3 BCMModem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [1101696 2003-08-29] (Broadcom Corporation)
R2 BCMNTIO; C:\Program Files\CheckIt\Diagnostics\BCMNTIO.SYS [3744 2004-03-05] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 Cdr4_xp; C:\WINDOWS\system32\Drivers\Cdr4_xp.sys [44288 2007-11-12] (Roxio)
R1 Cdralw2k; C:\WINDOWS\system32\Drivers\Cdralw2k.sys [23436 2002-12-17] (Roxio)
R1 cdudf_xp; C:\WINDOWS\system32\Drivers\cdudf_xp.sys [241152 2002-12-17] (Roxio)
R3 dvd_2K; C:\WINDOWS\system32\Drivers\dvd_2K.sys [25898 2003-07-08] (Roxio)
S3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R3 GTNDIS5; C:\Program Files\Linksys\WMP300N\GTNDIS5.sys [15872 2003-09-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51024 2003-03-09] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16080 2003-03-09] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21456 2003-03-09] (HP)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-04] (Intel® Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2004-08-04] (Intel® Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2004-08-04] (Intel® Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2004-08-04] (Intel® Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-04] (Intel® Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-04] (Intel® Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2004-08-04] (Intel® Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2004-08-04] (Intel® Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2004-08-04] (Intel® Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-04] (Intel® Corporation)
S3 LHidUsbK; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [36480 2005-05-20] (Logitech, Inc.)
S3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [19968 2004-05-27] ()
R2 MAPMEM; C:\Program Files\CheckIt\Diagnostics\MAPMEM.SYS [3904 2004-03-05] ()
S3 mmc_2K; C:\WINDOWS\system32\Drivers\mmc_2K.sys [30630 2003-07-08] (Roxio)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 P16X; C:\WINDOWS\System32\drivers\P16X.sys [1293440 2002-08-30] (Creative Technology Ltd.)
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [42752 2008-04-13] (Microsoft Corporation)
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2002-11-11] (Padus, Inc.)
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [15840 2003-03-05] (Creative Technology Ltd.)
S3 PhilCam8116_XP; C:\WINDOWS\System32\DRIVERS\CamDrL20.sys [245760 2004-05-21] (Logitech Inc.)
R1 pwd_2k; C:\WINDOWS\system32\Drivers\pwd_2k.sys [143834 2003-07-08] (Roxio)
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [115000 2007-07-14] (Symantec Corporation)
R2 symlcbrd; C:\WINDOWS\system32\drivers\symlcbrd.sys [10344 2006-07-24] (Symantec Corporation)
R1 UdfReadr_xp; C:\WINDOWS\system32\Drivers\UdfReadr_xp.sys [206464 2003-07-08] (Roxio)
S3 USBNET_XP; C:\WINDOWS\System32\DRIVERS\netusbxp.sys [72576 2003-02-24] (The LinkSys Group, Inc.)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31273 2003-02-22] (Microsoft Corporation)
R3 WMP300Nv1; C:\WINDOWS\System32\DRIVERS\WMP300Nv1.sys [822400 2007-10-18] (Broadcom Corporation)
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S3 BLKWGU(Belkin); system32\DRIVERS\BLKWGU.sys [X]
S3 bvrp_pci; No ImagePath
S3 ivusb; system32\DRIVERS\ivusb.sys [X]
U1 NDISRD; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SYMIDSCO; No ImagePath
S3 WDC_SAM; system32\DRIVERS\wdcsam.sys [X]
S3 ZDPSp50; System32\Drivers\ZDPSp50.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-26 06:34 - 2014-03-26 06:34 - 00000000 ____D () C:\FRST
2014-03-25 10:19 - 2014-03-25 10:19 - 00002051 _____ () C:\Documents and Settings\Galen\My Documents\aswMBR2.txt
2014-03-25 10:19 - 2014-03-25 10:19 - 00000512 _____ () C:\Documents and Settings\Galen\My Documents\MBR.dat
2014-03-25 08:32 - 2014-03-25 09:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-03-25 08:30 - 2014-03-25 09:20 - 00000000 ____D () C:\Documents and Settings\Galen\Desktop\mbar
2014-03-25 08:30 - 2014-03-25 08:30 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-25 08:06 - 2014-03-25 08:06 - 00001604 _____ () C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
2014-03-25 08:06 - 2014-03-25 08:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-03-25 08:02 - 2014-03-25 08:02 - 00054156 ____H () C:\WINDOWS\QTFont.qfn
2014-03-25 08:02 - 2014-03-25 08:02 - 00001409 _____ () C:\WINDOWS\QTFont.for
2014-03-25 06:37 - 2014-03-25 06:37 - 00000000 ____D () C:\Documents and Settings\Galen\Application Data\AVAST Software
2014-03-25 06:35 - 2014-03-25 06:35 - 00001733 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-03-25 06:35 - 2014-03-25 06:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-03-25 06:34 - 2014-03-26 06:34 - 00000362 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-03-25 06:33 - 2014-03-25 06:32 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-03-25 06:33 - 2014-03-25 06:32 - 00180760 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-03-25 06:32 - 2014-03-25 06:32 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-25 06:31 - 2014-03-25 06:31 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-25 06:30 - 2014-03-25 06:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-03-25 06:29 - 2014-03-25 06:29 - 88551496 _____ (AVAST Software) C:\Documents and Settings\Galen\Desktop\avast_free_antivirus_setup.exe
2014-03-25 00:04 - 2014-03-25 00:04 - 00142597 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00018477 _____ () C:\WINDOWS\FaxSetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00008868 _____ () C:\WINDOWS\ocgen.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00007077 _____ () C:\WINDOWS\tsoc.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00006075 _____ () C:\WINDOWS\comsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00003690 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002904 _____ () C:\WINDOWS\iis6.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002731 _____ () C:\WINDOWS\updspapi.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-25 00:04 - 2014-03-25 00:04 - 00001026 _____ () C:\WINDOWS\ocmsn.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000927 _____ () C:\WINDOWS\msgsocm.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-03-25 00:02 - 2014-03-25 21:37 - 00192268 _____ () C:\WINDOWS\setupapi.log
2014-03-24 22:41 - 2014-03-25 00:04 - 00139743 _____ () C:\WINDOWS\KB2929961.log
2014-03-24 22:39 - 2014-03-25 00:04 - 00140743 _____ () C:\WINDOWS\KB2930275.log
2014-03-24 22:32 - 2014-03-26 06:27 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-24 22:30 - 2014-03-26 06:25 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-24 22:30 - 2014-03-24 22:30 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-24 22:29 - 2014-03-25 21:50 - 00032564 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-24 22:20 - 2014-03-24 22:20 - 00000512 _____ () C:\Documents and Settings\Galen\Desktop\MBR.dat
2014-03-24 21:29 - 2014-03-24 22:20 - 00002527 _____ () C:\Documents and Settings\Galen\Desktop\aswMBR.txt
2014-03-24 18:59 - 2014-03-26 06:25 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-24 18:59 - 2014-03-24 19:01 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-08 09:08 - 2014-03-08 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-08 08:00 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-08 08:00 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-02-26 21:07 - 2014-02-26 21:07 - 00166016 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-02-26 20:44 - 2014-03-25 06:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\InternetUpdater
2014-02-26 20:34 - 2014-02-26 20:34 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Video Converter Bundle
2014-02-26 20:33 - 2014-02-26 20:33 - 00000000 ____D () C:\Documents and Settings\Galen\My Documents\Optimizer Pro
2014-02-26 20:32 - 2014-03-25 06:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Updater
2014-02-26 20:32 - 2014-02-26 20:33 - 00000000 ____D () C:\Program Files\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\Galen\Local Settings\Application Data\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Websteroids
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RHelpers
2014-02-26 20:31 - 2014-02-26 20:31 - 00000877 _____ () C:\Documents and Settings\All Users\Desktop\Video Converter.lnk
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Program Files\SweetPacks
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SweetPacks
2014-02-26 19:33 - 2014-03-24 19:17 - 37916672 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 09502720 _____ () C:\WINDOWS\system32\config\SYSTEM.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 00704512 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 00081920 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-02-26 17:23 - 2014-02-26 17:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
 
