Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ICE Maleware has my computer over a week now - can't get rid of it.


  • This topic is locked This topic is locked
12 replies to this topic

#1 IPT

IPT

  • Members
  • 99 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 02 April 2014 - 03:07 AM

I tried the Hitman pro and no dice. Seems like I can still get to My Documents though and there is stuff there I need. Is it safe to download that info to a flash drive? When I try and boot from the Flash drive it doesn't work but I can boot up normally, ICE just takes over, so no internet. I guess I can just trash this computer if I can get my data off My documents. Running Windows XP.



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:17 AM

Posted 02 April 2014 - 06:42 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

 

Kaspersky Windows Unlocker

  • Download Kaspersky Rescue Disk (iso)
  • Burn it to a cd or dvd, if you need a program to burn an ISO...use Active@ ISO Burner
  • Configure your computer to boot from CD/DVD
  • Note : If you do not know how to set your computer to boot from CD/DVD follow the steps here
  • Once you have the cd/DVD created, boot the computer up using it
  • Press any key to enter the menu
  • Select your language
  • Press 1 to accept the End User License Agreement
  • Select Kaspersky Rescue Disk. Graphic Mode
  • Click on the Start button located in the left bottom corner of the screen
  • Run Kaspersky WindowsUnlocker to remove Windows system and registry changes made by Metropolitan Police Virus Note: If you can't find Kaspersky WindowsUnlocker, go to Terminal instead > type > windowsunlocker > choose 1 - Unlock Windows > Enter

krd5.jpg


  • When it's done, click on the Start button and start Kaspersky Rescue Disk utility
  • Click on My Update Center tab and press Start to download the latest update
  • Next, select the Object Scan tab
  • Put a check next to C:\ and any other local drives
  • Then click Start Objects Scan
  • Quarantine any malware found
  • Restart your computer and see if it boots up normally.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 IPT

IPT
  • Topic Starter

  • Members
  • 99 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 02 April 2014 - 02:39 PM

Thanks. I just want to clarify that when you say click on the "start" button on the left side of the screen and again to run the Utility, you're talking about a start buttom within the open window? (not the start on the lower left within the Windows XP main view).



#4 IPT

IPT
  • Topic Starter

  • Members
  • 99 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 03 April 2014 - 03:37 AM

Okay, I found the start you were referring too. Ran the disc and it removed 4 items. Should I run anything else like Maleware bytes or something? I had been using Avast with good luck until this got through.



#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:17 AM

Posted 03 April 2014 - 04:45 AM

Boot into windows!

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 IPT

IPT
  • Topic Starter

  • Members
  • 99 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 04 April 2014 - 02:28 AM

Here you go:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Louis (administrator) on LOUISDESKTOP on 03-04-2014 23:11:40
Running from C:\Documents and Settings\Louis\Desktop
Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(brother Industries Ltd) C:\WINDOWS\system32\brsvc01a.exe
(brother Industries Ltd) C:\WINDOWS\system32\brss01a.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(GFI Software) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(SigmaTel, Inc.) C:\WINDOWS\stsystra.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
() C:\Program Files\Dell\Media Experience\DMXLauncher.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Microsoft® Corporation) C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAware.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Adobe Systems, Inc.) C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft® Corporation) C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intuit Inc.) C:\Program Files\Intuit\QuickBooks 2006\QBW32.EXE
() C:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Western Digital) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Acresso Software Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [13529088 2008-05-02] (NVIDIA Corporation)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\WINDOWS\stsystra.exe [282624 2006-07-24] (SigmaTel, Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [151552 2006-07-06] (Intel Corporation)
HKLM\...\Run: [DMXLauncher] - C:\Program Files\Dell\Media Experience\DMXLauncher.exe [94208 2005-10-04] ()
HKLM\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2006-10-03] (Macrovision Corporation)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2006-10-03] (Macrovision Corporation)
HKLM\...\Run: [dscactivate] - c:\dell\dsca.exe [16384 2007-07-30] ( )
HKLM\...\Run: [AdobeVersionCue] - C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe [1732608 2003-10-13] (Adobe Sytems)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [988584 2007-08-31] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1037736 2007-08-31] (Microsoft Corporation)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe [185896 2008-05-22] (RealNetworks, Inc.)
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [86016 2008-05-02] (NVIDIA Corporation)
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [155648 2003-10-14] (Scansoft, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [57393 2004-04-14] (ScanSoft, Inc.)
HKLM\...\Run: [IndexSearch] - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [40960 2004-04-14] (ScanSoft, Inc.)
HKLM\...\Run: [EPSON Stylus Pro 4000] - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE [99840 2003-05-26] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Microsoft Works Update Detection] - C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [28738 2001-08-16] (Microsoft® Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [Ad-Aware Antivirus] - "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [144784 2008-03-25] (Sun Microsystems, Inc.)
HKLM\...\Run: [Intuit SyncManager] - C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe [1443080 2010-09-27] (Intuit Inc. All rights reserved.)
HKLM\...\Run: [ECenter] - C:\Dell\E-Center\EULALauncher.exe [17920 2007-05-24] ( )
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [413696 2009-05-26] (Apple Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2296600 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968 2013-05-09] (AVAST Software)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\RECYCLER\S-1-5-18\$ce0dfa64d1422e9ad84769bc1b905d6e\n. ATTENTION! ====> ZeroAccess?
HKU\.DEFAULT\...\Run: [Google Update] - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2014-02-12] (Google Inc.)
HKU\S-1-5-21-1641238353-3198998844-2806619779-1008\...\Run: [Search Protection] - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
HKU\S-1-5-21-1641238353-3198998844-2806619779-1008\...\Run: [Stoluvaru] - rundll32.exe  "C:\WINDOWS\mfatmoc.dll",Startup
HKU\S-1-5-21-1641238353-3198998844-2806619779-1008\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1641238353-3198998844-2806619779-1008\...\Run: [AdobeBridge] - C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe [11996616 2010-05-28] (Adobe Systems, Inc.)
HKU\S-1-5-21-1641238353-3198998844-2806619779-1008\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-05-19] (Google Inc.)
HKU\S-1-5-21-1641238353-3198998844-2806619779-1008\...\MountPoints2: {7559608c-b4c7-11df-ad9b-0019d19af60c} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1641238353-3198998844-2806619779-1008\...409d6c4515e9\InprocServer32: [Default-shell32] C:\RECYCLER\S-1-5-21-1641238353-3198998844-2806619779-1008\$ce0dfa64d1422e9ad84769bc1b905d6e\n. ATTENTION! ====> ZeroAccess?
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files\Intuit\QuickBooks 2006\QBW32.EXE (Intuit Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Spyder3Utility.lnk
ShortcutTarget: Spyder3Utility.lnk -> C:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
ShortcutTarget: VPN Client.lnk -> C:\WINDOWS\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
SearchScopes: HKCU - {45B41B59-81F4-4507-BB0B-768B6CF6F79A} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
SearchScopes: HKCU - {9B3351D4-48B7-465C-A404-D3B6A2832EC8} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
BHO: No Name - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} http://luisgopan.webhop.net:1947/JpegInst.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.6.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2006\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 03 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 209.165.131.12 209.165.131.13

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (eMusic Remote Plugin) - C:\Program Files\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Documents and Settings\Louis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-15]
CHR Extension: (Google Drive) - C:\Documents and Settings\Louis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-15]
CHR Extension: (YouTube) - C:\Documents and Settings\Louis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-15]
CHR Extension: (Google Search) - C:\Documents and Settings\Louis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-15]
CHR Extension: (Chrome In-App Payments service) - C:\Documents and Settings\Louis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-13]
CHR Extension: (Gmail) - C:\Documents and Settings\Louis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-15]

========================== Services (Whitelisted) =================

R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1239952 2012-07-12] (Lavasoft Limited)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2008-05-19] ()
S3 AdobeVersionCue; C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe [61440 2003-10-13] (Adobe Sytems)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1516584 2007-04-03] (Cisco Systems, Inc.)
S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [70656 2007-03-19] ()
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [67360 2010-02-19] (NOS Microsystems Ltd.)
R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1550896 2007-05-15] (Nero AG)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2011-10-21] (Intuit Inc.)
R2 SBAMSvc; C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe [3289032 2011-12-19] (GFI Software)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC)
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo)
S2 winmgmt; C:\WINDOWS\system32\svchost.exe [14336 2008-04-13] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [531224 2013-12-04] (Wacom Technology, Corp.)
S3 stllssvr; "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [X]

==================== Drivers (Whitelisted) ====================

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-04-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-04-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-04-03] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [776976 2014-04-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411552 2014-04-03] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-04-03] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180760 2014-04-03] ()
S3 BrScnUsb; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [15263 2003-12-19] (Brother Industries Ltd.)
S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [306295 2007-04-03] (Cisco Systems, Inc.)
R3 DNE; C:\WINDOWS\System32\DRIVERS\dne2000.sys [127376 2007-01-31] (Deterministic Networks, Inc.)
S3 grmnusb; C:\WINDOWS\System32\drivers\grmnusb.sys [8320 2007-03-08] (GARMIN Corp.)
R4 InCDfs; C:\WINDOWS\System32\drivers\InCDFs.sys [118576 2007-05-15] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\drivers\InCDPass.sys [37040 2007-05-15] (Nero AG)
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16304 2007-05-15] (Nero AG)
R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [38576 2007-05-15] (Nero AG)
S3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [42264 2013-05-22] (Logitech, Inc.)
S3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [10136 2013-05-22] (Logitech, Inc.)
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R1 sbaphd; C:\WINDOWS\System32\drivers\sbaphd.sys [21240 2011-11-29] (GFI Software)
R2 sbapifs; C:\WINDOWS\System32\drivers\sbapifs.sys [77816 2011-11-29] (GFI Software)
R1 SbFw; C:\WINDOWS\System32\drivers\SbFw.sys [335224 2011-12-19] (GFI Software)
S3 SBFWIMCL; C:\WINDOWS\System32\DRIVERS\sbfwim.sys [94584 2011-09-29] (GFI Software)
R3 SBFWIMCLMP; C:\WINDOWS\System32\DRIVERS\SBFWIM.sys [94584 2011-09-29] (GFI Software)
R1 SBRE; C:\WINDOWS\system32\drivers\SBREdrv.sys [101112 2011-10-26] (GFI Software)
R1 sbtis; C:\WINDOWS\System32\drivers\sbtis.sys [217976 2011-12-19] (GFI Software)
S3 Spyder3; C:\WINDOWS\System32\DRIVERS\Spyder3.sys [12288 2007-11-06] ()
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1156648 2006-07-24] (SigmaTel, Inc.)
S3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [280344 2005-01-26] (Zone Labs LLC)
U3 Bvncliet; No ImagePath
S3 bvrp_pci; No ImagePath
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-03 23:11 - 2014-04-03 23:12 - 00029152 _____ () C:\Documents and Settings\Louis\Desktop\FRST.txt
2014-04-03 23:11 - 2014-04-03 23:11 - 00000000 ____D () C:\FRST
2014-04-03 23:10 - 2014-04-03 23:11 - 01145856 _____ (Farbar) C:\Documents and Settings\Louis\Desktop\FRST.exe
2014-04-03 00:40 - 2014-04-03 00:40 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-04-03 00:35 - 2014-04-03 00:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-04-02 13:27 - 2014-04-02 16:14 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-04-02 01:14 - 2014-04-02 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-04-02 01:08 - 2014-04-02 01:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2758857$
2014-04-02 01:05 - 2014-04-02 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-04-02 00:57 - 2014-04-02 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-04-02 00:50 - 2014-04-02 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-04-02 00:49 - 2014-04-02 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-04-02 00:47 - 2014-04-02 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-04-02 00:39 - 2014-04-02 00:39 - 00010281 _____ () C:\WINDOWS\KB2698365.log
2014-04-02 00:39 - 2014-04-02 00:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-04-02 00:38 - 2014-04-02 00:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-04-02 00:38 - 2014-04-02 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-04-02 00:38 - 2014-04-02 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-04-02 00:37 - 2014-04-02 00:38 - 00008532 _____ () C:\WINDOWS\KB2723135-v2.log
2014-03-27 10:29 - 2014-04-02 00:20 - 95027928 ____T () C:\Documents and Settings\All Users\Application Data\mqbod88j6.bbr
2014-03-18 18:22 - 2012-12-12 09:50 - 00000323 _____ () C:\Documents and Settings\Louis\Local Settings\Application Data\CastleLinkProps.dat
2014-03-18 18:21 - 2014-03-18 18:21 - 00001832 _____ () C:\Documents and Settings\All Users\Desktop\CastleLink Graph Viewer V3.56.21.lnk
2014-03-18 18:21 - 2014-03-18 18:21 - 00000880 _____ () C:\Documents and Settings\All Users\Desktop\CastleLink V3.56.21.lnk
2014-03-18 18:21 - 2014-03-18 18:21 - 00000000 ____D () C:\Program Files\Castle Creations
2014-03-18 18:21 - 2014-03-18 18:21 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Castle Link
2014-03-18 18:20 - 2014-03-18 18:20 - 00000000 ____D () C:\Documents and Settings\Louis\Application Data\Castle Creations
2014-03-09 16:07 - 2014-03-09 16:07 - 00000797 _____ () C:\Documents and Settings\All Users\Desktop\Digital Photo Professional.lnk
2014-03-09 16:06 - 2014-03-09 16:06 - 00000000 ____D () C:\Program Files\Common Files\Canon_Inc_IC
2014-03-09 16:06 - 2014-03-09 16:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Canon_Inc_IC