==================== One Month Modified Files and Folders =======
 
2014-03-26 06:34 - 2014-03-26 06:34 - 00000000 ____D () C:\FRST
2014-03-26 06:34 - 2014-03-25 06:34 - 00000362 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-03-26 06:32 - 2004-08-17 06:46 - 01680863 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-26 06:28 - 2004-11-30 17:31 - 00016983 _____ () C:\WINDOWS\system32\LVCOMSX.LOG
2014-03-26 06:27 - 2014-03-24 22:32 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-26 06:25 - 2014-03-24 22:30 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-26 06:25 - 2014-03-24 18:59 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-26 06:25 - 2013-05-05 10:16 - 00000482 _____ () C:\WINDOWS\Tasks\ROC_SYS_TASK.job
2014-03-26 06:25 - 2012-12-31 21:34 - 00000268 _____ () C:\WINDOWS\Tasks\ASC6_PerformanceMonitor.job
2014-03-26 06:25 - 2011-05-28 08:40 - 00000270 _____ () C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
2014-03-26 06:25 - 2003-07-08 00:33 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-25 21:50 - 2014-03-24 22:29 - 00032564 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-25 21:50 - 2003-07-10 20:17 - 00000278 ___SH () C:\Documents and Settings\Galen\NTUSER.INI
2014-03-25 21:48 - 2003-07-08 00:29 - 00001170 _____ () C:\WINDOWS\system32\WPA.DBL
2014-03-25 21:37 - 2014-03-25 00:02 - 00192268 _____ () C:\WINDOWS\setupapi.log
2014-03-25 21:25 - 2012-07-15 13:21 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-25 21:11 - 2012-07-10 18:33 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338380426-3967360501-2782490205-1006UA.job
2014-03-25 16:00 - 2007-11-12 15:31 - 00000394 ____H () C:\WINDOWS\Tasks\{0CD49CF2-304E-4CC1-83B5-6E23E28E2CCC}_D3GQH231_Galen.job
2014-03-25 15:04 - 2013-08-17 15:14 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-25 15:00 - 2005-05-11 08:40 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-25 11:11 - 2010-10-21 21:00 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338380426-3967360501-2782490205-1006Core1cb71848c36636c.job
2014-03-25 10:23 - 2009-11-03 23:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-03-25 10:19 - 2014-03-25 10:19 - 00002051 _____ () C:\Documents and Settings\Galen\My Documents\aswMBR2.txt
2014-03-25 10:19 - 2014-03-25 10:19 - 00000512 _____ () C:\Documents and Settings\Galen\My Documents\MBR.dat
2014-03-25 09:20 - 2014-03-25 08:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-03-25 09:20 - 2014-03-25 08:30 - 00000000 ____D () C:\Documents and Settings\Galen\Desktop\mbar
2014-03-25 09:00 - 2007-11-12 15:31 - 00000394 ____H () C:\WINDOWS\Tasks\{83617369-7146-4780-8A4F-486E1ED2D917}_D3GQH231_Galen.job
2014-03-25 08:30 - 2014-03-25 08:30 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-25 08:06 - 2014-03-25 08:06 - 00001604 _____ () C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
2014-03-25 08:06 - 2014-03-25 08:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-03-25 08:06 - 2003-12-30 16:40 - 00000000 ____D () C:\Program Files\QuickTime
2014-03-25 08:02 - 2014-03-25 08:02 - 00054156 ____H () C:\WINDOWS\QTFont.qfn
2014-03-25 08:02 - 2014-03-25 08:02 - 00001409 _____ () C:\WINDOWS\QTFont.for
2014-03-25 06:48 - 2014-02-26 20:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\InternetUpdater
2014-03-25 06:48 - 2012-12-09 20:19 - 00000000 ____D () C:\Documents and Settings\Galen\Local Settings\Application Data\Avg2013
2014-03-25 06:48 - 2011-05-28 08:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-03-25 06:48 - 2005-07-24 20:45 - 00000000 ____D () C:\WINDOWS\pss
2014-03-25 06:48 - 2002-09-03 10:05 - 00000178 ___SH () C:\Documents and Settings\LocalService\NTUSER.INI
2014-03-25 06:47 - 2012-12-09 20:24 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2013
2014-03-25 06:47 - 2012-08-15 19:03 - 00000000 ___HD () C:\$AVG
2014-03-25 06:37 - 2014-03-25 06:37 - 00000000 ____D () C:\Documents and Settings\Galen\Application Data\AVAST Software
2014-03-25 06:35 - 2014-03-25 06:35 - 00001733 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-03-25 06:35 - 2014-03-25 06:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-03-25 06:32 - 2014-03-25 06:33 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-03-25 06:32 - 2014-03-25 06:33 - 00180760 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-03-25 06:32 - 2014-03-25 06:32 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-25 06:31 - 2014-03-25 06:31 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-25 06:30 - 2014-03-25 06:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-03-25 06:29 - 2014-03-25 06:29 - 88551496 _____ (AVAST Software) C:\Documents and Settings\Galen\Desktop\avast_free_antivirus_setup.exe
2014-03-25 06:12 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Updater
2014-03-25 06:12 - 2013-02-02 20:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-25 06:12 - 2009-08-21 20:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-03-25 06:12 - 2002-09-03 10:05 - 00276560 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-25 00:04 - 2014-03-25 00:04 - 00142597 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00018477 _____ () C:\WINDOWS\FaxSetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00008868 _____ () C:\WINDOWS\ocgen.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00007077 _____ () C:\WINDOWS\tsoc.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00006075 _____ () C:\WINDOWS\comsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00003690 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002904 _____ () C:\WINDOWS\iis6.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002731 _____ () C:\WINDOWS\updspapi.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-25 00:04 - 2014-03-25 00:04 - 00001026 _____ () C:\WINDOWS\ocmsn.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000927 _____ () C:\WINDOWS\msgsocm.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-03-25 00:04 - 2014-03-24 22:41 - 00139743 _____ () C:\WINDOWS\KB2929961.log
2014-03-25 00:04 - 2014-03-24 22:39 - 00140743 _____ () C:\WINDOWS\KB2930275.log
2014-03-25 00:01 - 2013-02-02 20:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2014-03-24 22:30 - 2014-03-24 22:30 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-24 22:28 - 2011-05-27 21:55 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-24 22:20 - 2014-03-24 22:20 - 00000512 _____ () C:\Documents and Settings\Galen\Desktop\MBR.dat
2014-03-24 22:20 - 2014-03-24 21:29 - 00002527 _____ () C:\Documents and Settings\Galen\Desktop\aswMBR.txt
2014-03-24 22:12 - 2012-12-09 22:31 - 00000784 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-24 22:12 - 2012-12-09 22:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-03-24 20:25 - 2012-07-15 13:21 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-24 20:25 - 2011-06-07 19:42 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-24 19:17 - 2014-02-26 19:33 - 37916672 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 09502720 _____ () C:\WINDOWS\system32\config\SYSTEM.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 00704512 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 00081920 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-03-24 19:17 - 2003-07-08 00:12 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-03-24 19:17 - 2003-07-08 00:12 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-03-24 19:01 - 2014-03-24 18:59 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-08 09:08 - 2014-03-08 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-03 04:08 - 2010-02-08 13:59 - 00000380 _____ () C:\WINDOWS\Tasks\DriverCure.job
2014-03-01 19:30 - 2003-07-08 00:43 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-02-26 21:07 - 2014-02-26 21:07 - 00166016 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-02-26 20:34 - 2014-02-26 20:34 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Video Converter Bundle
2014-02-26 20:33 - 2014-02-26 20:33 - 00000000 ____D () C:\Documents and Settings\Galen\My Documents\Optimizer Pro
2014-02-26 20:33 - 2014-02-26 20:32 - 00000000 ____D () C:\Program Files\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\Galen\Local Settings\Application Data\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Websteroids
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RHelpers
2014-02-26 20:31 - 2014-02-26 20:31 - 00000877 _____ () C:\Documents and Settings\All Users\Desktop\Video Converter.lnk
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Program Files\SweetPacks
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SweetPacks
2014-02-26 19:16 - 2003-07-10 20:17 - 00073512 _____ () C:\Documents and Settings\Galen\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-02-26 17:23 - 2014-02-26 17:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-02-26 17:08 - 2009-07-05 21:26 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-02-25 21:59 - 2014-03-08 08:00 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-02-25 21:59 - 2014-03-08 08:00 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-02-24 16:24 - 2006-11-07 04:26 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-24 16:24 - 2002-08-29 06:00 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-24 07:46 - 2009-07-05 21:08 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-24 07:46 - 2006-10-17 13:05 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-24 07:46 - 2006-10-17 13:04 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-24 07:46 - 2006-09-18 10:15 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-24 07:46 - 2006-05-10 01:23 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-24 07:46 - 2004-07-07 18:37 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-24 07:46 - 2004-07-07 18:37 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-24 07:46 - 2004-02-06 18:05 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-24 07:46 - 2004-02-06 18:05 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-24 07:46 - 2004-01-21 17:20 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-24 07:46 - 2004-01-21 17:20 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-24 07:45 - 2012-06-17 14:50 - 00522240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-24 07:45 - 2010-06-11 18:17 - 00743424 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-24 07:45 - 2009-07-05 21:08 - 00247808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-24 07:45 - 2009-03-08 04:33 - 00018944 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-24 07:45 - 2006-11-07 22:03 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-24 07:45 - 2006-11-07 22:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-24 07:45 - 2006-11-07 22:03 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-24 07:45 - 2006-11-07 04:27 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-24 07:45 - 2006-10-17 13:05 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-24 07:45 - 2006-10-17 13:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-24 07:45 - 2006-10-17 12:57 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-24 07:45 - 2006-05-10 01:22 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-24 07:45 - 2002-08-29 06:00 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-24 06:54 - 2004-08-04 01:59 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
 
==================== Bamital & volsnap Check =================
 
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
 
==================== End Of Log ============================


#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:25 AM

Posted 26 March 2014 - 05:39 AM

Please post the FRST.txt as well.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 olkydrillsgt

olkydrillsgt
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 26 March 2014 - 05:47 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Galen (administrator) on D3GQH231 on 26-03-2014 06:34:52
Running from C:\Documents and Settings\Galen\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
() C:\WINDOWS\System32\WLTRYSVC.EXE
(Broadcom Corporation) C:\WINDOWS\System32\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Creative Technology Ltd) C:\WINDOWS\System32\CTsvcCDA.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
() C:\Documents and Settings\All Users\Application Data\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
() C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
() C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(GEMTEKS) C:\Program Files\Linksys\WMP300N\WLService.exe
(Microsoft Corporation) c:\Program Files\Zune\ZuneBusEnum.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Dell - Advanced Desktop Engineering) C:\WINDOWS\System32\DSentry.exe
(Broadcom Corporation) C:\WINDOWS\BCMSMMSG.exe
(Logitech Inc.) C:\WINDOWS\system32\LVCOMSX.EXE
() C:\Program Files\Sony\SonicStage\SSAAD.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
(Linksys) C:\Program Files\Linksys\WMP300N\WMP300N.exe
(Google Inc.) C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [49152 2003-07-28] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [4841472 2003-07-28] (NVIDIA Corporation)
HKLM\...\Run: [ccApp] - C:\Program Files\Common Files\Symantec Shared\ccApp.exe [52840 2007-01-22] (Symantec Corporation)
HKLM\...\Run: [DVDSentry] - C:\WINDOWS\System32\DSentry.exe [28672 2002-08-14] (Dell - Advanced Desktop Engineering)
HKLM\...\Run: [BCMSMMSG] - C:\WINDOWS\BCMSMMSG.exe [122880 2003-08-29] (Broadcom Corporation)
HKLM\...\Run: [LVCOMSX] - C:\WINDOWS\system32\LVCOMSX.EXE [221184 2004-05-21] (Logitech Inc.)
HKLM\...\Run: [Microsoft Default Manager] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM\...\Run: [SsAAD.exe] - C:\Program Files\Sony\SonicStage\SSAAD.exe [81920 2005-01-24] ()
HKLM\...\Run: [Zune Launcher] - c:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-25] (AVAST Software)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\d9f7dc55-ff6d-451c-b55c-0b5169a667bd.exe /check [181136 2014-03-26] (AVAST Software)
HKLM\...\Policies\Explorer: [] 
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x5F000000
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [RunNarrator] - C:\WINDOWS\system32\Narrator.exe [53760 2008-04-13] (Microsoft Corporation)
HKU\.DEFAULT\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Run: [Google Update] - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2010-05-25] (Google Inc.)
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Run: [Advanced SystemCare 6] - C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [490880 2012-09-24] (IObit)
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\MountPoints2: {01e6d164-c9ec-11de-a541-0007e96fdb84} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\MountPoints2: {ad580842-7711-11df-a5bc-0007e96fdb84} - "F:\WD SmartWare.exe" autoplay=true
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/webhp?sourceid=navclient&ie=UTF-8
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} -  No File
SearchScopes: HKCU - DefaultScope {926A59F5-E2F5-4010-9D5D-5343050995EE} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {926A59F5-E2F5-4010-9D5D-5343050995EE} URL = https://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO: No Name - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} -  No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} -  No File
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -  No File
Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} -  No File
Toolbar: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
Toolbar: HKCU - No Name - {C4069E3A-68F1-403E-B40E-20066696354B} -  No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab
DPF: {1FBD11EF-1260-11D1-87A7-444553540001} http://172.18.1.61/osd/synapseWorkstation.cab
DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} http://transweb.trihealth.com/Citrix/ICAWEB/en/ica32/ica32t.exe
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab
DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} http://10.18.200.123/WSWebDownload/ws/isetup.cab
DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterfly.com/downloads/Uploader.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://fujimed.webex.com/client/T25L/support/ieatgpc.cab
DPF: {F88E6FA9-579E-4AE9-8DDA-C48BB36B0A32} http://ms15-crsv01dc/osd/x86/win95/FujiInst.cab
DPF: {F965D65B-7C09-4EDD-82BE-6E6A6ADE181E} http://www.opvrs.co.kr/cab/Open3DPlayer/VRPlayer.cab
Handler: linkscanner - No CLSID Value - 
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default
FF user.js: detected! => C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default\user.js
FF Homepage: hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Galen\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Websteroids - C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default\Extensions\support@websteroidsapp.com [2014-02-26]
FF Extension: Smartest Bookmarks Bar - C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default\Extensions\{b442f4c0-c292-4998-aabe-48608a73ba75}.xpi [2011-05-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-06-06]
 
Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U23) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-10]
CHR Extension: (Google Search) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-10]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-25]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-26]
CHR Extension: (Gmail) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-10]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-25]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-25] (AVAST Software)
S4 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [192104 2007-01-22] (Symantec Corporation)
S4 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [169576 2007-01-22] (Symantec Corporation)
R2 Creative Service for CDROM Access; C:\WINDOWS\System32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd)
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-11-12] (Sun Microsystems, Inc.)
S4 NetSvc; C:\Program Files\Intel\NCS\Sync\NetSvc.exe [143360 2003-03-03] (Intel® Corporation)
S4 NSCService; C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE [750720 2006-12-15] (Symantec Corporation)
S4 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69718 2005-01-26] (Sony Corporation)
S4 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [69632 2005-01-24] (Sony Corporation)
S4 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1174152 2007-03-16] (Symantec Corporation)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2010-05-10] (WDC)
R2 WDFME; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1858048 2010-05-10] ()
R2 WDSC; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [482304 2010-05-10] ()
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [1265664 2007-07-23] (Broadcom Corporation)
S4 WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation)
R2 ZuneBusEnum; c:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [X]
R2 WMP300NSvc; "C:\Program Files\Linksys\WMP300N\WLService.exe" "WMP300N.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
S4 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.)
R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [17005 2002-08-14] (Adaptec)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-03-25] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-03-25] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-03-25] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [776976 2014-03-25] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411552 2014-03-25] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-03-25] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180760 2014-03-25] ()
R3 BCMModem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [1101696 2003-08-29] (Broadcom Corporation)
R2 BCMNTIO; C:\Program Files\CheckIt\Diagnostics\BCMNTIO.SYS [3744 2004-03-05] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 Cdr4_xp; C:\WINDOWS\system32\Drivers\Cdr4_xp.sys [44288 2007-11-12] (Roxio)
R1 Cdralw2k; C:\WINDOWS\system32\Drivers\Cdralw2k.sys [23436 2002-12-17] (Roxio)
R1 cdudf_xp; C:\WINDOWS\system32\Drivers\cdudf_xp.sys [241152 2002-12-17] (Roxio)
R3 dvd_2K; C:\WINDOWS\system32\Drivers\dvd_2K.sys [25898 2003-07-08] (Roxio)
S3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R3 GTNDIS5; C:\Program Files\Linksys\WMP300N\GTNDIS5.sys [15872 2003-09-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51024 2003-03-09] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16080 2003-03-09] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21456 2003-03-09] (HP)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-04] (Intel® Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2004-08-04] (Intel® Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2004-08-04] (Intel® Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2004-08-04] (Intel® Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-04] (Intel® Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-04] (Intel® Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2004-08-04] (Intel® Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2004-08-04] (Intel® Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2004-08-04] (Intel® Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-04] (Intel® Corporation)
S3 LHidUsbK; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [36480 2005-05-20] (Logitech, Inc.)
S3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [19968 2004-05-27] ()
R2 MAPMEM; C:\Program Files\CheckIt\Diagnostics\MAPMEM.SYS [3904 2004-03-05] ()
S3 mmc_2K; C:\WINDOWS\system32\Drivers\mmc_2K.sys [30630 2003-07-08] (Roxio)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 P16X; C:\WINDOWS\System32\drivers\P16X.sys [1293440 2002-08-30] (Creative Technology Ltd.)
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [42752 2008-04-13] (Microsoft Corporation)
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2002-11-11] (Padus, Inc.)
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [15840 2003-03-05] (Creative Technology Ltd.)
S3 PhilCam8116_XP; C:\WINDOWS\System32\DRIVERS\CamDrL20.sys [245760 2004-05-21] (Logitech Inc.)
R1 pwd_2k; C:\WINDOWS\system32\Drivers\pwd_2k.sys [143834 2003-07-08] (Roxio)
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [115000 2007-07-14] (Symantec Corporation)
R2 symlcbrd; C:\WINDOWS\system32\drivers\symlcbrd.sys [10344 2006-07-24] (Symantec Corporation)
R1 UdfReadr_xp; C:\WINDOWS\system32\Drivers\UdfReadr_xp.sys [206464 2003-07-08] (Roxio)
S3 USBNET_XP; C:\WINDOWS\System32\DRIVERS\netusbxp.sys [72576 2003-02-24] (The LinkSys Group, Inc.)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31273 2003-02-22] (Microsoft Corporation)
R3 WMP300Nv1; C:\WINDOWS\System32\DRIVERS\WMP300Nv1.sys [822400 2007-10-18] (Broadcom Corporation)
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S3 BLKWGU(Belkin); system32\DRIVERS\BLKWGU.sys [X]
S3 bvrp_pci; No ImagePath
S3 ivusb; system32\DRIVERS\ivusb.sys [X]
U1 NDISRD; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SYMIDSCO; No ImagePath
S3 WDC_SAM; system32\DRIVERS\wdcsam.sys [X]
S3 ZDPSp50; System32\Drivers\ZDPSp50.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-26 06:34 - 2014-03-26 06:34 - 00000000 ____D () C:\FRST
2014-03-25 10:19 - 2014-03-25 10:19 - 00002051 _____ () C:\Documents and Settings\Galen\My Documents\aswMBR2.txt
2014-03-25 10:19 - 2014-03-25 10:19 - 00000512 _____ () C:\Documents and Settings\Galen\My Documents\MBR.dat
2014-03-25 08:32 - 2014-03-25 09:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-03-25 08:30 - 2014-03-25 09:20 - 00000000 ____D () C:\Documents and Settings\Galen\Desktop\mbar
2014-03-25 08:30 - 2014-03-25 08:30 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-25 08:06 - 2014-03-25 08:06 - 00001604 _____ () C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
2014-03-25 08:06 - 2014-03-25 08:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-03-25 08:02 - 2014-03-25 08:02 - 00054156 ____H () C:\WINDOWS\QTFont.qfn
2014-03-25 08:02 - 2014-03-25 08:02 - 00001409 _____ () C:\WINDOWS\QTFont.for
2014-03-25 06:37 - 2014-03-25 06:37 - 00000000 ____D () C:\Documents and Settings\Galen\Application Data\AVAST Software
2014-03-25 06:35 - 2014-03-25 06:35 - 00001733 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-03-25 06:35 - 2014-03-25 06:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-03-25 06:34 - 2014-03-26 06:34 - 00000362 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-03-25 06:33 - 2014-03-25 06:32 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-03-25 06:33 - 2014-03-25 06:32 - 00180760 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-03-25 06:32 - 2014-03-25 06:32 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-25 06:31 - 2014-03-25 06:31 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-25 06:30 - 2014-03-25 06:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-03-25 06:29 - 2014-03-25 06:29 - 88551496 _____ (AVAST Software) C:\Documents and Settings\Galen\Desktop\avast_free_antivirus_setup.exe
2014-03-25 00:04 - 2014-03-25 00:04 - 00142597 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00018477 _____ () C:\WINDOWS\FaxSetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00008868 _____ () C:\WINDOWS\ocgen.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00007077 _____ () C:\WINDOWS\tsoc.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00006075 _____ () C:\WINDOWS\comsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00003690 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002904 _____ () C:\WINDOWS\iis6.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002731 _____ () C:\WINDOWS\updspapi.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-25 00:04 - 2014-03-25 00:04 - 00001026 _____ () C:\WINDOWS\ocmsn.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000927 _____ () C:\WINDOWS\msgsocm.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-03-25 00:02 - 2014-03-25 21:37 - 00192268 _____ () C:\WINDOWS\setupapi.log
2014-03-24 22:41 - 2014-03-25 00:04 - 00139743 _____ () C:\WINDOWS\KB2929961.log
2014-03-24 22:39 - 2014-03-25 00:04 - 00140743 _____ () C:\WINDOWS\KB2930275.log
2014-03-24 22:32 - 2014-03-26 06:27 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-24 22:30 - 2014-03-26 06:25 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-24 22:30 - 2014-03-24 22:30 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-24 22:29 - 2014-03-25 21:50 - 00032564 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-24 22:20 - 2014-03-24 22:20 - 00000512 _____ () C:\Documents and Settings\Galen\Desktop\MBR.dat
2014-03-24 21:29 - 2014-03-24 22:20 - 00002527 _____ () C:\Documents and Settings\Galen\Desktop\aswMBR.txt
2014-03-24 18:59 - 2014-03-26 06:25 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-24 18:59 - 2014-03-24 19:01 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-08 09:08 - 2014-03-08 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-08 08:00 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-08 08:00 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-02-26 21:07 - 2014-02-26 21:07 - 00166016 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-02-26 20:44 - 2014-03-25 06:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\InternetUpdater
2014-02-26 20:34 - 2014-02-26 20:34 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Video Converter Bundle
2014-02-26 20:33 - 2014-02-26 20:33 - 00000000 ____D () C:\Documents and Settings\Galen\My Documents\Optimizer Pro
2014-02-26 20:32 - 2014-03-25 06:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Updater
2014-02-26 20:32 - 2014-02-26 20:33 - 00000000 ____D () C:\Program Files\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\Galen\Local Settings\Application Data\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Websteroids
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RHelpers
2014-02-26 20:31 - 2014-02-26 20:31 - 00000877 _____ () C:\Documents and Settings\All Users\Desktop\Video Converter.lnk
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Program Files\SweetPacks
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SweetPacks
2014-02-26 19:33 - 2014-03-24 19:17 - 37916672 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 09502720 _____ () C:\WINDOWS\system32\config\SYSTEM.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 00704512 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 00081920 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-02-26 17:23 - 2014-02-26 17:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
 
==================== One Month Modified Files and Folders =======
 
2014-03-26 06:34 - 2014-03-26 06:34 - 00000000 ____D () C:\FRST
2014-03-26 06:34 - 2014-03-25 06:34 - 00000362 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-03-26 06:32 - 2004-08-17 06:46 - 01680863 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-26 06:28 - 2004-11-30 17:31 - 00016983 _____ () C:\WINDOWS\system32\LVCOMSX.LOG
2014-03-26 06:27 - 2014-03-24 22:32 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-26 06:25 - 2014-03-24 22:30 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-26 06:25 - 2014-03-24 18:59 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-26 06:25 - 2013-05-05 10:16 - 00000482 _____ () C:\WINDOWS\Tasks\ROC_SYS_TASK.job
2014-03-26 06:25 - 2012-12-31 21:34 - 00000268 _____ () C:\WINDOWS\Tasks\ASC6_PerformanceMonitor.job
2014-03-26 06:25 - 2011-05-28 08:40 - 00000270 _____ () C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
2014-03-26 06:25 - 2003-07-08 00:33 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-25 21:50 - 2014-03-24 22:29 - 00032564 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-25 21:50 - 2003-07-10 20:17 - 00000278 ___SH () C:\Documents and Settings\Galen\NTUSER.INI
2014-03-25 21:48 - 2003-07-08 00:29 - 00001170 _____ () C:\WINDOWS\system32\WPA.DBL
2014-03-25 21:37 - 2014-03-25 00:02 - 00192268 _____ () C:\WINDOWS\setupapi.log
2014-03-25 21:25 - 2012-07-15 13:21 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-25 21:11 - 2012-07-10 18:33 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338380426-3967360501-2782490205-1006UA.job
2014-03-25 16:00 - 2007-11-12 15:31 - 00000394 ____H () C:\WINDOWS\Tasks\{0CD49CF2-304E-4CC1-83B5-6E23E28E2CCC}_D3GQH231_Galen.job
2014-03-25 15:04 - 2013-08-17 15:14 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-25 15:00 - 2005-05-11 08:40 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-25 11:11 - 2010-10-21 21:00 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338380426-3967360501-2782490205-1006Core1cb71848c36636c.job
2014-03-25 10:23 - 2009-11-03 23:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-03-25 10:19 - 2014-03-25 10:19 - 00002051 _____ () C:\Documents and Settings\Galen\My Documents\aswMBR2.txt
2014-03-25 10:19 - 2014-03-25 10:19 - 00000512 _____ () C:\Documents and Settings\Galen\My Documents\MBR.dat
2014-03-25 09:20 - 2014-03-25 08:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-03-25 09:20 - 2014-03-25 08:30 - 00000000 ____D () C:\Documents and Settings\Galen\Desktop\mbar
2014-03-25 09:00 - 2007-11-12 15:31 - 00000394 ____H () C:\WINDOWS\Tasks\{83617369-7146-4780-8A4F-486E1ED2D917}_D3GQH231_Galen.job
2014-03-25 08:30 - 2014-03-25 08:30 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-25 08:06 - 2014-03-25 08:06 - 00001604 _____ () C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
2014-03-25 08:06 - 2014-03-25 08:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-03-25 08:06 - 2003-12-30 16:40 - 00000000 ____D () C:\Program Files\QuickTime
2014-03-25 08:02 - 2014-03-25 08:02 - 00054156 ____H () C:\WINDOWS\QTFont.qfn
2014-03-25 08:02 - 2014-03-25 08:02 - 00001409 _____ () C:\WINDOWS\QTFont.for
2014-03-25 06:48 - 2014-02-26 20:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\InternetUpdater
2014-03-25 06:48 - 2012-12-09 20:19 - 00000000 ____D () C:\Documents and Settings\Galen\Local Settings\Application Data\Avg2013
2014-03-25 06:48 - 2011-05-28 08:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-03-25 06:48 - 2005-07-24 20:45 - 00000000 ____D () C:\WINDOWS\pss
2014-03-25 06:48 - 2002-09-03 10:05 - 00000178 ___SH () C:\Documents and Settings\LocalService\NTUSER.INI
2014-03-25 06:47 - 2012-12-09 20:24 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2013
2014-03-25 06:47 - 2012-08-15 19:03 - 00000000 ___HD () C:\$AVG
2014-03-25 06:37 - 2014-03-25 06:37 - 00000000 ____D () C:\Documents and Settings\Galen\Application Data\AVAST Software
2014-03-25 06:35 - 2014-03-25 06:35 - 00001733 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-03-25 06:35 - 2014-03-25 06:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-03-25 06:32 - 2014-03-25 06:33 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-03-25 06:32 - 2014-03-25 06:33 - 00180760 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-03-25 06:32 - 2014-03-25 06:32 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-25 06:31 - 2014-03-25 06:31 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-25 06:30 - 2014-03-25 06:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-03-25 06:29 - 2014-03-25 06:29 - 88551496 _____ (AVAST Software) C:\Documents and Settings\Galen\Desktop\avast_free_antivirus_setup.exe
2014-03-25 06:12 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Updater
2014-03-25 06:12 - 2013-02-02 20:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-25 06:12 - 2009-08-21 20:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-03-25 06:12 - 2002-09-03 10:05 - 00276560 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-25 00:04 - 2014-03-25 00:04 - 00142597 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00018477 _____ () C:\WINDOWS\FaxSetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00008868 _____ () C:\WINDOWS\ocgen.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00007077 _____ () C:\WINDOWS\tsoc.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00006075 _____ () C:\WINDOWS\comsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00003690 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002904 _____ () C:\WINDOWS\iis6.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002731 _____ () C:\WINDOWS\updspapi.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-25 00:04 - 2014-03-25 00:04 - 00001026 _____ () C:\WINDOWS\ocmsn.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000927 _____ () C:\WINDOWS\msgsocm.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-03-25 00:04 - 2014-03-24 22:41 - 00139743 _____ () C:\WINDOWS\KB2929961.log
2014-03-25 00:04 - 2014-03-24 22:39 - 00140743 _____ () C:\WINDOWS\KB2930275.log
2014-03-25 00:01 - 2013-02-02 20:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2014-03-24 22:30 - 2014-03-24 22:30 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-24 22:28 - 2011-05-27 21:55 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-24 22:20 - 2014-03-24 22:20 - 00000512 _____ () C:\Documents and Settings\Galen\Desktop\MBR.dat
2014-03-24 22:20 - 2014-03-24 21:29 - 00002527 _____ () C:\Documents and Settings\Galen\Desktop\aswMBR.txt
2014-03-24 22:12 - 2012-12-09 22:31 - 00000784 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-24 22:12 - 2012-12-09 22:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-03-24 20:25 - 2012-07-15 13:21 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-24 20:25 - 2011-06-07 19:42 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-24 19:17 - 2014-02-26 19:33 - 37916672 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 09502720 _____ () C:\WINDOWS\system32\config\SYSTEM.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 00704512 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 00081920 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-03-24 19:17 - 2003-07-08 00:12 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-03-24 19:17 - 2003-07-08 00:12 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-03-24 19:01 - 2014-03-24 18:59 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-08 09:08 - 2014-03-08 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-03 04:08 - 2010-02-08 13:59 - 00000380 _____ () C:\WINDOWS\Tasks\DriverCure.job
2014-03-01 19:30 - 2003-07-08 00:43 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-02-26 21:07 - 2014-02-26 21:07 - 00166016 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-02-26 20:34 - 2014-02-26 20:34 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Video Converter Bundle
2014-02-26 20:33 - 2014-02-26 20:33 - 00000000 ____D () C:\Documents and Settings\Galen\My Documents\Optimizer Pro
2014-02-26 20:33 - 2014-02-26 20:32 - 00000000 ____D () C:\Program Files\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\Galen\Local Settings\Application Data\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Websteroids
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RHelpers
2014-02-26 20:31 - 2014-02-26 20:31 - 00000877 _____ () C:\Documents and Settings\All Users\Desktop\Video Converter.lnk
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Program Files\SweetPacks
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SweetPacks
2014-02-26 19:16 - 2003-07-10 20:17 - 00073512 _____ () C:\Documents and Settings\Galen\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-02-26 17:23 - 2014-02-26 17:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-02-26 17:08 - 2009-07-05 21:26 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-02-25 21:59 - 2014-03-08 08:00 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-02-25 21:59 - 2014-03-08 08:00 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-02-24 16:24 - 2006-11-07 04:26 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-24 16:24 - 2002-08-29 06:00 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-24 07:46 - 2009-07-05 21:08 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-24 07:46 - 2006-10-17 13:05 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-24 07:46 - 2006-10-17 13:04 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-24 07:46 - 2006-09-18 10:15 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-24 07:46 - 2006-05-10 01:23 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-24 07:46 - 2004-07-07 18:37 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-24 07:46 - 2004-07-07 18:37 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-24 07:46 - 2004-02-06 18:05 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-24 07:46 - 2004-02-06 18:05 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-24 07:46 - 2004-01-21 17:20 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-24 07:46 - 2004-01-21 17:20 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-24 07:45 - 2012-06-17 14:50 - 00522240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-24 07:45 - 2010-06-11 18:17 - 00743424 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-24 07:45 - 2009-07-05 21:08 - 00247808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-24 07:45 - 2009-03-08 04:33 - 00018944 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-24 07:45 - 2006-11-07 22:03 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-24 07:45 - 2006-11-07 22:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-24 07:45 - 2006-11-07 22:03 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-24 07:45 - 2006-11-07 04:27 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-24 07:45 - 2006-10-17 13:05 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-24 07:45 - 2006-10-17 13:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-24 07:45 - 2006-10-17 12:57 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-24 07:45 - 2006-05-10 01:22 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-24 07:45 - 2002-08-29 06:00 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-24 06:54 - 2004-08-04 01:59 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
 
==================== Bamital & volsnap Check =================
 
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
 
==================== End Of Log ============================


#9 olkydrillsgt

olkydrillsgt
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 26 March 2014 - 05:49 AM

Sorry Marius, the FRST was added under the Addition somehow in the first post. I just reposted it separately.



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:25 AM

Posted 26 March 2014 - 05:56 AM

My mistake - I´ve missed it.

 

 

Multiple Antivirus Programs installed!

I do not recommend that you have more than one anti-virus product installed and running on your computer at a time.

The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Therefore please go to add/remove in the control panel and remove either avast! or Norton.

 

 

 

 

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs

Internet Updater
Search Protect
Updater
Websteroids


Close the window.

 

 

 

When finished, provide new logs by FRST (including addition.txt).


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 olkydrillsgt

olkydrillsgt
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 26 March 2014 - 06:05 AM

Tried to remove norton but an error pops up saying the setup files are not available or missing.

Web Steroids is not listed on the list of programs

Internet updater says uninstall.exe not working.



#12 olkydrillsgt

olkydrillsgt
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 26 March 2014 - 06:07 AM

search protect and updater also not visible on the list of programs



#13 olkydrillsgt

olkydrillsgt
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 26 March 2014 - 07:08 AM

was able to download norton removal utility and remove norton. also in smart mode I was able to uninstall internet updater.