==================== One Month Modified Files and Folders =======

2014-04-03 23:12 - 2014-04-03 23:11 - 00029152 _____ () C:\Documents and Settings\Louis\Desktop\FRST.txt
2014-04-03 23:11 - 2014-04-03 23:11 - 00000000 ____D () C:\FRST
2014-04-03 23:11 - 2014-04-03 23:10 - 01145856 _____ (Farbar) C:\Documents and Settings\Louis\Desktop\FRST.exe
2014-04-03 23:10 - 2012-11-26 02:27 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-04-03 22:33 - 2011-06-02 23:05 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 22:27 - 2014-02-12 05:22 - 00000998 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2014-04-03 22:25 - 2012-06-24 21:58 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-03 20:58 - 2004-08-11 13:13 - 01632067 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-03 20:27 - 2004-08-11 13:20 - 00032508 _____ () C:\WINDOWS\SchedLgU.Txt
2014-04-03 19:26 - 2011-03-03 22:17 - 01310720 ____R () C:\Documents and Settings\Louis\My Documents\Integrative Physical Therapy updated.QBW.TLG
2014-04-03 19:26 - 2009-05-26 21:45 - 33067008 ____R () C:\Documents and Settings\Louis\My Documents\Integrative Physical Therapy updated.QBW
2014-04-03 19:26 - 2009-05-26 21:45 - 00000387 _____ () C:\Documents and Settings\Louis\My Documents\Integrative Physical Therapy updated.QBW.nd
2014-04-03 19:09 - 2010-10-07 12:24 - 00002317 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat 9 Pro.lnk
2014-04-03 07:33 - 2011-06-02 23:05 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-03 04:27 - 2014-02-12 05:22 - 00000946 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2014-04-03 02:00 - 2010-07-27 18:30 - 00000342 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-LOUISDESKTOP-Louis.job
2014-04-03 01:50 - 2004-08-11 13:21 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-04-03 00:51 - 2004-08-11 13:13 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM
2014-04-03 00:47 - 2008-05-28 16:54 - 00188928 _____ () C:\Documents and Settings\Louis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-03 00:40 - 2014-04-03 00:40 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-04-03 00:40 - 2013-07-15 08:20 - 00180760 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-04-03 00:40 - 2013-07-15 08:20 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-04-03 00:40 - 2013-07-15 08:20 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-04-03 00:40 - 2011-10-02 14:50 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-04-03 00:40 - 2010-06-17 19:34 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-04-03 00:40 - 2010-06-17 19:34 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-04-03 00:40 - 2010-06-17 19:34 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-04-03 00:40 - 2010-06-17 19:34 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-04-03 00:40 - 2010-06-17 19:34 - 00001744 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-04-03 00:35 - 2014-04-03 00:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-04-03 00:34 - 2004-08-11 13:14 - 00002577 _____ () C:\WINDOWS\system32\CONFIG.NT
2014-04-03 00:17 - 2012-08-12 21:10 - 00001615 _____ () C:\Documents and Settings\All Users\Desktop\Ad-Aware Antivirus.lnk
2014-04-03 00:16 - 2007-10-19 08:58 - 00175035 _____ () C:\WINDOWS\system32\nvapps.xml
2014-04-03 00:15 - 2004-08-11 13:20 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-03 00:15 - 2004-08-11 13:09 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-04-03 00:15 - 2004-08-11 13:09 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-04-03 00:15 - 2004-08-11 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-04-02 16:14 - 2014-04-02 13:27 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-04-02 01:15 - 2012-12-18 10:17 - 00050811 _____ () C:\WINDOWS\KB2712808.log
2014-04-02 01:15 - 2004-08-11 13:07 - 01950800 _____ () C:\WINDOWS\FaxSetup.log
2014-04-02 01:15 - 2004-08-11 13:07 - 00943743 _____ () C:\WINDOWS\ocgen.log
2014-04-02 01:15 - 2004-08-11 13:07 - 00894506 _____ () C:\WINDOWS\tsoc.log
2014-04-02 01:15 - 2004-08-11 13:07 - 00601650 _____ () C:\WINDOWS\comsetup.log
2014-04-02 01:15 - 2004-08-11 13:07 - 00596870 _____ () C:\WINDOWS\msmqinst.log
2014-04-02 01:15 - 2004-08-11 13:07 - 00364849 _____ () C:\WINDOWS\ntdtcsetup.log
2014-04-02 01:15 - 2004-08-11 13:07 - 00340290 _____ () C:\WINDOWS\netfxocm.log
2014-04-02 01:15 - 2004-08-11 13:07 - 00134564 _____ () C:\WINDOWS\MedCtrOC.log
2014-04-02 01:15 - 2004-08-11 13:07 - 00125313 _____ () C:\WINDOWS\iis6.log
2014-04-02 01:15 - 2004-08-11 13:07 - 00099313 _____ () C:\WINDOWS\ocmsn.log
2014-04-02 01:15 - 2004-08-11 13:07 - 00097860 _____ () C:\WINDOWS\tabletoc.log
2014-04-02 01:15 - 2004-08-11 13:07 - 00097413 _____ () C:\WINDOWS\msgsocm.log
2014-04-02 01:15 - 2004-08-11 13:07 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-04-02 01:14 - 2014-04-02 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-04-02 01:11 - 2004-08-11 13:07 - 00643432 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-02 01:08 - 2014-04-02 01:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2758857$
2014-04-02 01:08 - 2012-12-18 10:17 - 00050509 _____ () C:\WINDOWS\KB2758857.log
2014-04-02 01:08 - 2004-08-11 13:07 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2014-04-02 01:05 - 2014-04-02 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-04-02 01:05 - 2012-12-18 10:16 - 00050170 _____ () C:\WINDOWS\KB2691442.log
2014-04-02 01:05 - 2007-10-19 09:06 - 00317445 _____ () C:\WINDOWS\updspapi.log
2014-04-02 00:57 - 2014-04-02 00:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-04-02 00:57 - 2012-12-18 10:16 - 00049339 _____ () C:\WINDOWS\KB2655992.log
2014-04-02 00:51 - 2007-10-19 09:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-04-02 00:50 - 2014-04-02 00:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-04-02 00:50 - 2012-12-18 10:15 - 00048611 _____ () C:\WINDOWS\KB2719985.log
2014-04-02 00:49 - 2014-04-02 00:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-04-02 00:48 - 2012-12-18 10:15 - 00048041 _____ () C:\WINDOWS\KB2749655.log
2014-04-02 00:47 - 2014-04-02 00:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-04-02 00:44 - 2004-08-11 13:07 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-02 00:41 - 2004-08-11 13:00 - 00000582 _____ () C:\WINDOWS\win.ini
2014-04-02 00:39 - 2014-04-02 00:39 - 00010281 _____ () C:\WINDOWS\KB2698365.log
2014-04-02 00:39 - 2014-04-02 00:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-04-02 00:39 - 2014-04-02 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-04-02 00:39 - 2012-12-18 10:14 - 00046919 _____ () C:\WINDOWS\KB2705219-v2.log
2014-04-02 00:39 - 2007-10-19 09:06 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-04-02 00:38 - 2014-04-02 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-04-02 00:38 - 2014-04-02 00:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-04-02 00:38 - 2014-04-02 00:37 - 00008532 _____ () C:\WINDOWS\KB2723135-v2.log
2014-04-02 00:38 - 2012-12-18 10:14 - 00045346 _____ () C:\WINDOWS\KB2727528.log
2014-04-02 00:27 - 2008-05-19 21:58 - 00000178 ___SH () C:\Documents and Settings\Louis\ntuser.ini
2014-04-02 00:27 - 2008-05-19 21:58 - 00000000 ____D () C:\Documents and Settings\Louis
2014-04-02 00:20 - 2014-03-27 10:29 - 95027928 ____T () C:\Documents and Settings\All Users\Application Data\mqbod88j6.bbr
2014-03-25 13:51 - 2009-05-21 21:33 - 00000486 _____ () C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
2014-03-25 00:47 - 2009-01-16 23:23 - 00160663 _____ () C:\WINDOWS\setupapi.log
2014-03-23 12:01 - 2012-06-24 21:59 - 00000944 _____ () C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2014-03-18 22:21 - 2008-05-19 22:00 - 00000000 ____D () C:\Documents and Settings\Louis\Application Data\Adobe
2014-03-18 18:21 - 2014-03-18 18:21 - 00001832 _____ () C:\Documents and Settings\All Users\Desktop\CastleLink Graph Viewer V3.56.21.lnk
2014-03-18 18:21 - 2014-03-18 18:21 - 00000880 _____ () C:\Documents and Settings\All Users\Desktop\CastleLink V3.56.21.lnk
2014-03-18 18:21 - 2014-03-18 18:21 - 00000000 ____D () C:\Program Files\Castle Creations
2014-03-18 18:21 - 2014-03-18 18:21 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Castle Link
2014-03-18 18:20 - 2014-03-18 18:20 - 00000000 ____D () C:\Documents and Settings\Louis\Application Data\Castle Creations
2014-03-17 23:18 - 2012-07-04 17:16 - 00000000 ____D () C:\Documents and Settings\Louis\My Documents\Prints - first Friday 2012
2014-03-17 00:13 - 2010-07-30 23:35 - 00001456 _____ () C:\Documents and Settings\Louis\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
2014-03-15 11:31 - 2013-07-15 16:24 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-03-15 01:08 - 2008-07-27 10:55 - 00000178 ___SH () C:\Documents and Settings\Christine\ntuser.ini
2014-03-11 11:25 - 2012-06-24 21:58 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-11 11:25 - 2011-08-17 23:19 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-09 16:07 - 2014-03-09 16:07 - 00000797 _____ () C:\Documents and Settings\All Users\Desktop\Digital Photo Professional.lnk
2014-03-09 16:07 - 2010-04-10 01:32 - 00000000 ____D () C:\Program Files\Canon
2014-03-09 16:07 - 2010-04-10 01:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon Utilities
2014-03-09 16:06 - 2014-03-09 16:06 - 00000000 ____D () C:\Program Files\Common Files\Canon_Inc_IC
2014-03-09 16:06 - 2014-03-09 16:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Canon_Inc_IC
2014-03-09 16:06 - 2008-05-19 22:38 - 00000000 ____D () C:\Documents and Settings\Louis\Application Data\Canon
2014-03-05 21:28 - 2008-06-14 10:45 - 02925568 ___SH () C:\Documents and Settings\Louis\My Documents\Thumbs.db

ZeroAccess:
C:\RECYCLER\S-1-5-21-1641238353-3198998844-2806619779-1008\$ce0dfa64d1422e9ad84769bc1b905d6e