need guidance on how to remove  search protect, websteroid, and updater


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Galen (administrator) on D3GQH231 on 26-03-2014 08:03:14
Running from C:\Documents and Settings\Galen\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
() C:\WINDOWS\System32\WLTRYSVC.EXE
(Broadcom Corporation) C:\WINDOWS\System32\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Creative Technology Ltd) C:\WINDOWS\System32\CTsvcCDA.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Documents and Settings\All Users\Application Data\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe
() C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
() C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(GEMTEKS) C:\Program Files\Linksys\WMP300N\WLService.exe
(Microsoft Corporation) c:\Program Files\Zune\ZuneBusEnum.exe
(Linksys) C:\Program Files\Linksys\WMP300N\WMP300N.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Dell - Advanced Desktop Engineering) C:\WINDOWS\System32\DSentry.exe
(Broadcom Corporation) C:\WINDOWS\BCMSMMSG.exe
(Logitech Inc.) C:\WINDOWS\system32\LVCOMSX.EXE
() C:\Program Files\Sony\SonicStage\SSAAD.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [49152 2003-07-28] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [4841472 2003-07-28] (NVIDIA Corporation)
HKLM\...\Run: [DVDSentry] - C:\WINDOWS\System32\DSentry.exe [28672 2002-08-14] (Dell - Advanced Desktop Engineering)
HKLM\...\Run: [BCMSMMSG] - C:\WINDOWS\BCMSMMSG.exe [122880 2003-08-29] (Broadcom Corporation)
HKLM\...\Run: [LVCOMSX] - C:\WINDOWS\system32\LVCOMSX.EXE [221184 2004-05-21] (Logitech Inc.)
HKLM\...\Run: [Microsoft Default Manager] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM\...\Run: [SsAAD.exe] - C:\Program Files\Sony\SonicStage\SSAAD.exe [81920 2005-01-24] ()
HKLM\...\Run: [Zune Launcher] - c:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-25] (AVAST Software)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Policies\Explorer: [] 
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x5F000000
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [RunNarrator] - C:\WINDOWS\system32\Narrator.exe [53760 2008-04-13] (Microsoft Corporation)
HKU\.DEFAULT\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Run: [Google Update] - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2010-05-25] (Google Inc.)
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Run: [Advanced SystemCare 6] - C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [490880 2012-09-24] (IObit)
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\MountPoints2: {01e6d164-c9ec-11de-a541-0007e96fdb84} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\MountPoints2: {ad580842-7711-11df-a5bc-0007e96fdb84} - "F:\WD SmartWare.exe" autoplay=true
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/webhp?sourceid=navclient&ie=UTF-8
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} -  No File
SearchScopes: HKCU - DefaultScope {926A59F5-E2F5-4010-9D5D-5343050995EE} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {926A59F5-E2F5-4010-9D5D-5343050995EE} URL = https://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO: No Name - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} -  No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} -  No File
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -  No File
Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} -  No File
Toolbar: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
Toolbar: HKCU - No Name - {C4069E3A-68F1-403E-B40E-20066696354B} -  No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab
DPF: {1FBD11EF-1260-11D1-87A7-444553540001} http://172.18.1.61/osd/synapseWorkstation.cab
DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} http://transweb.trihealth.com/Citrix/ICAWEB/en/ica32/ica32t.exe
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab
DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} http://10.18.200.123/WSWebDownload/ws/isetup.cab
DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterfly.com/downloads/Uploader.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://fujimed.webex.com/client/T25L/support/ieatgpc.cab
DPF: {F88E6FA9-579E-4AE9-8DDA-C48BB36B0A32} http://ms15-crsv01dc/osd/x86/win95/FujiInst.cab
DPF: {F965D65B-7C09-4EDD-82BE-6E6A6ADE181E} http://www.opvrs.co.kr/cab/Open3DPlayer/VRPlayer.cab
Handler: linkscanner - No CLSID Value - 
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default
FF user.js: detected! => C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default\user.js
FF Homepage: hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Galen\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Websteroids - C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default\Extensions\support@websteroidsapp.com [2014-02-26]
FF Extension: Smartest Bookmarks Bar - C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default\Extensions\{b442f4c0-c292-4998-aabe-48608a73ba75}.xpi [2011-05-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-06-06]
 
Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U23) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-10]
CHR Extension: (Google Search) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-10]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-25]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-26]
CHR Extension: (Gmail) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-10]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-25]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-25] (AVAST Software)
R2 Creative Service for CDROM Access; C:\WINDOWS\System32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd)
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-11-12] (Sun Microsystems, Inc.)
S4 NetSvc; C:\Program Files\Intel\NCS\Sync\NetSvc.exe [143360 2003-03-03] (Intel® Corporation)
S4 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69718 2005-01-26] (Sony Corporation)
S4 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [69632 2005-01-24] (Sony Corporation)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2010-05-10] (WDC)
R2 WDFME; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1858048 2010-05-10] ()
R2 WDSC; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [482304 2010-05-10] ()
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [1265664 2007-07-23] (Broadcom Corporation)
S4 WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation)
R2 ZuneBusEnum; c:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [X]
R2 WMP300NSvc; "C:\Program Files\Linksys\WMP300N\WLService.exe" "WMP300N.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
S4 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.)
R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [17005 2002-08-14] (Adaptec)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-03-25] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-03-25] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-03-25] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [776976 2014-03-25] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411552 2014-03-25] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-03-25] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180760 2014-03-25] ()
R3 BCMModem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [1101696 2003-08-29] (Broadcom Corporation)
R2 BCMNTIO; C:\Program Files\CheckIt\Diagnostics\BCMNTIO.SYS [3744 2004-03-05] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 Cdr4_xp; C:\WINDOWS\system32\Drivers\Cdr4_xp.sys [44288 2007-11-12] (Roxio)
R1 Cdralw2k; C:\WINDOWS\system32\Drivers\Cdralw2k.sys [23436 2002-12-17] (Roxio)
R1 cdudf_xp; C:\WINDOWS\system32\Drivers\cdudf_xp.sys [241152 2002-12-17] (Roxio)
R3 dvd_2K; C:\WINDOWS\system32\Drivers\dvd_2K.sys [25898 2003-07-08] (Roxio)
S3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R3 GTNDIS5; C:\Program Files\Linksys\WMP300N\GTNDIS5.sys [15872 2003-09-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51024 2003-03-09] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16080 2003-03-09] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21456 2003-03-09] (HP)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-04] (Intel® Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2004-08-04] (Intel® Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2004-08-04] (Intel® Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2004-08-04] (Intel® Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-04] (Intel® Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-04] (Intel® Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2004-08-04] (Intel® Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2004-08-04] (Intel® Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2004-08-04] (Intel® Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-04] (Intel® Corporation)
S3 LHidUsbK; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [36480 2005-05-20] (Logitech, Inc.)
S3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [19968 2004-05-27] ()
R2 MAPMEM; C:\Program Files\CheckIt\Diagnostics\MAPMEM.SYS [3904 2004-03-05] ()
S3 mmc_2K; C:\WINDOWS\system32\Drivers\mmc_2K.sys [30630 2003-07-08] (Roxio)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 P16X; C:\WINDOWS\System32\drivers\P16X.sys [1293440 2002-08-30] (Creative Technology Ltd.)
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [42752 2008-04-13] (Microsoft Corporation)
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2002-11-11] (Padus, Inc.)
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [15840 2003-03-05] (Creative Technology Ltd.)
S3 PhilCam8116_XP; C:\WINDOWS\System32\DRIVERS\CamDrL20.sys [245760 2004-05-21] (Logitech Inc.)
R1 pwd_2k; C:\WINDOWS\system32\Drivers\pwd_2k.sys [143834 2003-07-08] (Roxio)
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R1 UdfReadr_xp; C:\WINDOWS\system32\Drivers\UdfReadr_xp.sys [206464 2003-07-08] (Roxio)
S3 USBNET_XP; C:\WINDOWS\System32\DRIVERS\netusbxp.sys [72576 2003-02-24] (The LinkSys Group, Inc.)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31273 2003-02-22] (Microsoft Corporation)
R3 WMP300Nv1; C:\WINDOWS\System32\DRIVERS\WMP300Nv1.sys [822400 2007-10-18] (Broadcom Corporation)
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S3 BLKWGU(Belkin); system32\DRIVERS\BLKWGU.sys [X]
S3 bvrp_pci; No ImagePath
S3 ivusb; system32\DRIVERS\ivusb.sys [X]
U1 NDISRD; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 WDC_SAM; system32\DRIVERS\wdcsam.sys [X]
S3 ZDPSp50; System32\Drivers\ZDPSp50.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-26 06:34 - 2014-03-26 08:03 - 00000000 ____D () C:\FRST
2014-03-25 10:19 - 2014-03-25 10:19 - 00002051 _____ () C:\Documents and Settings\Galen\My Documents\aswMBR2.txt
2014-03-25 10:19 - 2014-03-25 10:19 - 00000512 _____ () C:\Documents and Settings\Galen\My Documents\MBR.dat
2014-03-25 08:32 - 2014-03-25 09:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-03-25 08:30 - 2014-03-25 09:20 - 00000000 ____D () C:\Documents and Settings\Galen\Desktop\mbar
2014-03-25 08:30 - 2014-03-25 08:30 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-25 08:06 - 2014-03-25 08:06 - 00001604 _____ () C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
2014-03-25 08:06 - 2014-03-25 08:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-03-25 08:02 - 2014-03-25 08:02 - 00054156 ____H () C:\WINDOWS\QTFont.qfn
2014-03-25 08:02 - 2014-03-25 08:02 - 00001409 _____ () C:\WINDOWS\QTFont.for
2014-03-25 06:37 - 2014-03-25 06:37 - 00000000 ____D () C:\Documents and Settings\Galen\Application Data\AVAST Software
2014-03-25 06:35 - 2014-03-25 06:35 - 00001733 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-03-25 06:35 - 2014-03-25 06:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-03-25 06:34 - 2014-03-26 08:00 - 00000362 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-03-25 06:33 - 2014-03-25 06:32 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-03-25 06:33 - 2014-03-25 06:32 - 00180760 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-03-25 06:32 - 2014-03-25 06:32 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-25 06:31 - 2014-03-25 06:31 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-25 06:30 - 2014-03-25 06:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-03-25 06:29 - 2014-03-25 06:29 - 88551496 _____ (AVAST Software) C:\Documents and Settings\Galen\Desktop\avast_free_antivirus_setup.exe
2014-03-25 00:04 - 2014-03-25 00:04 - 00142597 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00018477 _____ () C:\WINDOWS\FaxSetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00008868 _____ () C:\WINDOWS\ocgen.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00007077 _____ () C:\WINDOWS\tsoc.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00006075 _____ () C:\WINDOWS\comsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00003690 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002904 _____ () C:\WINDOWS\iis6.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002731 _____ () C:\WINDOWS\updspapi.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-25 00:04 - 2014-03-25 00:04 - 00001026 _____ () C:\WINDOWS\ocmsn.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000927 _____ () C:\WINDOWS\msgsocm.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-03-25 00:02 - 2014-03-25 21:37 - 00192268 _____ () C:\WINDOWS\setupapi.log
2014-03-24 22:41 - 2014-03-25 00:04 - 00139743 _____ () C:\WINDOWS\KB2929961.log
2014-03-24 22:39 - 2014-03-25 00:04 - 00140743 _____ () C:\WINDOWS\KB2930275.log
2014-03-24 22:32 - 2014-03-26 08:01 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-24 22:30 - 2014-03-26 07:59 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-24 22:30 - 2014-03-24 22:30 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-24 22:29 - 2014-03-26 07:53 - 00032564 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-24 22:20 - 2014-03-24 22:20 - 00000512 _____ () C:\Documents and Settings\Galen\Desktop\MBR.dat
2014-03-24 21:29 - 2014-03-24 22:20 - 00002527 _____ () C:\Documents and Settings\Galen\Desktop\aswMBR.txt
2014-03-24 18:59 - 2014-03-26 07:59 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-24 18:59 - 2014-03-24 19:01 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-08 09:08 - 2014-03-08 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-08 08:00 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-08 08:00 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-02-26 21:07 - 2014-02-26 21:07 - 00166016 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-02-26 20:34 - 2014-02-26 20:34 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Video Converter Bundle
2014-02-26 20:33 - 2014-02-26 20:33 - 00000000 ____D () C:\Documents and Settings\Galen\My Documents\Optimizer Pro
2014-02-26 20:32 - 2014-03-25 06:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Updater
2014-02-26 20:32 - 2014-02-26 20:33 - 00000000 ____D () C:\Program Files\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\Galen\Local Settings\Application Data\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Websteroids
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RHelpers
2014-02-26 20:31 - 2014-02-26 20:31 - 00000877 _____ () C:\Documents and Settings\All Users\Desktop\Video Converter.lnk
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Program Files\SweetPacks
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SweetPacks
2014-02-26 19:33 - 2014-03-24 19:17 - 37916672 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 09502720 _____ () C:\WINDOWS\system32\config\SYSTEM.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 00704512 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 00081920 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-02-26 17:23 - 2014-02-26 17:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
 