Some content of TEMP:
====================
C:\Documents and Settings\Louis\Local Settings\Temp\kax-yovz.dll
C:\Documents and Settings\Louis\Local Settings\Temp\primosdk.DLL
C:\Documents and Settings\Louis\Local Settings\Temp\px.dll
C:\Documents and Settings\Louis\Local Settings\Temp\pxafs.dll
C:\Documents and Settings\Louis\Local Settings\Temp\PxCpyA64.exe
C:\Documents and Settings\Louis\Local Settings\Temp\PxCpyI64.exe
C:\Documents and Settings\Louis\Local Settings\Temp\pxdrv.dll
C:\Documents and Settings\Louis\Local Settings\Temp\pxhpinst.exe
C:\Documents and Settings\Louis\Local Settings\Temp\PxInsA64.exe
C:\Documents and Settings\Louis\Local Settings\Temp\PxInsI64.exe
C:\Documents and Settings\Louis\Local Settings\Temp\pxmas.dll
C:\Documents and Settings\Louis\Local Settings\Temp\pxsetup.exe
C:\Documents and Settings\Louis\Local Settings\Temp\pxsfs.dll
C:\Documents and Settings\Louis\Local Settings\Temp\pxwave.dll
C:\Documents and Settings\Louis\Local Settings\Temp\vxblock.dll
C:\Documents and Settings\Louis\Local Settings\Temp\_is158.exe

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Louis at 2014-04-03 23:13:05
Running from C:\Documents and Settings\Louis\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

==================== Installed Programs ======================

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Ad-Aware Antivirus (HKLM\...\{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}) (Version: 10.2.21.3698 - Lavasoft Limited)
Ad-Aware Browsing Protection (HKLM\...\Ad-Aware Browsing Protection) (Version: 0.9.0.2 - Lavasoft)
Ad-Aware Security Toolbar (HKLM\...\adawaretb) (Version: 0.9.1.4 - Lavasoft)
Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.5.5 - Adobe Systems) Hidden
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (HKLM\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated)
Adobe Color Common Settings (Version: 1.0.1 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite (HKLM\...\{D52ECEBC-9B20-41A5-81C4-A62DE2367419}) (Version: 2.0 - Adobe Systems,Inc.)
Adobe Creative Suite 5 Web Premium (HKLM\...\{CDC08463-9303-4BF1-BF8C-E1A2ECEE3248}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS3 (HKLM\...\Adobe_435a6af7459cb02a9c1138113a26e93) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS3 (Version: 9 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (HKLM\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (Version: 2.0.2 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS3 (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Flash CS3 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS3 Professional (HKLM\...\Adobe_c3c7fe8b09d497ab2b3fd91c9353390) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Video Encoder (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (HKLM\...\Adobe_a04a925a57548091300ada368235fc6) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 2 (HKLM\...\{531BC138-F1F7-496B-879C-F039ECEF438D}) (Version: 2 - Adobe)
Adobe Photoshop Lightroom 3 (HKLM\...\{23DD8A17-65DB-4D49-A2E0-164C6F460E3F}) (Version: 3.0.2 - Adobe)
Adobe Reader 9.5.2 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Amazon MP3 Downloader 1.0.17 (HKLM\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2016 - Avast Software)
AVS Update Manager 1.0 (HKLM\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
BookSmart® 3.2.3 3.2.3 (HKLM\...\BookSmart® 3.2.3 3.2.3) (Version:  - Blurb, Inc)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Canon Utilities Digital Photo Professional (HKLM\...\Digital Photo Professional) (Version: 3.13.51.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities Original Data Security Tools (HKLM\...\Original Data Security Tools) (Version: 1.8.0.1 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities WFT Utility (HKLM\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Castle Link (HKLM\...\{4CC00FB2-3247-4E2F-939C-84958E5EDA2E}) (Version: 3.56.21 - Castle Creations)
Cisco Systems VPN Client 5.0.00.0340 (HKLM\...\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}) (Version: 5.0.0 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM\...\{A4B72B94-7745-4CA8-A4D6-D8AC2442451C}) (Version: 1.0.153 - Citrix)
Conexant D850 56K V.9x DFVc Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version:  - )
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
Dell CinePlayer (HKLM\...\{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}) (Version: 3.0 - Dell)
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell Support Center (HKLM\...\{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}) (Version: 1.0.07192 - Dell)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
DellSupport (HKLM\...\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}) (Version: 6.0.3075 - Dell)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.10 - BVRP Software, Inc)
Documentation & Support Launcher (HKLM\...\{B0DF58A2-40DF-4465-AA56-38623EC9938C}) (Version: 1.00.0000 - Dell Inc.)
eMusic Download Manager 4.1.1 (HKLM\...\eMusic Download Manager) (Version: 4.1.1 - eMusic, Inc.)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Games, Music, & Photos Launcher (Version: 1.00.0000 - Dell Inc.) Hidden
Garmin Communicator Plugin (HKLM\...\{86B879A5-927E-4536-B5FC-17CA96B60078}) (Version: 2.6.4 - Garmin Ltd or its subsidiaries)
Garmin Lifetime Updater (HKLM\...\{0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}) (Version: 2.1.7 - Garmin)
Garmin USB Drivers (HKLM\...\{B1102A25-3AA3-446B-AA0F-A699B07A02FD}) (Version: 1.0.0.0 - Garmin Ltd or its subsidiaries)
getPlus® for Adobe (HKLM\...\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}) (Version: 1.5.2.29 - NOS Microsystems Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google SketchUp Pro 7 (HKLM\...\{CA9483A2-742A-4A72-881D-B81C6B1ACB3E}) (Version: 2.1.6860 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version:  - )
GoToMeeting 6.0.0.1259 (HKCU\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Internet Service Offers Launcher (Version: 1.00.0000 - Dell Inc.) Hidden
iWisoft Flash SWF to Video Converter 3.4 (HKLM\...\iWisoft Flash SWF to Video Converter_is1) (Version: 3.4.0 - www.flash-swf-converter.com)
J2SE Runtime Environment 5.0 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150060}) (Version: 1.5.0.60 - Sun Microsystems, Inc.)
Java™ 6 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160060}) (Version: 1.6.0.60 - Sun Microsystems, Inc.)
LightScribe  1.6.43.1 (Version: 1.6.43.1 - http://www.lightscribe.com) Hidden
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (Version: 7.4.0.5 - Logitech) Hidden
Logitech SetPoint 6.61 (HKLM\...\SP6) (Version: 6.61.15 - Logitech)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2416447) (HKLM\...\M2416447) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft IntelliPoint 6.2 (HKLM\...\{8C5FAD77-F678-4758-A296-C12F08D179E0}) (Version: 6.20.182.0 - Microsoft)
Microsoft IntelliType Pro 6.2 (HKLM\...\{345112D9-0930-4A68-AB71-A831BA5DE7AA}) (Version: 6.20.182.0 - Microsoft)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version:  - Microsoft Corporation) Hidden
Microsoft Money 2002 (HKLM\...\{E7298FD5-1386-11D5-8D6C-0050DAD32D95}) (Version: 10.0.50 - Microsoft)
Microsoft Money 2002 System Pack (HKLM\...\{CF5193F7-6B37-11D5-B7D2-00AA00A204F1}) (Version: 10.0.80 - Microsoft)
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business 2007 (HKLM\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU  (HKLM\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU  (HKLM\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft Works 2002 Setup Launcher (HKLM\...\Works2002Setup) (Version:  - )
Microsoft Works 6.0 (HKLM\...\{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}) (Version: 06.00.0000 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.40 - BVRP Software)
MotionBased Agent (HKLM\...\{70C4EFA5-F8B8-4015-9378-FCAA9000DF19}) (Version: 2.3.0.1 - MotionBased Technologies)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB954459) (HKLM\...\{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}) (Version: 6.20.1099.0 - Microsoft Corporation)
Musicmatch for Windows Media Player (HKLM\...\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
Neat Image v7.4.0 Home Standalone (HKLM\...\Neat Image Standalone_is1) (Version:  - Neat Image team, ABSoft)
Nero 7 Essentials (HKLM\...\{A2104078-AAA5-449E-95DD-55C9443A1033}) (Version: 7.02.8506 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.12 - BVRP Software, Inc)
Nikon Scan (HKLM\...\{9AE4AC96-A5F4-4F19-9D13-066C8B3CE034}) (Version:  - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PaperPort (HKLM\...\{A17EABB6-D0C6-44E5-820C-72DC7F495064}) (Version: 9.02.0814 - ScanSoft, Inc.)
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickBooks (Version: 21.0.4003.904 - Intuit Inc.) Hidden
QuickBooks Pro 2011 (HKLM\...\{11E0AC7D-6822-4F67-865F-EE1C13D28C38}) (Version: 21.0.4003.904 - Intuit Inc.)
QuickTime (HKLM\...\{C78EAC6F-7A73-452E-8134-DBB2165C5A68}) (Version: 7.62.14.0 - Apple Inc.)
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - RealNetworks)
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
RescuePRO™ 3.0 (HKLM\...\RescuePRO-3.0) (Version:  - )
Rosetta Stone Version 3 (HKLM\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)
SearchAssist (HKLM\...\SearchAssist) (Version:  - )
SecurDisc Viewer (HKLM\...\{ABD1DC2F-0D20-4C44-BEB9-3EEFA0EA1033}) (Version: 7.02.8511 - Nero AG)
Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Spyder3Elite (HKLM\...\Spyder3Elite) (Version:  - )
SupportSoft Assisted Service (HKLM\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
SyncToy 2.1 (x86) (HKLM\...\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}) (Version: 2.1.0 - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{620E77C0-CDFE-4C14-AAEB-830ABB65864C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{8153EC80-C988-4336-8DAF-6D99C0D26E0C}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{5DB2894C-2DA4-4DEF-A051-795AE799964A}) (Version:  - Microsoft)
Update for Outlook 2007 Junk Email Filter (kb2410711) (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{BB5A2EB0-4515-4C6B-A618-A6F6B0AB7BAA}) (Version:  - Microsoft)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows Internet Explorer 7 (KB980182) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB942763) (HKLM\...\KB942763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
Walmart MP3 Music Downloads (HKLM\...\Walmart MP3 Music Downloads) (Version: 1.6.4.4 - Walmart.com)
WD Diagnostics (HKLM\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WD SmartWare (HKLM\...\{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}) (Version: 1.2.0.8 - Western Digital)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebTablet FB Plugin 32 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (03/08/2007 2.2.1.0) (HKLM\...\45A7283175C62FAC673F913C1F532C5361F97841) (Version: 03/08/2007 2.2.1.0 - Garmin)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version:  - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 10 (Version: 9.00.3636 - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinISD Pro [alpha] (HKLM\...\WinISD Pro [alpha]) (Version:  - )
Works Suite OS Pack (Version: 1.0.0.0000 - Microsoft Corporation) Hidden
Works Synchronization (Version: 1.0.0.0000 - Your Company Name) Hidden
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.

==================== Hosts content: ==========================

2004-08-11 13:00 - 2004-08-04 01:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-LOUISDESKTOP-Louis.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-03 00:28 - 2014-04-02 11:20 - 02283520 _____ () C:\Program Files\Alwil Software\Avast5\defs\14040205\algo.dll
2007-04-03 17:18 - 2007-04-03 17:18 - 00197672 _____ () C:\WINDOWS\system32\vpnapi.dll
2004-08-11 13:00 - 2008-04-13 16:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-08-22 11:45 - 2013-12-04 08:35 - 00963864 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2012-06-08 18:13 - 2012-02-05 13:41 - 00210288 _____ () C:\Program Files\Ad-Aware Antivirus\Definitions\libBase64.dll
2012-06-08 18:13 - 2012-02-05 13:41 - 00181616 _____ () C:\Program Files\Ad-Aware Antivirus\Definitions\libMachoUniv.dll
2005-10-04 23:12 - 2005-10-04 23:12 - 00094208 _____ () C:\Program Files\Dell\Media Experience\DMXLauncher.exe
2014-02-07 22:31 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.DEU
2014-02-07 22:31 - 2009-02-27 16:32 - 00020480 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
2010-03-09 04:28 - 2010-05-28 03:06 - 00073728 _____ () C:\Program Files\Adobe\Adobe Bridge CS5\Symlib.dll
2010-03-09 04:28 - 2010-05-28 03:06 - 02748416 _____ () C:\Program Files\Adobe\Adobe Bridge CS5\LIBMYSQLD.dll
2010-09-30 17:51 - 2010-09-30 17:51 - 00268064 _____ () C:\Program Files\Intuit\QuickBooks 2006\boost_regex-vc90-mt-p-1_33.dll
2010-09-30 17:51 - 2010-09-30 17:51 - 00020256 _____ () C:\Program Files\Intuit\QuickBooks 2006\QBCompressor.dll
2005-07-19 23:18 - 2005-07-19 23:18 - 00059904 _____ () C:\Program Files\Intuit\QuickBooks 2006\zlib1.dll
2010-09-30 17:51 - 2010-09-30 17:51 - 00337184 _____ () C:\Program Files\Intuit\QuickBooks 2006\BackupLib.dll
2010-09-30 17:51 - 2010-09-30 17:51 - 00124704 _____ () C:\Program Files\Intuit\QuickBooks 2006\QBMAPILibrary.dll
2010-09-30 17:51 - 2010-09-30 17:51 - 00175904 _____ () C:\Program Files\Intuit\QuickBooks 2006\boost_serialization-vc90-mt-p-1_33.dll
2010-09-30 17:51 - 2010-09-30 17:51 - 00041248 _____ () C:\Program Files\Intuit\QuickBooks 2006\mbpopup.dll
2010-09-30 17:51 - 2010-09-30 17:51 - 00068896 _____ () C:\Program Files\Intuit\QuickBooks 2006\IPDWidgetBridge.dll
2010-09-30 17:51 - 2010-09-30 17:51 - 00092448 _____ () C:\Program Files\Intuit\QuickBooks 2006\IPDWidgetInterop.dll
2010-09-30 17:51 - 2010-09-30 17:51 - 00057120 _____ () C:\Program Files\Intuit\QuickBooks 2006\htmlhelper.dll
2007-11-06 12:08 - 2007-11-07 17:17 - 06306019 _____ () C:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
2009-08-19 15:49 - 2009-08-19 15:49 - 00049152 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
2009-07-29 15:24 - 2009-07-29 15:24 - 00504293 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Garmin Lifetime Updater => C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
MSCONFIG\startupreg: InCD => C:\Program Files\Nero\Nero 7\InCD\InCD.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: Microsoft Works Portfolio => C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
MSCONFIG\startupreg: MoneyAgent => "C:\Program Files\Microsoft Money\System\Money Express.exe"
MSCONFIG\startupreg: MoneyStartUp10.0 => "C:\Program Files\Microsoft Money\System\Activation.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: SecurDisc => C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: WorksFUD => C:\Program Files\Microsoft Works\wkfud.exe

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/03/2014 07:21:32 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2011":
DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from function:'DBMgr::DBConnPool::init'

Error: (04/03/2014 07:21:32 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2011":
Connection String:CON=QBConnectionPool-Probe-QB_data_engine_21; ;DBF=C:\Documents and Settings\Louis\My Documents\Integrative Physical Therapy updated.QBW;ENG=QB_data_engine_21;DBN=c18e7b80197b4e4da063021b08a656fd

Error: (04/03/2014 07:21:32 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2011":
Connection Error:Invalid user ID or password

Error: (04/03/2014 00:25:21 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (04/03/2014 00:25:21 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (04/03/2014 00:25:21 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (04/02/2014 00:45:52 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: Microsoft.BusinessSolutions.eCRM.OutlookAddIn.ImportExportUI, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070005

Error: (04/02/2014 00:24:42 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (04/02/2014 00:24:42 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (04/02/2014 00:24:42 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

System errors:
=============
Error: (04/03/2014 11:16:32 PM) (Source: DCOM) (User: LOUISDESKTOP)
Description: The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.

Error: (04/03/2014 11:15:19 PM) (Source: DCOM) (User: LOUISDESKTOP)
Description: The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.

Error: (04/03/2014 11:14:35 PM) (Source: DCOM) (User: LOUISDESKTOP)
Description: The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.

Error: (04/03/2014 11:14:05 PM) (Source: DCOM) (User: LOUISDESKTOP)
Description: The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.

Error: (04/03/2014 11:13:35 PM) (Source: DCOM) (User: LOUISDESKTOP)
Description: The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.

Error: (04/03/2014 10:55:54 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.

Error: (04/03/2014 09:05:24 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.

Error: (04/03/2014 08:54:37 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.

Error: (04/03/2014 08:54:07 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.

Error: (04/03/2014 08:53:37 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.

Microsoft Office Sessions:
=========================
Error: (08/29/2010 08:39:50 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/19/2010 03:02:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time.  This session ended with a crash.

==================== Memory info ===========================

Percentage of memory in use: 59%
Total physical RAM: 3069.85 MB
Available physical RAM: 1258.37 MB
Total Pagefile: 4955.05 MB
Available Pagefile: 3027.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:461.88 GB) (Free:89.63 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive e: (WD SmartWare) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF
Drive k: (Seagate Backup Plus Drive) (Fixed) (Total:2794.51 GB) (Free:1648.01 GB) NTFS
Drive l: (Elements) (Fixed) (Total:2794.52 GB) (Free:1718.63 GB) NTFS
Drive m: (My Book) (Fixed) (Total:930.86 GB) (Free:0.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 41AB2316)
Partition 1: (Not Active) - (Size=55 MB) - (Type=DE)
Partition 2: (Active) - (Size=462 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4 GB) - (Type=DB)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 5.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 6.

========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 931 GB) (Disk ID: 0002AE3F)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

THE TDSSKILLER SCAN DID NOT FIND ANYTHING:

 

Log:

 