==================== One Month Modified Files and Folders =======
 
2014-03-26 08:03 - 2014-03-26 06:34 - 00000000 ____D () C:\FRST
2014-03-26 08:01 - 2014-03-24 22:32 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-26 08:01 - 2004-11-30 17:31 - 00017725 _____ () C:\WINDOWS\system32\LVCOMSX.LOG
2014-03-26 08:00 - 2014-03-25 06:34 - 00000362 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-03-26 08:00 - 2004-08-17 06:46 - 01693554 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-26 07:59 - 2014-03-24 22:30 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-26 07:59 - 2014-03-24 18:59 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-26 07:59 - 2013-05-05 10:16 - 00000482 _____ () C:\WINDOWS\Tasks\ROC_SYS_TASK.job
2014-03-26 07:59 - 2012-12-31 21:34 - 00000268 _____ () C:\WINDOWS\Tasks\ASC6_PerformanceMonitor.job
2014-03-26 07:59 - 2011-05-28 08:40 - 00000270 _____ () C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
2014-03-26 07:59 - 2003-07-08 00:33 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-26 07:58 - 2003-07-10 20:17 - 00000278 ___SH () C:\Documents and Settings\Galen\NTUSER.INI
2014-03-26 07:53 - 2014-03-24 22:29 - 00032564 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-26 07:46 - 2003-08-03 20:13 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-03-26 07:46 - 2003-08-03 20:13 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Symantec
2014-03-26 07:24 - 2012-07-15 13:21 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-26 07:12 - 2011-05-28 08:37 - 00000000 ____D () C:\Documents and Settings\Galen\Application Data\IObit
2014-03-26 07:11 - 2012-07-10 18:33 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338380426-3967360501-2782490205-1006UA.job
2014-03-25 21:48 - 2003-07-08 00:29 - 00001170 _____ () C:\WINDOWS\system32\WPA.DBL
2014-03-25 21:37 - 2014-03-25 00:02 - 00192268 _____ () C:\WINDOWS\setupapi.log
2014-03-25 16:00 - 2007-11-12 15:31 - 00000394 ____H () C:\WINDOWS\Tasks\{0CD49CF2-304E-4CC1-83B5-6E23E28E2CCC}_D3GQH231_Galen.job
2014-03-25 15:04 - 2013-08-17 15:14 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-25 15:00 - 2005-05-11 08:40 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-25 11:11 - 2010-10-21 21:00 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338380426-3967360501-2782490205-1006Core1cb71848c36636c.job
2014-03-25 10:23 - 2009-11-03 23:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-03-25 10:19 - 2014-03-25 10:19 - 00002051 _____ () C:\Documents and Settings\Galen\My Documents\aswMBR2.txt
2014-03-25 10:19 - 2014-03-25 10:19 - 00000512 _____ () C:\Documents and Settings\Galen\My Documents\MBR.dat
2014-03-25 09:20 - 2014-03-25 08:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-03-25 09:20 - 2014-03-25 08:30 - 00000000 ____D () C:\Documents and Settings\Galen\Desktop\mbar
2014-03-25 09:00 - 2007-11-12 15:31 - 00000394 ____H () C:\WINDOWS\Tasks\{83617369-7146-4780-8A4F-486E1ED2D917}_D3GQH231_Galen.job
2014-03-25 08:30 - 2014-03-25 08:30 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-25 08:06 - 2014-03-25 08:06 - 00001604 _____ () C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
2014-03-25 08:06 - 2014-03-25 08:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-03-25 08:06 - 2003-12-30 16:40 - 00000000 ____D () C:\Program Files\QuickTime
2014-03-25 08:02 - 2014-03-25 08:02 - 00054156 ____H () C:\WINDOWS\QTFont.qfn
2014-03-25 08:02 - 2014-03-25 08:02 - 00001409 _____ () C:\WINDOWS\QTFont.for
2014-03-25 06:48 - 2012-12-09 20:19 - 00000000 ____D () C:\Documents and Settings\Galen\Local Settings\Application Data\Avg2013
2014-03-25 06:48 - 2011-05-28 08:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-03-25 06:48 - 2005-07-24 20:45 - 00000000 ____D () C:\WINDOWS\pss
2014-03-25 06:48 - 2002-09-03 10:05 - 00000178 ___SH () C:\Documents and Settings\LocalService\NTUSER.INI
2014-03-25 06:47 - 2012-12-09 20:24 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2013
2014-03-25 06:47 - 2012-08-15 19:03 - 00000000 ___HD () C:\$AVG
2014-03-25 06:37 - 2014-03-25 06:37 - 00000000 ____D () C:\Documents and Settings\Galen\Application Data\AVAST Software
2014-03-25 06:35 - 2014-03-25 06:35 - 00001733 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-03-25 06:35 - 2014-03-25 06:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-03-25 06:32 - 2014-03-25 06:33 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-03-25 06:32 - 2014-03-25 06:33 - 00180760 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-03-25 06:32 - 2014-03-25 06:32 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-25 06:31 - 2014-03-25 06:31 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-25 06:30 - 2014-03-25 06:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-03-25 06:29 - 2014-03-25 06:29 - 88551496 _____ (AVAST Software) C:\Documents and Settings\Galen\Desktop\avast_free_antivirus_setup.exe
2014-03-25 06:12 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Updater
2014-03-25 06:12 - 2013-02-02 20:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-25 06:12 - 2009-08-21 20:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-03-25 06:12 - 2002-09-03 10:05 - 00276560 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-25 00:04 - 2014-03-25 00:04 - 00142597 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00018477 _____ () C:\WINDOWS\FaxSetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00008868 _____ () C:\WINDOWS\ocgen.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00007077 _____ () C:\WINDOWS\tsoc.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00006075 _____ () C:\WINDOWS\comsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00003690 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002904 _____ () C:\WINDOWS\iis6.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002731 _____ () C:\WINDOWS\updspapi.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-25 00:04 - 2014-03-25 00:04 - 00001026 _____ () C:\WINDOWS\ocmsn.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000927 _____ () C:\WINDOWS\msgsocm.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-03-25 00:04 - 2014-03-24 22:41 - 00139743 _____ () C:\WINDOWS\KB2929961.log
2014-03-25 00:04 - 2014-03-24 22:39 - 00140743 _____ () C:\WINDOWS\KB2930275.log
2014-03-25 00:01 - 2013-02-02 20:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2014-03-24 22:30 - 2014-03-24 22:30 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-24 22:28 - 2011-05-27 21:55 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-24 22:20 - 2014-03-24 22:20 - 00000512 _____ () C:\Documents and Settings\Galen\Desktop\MBR.dat
2014-03-24 22:20 - 2014-03-24 21:29 - 00002527 _____ () C:\Documents and Settings\Galen\Desktop\aswMBR.txt
2014-03-24 22:12 - 2012-12-09 22:31 - 00000784 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-24 22:12 - 2012-12-09 22:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-03-24 20:25 - 2012-07-15 13:21 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-24 20:25 - 2011-06-07 19:42 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-24 19:17 - 2014-02-26 19:33 - 37916672 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 09502720 _____ () C:\WINDOWS\system32\config\SYSTEM.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 00704512 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 00081920 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-03-24 19:17 - 2003-07-08 00:12 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-03-24 19:17 - 2003-07-08 00:12 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-03-24 19:01 - 2014-03-24 18:59 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-08 09:08 - 2014-03-08 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-03 04:08 - 2010-02-08 13:59 - 00000380 _____ () C:\WINDOWS\Tasks\DriverCure.job
2014-03-01 19:30 - 2003-07-08 00:43 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-02-26 21:07 - 2014-02-26 21:07 - 00166016 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-02-26 20:34 - 2014-02-26 20:34 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Video Converter Bundle
2014-02-26 20:33 - 2014-02-26 20:33 - 00000000 ____D () C:\Documents and Settings\Galen\My Documents\Optimizer Pro
2014-02-26 20:33 - 2014-02-26 20:32 - 00000000 ____D () C:\Program Files\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\Galen\Local Settings\Application Data\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Websteroids
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RHelpers
2014-02-26 20:31 - 2014-02-26 20:31 - 00000877 _____ () C:\Documents and Settings\All Users\Desktop\Video Converter.lnk
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Program Files\SweetPacks
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SweetPacks
2014-02-26 19:16 - 2003-07-10 20:17 - 00073512 _____ () C:\Documents and Settings\Galen\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-02-26 17:23 - 2014-02-26 17:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-02-26 17:08 - 2009-07-05 21:26 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-02-25 21:59 - 2014-03-08 08:00 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-02-25 21:59 - 2014-03-08 08:00 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-02-24 16:24 - 2006-11-07 04:26 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-24 16:24 - 2002-08-29 06:00 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-24 07:46 - 2009-07-05 21:08 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-24 07:46 - 2006-10-17 13:05 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-24 07:46 - 2006-10-17 13:04 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-24 07:46 - 2006-09-18 10:15 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-24 07:46 - 2006-05-10 01:23 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-24 07:46 - 2004-07-07 18:37 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-24 07:46 - 2004-07-07 18:37 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-24 07:46 - 2004-02-06 18:05 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-24 07:46 - 2004-02-06 18:05 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-24 07:46 - 2004-01-21 17:20 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-24 07:46 - 2004-01-21 17:20 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-24 07:45 - 2012-06-17 14:50 - 00522240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-24 07:45 - 2010-06-11 18:17 - 00743424 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-24 07:45 - 2009-07-05 21:08 - 00247808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-24 07:45 - 2009-03-08 04:33 - 00018944 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-24 07:45 - 2006-11-07 22:03 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-24 07:45 - 2006-11-07 22:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-24 07:45 - 2006-11-07 22:03 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-24 07:45 - 2006-11-07 04:27 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-24 07:45 - 2006-10-17 13:05 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-24 07:45 - 2006-10-17 13:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-24 07:45 - 2006-10-17 12:57 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-24 07:45 - 2006-05-10 01:22 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-24 07:45 - 2002-08-29 06:00 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-24 06:54 - 2004-08-04 01:59 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
 
==================== Bamital & volsnap Check =================
 
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
 
==================== End Of Log ============================


#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:25 AM

Posted 26 March 2014 - 07:09 AM

I was writing down a reply providing the steps for the Norton Removal Tool at the moment you replied! :D

 

For the three others:

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • When finished, the three programs should be visible in your add/remove programs list.