23:22:03.0078 0x039c  TDSS rootkit removing tool 3.0.0.27 Apr  3 2014 23:03:10
23:22:09.0437 0x039c  ============================================================
23:22:09.0437 0x039c  Current date / time: 2014/04/03 23:22:09.0437
23:22:09.0437 0x039c  SystemInfo:
23:22:09.0437 0x039c 
23:22:09.0437 0x039c  OS Version: 5.1.2600 ServicePack: 3.0
23:22:09.0437 0x039c  Product type: Workstation
23:22:09.0437 0x039c  ComputerName: LOUISDESKTOP
23:22:09.0437 0x039c  UserName: Louis
23:22:09.0437 0x039c  Windows directory: C:\WINDOWS
23:22:09.0437 0x039c  System windows directory: C:\WINDOWS
23:22:09.0437 0x039c  Processor architecture: Intel x86
23:22:09.0437 0x039c  Number of processors: 2
23:22:09.0437 0x039c  Page size: 0x1000
23:22:09.0437 0x039c  Boot type: Normal boot
23:22:09.0437 0x039c  ============================================================
23:22:10.0437 0x039c  KLMD registered as C:\WINDOWS\system32\drivers\76439005.sys
23:22:11.0109 0x039c  System UUID: {4536995D-EF9E-7724-8D89-143A901C9E68}
23:22:12.0671 0x039c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:22:12.0734 0x039c  Drive \Device\Harddisk5\DR12 - Size: 0x2BAA1200000 (2794.52 Gb), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:22:12.0734 0x039c  Drive \Device\Harddisk6\DR14 - Size: 0x2BAA1475000 (2794.52 Gb), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:22:12.0968 0x039c  Drive \Device\Harddisk7\DR16 - Size: 0xE8B6F00000 (930.86 Gb), SectorSize: 0x200, Cylinders: 0x1DAAB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:22:12.0968 0x039c  ============================================================
23:22:12.0968 0x039c  \Device\Harddisk0\DR0:
23:22:12.0968 0x039c  MBR partitions:
23:22:12.0968 0x039c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x39BC42C7
23:22:12.0968 0x039c  \Device\Harddisk5\DR12:
23:22:12.0968 0x039c  MBR partitions:
23:22:12.0968 0x039c  \Device\Harddisk5\DR12\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BAA1100
23:22:12.0968 0x039c  \Device\Harddisk6\DR14:
23:22:12.0968 0x039c  MBR partitions:
23:22:12.0968 0x039c  \Device\Harddisk6\DR14\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2BAA0800
23:22:12.0968 0x039c  \Device\Harddisk7\DR16:
23:22:12.0968 0x039c  MBR partitions:
23:22:12.0968 0x039c  \Device\Harddisk7\DR16\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x745B7000
23:22:12.0968 0x039c  ============================================================
23:22:13.0015 0x039c  C: <-> \Device\Harddisk0\DR0\Partition1
23:22:13.0046 0x039c  K: <-> \Device\Harddisk6\DR14\Partition1
23:22:13.0078 0x039c  L: <-> \Device\Harddisk5\DR12\Partition1
23:22:13.0093 0x039c  M: <-> \Device\Harddisk7\DR16\Partition1
23:22:13.0093 0x039c  ============================================================
23:22:13.0093 0x039c  Initialize success
23:22:13.0093 0x039c  ============================================================
23:22:18.0765 0x0dd8  ============================================================
23:22:18.0765 0x0dd8  Scan started
23:22:18.0765 0x0dd8  Mode: Manual;
23:22:18.0765 0x0dd8  ============================================================
23:22:18.0765 0x0dd8  KSN ping started
23:22:33.0375 0x0dd8  KSN ping finished: true
23:22:34.0750 0x0dd8  ================ Scan system memory ========================
23:22:34.0765 0x0dd8  System memory - ok
23:22:34.0765 0x0dd8  ================ Scan services =============================
23:22:34.0953 0x0dd8  Abiosdsk - ok
23:22:34.0968 0x0dd8  [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
23:22:34.0968 0x0dd8  abp480n5 - ok
23:22:35.0078 0x0dd8  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:22:35.0093 0x0dd8  ACPI - ok
23:22:35.0109 0x0dd8  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
23:22:35.0125 0x0dd8  ACPIEC - ok
23:22:35.0281 0x0dd8  [ AF9658974154C3B6A333D86DC2E0AAC8, C3FCFC9EC01D7C96BA953CCCC8B540048ECC2840E8FA2C1994EEFD95E69D908A ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
23:22:35.0312 0x0dd8  Ad-Aware Service - ok
23:22:35.0406 0x0dd8  [ 5DDC0A8D2CD60BDA593DDAF45821CE08, 5A1599702C132C71F043576F50A4115647754FA5F7A01D17B72E147958A06383 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:22:35.0406 0x0dd8  Adobe LM Service - ok
23:22:35.0531 0x0dd8  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:22:35.0531 0x0dd8  AdobeFlashPlayerUpdateSvc - ok
23:22:35.0734 0x0dd8  [ FC9D93D13127E3252466D4A33039B54B, 8399E2E351F083857380A8340EE5ADA858E79AAAEDE2C67693780DEA781E2F3E ] AdobeVersionCue C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
23:22:35.0734 0x0dd8  AdobeVersionCue - ok
23:22:35.0781 0x0dd8  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
23:22:35.0781 0x0dd8  adpu160m - ok
23:22:35.0812 0x0dd8  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
23:22:35.0812 0x0dd8  aec - ok
23:22:35.0875 0x0dd8  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
23:22:35.0890 0x0dd8  AFD - ok
23:22:35.0906 0x0dd8  [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
23:22:35.0921 0x0dd8  agp440 - ok
23:22:35.0921 0x0dd8  [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
23:22:35.0921 0x0dd8  agpCPQ - ok
23:22:35.0921 0x0dd8  [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
23:22:35.0921 0x0dd8  Aha154x - ok
23:22:35.0921 0x0dd8  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
23:22:35.0937 0x0dd8  aic78u2 - ok
23:22:35.0937 0x0dd8  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
23:22:35.0937 0x0dd8  aic78xx - ok
23:22:35.0968 0x0dd8  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
23:22:35.0968 0x0dd8  Alerter - ok
23:22:35.0968 0x0dd8  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
23:22:35.0968 0x0dd8  ALG - ok
23:22:35.0984 0x0dd8  [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
23:22:35.0984 0x0dd8  AliIde - ok
23:22:36.0000 0x0dd8  [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
23:22:36.0000 0x0dd8  alim1541 - ok
23:22:36.0000 0x0dd8  [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
23:22:36.0000 0x0dd8  amdagp - ok
23:22:36.0000 0x0dd8  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
23:22:36.0000 0x0dd8  amsint - ok
23:22:36.0046 0x0dd8  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
23:22:36.0046 0x0dd8  AppMgmt - ok
23:22:36.0078 0x0dd8  [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
23:22:36.0078 0x0dd8  asc - ok
23:22:36.0093 0x0dd8  [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
23:22:36.0093 0x0dd8  asc3350p - ok
23:22:36.0093 0x0dd8  [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
23:22:36.0093 0x0dd8  asc3550 - ok
23:22:36.0265 0x0dd8  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:22:36.0328 0x0dd8  aspnet_state - ok
23:22:36.0359 0x0dd8  [ B347D2FEAE2D063943F16EC98634AB89, 2CA74745232607571ED088270B3B3FA555628455A257A6E52F133D650D861FD4 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
23:22:36.0359 0x0dd8  aswMonFlt - ok
23:22:36.0406 0x0dd8  [ 71A7C3DB37ED3F6118AC7FEB50574C35, D14BFFF9E1FA77ACB4F011C68645D3961E3278ED445D574F49653BA45F0332E2 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr.sys
23:22:36.0406 0x0dd8  aswRdr - ok
23:22:36.0437 0x0dd8  [ 84B4C00AE8CDFC52CF68F322D821F34C, 9971A8ECDF2B81F4AA59E7680639A8B798430E1FDF5A39C6E05E522BF2DEF3F8 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
23:22:36.0437 0x0dd8  aswRvrt - ok
23:22:36.0500 0x0dd8  [ 3A50AD6AE8D8A0F78F03316F5B93FE45, 6F3952EDA23E5FD7CACE152D3DA3B1F1238E9B9976CDD5193D21424463BAA0E9 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
23:22:36.0515 0x0dd8  aswSnx - ok
23:22:36.0546 0x0dd8  [ B6381B4DC603C558419641BA969930E0, F6586B6D055C62942CD0E5702FFCC6F4DB7424DC551EB0041876C3544994EB59 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
23:22:36.0546 0x0dd8  aswSP - ok
23:22:36.0578 0x0dd8  [ 4A90E597A9AF787C4CEA0DE95C1F74A7, 07A80674038F2C78DA5868CB4350C1E8618E3EAAA3E894E32FDF5C876D5280F4 ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
23:22:36.0593 0x0dd8  aswTdi - ok
23:22:36.0656 0x0dd8  [ 680448905E27BBC6587ADB28597640D6, A55297D872162178FDCF2C64C2357DCE1D98418AB84CF5E8621DED73C7484629 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
23:22:36.0656 0x0dd8  aswVmm - ok
23:22:36.0687 0x0dd8  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:22:36.0687 0x0dd8  AsyncMac - ok
23:22:36.0718 0x0dd8  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
23:22:36.0718 0x0dd8  atapi - ok
23:22:36.0718 0x0dd8  Atdisk - ok
23:22:36.0750 0x0dd8  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:22:36.0750 0x0dd8  Atmarpc - ok
23:22:36.0796 0x0dd8  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
23:22:36.0796 0x0dd8  AudioSrv - ok
23:22:36.0859 0x0dd8  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
23:22:36.0859 0x0dd8  audstub - ok
23:22:37.0015 0x0dd8  [ 28D6701C710AD7BA3CB95E75F8F1A9AA, 66EE8BC56E5043B5A84E1BA37D591EAD132BD949F03CA8092FDCC3E196AB39D0 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
23:22:37.0015 0x0dd8  avast! Antivirus - ok
23:22:37.0156 0x0dd8  [ 6163664C7E9CD110AF70180C126C3FDC, 9A801295CDE2BDE4EE0E96C610E4C01F6915DBDA2104D0E8873AFF1BC34A0FA1 ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
23:22:37.0156 0x0dd8  BcmSqlStartupSvc - ok
23:22:37.0218 0x0dd8  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:22:37.0218 0x0dd8  Beep - ok
23:22:37.0281 0x0dd8  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
23:22:37.0296 0x0dd8  BITS - ok
23:22:37.0375 0x0dd8  [ 73686FE0B2E0469F89FD2075BE724704, 4BC5BBA7ACB5BDA77251B82B9CF16C6A9EBBCC29760860A0F37ABDDF9288143F ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:22:37.0375 0x0dd8  Bonjour Service - ok
23:22:37.0406 0x0dd8  [ D3FACB34FFF5DB91ADB70987838F8BA7, 5892F2070F040D0E80D527BE7422F5583548BECF36BBDA07E1CF246A8B5E60E4 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
23:22:37.0406 0x0dd8  Brother XP spl Service - ok
23:22:37.0437 0x0dd8  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
23:22:37.0437 0x0dd8  Browser - ok
23:22:37.0468 0x0dd8  [ 6CF3AED19C2185C60DE2AE50EE37A342, 8848C26CAFCB022B4952BB70F89C8AAD6875920B8DB2C445BF8C470086079882 ] BrScnUsb        C:\WINDOWS\system32\Drivers\BrScnUsb.sys
23:22:37.0468 0x0dd8  BrScnUsb - ok
23:22:37.0484 0x0dd8  [ 26051D886F3333CB41857D6F52248DE1, EB9DA9AC1B766593ED2F538E367355CEBD6AE14FB3F5926443BBACC8924A6020 ] BrSerIf         C:\WINDOWS\system32\Drivers\BrSerIf.sys
23:22:37.0484 0x0dd8  BrSerIf - ok
23:22:37.0484 0x0dd8  [ 7AC85CDC03BEFD78908B3B6A73D201D0, 338BE17C3FF86F4C4FB5810C844BCB404FFF2BF18239065410D24B155D8E32B8 ] BrUsbSer        C:\WINDOWS\system32\Drivers\BrUsbSer.sys
23:22:37.0500 0x0dd8  BrUsbSer - ok
23:22:37.0500 0x0dd8  Bvncliet - ok
23:22:37.0500 0x0dd8  bvrp_pci - ok
23:22:37.0531 0x0dd8  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
23:22:37.0531 0x0dd8  cbidf - ok
23:22:37.0546 0x0dd8  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
23:22:37.0546 0x0dd8  cbidf2k - ok
23:22:37.0562 0x0dd8  [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
23:22:37.0562 0x0dd8  cd20xrnt - ok
23:22:37.0593 0x0dd8  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
23:22:37.0593 0x0dd8  Cdaudio - ok
23:22:37.0609 0x0dd8  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
23:22:37.0609 0x0dd8  Cdfs - ok
23:22:37.0625 0x0dd8  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:22:37.0625 0x0dd8  Cdrom - ok
23:22:37.0625 0x0dd8  Changer - ok
23:22:37.0687 0x0dd8  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
23:22:37.0687 0x0dd8  CiSvc - ok
23:22:37.0718 0x0dd8  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
23:22:37.0718 0x0dd8  ClipSrv - ok
23:22:37.0750 0x0dd8  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:22:37.0875 0x0dd8  clr_optimization_v2.0.50727_32 - ok
23:22:37.0968 0x0dd8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:22:37.0984 0x0dd8  clr_optimization_v4.0.30319_32 - ok
23:22:38.0031 0x0dd8  [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
23:22:38.0031 0x0dd8  CmdIde - ok
23:22:38.0031 0x0dd8  COMSysApp - ok
23:22:38.0046 0x0dd8  [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
23:22:38.0046 0x0dd8  Cpqarray - ok
23:22:38.0093 0x0dd8  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
23:22:38.0093 0x0dd8  CryptSvc - ok
23:22:38.0140 0x0dd8  [ B5ECADF7708960F1818C7FA015F4C239, A58BA71B08A9D46EB79EB3DF0858F553A11DE3461E13B6D926E25D21D4CBB2D8 ] CVirtA          C:\WINDOWS\system32\DRIVERS\CVirtA.sys
23:22:38.0140 0x0dd8  CVirtA - ok
23:22:38.0250 0x0dd8  [ 08D8FA119F2AD6AC0377FB667523482E, B7F84688F80803ABE5774673B7773850BFD257ECDE6C3A83CAB63F22E71F78B1 ] CVPND           C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
23:22:38.0296 0x0dd8  CVPND - ok
23:22:38.0343 0x0dd8  [ 1C2999966F0F36AA44EAECBEE70CF770, 15CA60FB792375DD2E29A4F0A45E64F2CFF5AEAD0E17B1AD300182EA649ACEC7 ] CVPNDRVA        C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
23:22:38.0343 0x0dd8  CVPNDRVA - ok
23:22:38.0375 0x0dd8  [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
23:22:38.0390 0x0dd8  dac2w2k - ok
23:22:38.0390 0x0dd8  [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
23:22:38.0390 0x0dd8  dac960nt - ok
23:22:38.0453 0x0dd8  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:22:38.0468 0x0dd8  DcomLaunch - ok
23:22:38.0531 0x0dd8  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
23:22:38.0546 0x0dd8  Dhcp - ok
23:22:38.0593 0x0dd8  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
23:22:38.0609 0x0dd8  Disk - ok
23:22:38.0609 0x0dd8  dmadmin - ok
23:22:38.0656 0x0dd8  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
23:22:38.0671 0x0dd8  dmboot - ok
23:22:38.0671 0x0dd8  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
23:22:38.0687 0x0dd8  dmio - ok
23:22:38.0703 0x0dd8  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
23:22:38.0703 0x0dd8  dmload - ok
23:22:38.0750 0x0dd8  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
23:22:38.0750 0x0dd8  dmserver - ok
23:22:38.0765 0x0dd8  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
23:22:38.0765 0x0dd8  DMusic - ok
23:22:38.0828 0x0dd8  [ 7B4FDFBE97C047175E613AA96F3DE987, 57B7089FD1C3B6B39D21174DA6A596033D113E7124F669E8AA6EAE5A3ECA6BCA ] DNE             C:\WINDOWS\system32\DRIVERS\dne2000.sys
23:22:38.0828 0x0dd8  DNE - ok
23:22:38.0859 0x0dd8  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:22:38.0875 0x0dd8  Dnscache - ok
23:22:38.0890 0x0dd8  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
23:22:38.0906 0x0dd8  Dot3svc - ok
23:22:38.0906 0x0dd8  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
23:22:38.0906 0x0dd8  dpti2o - ok
23:22:38.0953 0x0dd8  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
23:22:38.0953 0x0dd8  drmkaud - ok
23:22:39.0062 0x0dd8  [ 245F62A2AA67F4A61F10174BF1017327, 350CBA05B0AB399FB808F7285BB22D25732BB244478104605C362DD6BCC82610 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
23:22:39.0062 0x0dd8  DSBrokerService - ok
23:22:39.0109 0x0dd8  [ 413F2D5F9D802688242C23B38F767ECB, 6D5B6B8FC6E8E45555C444D3E881D3E44DE4C6F2602ADBB4D0E8E9F834089827 ] DSproct         C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
23:22:39.0109 0x0dd8  DSproct - ok
23:22:39.0125 0x0dd8  [ DFEABB7CFFFADEA4A912AB95BDC3177A, 9A93956CF826F419ACB2B3CA8809917E345ACFD43B102EAB18DB46F49859D1C7 ] dsunidrv        C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
23:22:39.0140 0x0dd8  dsunidrv - ok
23:22:39.0140 0x0dd8  [ 3FCA03CBCA11269F973B70FA483C88EF, 0995989B9EBE5CE1C5489139849FB2AD69DE9749650BBC262AD754E5CE457C59 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
23:22:39.0140 0x0dd8  E100B - ok
23:22:39.0218 0x0dd8  [ D0E8DD3F56BD8488995F67B80FF51461, 5A627F309834A5D3E885ABA50248792EC826A304475AE7247701CBAF217E33A8 ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
23:22:39.0218 0x0dd8  e1express - ok
23:22:39.0250 0x0dd8  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
23:22:39.0250 0x0dd8  EapHost - ok
23:22:39.0343 0x0dd8  [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
23:22:39.0343 0x0dd8  EpsonBidirectionalService - ok
23:22:39.0406 0x0dd8  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
23:22:39.0406 0x0dd8  ERSvc - ok
23:22:39.0468 0x0dd8  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
23:22:39.0484 0x0dd8  Eventlog - ok
23:22:39.0546 0x0dd8  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
23:22:39.0546 0x0dd8  EventSystem - ok
23:22:39.0562 0x0dd8  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
23:22:39.0562 0x0dd8  Fastfat - ok
23:22:39.0625 0x0dd8  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:22:39.0640 0x0dd8  FastUserSwitchingCompatibility - ok
23:22:39.0656 0x0dd8  [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe
23:22:39.0671 0x0dd8  Fax - ok
23:22:39.0687 0x0dd8  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
23:22:39.0687 0x0dd8  Fdc - ok
23:22:39.0750 0x0dd8  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
23:22:39.0750 0x0dd8  Fips - ok
23:22:39.0843 0x0dd8  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:22:39.0859 0x0dd8  FLEXnet Licensing Service - ok
23:22:39.0859 0x0dd8  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:22:39.0859 0x0dd8  Flpydisk - ok
23:22:39.0921 0x0dd8  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
23:22:39.0921 0x0dd8  FltMgr - ok
23:22:40.0046 0x0dd8  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:22:40.0046 0x0dd8  FontCache3.0.0.0 - ok
23:22:40.0062 0x0dd8  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:22:40.0062 0x0dd8  Fs_Rec - ok
23:22:40.0093 0x0dd8  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:22:40.0093 0x0dd8  Ftdisk - ok
23:22:40.0171 0x0dd8  [ 360FC9E29EBCD7CB75320E2663EBA0F2, 00A9D79ABBC2D6D414EF9C55B1C18346A94CC81822B05F61EBE32FAC901922EF ] getPlusHelper   C:\Program Files\NOS\bin\getPlus_Helper.dll
23:22:40.0171 0x0dd8  getPlusHelper - ok
23:22:40.0250 0x0dd8  [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist      C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
23:22:40.0250 0x0dd8  GoToAssist - ok
23:22:40.0281 0x0dd8  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:22:40.0281 0x0dd8  Gpc - ok
23:22:40.0328 0x0dd8  [ D956358054E99E6FFAC69CD87E893A89, 91CDDEDBAB9E0E4DED1465DA2364F4281E54A7E4645B61CC19B26053A4047314 ] grmnusb         C:\WINDOWS\system32\drivers\grmnusb.sys
23:22:40.0328 0x0dd8  grmnusb - ok
23:22:40.0500 0x0dd8  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
23:22:40.0500 0x0dd8  gupdate - ok
23:22:40.0500 0x0dd8  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
23:22:40.0500 0x0dd8  gupdatem - ok
23:22:40.0593 0x0dd8  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:22:40.0593 0x0dd8  gusvc - ok
23:22:40.0609 0x0dd8  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:22:40.0609 0x0dd8  HDAudBus - ok
23:22:40.0734 0x0dd8  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:22:40.0734 0x0dd8  helpsvc - ok
23:22:40.0781 0x0dd8  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
23:22:40.0796 0x0dd8  HidServ - ok
23:22:40.0859 0x0dd8  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:22:40.0859 0x0dd8  HidUsb - ok
23:22:40.0906 0x0dd8  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
23:22:40.0906 0x0dd8  hkmsvc - ok
23:22:40.0937 0x0dd8  [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
23:22:40.0937 0x0dd8  hpn - ok
23:22:40.0984 0x0dd8  [ 77E4FF0B73BC0AEAAF39BF0C8104231F, A5D35FCD9E52003D990EB97DF1634DE9B516647C8DAAD3152550CD875DBBDA82 ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
23:22:40.0984 0x0dd8  HSFHWBS2 - ok
23:22:41.0062 0x0dd8  [ 60E1604729A15EF4A3B05F298427B3B1, 139DE473F645A300DD436B4AA8359A23FCE3BB9688B6B597E89F8ADBC36A71B9 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
23:22:41.0093 0x0dd8  HSF_DP - ok
23:22:41.0156 0x0dd8  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
23:22:41.0171 0x0dd8  HTTP - ok
23:22:41.0234 0x0dd8  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
23:22:41.0234 0x0dd8  HTTPFilter - ok
23:22:41.0296 0x0dd8  [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
23:22:41.0296 0x0dd8  i2omgmt - ok
23:22:41.0312 0x0dd8  [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
23:22:41.0312 0x0dd8  i2omp - ok
23:22:41.0328 0x0dd8  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:22:41.0343 0x0dd8  i8042prt - ok
23:22:41.0453 0x0dd8  [ B122BE74E283A2BC7FEBC180BFD2EFD5, 3FB9AE63AB2ECAC62C03FF19BE60E39C8C2985868FBA393039795A660A05DED3 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
23:22:41.0453 0x0dd8  IAANTMON - ok
23:22:41.0484 0x0dd8  [ 019CF5F31C67030841233C545A0E217A, 594D97054E3A8034D8BC3AE3B9CD8A00D95BB68F8CDA84E96D8EE08D5F24E101 ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
23:22:41.0484 0x0dd8  iaStor - ok
23:22:41.0593 0x0dd8  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
23:22:41.0593 0x0dd8  IDriverT - ok
23:22:41.0687 0x0dd8  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:22:41.0703 0x0dd8  idsvc - ok
23:22:41.0734 0x0dd8  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
23:22:41.0734 0x0dd8  Imapi - ok
23:22:41.0796 0x0dd8  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
23:22:41.0812 0x0dd8  ImapiService - ok
23:22:41.0843 0x0dd8  [ 7BFC3EDA22190C0FE8C2CA19E5379DA5, 6FE72CD21459EC705E672506BD988B639FEDE5F240D8BB5149B5EACFD36E5128 ] InCDfs          C:\WINDOWS\system32\drivers\InCDFs.sys
23:22:41.0843 0x0dd8  InCDfs - ok
23:22:41.0843 0x0dd8  [ FC4DBF18A4EB0D2FE3171471A3D0F9A8, 9DD219DDD95D6974BFC2BF00C44696F791F9653EC53578B92985E570D99140BB ] InCDPass        C:\WINDOWS\system32\drivers\InCDPass.sys
23:22:41.0843 0x0dd8  InCDPass - ok
23:22:41.0859 0x0dd8  [ F8E7C551DEF07FDC12CA5CC7AE5D975B, 7063081AB801E7DF32D737EB1446443B0EC40F3E433BA7BF565674A3FC4C5B26 ] InCDrec         C:\WINDOWS\system32\drivers\InCDrec.sys
23:22:41.0859 0x0dd8  InCDrec - ok
23:22:41.0890 0x0dd8  [ 31A5A3809249A326EB0EF58D563A9654, 8C308D607F521190253B09EFB1EA95751558675030CC53250ADB444519F6EE95 ] incdrm          C:\WINDOWS\system32\drivers\InCDRm.sys
23:22:41.0890 0x0dd8  incdrm - ok
23:22:42.0062 0x0dd8  [ C773D093D5C18765E71C7992AEE051A2, 163B061D953DFF5867B89721C5B0F747B76D426A28414A7BECAC47D4295CAF95 ] InCDsrv         C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
23:22:42.0093 0x0dd8  InCDsrv - ok
23:22:42.0140 0x0dd8  [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
23:22:42.0140 0x0dd8  ini910u - ok
23:22:42.0156 0x0dd8  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
23:22:42.0156 0x0dd8  IntelIde - ok
23:22:42.0203 0x0dd8  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:22:42.0203 0x0dd8  intelppm - ok
23:22:42.0218 0x0dd8  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
23:22:42.0218 0x0dd8  Ip6Fw - ok
23:22:42.0250 0x0dd8  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:22:42.0250 0x0dd8  IpFilterDriver - ok
23:22:42.0250 0x0dd8  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:22:42.0250 0x0dd8  IpInIp - ok
23:22:42.0281 0x0dd8  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:22:42.0281 0x0dd8  IpNat - ok
23:22:42.0343 0x0dd8  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:22:42.0343 0x0dd8  IPSec - ok
23:22:42.0359 0x0dd8  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
23:22:42.0359 0x0dd8  IRENUM - ok
23:22:42.0375 0x0dd8  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:22:42.0375 0x0dd8  isapnp - ok
23:22:42.0437 0x0dd8  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:22:42.0437 0x0dd8  Kbdclass - ok
23:22:42.0468 0x0dd8  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:22:42.0468 0x0dd8  kbdhid - ok
23:22:42.0500 0x0dd8  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
23:22:42.0515 0x0dd8  kmixer - ok
23:22:42.0546 0x0dd8  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
23:22:42.0546 0x0dd8  KSecDD - ok
23:22:42.0593 0x0dd8  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
23:22:42.0593 0x0dd8  lanmanserver - ok
23:22:42.0656 0x0dd8  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:22:42.0671 0x0dd8  lanmanworkstation - ok
23:22:42.0671 0x0dd8  Lbd - ok