 

 

 

 

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#15 olkydrillsgt

olkydrillsgt
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 26 March 2014 - 07:15 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Galen (administrator) on D3GQH231 on 26-03-2014 08:13:37
Running from C:\Documents and Settings\Galen\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
() C:\WINDOWS\System32\WLTRYSVC.EXE
(Broadcom Corporation) C:\WINDOWS\System32\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Creative Technology Ltd) C:\WINDOWS\System32\CTsvcCDA.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Documents and Settings\All Users\Application Data\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe
() C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
() C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(GEMTEKS) C:\Program Files\Linksys\WMP300N\WLService.exe
(Microsoft Corporation) c:\Program Files\Zune\ZuneBusEnum.exe
(Linksys) C:\Program Files\Linksys\WMP300N\WMP300N.exe
(Dell - Advanced Desktop Engineering) C:\WINDOWS\System32\DSentry.exe
(Broadcom Corporation) C:\WINDOWS\BCMSMMSG.exe
(Logitech Inc.) C:\WINDOWS\system32\LVCOMSX.EXE
() C:\Program Files\Sony\SonicStage\SSAAD.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
(Google Inc.) C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [49152 2003-07-28] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [4841472 2003-07-28] (NVIDIA Corporation)
HKLM\...\Run: [DVDSentry] - C:\WINDOWS\System32\DSentry.exe [28672 2002-08-14] (Dell - Advanced Desktop Engineering)
HKLM\...\Run: [BCMSMMSG] - C:\WINDOWS\BCMSMMSG.exe [122880 2003-08-29] (Broadcom Corporation)
HKLM\...\Run: [LVCOMSX] - C:\WINDOWS\system32\LVCOMSX.EXE [221184 2004-05-21] (Logitech Inc.)
HKLM\...\Run: [Microsoft Default Manager] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM\...\Run: [SsAAD.exe] - C:\Program Files\Sony\SonicStage\SSAAD.exe [81920 2005-01-24] ()
HKLM\...\Run: [Zune Launcher] - c:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-25] (AVAST Software)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Policies\Explorer: [] 
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x5F000000
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [RunNarrator] - C:\WINDOWS\system32\Narrator.exe [53760 2008-04-13] (Microsoft Corporation)
HKU\.DEFAULT\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Run: [Google Update] - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2010-05-25] (Google Inc.)
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Run: [Advanced SystemCare 6] - C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [490880 2012-09-24] (IObit)
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\MountPoints2: {01e6d164-c9ec-11de-a541-0007e96fdb84} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3338380426-3967360501-2782490205-1006\...\MountPoints2: {ad580842-7711-11df-a5bc-0007e96fdb84} - "F:\WD SmartWare.exe" autoplay=true
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/webhp?sourceid=navclient&ie=UTF-8
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} -  No File
SearchScopes: HKCU - DefaultScope {926A59F5-E2F5-4010-9D5D-5343050995EE} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {926A59F5-E2F5-4010-9D5D-5343050995EE} URL = https://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO: No Name - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} -  No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} -  No File
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -  No File
Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} -  No File
Toolbar: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
Toolbar: HKCU - No Name - {C4069E3A-68F1-403E-B40E-20066696354B} -  No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab
DPF: {1FBD11EF-1260-11D1-87A7-444553540001} http://172.18.1.61/osd/synapseWorkstation.cab
DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} http://transweb.trihealth.com/Citrix/ICAWEB/en/ica32/ica32t.exe
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab
DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} http://10.18.200.123/WSWebDownload/ws/isetup.cab
DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterfly.com/downloads/Uploader.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://fujimed.webex.com/client/T25L/support/ieatgpc.cab
DPF: {F88E6FA9-579E-4AE9-8DDA-C48BB36B0A32} http://ms15-crsv01dc/osd/x86/win95/FujiInst.cab
DPF: {F965D65B-7C09-4EDD-82BE-6E6A6ADE181E} http://www.opvrs.co.kr/cab/Open3DPlayer/VRPlayer.cab
Handler: linkscanner - No CLSID Value - 
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default
FF user.js: detected! => C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default\user.js
FF Homepage: hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Galen\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Websteroids - C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default\Extensions\support@websteroidsapp.com [2014-02-26]
FF Extension: Smartest Bookmarks Bar - C:\Documents and Settings\Galen\Application Data\Mozilla\Firefox\Profiles\fyp22kot.default\Extensions\{b442f4c0-c292-4998-aabe-48608a73ba75}.xpi [2011-05-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-06-06]
 
Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U23) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-10]
CHR Extension: (Google Search) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-10]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-25]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-26]
CHR Extension: (Gmail) - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-10]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-25]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Galen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-25] (AVAST Software)
R2 Creative Service for CDROM Access; C:\WINDOWS\System32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd)
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-11-12] (Sun Microsystems, Inc.)
S4 NetSvc; C:\Program Files\Intel\NCS\Sync\NetSvc.exe [143360 2003-03-03] (Intel® Corporation)
S4 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69718 2005-01-26] (Sony Corporation)
S4 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [69632 2005-01-24] (Sony Corporation)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2010-05-10] (WDC)
R2 WDFME; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1858048 2010-05-10] ()
R2 WDSC; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [482304 2010-05-10] ()
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [1265664 2007-07-23] (Broadcom Corporation)
S4 WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation)
R2 ZuneBusEnum; c:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [X]
R2 WMP300NSvc; "C:\Program Files\Linksys\WMP300N\WLService.exe" "WMP300N.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
S4 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.)
R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [17005 2002-08-14] (Adaptec)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-03-25] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-03-25] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-03-25] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [776976 2014-03-25] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411552 2014-03-25] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-03-25] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180760 2014-03-25] ()
R3 BCMModem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [1101696 2003-08-29] (Broadcom Corporation)
R2 BCMNTIO; C:\Program Files\CheckIt\Diagnostics\BCMNTIO.SYS [3744 2004-03-05] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 Cdr4_xp; C:\WINDOWS\system32\Drivers\Cdr4_xp.sys [44288 2007-11-12] (Roxio)
R1 Cdralw2k; C:\WINDOWS\system32\Drivers\Cdralw2k.sys [23436 2002-12-17] (Roxio)
R1 cdudf_xp; C:\WINDOWS\system32\Drivers\cdudf_xp.sys [241152 2002-12-17] (Roxio)
R3 dvd_2K; C:\WINDOWS\system32\Drivers\dvd_2K.sys [25898 2003-07-08] (Roxio)
S3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R3 GTNDIS5; C:\Program Files\Linksys\WMP300N\GTNDIS5.sys [15872 2003-09-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51024 2003-03-09] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16080 2003-03-09] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21456 2003-03-09] (HP)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-04] (Intel® Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2004-08-04] (Intel® Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2004-08-04] (Intel® Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2004-08-04] (Intel® Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-04] (Intel® Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-04] (Intel® Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2004-08-04] (Intel® Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2004-08-04] (Intel® Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2004-08-04] (Intel® Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-04] (Intel® Corporation)
S3 LHidUsbK; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [36480 2005-05-20] (Logitech, Inc.)
S3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [19968 2004-05-27] ()
R2 MAPMEM; C:\Program Files\CheckIt\Diagnostics\MAPMEM.SYS [3904 2004-03-05] ()
S3 mmc_2K; C:\WINDOWS\system32\Drivers\mmc_2K.sys [30630 2003-07-08] (Roxio)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 P16X; C:\WINDOWS\System32\drivers\P16X.sys [1293440 2002-08-30] (Creative Technology Ltd.)
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [42752 2008-04-13] (Microsoft Corporation)
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2002-11-11] (Padus, Inc.)
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [15840 2003-03-05] (Creative Technology Ltd.)
S3 PhilCam8116_XP; C:\WINDOWS\System32\DRIVERS\CamDrL20.sys [245760 2004-05-21] (Logitech Inc.)
R1 pwd_2k; C:\WINDOWS\system32\Drivers\pwd_2k.sys [143834 2003-07-08] (Roxio)
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R1 UdfReadr_xp; C:\WINDOWS\system32\Drivers\UdfReadr_xp.sys [206464 2003-07-08] (Roxio)
S3 USBNET_XP; C:\WINDOWS\System32\DRIVERS\netusbxp.sys [72576 2003-02-24] (The LinkSys Group, Inc.)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31273 2003-02-22] (Microsoft Corporation)
R3 WMP300Nv1; C:\WINDOWS\System32\DRIVERS\WMP300Nv1.sys [822400 2007-10-18] (Broadcom Corporation)
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S3 BLKWGU(Belkin); system32\DRIVERS\BLKWGU.sys [X]
S3 bvrp_pci; No ImagePath
S3 ivusb; system32\DRIVERS\ivusb.sys [X]
U1 NDISRD; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 WDC_SAM; system32\DRIVERS\wdcsam.sys [X]
S3 ZDPSp50; System32\Drivers\ZDPSp50.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-26 06:34 - 2014-03-26 08:13 - 00000000 ____D () C:\FRST
2014-03-25 10:19 - 2014-03-25 10:19 - 00002051 _____ () C:\Documents and Settings\Galen\My Documents\aswMBR2.txt
2014-03-25 10:19 - 2014-03-25 10:19 - 00000512 _____ () C:\Documents and Settings\Galen\My Documents\MBR.dat
2014-03-25 08:32 - 2014-03-25 09:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-03-25 08:30 - 2014-03-25 09:20 - 00000000 ____D () C:\Documents and Settings\Galen\Desktop\mbar
2014-03-25 08:30 - 2014-03-25 08:30 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-25 08:06 - 2014-03-25 08:06 - 00001604 _____ () C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
2014-03-25 08:06 - 2014-03-25 08:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-03-25 08:02 - 2014-03-25 08:02 - 00054156 ____H () C:\WINDOWS\QTFont.qfn
2014-03-25 08:02 - 2014-03-25 08:02 - 00001409 _____ () C:\WINDOWS\QTFont.for
2014-03-25 06:37 - 2014-03-25 06:37 - 00000000 ____D () C:\Documents and Settings\Galen\Application Data\AVAST Software
2014-03-25 06:35 - 2014-03-25 06:35 - 00001733 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-03-25 06:35 - 2014-03-25 06:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-03-25 06:34 - 2014-03-26 08:00 - 00000362 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-03-25 06:33 - 2014-03-25 06:32 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-03-25 06:33 - 2014-03-25 06:32 - 00180760 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-03-25 06:33 - 2014-03-25 06:32 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-03-25 06:32 - 2014-03-25 06:32 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-25 06:31 - 2014-03-25 06:31 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-25 06:30 - 2014-03-25 06:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-03-25 06:29 - 2014-03-25 06:29 - 88551496 _____ (AVAST Software) C:\Documents and Settings\Galen\Desktop\avast_free_antivirus_setup.exe
2014-03-25 00:04 - 2014-03-25 00:04 - 00142597 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00018477 _____ () C:\WINDOWS\FaxSetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00008868 _____ () C:\WINDOWS\ocgen.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00007077 _____ () C:\WINDOWS\tsoc.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00006075 _____ () C:\WINDOWS\comsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00003690 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002904 _____ () C:\WINDOWS\iis6.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002731 _____ () C:\WINDOWS\updspapi.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-25 00:04 - 2014-03-25 00:04 - 00001026 _____ () C:\WINDOWS\ocmsn.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000927 _____ () C:\WINDOWS\msgsocm.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-03-25 00:02 - 2014-03-25 21:37 - 00192268 _____ () C:\WINDOWS\setupapi.log
2014-03-24 22:41 - 2014-03-25 00:04 - 00139743 _____ () C:\WINDOWS\KB2929961.log
2014-03-24 22:39 - 2014-03-25 00:04 - 00140743 _____ () C:\WINDOWS\KB2930275.log
2014-03-24 22:32 - 2014-03-26 08:01 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-24 22:30 - 2014-03-26 07:59 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-24 22:30 - 2014-03-24 22:30 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-24 22:29 - 2014-03-26 07:53 - 00032564 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-24 22:20 - 2014-03-24 22:20 - 00000512 _____ () C:\Documents and Settings\Galen\Desktop\MBR.dat
2014-03-24 21:29 - 2014-03-24 22:20 - 00002527 _____ () C:\Documents and Settings\Galen\Desktop\aswMBR.txt
2014-03-24 18:59 - 2014-03-26 07:59 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-24 18:59 - 2014-03-24 19:01 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-08 09:08 - 2014-03-08 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-08 08:00 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-08 08:00 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-02-26 21:07 - 2014-02-26 21:07 - 00166016 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-02-26 20:34 - 2014-02-26 20:34 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Video Converter Bundle
2014-02-26 20:33 - 2014-02-26 20:33 - 00000000 ____D () C:\Documents and Settings\Galen\My Documents\Optimizer Pro
2014-02-26 20:32 - 2014-03-25 06:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Updater
2014-02-26 20:32 - 2014-02-26 20:33 - 00000000 ____D () C:\Program Files\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\Galen\Local Settings\Application Data\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Websteroids
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RHelpers
2014-02-26 20:31 - 2014-02-26 20:31 - 00000877 _____ () C:\Documents and Settings\All Users\Desktop\Video Converter.lnk
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Program Files\SweetPacks
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SweetPacks
2014-02-26 19:33 - 2014-03-24 19:17 - 37916672 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 09502720 _____ () C:\WINDOWS\system32\config\SYSTEM.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 00704512 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 00081920 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-02-26 19:33 - 2014-03-24 19:17 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-02-26 17:23 - 2014-02-26 17:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
 