23:22:42.0718 0x0dd8  [ CF9F4EFDF34FA5BF96FA2AB8F2255CE8, C7CBA35B2D2E4AA7C4B0C8AA79F96D8CEC519FF0E32CD3E6AC109B83E215872D ] LBeepKE         C:\WINDOWS\system32\Drivers\LBeepKE.sys
23:22:42.0718 0x0dd8  LBeepKE - ok
23:22:42.0718 0x0dd8  lbrtfdc - ok
23:22:42.0875 0x0dd8  [ FF9E074CCC950398C7D293E1D4D003B3, 542104549F47BB99E9B93503485E7FDA50CAECB6B8C05D00752446DBE69A006B ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
23:22:42.0875 0x0dd8  LBTServ - ok
23:22:42.0937 0x0dd8  [ 59CED2543392EB10B2E8FEAE87A5D248, 3C412D8CB95AF1591D97884B6E3A1761C9EBC8FB66FC44820B47AB7AAEDB195F ] LEqdUsb         C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
23:22:42.0937 0x0dd8  LEqdUsb - ok
23:22:43.0000 0x0dd8  [ 26163F0F1C2636AE3FFF7C54600204A5, ED0BC7A1B70706896E2CF4909ECE472C3F28D515ECA8251CE907129CBAEE678B ] LHidEqd         C:\WINDOWS\system32\Drivers\LHidEqd.Sys
23:22:43.0000 0x0dd8  LHidEqd - ok
23:22:43.0000 0x0dd8  [ 74EA099C3D9DAD3A657BD89ED4A81C6D, AE0AED792857458CBBEDAD02462FDB5B687D06F5A33547A3EBB39812513BCEDA ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
23:22:43.0000 0x0dd8  LHidFilt - ok
23:22:43.0031 0x0dd8  [ 31D8B705DCD5F2366186E731F87C7A71, D73DC732EF74C3C0EADD650B65BC6EEB44EA2C4E86BFD5BE989971A34FBA160A ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23:22:43.0031 0x0dd8  LightScribeService - ok
23:22:43.0078 0x0dd8  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
23:22:43.0078 0x0dd8  LmHosts - ok
23:22:43.0109 0x0dd8  [ E9D42CDD5BD22BE28247B77953735650, A3CB9B62278830A40150C079370431B71BF5D04240CCE48D116D467D94006402 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
23:22:43.0109 0x0dd8  LMouFilt - ok
23:22:43.0140 0x0dd8  [ EEAEA6514BA7C9D273B5E87C4E1AAB30, 3B724C6A8867B1B7A45D832150E0CFAC1004D3B972A2A7BFDD2ADDDB2488BB1E ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
23:22:43.0140 0x0dd8  mdmxsdk - ok
23:22:43.0171 0x0dd8  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
23:22:43.0171 0x0dd8  Messenger - ok
23:22:43.0218 0x0dd8  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
23:22:43.0218 0x0dd8  mnmdd - ok
23:22:43.0265 0x0dd8  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
23:22:43.0281 0x0dd8  mnmsrvc - ok
23:22:43.0328 0x0dd8  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
23:22:43.0328 0x0dd8  Modem - ok
23:22:43.0343 0x0dd8  [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
23:22:43.0343 0x0dd8  MODEMCSA - ok
23:22:43.0406 0x0dd8  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:22:43.0406 0x0dd8  Mouclass - ok
23:22:43.0406 0x0dd8  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:22:43.0406 0x0dd8  mouhid - ok
23:22:43.0421 0x0dd8  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
23:22:43.0421 0x0dd8  MountMgr - ok
23:22:43.0484 0x0dd8  [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
23:22:43.0484 0x0dd8  mraid35x - ok
23:22:43.0500 0x0dd8  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:22:43.0500 0x0dd8  MRxDAV - ok
23:22:43.0578 0x0dd8  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:22:43.0593 0x0dd8  MRxSmb - ok
23:22:43.0593 0x0dd8  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
23:22:43.0593 0x0dd8  MSDTC - ok
23:22:43.0593 0x0dd8  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:22:43.0593 0x0dd8  Msfs - ok
23:22:43.0609 0x0dd8  MSIServer - ok
23:22:43.0609 0x0dd8  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:22:43.0609 0x0dd8  MSKSSRV - ok
23:22:43.0609 0x0dd8  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:22:43.0609 0x0dd8  MSPCLOCK - ok
23:22:43.0609 0x0dd8  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
23:22:43.0625 0x0dd8  MSPQM - ok
23:22:43.0625 0x0dd8  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:22:43.0625 0x0dd8  mssmbios - ok
23:22:43.0734 0x0dd8  MSSQL$MSSMLBIZ - ok
23:22:43.0812 0x0dd8  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
23:22:43.0812 0x0dd8  MSSQLServerADHelper - ok
23:22:43.0828 0x0dd8  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
23:22:43.0828 0x0dd8  Mup - ok
23:22:43.0859 0x0dd8  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
23:22:43.0875 0x0dd8  napagent - ok
23:22:43.0984 0x0dd8  [ 6D8FCDD5BB3B676EF58FA234073492C6, 07A69DD00E45C59CBB6FABFBD62FE897655970BE2D09997CF29D20241ED9AF13 ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
23:22:44.0000 0x0dd8  NBService - ok
23:22:44.0062 0x0dd8  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
23:22:44.0062 0x0dd8  NDIS - ok
23:22:44.0125 0x0dd8  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:22:44.0125 0x0dd8  NdisTapi - ok
23:22:44.0140 0x0dd8  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:22:44.0140 0x0dd8  Ndisuio - ok
23:22:44.0140 0x0dd8  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:22:44.0156 0x0dd8  NdisWan - ok
23:22:44.0218 0x0dd8  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
23:22:44.0218 0x0dd8  NDProxy - ok
23:22:44.0281 0x0dd8  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
23:22:44.0281 0x0dd8  NetBIOS - ok
23:22:44.0296 0x0dd8  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
23:22:44.0296 0x0dd8  NetBT - ok
23:22:44.0343 0x0dd8  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
23:22:44.0343 0x0dd8  NetDDE - ok
23:22:44.0359 0x0dd8  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
23:22:44.0359 0x0dd8  NetDDEdsdm - ok
23:22:44.0406 0x0dd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:22:44.0406 0x0dd8  Netlogon - ok
23:22:44.0421 0x0dd8  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
23:22:44.0437 0x0dd8  Netman - ok
23:22:44.0484 0x0dd8  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:22:44.0500 0x0dd8  NetTcpPortSharing - ok
23:22:44.0562 0x0dd8  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
23:22:44.0578 0x0dd8  Nla - ok
23:22:44.0671 0x0dd8  [ E584D6668E6A3923FF32E026A5ED2A03, 5DB5BE3410989AD92B2B4F48C363659D93E808A81411CE0DFA28098D2EA19DE3 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
23:22:44.0687 0x0dd8  NMIndexingService - ok
23:22:44.0687 0x0dd8  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:22:44.0687 0x0dd8  Npfs - ok
23:22:44.0718 0x0dd8  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
23:22:44.0734 0x0dd8  Ntfs - ok
23:22:44.0750 0x0dd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
23:22:44.0750 0x0dd8  NtLmSsp - ok
23:22:44.0781 0x0dd8  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
23:22:44.0796 0x0dd8  NtmsSvc - ok
23:22:44.0828 0x0dd8  [ CF7E041663119E09D2E118521ADA9300, 0BDDEDA787CCBE34D515945717AF972143A3684F6D37F87B639D6A5371F381CC ] NuidFltr        C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
23:22:44.0843 0x0dd8  NuidFltr - ok
23:22:44.0859 0x0dd8  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:22:44.0859 0x0dd8  Null - ok
23:22:45.0187 0x0dd8  [ 8E72E452B9CC1E455D19E3C9FA964D37, 5242982754402BB7F1D05A467EF98CFA62BC14AC901E975477F8332000AD1D57 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:22:45.0328 0x0dd8  nv - ok
23:22:45.0390 0x0dd8  [ 934833B3CD462A6F8A96F64D024C8B20, D64DC1BACF732F7EBDB0698C181C492A51C88B932E8E18C7A22814D3155E5D37 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
23:22:45.0390 0x0dd8  NVSvc - ok
23:22:45.0453 0x0dd8  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:22:45.0453 0x0dd8  NwlnkFlt - ok
23:22:45.0453 0x0dd8  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:22:45.0453 0x0dd8  NwlnkFwd - ok
23:22:45.0640 0x0dd8  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:22:45.0640 0x0dd8  odserv - ok
23:22:45.0687 0x0dd8  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:22:45.0703 0x0dd8  ose - ok
23:22:45.0750 0x0dd8  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
23:22:45.0750 0x0dd8  Parport - ok
23:22:45.0781 0x0dd8  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
23:22:45.0781 0x0dd8  PartMgr - ok
23:22:45.0781 0x0dd8  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
23:22:45.0781 0x0dd8  ParVdm - ok
23:22:45.0781 0x0dd8  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
23:22:45.0781 0x0dd8  PCI - ok
23:22:45.0796 0x0dd8  PCIDump - ok
23:22:45.0843 0x0dd8  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
23:22:45.0843 0x0dd8  PCIIde - ok
23:22:45.0843 0x0dd8  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
23:22:45.0859 0x0dd8  Pcmcia - ok
23:22:45.0859 0x0dd8  PDCOMP - ok
23:22:45.0859 0x0dd8  PDFRAME - ok
23:22:45.0859 0x0dd8  PDRELI - ok
23:22:45.0859 0x0dd8  PDRFRAME - ok
23:22:45.0859 0x0dd8  [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
23:22:45.0875 0x0dd8  perc2 - ok
23:22:45.0875 0x0dd8  [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
23:22:45.0875 0x0dd8  perc2hib - ok
23:22:45.0906 0x0dd8  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
23:22:45.0906 0x0dd8  PlugPlay - ok
23:22:45.0968 0x0dd8  [ B4F59A953EF9E507F0D00C3A68580B8B, 90E6245A400162656B0C432D431B3B0CC3C1053CC750B49AF7E5878C6A5DD5C8 ] Point32         C:\WINDOWS\system32\DRIVERS\point32.sys
23:22:45.0968 0x0dd8  Point32 - ok
23:22:45.0968 0x0dd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
23:22:45.0984 0x0dd8  PolicyAgent - ok
23:22:45.0984 0x0dd8  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:22:46.0000 0x0dd8  PptpMiniport - ok
23:22:46.0000 0x0dd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:22:46.0000 0x0dd8  ProtectedStorage - ok
23:22:46.0000 0x0dd8  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
23:22:46.0000 0x0dd8  PSched - ok
23:22:46.0015 0x0dd8  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:22:46.0015 0x0dd8  Ptilink - ok
23:22:46.0046 0x0dd8  [ 153D02480A0A2F45785522E814C634B6, 02B7590F2F4A8FA0B031CDA7A28BD55E7C04A080C1EA810BF3AC3212A62153A6 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:22:46.0046 0x0dd8  PxHelp20 - ok
23:22:46.0187 0x0dd8  [ 56A6210ACA051227EAFEEFA628BB5A9B, 72729899E74B30C616676783A583A6974B4583AB0B0F618A0F069059ED43544B ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
23:22:46.0187 0x0dd8  QBCFMonitorService - ok
23:22:46.0312 0x0dd8  [ 6BEE1814470DC12FA20C53DFC3C97EBB, 91E8C22E54A090966E9B96395392B2C03A32DB1AF8DB2289E2EA9460F0A76C0F ] QBFCService     C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
23:22:46.0312 0x0dd8  QBFCService - ok
23:22:46.0421 0x0dd8  [ 147552E28311DB3E86188A356A7A9F9C, D76D4A5EF925CDCEDD50331EF981922FB1AF6CF5C33393594BD958253D7C3E18 ] QBVSS           C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
23:22:46.0453 0x0dd8  QBVSS - ok
23:22:46.0515 0x0dd8  [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
23:22:46.0515 0x0dd8  ql1080 - ok
23:22:46.0515 0x0dd8  [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
23:22:46.0515 0x0dd8  Ql10wnt - ok
23:22:46.0515 0x0dd8  [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
23:22:46.0531 0x0dd8  ql12160 - ok
23:22:46.0531 0x0dd8  [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
23:22:46.0531 0x0dd8  ql1240 - ok
23:22:46.0531 0x0dd8  [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
23:22:46.0531 0x0dd8  ql1280 - ok
23:22:46.0609 0x0dd8  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:22:46.0609 0x0dd8  RasAcd - ok
23:22:46.0656 0x0dd8  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
23:22:46.0656 0x0dd8  RasAuto - ok
23:22:46.0687 0x0dd8  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:22:46.0703 0x0dd8  Rasl2tp - ok
23:22:46.0750 0x0dd8  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:22:46.0765 0x0dd8  RasMan - ok
23:22:46.0765 0x0dd8  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:22:46.0765 0x0dd8  RasPppoe - ok
23:22:46.0781 0x0dd8  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
23:22:46.0781 0x0dd8  Raspti - ok
23:22:46.0796 0x0dd8  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:22:46.0812 0x0dd8  Rdbss - ok
23:22:46.0812 0x0dd8  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:22:46.0812 0x0dd8  RDPCDD - ok
23:22:46.0828 0x0dd8  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:22:46.0828 0x0dd8  rdpdr - ok
23:22:46.0875 0x0dd8  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
23:22:46.0890 0x0dd8  RDPWD - ok