==================== One Month Modified Files and Folders =======
 
2014-03-26 08:13 - 2014-03-26 06:34 - 00000000 ____D () C:\FRST
2014-03-26 08:11 - 2012-07-10 18:33 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338380426-3967360501-2782490205-1006UA.job
2014-03-26 08:01 - 2014-03-24 22:32 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-26 08:01 - 2004-11-30 17:31 - 00017725 _____ () C:\WINDOWS\system32\LVCOMSX.LOG
2014-03-26 08:00 - 2014-03-25 06:34 - 00000362 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-03-26 08:00 - 2004-08-17 06:46 - 01693554 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-26 07:59 - 2014-03-24 22:30 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-26 07:59 - 2014-03-24 18:59 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-26 07:59 - 2013-05-05 10:16 - 00000482 _____ () C:\WINDOWS\Tasks\ROC_SYS_TASK.job
2014-03-26 07:59 - 2012-12-31 21:34 - 00000268 _____ () C:\WINDOWS\Tasks\ASC6_PerformanceMonitor.job
2014-03-26 07:59 - 2011-05-28 08:40 - 00000270 _____ () C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
2014-03-26 07:59 - 2003-07-08 00:33 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-26 07:58 - 2003-07-10 20:17 - 00000278 ___SH () C:\Documents and Settings\Galen\NTUSER.INI
2014-03-26 07:53 - 2014-03-24 22:29 - 00032564 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-26 07:46 - 2003-08-03 20:13 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-03-26 07:46 - 2003-08-03 20:13 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Symantec
2014-03-26 07:24 - 2012-07-15 13:21 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-26 07:12 - 2011-05-28 08:37 - 00000000 ____D () C:\Documents and Settings\Galen\Application Data\IObit
2014-03-25 21:48 - 2003-07-08 00:29 - 00001170 _____ () C:\WINDOWS\system32\WPA.DBL
2014-03-25 21:37 - 2014-03-25 00:02 - 00192268 _____ () C:\WINDOWS\setupapi.log
2014-03-25 16:00 - 2007-11-12 15:31 - 00000394 ____H () C:\WINDOWS\Tasks\{0CD49CF2-304E-4CC1-83B5-6E23E28E2CCC}_D3GQH231_Galen.job
2014-03-25 15:04 - 2013-08-17 15:14 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-25 15:00 - 2005-05-11 08:40 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-25 11:11 - 2010-10-21 21:00 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3338380426-3967360501-2782490205-1006Core1cb71848c36636c.job
2014-03-25 10:23 - 2009-11-03 23:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-03-25 10:19 - 2014-03-25 10:19 - 00002051 _____ () C:\Documents and Settings\Galen\My Documents\aswMBR2.txt
2014-03-25 10:19 - 2014-03-25 10:19 - 00000512 _____ () C:\Documents and Settings\Galen\My Documents\MBR.dat
2014-03-25 09:20 - 2014-03-25 08:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-03-25 09:20 - 2014-03-25 08:30 - 00000000 ____D () C:\Documents and Settings\Galen\Desktop\mbar
2014-03-25 09:00 - 2007-11-12 15:31 - 00000394 ____H () C:\WINDOWS\Tasks\{83617369-7146-4780-8A4F-486E1ED2D917}_D3GQH231_Galen.job
2014-03-25 08:30 - 2014-03-25 08:30 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-25 08:06 - 2014-03-25 08:06 - 00001604 _____ () C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
2014-03-25 08:06 - 2014-03-25 08:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-03-25 08:06 - 2003-12-30 16:40 - 00000000 ____D () C:\Program Files\QuickTime
2014-03-25 08:02 - 2014-03-25 08:02 - 00054156 ____H () C:\WINDOWS\QTFont.qfn
2014-03-25 08:02 - 2014-03-25 08:02 - 00001409 _____ () C:\WINDOWS\QTFont.for
2014-03-25 06:48 - 2012-12-09 20:19 - 00000000 ____D () C:\Documents and Settings\Galen\Local Settings\Application Data\Avg2013
2014-03-25 06:48 - 2011-05-28 08:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-03-25 06:48 - 2005-07-24 20:45 - 00000000 ____D () C:\WINDOWS\pss
2014-03-25 06:48 - 2002-09-03 10:05 - 00000178 ___SH () C:\Documents and Settings\LocalService\NTUSER.INI
2014-03-25 06:47 - 2012-12-09 20:24 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2013
2014-03-25 06:47 - 2012-08-15 19:03 - 00000000 ___HD () C:\$AVG
2014-03-25 06:37 - 2014-03-25 06:37 - 00000000 ____D () C:\Documents and Settings\Galen\Application Data\AVAST Software
2014-03-25 06:35 - 2014-03-25 06:35 - 00001733 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-03-25 06:35 - 2014-03-25 06:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-03-25 06:32 - 2014-03-25 06:33 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-03-25 06:32 - 2014-03-25 06:33 - 00180760 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-03-25 06:32 - 2014-03-25 06:33 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-03-25 06:32 - 2014-03-25 06:32 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-25 06:31 - 2014-03-25 06:31 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-25 06:30 - 2014-03-25 06:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-03-25 06:29 - 2014-03-25 06:29 - 88551496 _____ (AVAST Software) C:\Documents and Settings\Galen\Desktop\avast_free_antivirus_setup.exe
2014-03-25 06:12 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Updater
2014-03-25 06:12 - 2013-02-02 20:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-25 06:12 - 2009-08-21 20:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-03-25 06:12 - 2002-09-03 10:05 - 00276560 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-25 00:04 - 2014-03-25 00:04 - 00142597 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00018477 _____ () C:\WINDOWS\FaxSetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00008868 _____ () C:\WINDOWS\ocgen.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00007077 _____ () C:\WINDOWS\tsoc.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00006075 _____ () C:\WINDOWS\comsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00003690 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002904 _____ () C:\WINDOWS\iis6.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00002731 _____ () C:\WINDOWS\updspapi.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-25 00:04 - 2014-03-25 00:04 - 00001026 _____ () C:\WINDOWS\ocmsn.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000927 _____ () C:\WINDOWS\msgsocm.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-25 00:04 - 2014-03-25 00:04 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-03-25 00:04 - 2014-03-24 22:41 - 00139743 _____ () C:\WINDOWS\KB2929961.log
2014-03-25 00:04 - 2014-03-24 22:39 - 00140743 _____ () C:\WINDOWS\KB2930275.log
2014-03-25 00:01 - 2013-02-02 20:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2014-03-24 22:30 - 2014-03-24 22:30 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-24 22:28 - 2011-05-27 21:55 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-24 22:20 - 2014-03-24 22:20 - 00000512 _____ () C:\Documents and Settings\Galen\Desktop\MBR.dat
2014-03-24 22:20 - 2014-03-24 21:29 - 00002527 _____ () C:\Documents and Settings\Galen\Desktop\aswMBR.txt
2014-03-24 22:12 - 2012-12-09 22:31 - 00000784 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-24 22:12 - 2012-12-09 22:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-03-24 20:25 - 2012-07-15 13:21 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-24 20:25 - 2011-06-07 19:42 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-24 19:17 - 2014-02-26 19:33 - 37916672 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 09502720 _____ () C:\WINDOWS\system32\config\SYSTEM.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 00704512 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 00081920 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-03-24 19:17 - 2014-02-26 19:33 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-03-24 19:17 - 2003-07-08 00:12 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-03-24 19:17 - 2003-07-08 00:12 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-03-24 19:01 - 2014-03-24 18:59 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-08 09:08 - 2014-03-08 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-03 04:08 - 2010-02-08 13:59 - 00000380 _____ () C:\WINDOWS\Tasks\DriverCure.job
2014-03-01 19:30 - 2003-07-08 00:43 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-02-26 21:07 - 2014-02-26 21:07 - 00166016 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-02-26 20:34 - 2014-02-26 20:34 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Video Converter Bundle
2014-02-26 20:33 - 2014-02-26 20:33 - 00000000 ____D () C:\Documents and Settings\Galen\My Documents\Optimizer Pro
2014-02-26 20:33 - 2014-02-26 20:32 - 00000000 ____D () C:\Program Files\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\Galen\Local Settings\Application Data\SearchProtect
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Websteroids
2014-02-26 20:32 - 2014-02-26 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RHelpers
2014-02-26 20:31 - 2014-02-26 20:31 - 00000877 _____ () C:\Documents and Settings\All Users\Desktop\Video Converter.lnk
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Program Files\SweetPacks
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SweetPacks
2014-02-26 19:16 - 2003-07-10 20:17 - 00073512 _____ () C:\Documents and Settings\Galen\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-02-26 17:23 - 2014-02-26 17:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-02-26 17:08 - 2009-07-05 21:26 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-02-25 21:59 - 2014-03-08 08:00 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-02-25 21:59 - 2014-03-08 08:00 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-02-24 16:24 - 2006-11-07 04:26 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-24 16:24 - 2002-08-29 06:00 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-24 07:46 - 2009-07-05 21:08 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-24 07:46 - 2006-10-17 13:05 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-24 07:46 - 2006-10-17 13:04 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-24 07:46 - 2006-09-18 10:15 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-24 07:46 - 2006-05-10 01:23 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-24 07:46 - 2004-07-07 18:37 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-24 07:46 - 2004-07-07 18:37 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-24 07:46 - 2004-02-06 18:05 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-24 07:46 - 2004-02-06 18:05 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-24 07:46 - 2004-01-21 17:20 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-24 07:46 - 2004-01-21 17:20 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-24 07:46 - 2002-08-29 06:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-24 07:45 - 2012-06-17 14:50 - 00522240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-24 07:45 - 2010-06-11 18:17 - 00743424 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-24 07:45 - 2009-07-05 21:08 - 00247808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-24 07:45 - 2009-03-08 04:33 - 00018944 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-24 07:45 - 2007-06-27 10:34 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-24 07:45 - 2006-11-07 22:03 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-24 07:45 - 2006-11-07 22:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-24 07:45 - 2006-11-07 22:03 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-24 07:45 - 2006-11-07 04:27 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-24 07:45 - 2006-10-17 13:05 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-24 07:45 - 2006-10-17 13:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-24 07:45 - 2006-10-17 12:57 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-24 07:45 - 2006-05-10 01:22 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-24 07:45 - 2002-08-29 06:00 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-24 07:45 - 2002-08-29 06:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-24 06:54 - 2004-08-04 01:59 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
 
==================== Bamital & volsnap Check =================
 
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
 
==================== End Of Log ============================





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users