23:22:46.0906 0x0dd8  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
23:22:46.0921 0x0dd8  RDSessMgr - ok
23:22:46.0984 0x0dd8  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
23:22:46.0984 0x0dd8  redbook - ok
23:22:47.0031 0x0dd8  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:22:47.0031 0x0dd8  RemoteAccess - ok
23:22:47.0062 0x0dd8  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
23:22:47.0078 0x0dd8  RemoteRegistry - ok
23:22:47.0078 0x0dd8  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:22:47.0078 0x0dd8  RpcLocator - ok
23:22:47.0109 0x0dd8  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
23:22:47.0125 0x0dd8  RpcSs - ok
23:22:47.0156 0x0dd8  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
23:22:47.0171 0x0dd8  RSVP - ok
23:22:47.0203 0x0dd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
23:22:47.0203 0x0dd8  SamSs - ok
23:22:47.0437 0x0dd8  [ BCE943896289A91AD75CC5652620B1C6, 6D261602C210888DD26215115A43FDCA29A96FFE649ABF0B7E67080B7DEAECED ] SBAMSvc         C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
23:22:47.0515 0x0dd8  SBAMSvc - ok
23:22:47.0578 0x0dd8  [ 62BA65CC0B4A4BD1EAFF5FED6E2B5069, DDB6CE351714DFC783F75254D23402AD75BEACF4B7AB56321CD397339202E89D ] sbaphd          C:\WINDOWS\system32\drivers\sbaphd.sys
23:22:47.0578 0x0dd8  sbaphd - ok
23:22:47.0640 0x0dd8  [ 3FFF8CDA4D2F29CA06F1557E85163C30, 83B6DC7652A9B6518EE768B0DE34275BFAB0A62E4459E51BD461636BC539D8CC ] sbapifs         C:\WINDOWS\system32\drivers\sbapifs.sys
23:22:47.0656 0x0dd8  sbapifs - ok
23:22:47.0734 0x0dd8  [ DC19FF9879775AC86BAA9C9282573E87, 02B1F1D3C7AAC8208036F68B8A4F80866F246A100F61C91955E27CF53787D316 ] SbFw            C:\WINDOWS\system32\drivers\SbFw.sys
23:22:47.0734 0x0dd8  SbFw - ok
23:22:47.0750 0x0dd8  [ 1DCAD90CC9C0DDC7D060FD97854F8518, 09223141827E3CE06ECC5DB0D7647D0E8E74D56D271943263EECB1B889F4F796 ] SBFWIMCL        C:\WINDOWS\system32\DRIVERS\sbfwim.sys
23:22:47.0750 0x0dd8  SBFWIMCL - ok
23:22:47.0750 0x0dd8  [ 1DCAD90CC9C0DDC7D060FD97854F8518, 09223141827E3CE06ECC5DB0D7647D0E8E74D56D271943263EECB1B889F4F796 ] SBFWIMCLMP      C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
23:22:47.0750 0x0dd8  SBFWIMCLMP - ok
23:22:47.0765 0x0dd8  [ 1FD538C4FEB36B793D2121F20BBDC16F, 4785268D6116BD7363FD1802784D706A4392B3CCEBAE2840789A147903706BFB ] SBRE            C:\WINDOWS\system32\drivers\SBREdrv.sys
23:22:47.0765 0x0dd8  SBRE - ok
23:22:47.0812 0x0dd8  [ 3CCB4C5686D23033FD01835BED868B4B, 185BE0F5DAB109F9609B47712116B7D760680D12EF31DC17A093584EF7C6657E ] sbtis           C:\WINDOWS\system32\drivers\sbtis.sys
23:22:47.0812 0x0dd8  sbtis - ok
23:22:47.0859 0x0dd8  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
23:22:47.0859 0x0dd8  SCardSvr - ok
23:22:47.0921 0x0dd8  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:22:47.0937 0x0dd8  Schedule - ok
23:22:47.0984 0x0dd8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:22:47.0984 0x0dd8  Secdrv - ok
23:22:48.0015 0x0dd8  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
23:22:48.0015 0x0dd8  seclogon - ok
23:22:48.0046 0x0dd8  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
23:22:48.0046 0x0dd8  SENS - ok
23:22:48.0093 0x0dd8  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
23:22:48.0093 0x0dd8  serenum - ok
23:22:48.0125 0x0dd8  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
23:22:48.0125 0x0dd8  Serial - ok
23:22:48.0140 0x0dd8  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
23:22:48.0140 0x0dd8  Sfloppy - ok
23:22:48.0156 0x0dd8  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:22:48.0171 0x0dd8  ShellHWDetection - ok
23:22:48.0171 0x0dd8  Simbad - ok
23:22:48.0203 0x0dd8  [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
23:22:48.0203 0x0dd8  sisagp - ok
23:22:48.0234 0x0dd8  [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
23:22:48.0250 0x0dd8  Sparrow - ok
23:22:48.0265 0x0dd8  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
23:22:48.0265 0x0dd8  splitter - ok
23:22:48.0328 0x0dd8  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
23:22:48.0328 0x0dd8  Spooler - ok
23:22:48.0390 0x0dd8  [ 1C63FE706AB797BC3C24813FF969B4DE, 7AD2016E1A8119B3E6063F8D065BA16D558E8DA4293604BE4CF7D1C493F5CEED ] Spyder3         C:\WINDOWS\system32\DRIVERS\Spyder3.sys
23:22:48.0390 0x0dd8  Spyder3 - ok
23:22:48.0406 0x0dd8  [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser      c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
23:22:48.0406 0x0dd8  SQLBrowser - ok
23:22:48.0453 0x0dd8  [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:22:48.0453 0x0dd8  SQLWriter - ok
23:22:48.0468 0x0dd8  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
23:22:48.0468 0x0dd8  sr - ok
23:22:48.0484 0x0dd8  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
23:22:48.0484 0x0dd8  srservice - ok
23:22:48.0531 0x0dd8  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
23:22:48.0546 0x0dd8  Srv - ok
23:22:48.0578 0x0dd8  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
23:22:48.0578 0x0dd8  SSDPSRV - ok
23:22:48.0687 0x0dd8  [ 797FCC1D859B203958E915BB82528DA9, CF2BB15ED03322323CEFAD2D9600959ADB41B22E22D78D81E79969C784F09A66 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
23:22:48.0703 0x0dd8  STHDA - ok
23:22:48.0734 0x0dd8  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
23:22:48.0750 0x0dd8  stisvc - ok
23:22:48.0750 0x0dd8  stllssvr - ok
23:22:48.0812 0x0dd8  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
23:22:48.0812 0x0dd8  swenum - ok
23:22:48.0953 0x0dd8  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:22:48.0968 0x0dd8  SwitchBoard - ok
23:22:48.0968 0x0dd8  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
23:22:48.0984 0x0dd8  swmidi - ok
23:22:48.0984 0x0dd8  SwPrv - ok
23:22:49.0015 0x0dd8  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
23:22:49.0015 0x0dd8  symc810 - ok
23:22:49.0046 0x0dd8  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
23:22:49.0062 0x0dd8  symc8xx - ok
23:22:49.0062 0x0dd8  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
23:22:49.0062 0x0dd8  sym_hi - ok
23:22:49.0078 0x0dd8  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
23:22:49.0078 0x0dd8  sym_u3 - ok
23:22:49.0093 0x0dd8  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
23:22:49.0109 0x0dd8  sysaudio - ok
23:22:49.0156 0x0dd8  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
23:22:49.0171 0x0dd8  SysmonLog - ok
23:22:49.0171 0x0dd8  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:22:49.0187 0x0dd8  TapiSrv - ok
23:22:49.0250 0x0dd8  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:22:49.0265 0x0dd8  Tcpip - ok
23:22:49.0281 0x0dd8  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
23:22:49.0281 0x0dd8  TDPIPE - ok
23:22:49.0296 0x0dd8  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
23:22:49.0296 0x0dd8  TDTCP - ok
23:22:49.0359 0x0dd8  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
23:22:49.0359 0x0dd8  TermDD - ok
23:22:49.0375 0x0dd8  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
23:22:49.0390 0x0dd8  TermService - ok
23:22:49.0406 0x0dd8  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
23:22:49.0421 0x0dd8  Themes - ok
23:22:49.0468 0x0dd8  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
23:22:49.0468 0x0dd8  TlntSvr - ok
23:22:49.0500 0x0dd8  [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
23:22:49.0500 0x0dd8  TosIde - ok
23:22:49.0531 0x0dd8  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
23:22:49.0531 0x0dd8  TrkWks - ok
23:22:49.0546 0x0dd8  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
23:22:49.0546 0x0dd8  Udfs - ok
23:22:49.0578 0x0dd8  [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
23:22:49.0578 0x0dd8  ultra - ok
23:22:49.0640 0x0dd8  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
23:22:49.0656 0x0dd8  Update - ok
23:22:49.0703 0x0dd8  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:22:49.0718 0x0dd8  upnphost - ok
23:22:49.0750 0x0dd8  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
23:22:49.0750 0x0dd8  UPS - ok
23:22:49.0781 0x0dd8  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:22:49.0781 0x0dd8  usbccgp - ok
23:22:49.0781 0x0dd8  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:22:49.0796 0x0dd8  usbehci - ok
23:22:49.0828 0x0dd8  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:22:49.0828 0x0dd8  usbhub - ok
23:22:49.0859 0x0dd8  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:22:49.0859 0x0dd8  usbprint - ok
23:22:49.0875 0x0dd8  [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:22:49.0890 0x0dd8  usbscan - ok
23:22:49.0906 0x0dd8  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:22:49.0906 0x0dd8  USBSTOR - ok
23:22:49.0937 0x0dd8  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:22:49.0953 0x0dd8  usbuhci - ok
23:22:49.0953 0x0dd8  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
23:22:49.0953 0x0dd8  VgaSave - ok
23:22:49.0968 0x0dd8  [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
23:22:49.0984 0x0dd8  viaagp - ok
23:22:49.0984 0x0dd8  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
23:22:49.0984 0x0dd8  ViaIde - ok
23:22:50.0031 0x0dd8  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
23:22:50.0031 0x0dd8  VolSnap - ok
23:22:50.0109 0x0dd8  [ 27B3DD12A19EEC50220DF15B64913DDA, 3585E3A6C52DF2F6FD6667228EECEEB12A2055869377F6C4A14DEA1C213C05F9 ] vsdatant        C:\WINDOWS\system32\vsdatant.sys
23:22:50.0125 0x0dd8  vsdatant - ok
23:22:50.0187 0x0dd8  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
23:22:50.0203 0x0dd8  VSS - ok
23:22:50.0218 0x0dd8  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time         C:\WINDOWS\system32\w32time.dll
23:22:50.0234 0x0dd8  w32time - ok
23:22:50.0234 0x0dd8  wacommousefilter - ok
23:22:50.0250 0x0dd8  wacomvhid - ok
23:22:50.0250 0x0dd8  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:22:50.0265 0x0dd8  Wanarp - ok
23:22:50.0312 0x0dd8  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\WINDOWS\system32\DRIVERS\wdcsam.sys
23:22:50.0312 0x0dd8  WDC_SAM - ok
23:22:50.0421 0x0dd8  [ 7D1E301E2EEAF6D3730887DE933413E6, 5F16138B8860FD6BCA68F885B738161FFE8463DE261B1FBB825595A3D54915EC ] WDDMService     C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
23:22:50.0421 0x0dd8  WDDMService - ok
23:22:50.0500 0x0dd8  [ FD47474BD21794508AF449D9D91AF6E6, 2AD586390824F673B5DC5D86FC2423ED9252413D221E1C7EC3A760782DB6436A ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
23:22:50.0515 0x0dd8  Wdf01000 - ok
23:22:50.0515 0x0dd8  WDICA - ok
23:22:50.0578 0x0dd8  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
23:22:50.0578 0x0dd8  wdmaud - ok
23:22:50.0593 0x0dd8  [ 138AB06ADBBF300AA804D7974A5AEC82, 61A99CB8176C291E858F9D964A9B2EC36970F3BFFF3D5F933A16E9B28BF922DD ] WDSmartWareBackgroundService C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
23:22:50.0593 0x0dd8  WDSmartWareBackgroundService - ok
23:22:50.0609 0x0dd8  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:22:50.0609 0x0dd8  WebClient - ok
23:22:50.0687 0x0dd8  [ F59ED5A43B988A18EF582BB07B2327A7, E870821C9C4E31D3B05049FBA5D81358F9C30E6A67F600D4EA3A5736CA344028 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
23:22:50.0703 0x0dd8  winachsf - ok
23:22:50.0765 0x0dd8  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
23:22:50.0765 0x0dd8  WmdmPmSN - ok
23:22:50.0812 0x0dd8  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
23:22:50.0828 0x0dd8  Wmi - ok
23:22:50.0953 0x0dd8  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:22:50.0953 0x0dd8  WmiApSrv - ok
23:22:51.0078 0x0dd8  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
23:22:51.0093 0x0dd8  WMPNetworkSvc - ok
23:22:51.0281 0x0dd8  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:22:51.0281 0x0dd8  WPFFontCache_v0400 - ok
23:22:51.0375 0x0dd8  [ 0DA0AB21B1990CEB4C5FE1242486CF5C, 84D37921C57305AC847D93641BA0674BC5894DC1B945AEC95CC18C7158792A32 ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
23:22:51.0375 0x0dd8  WTabletServicePro - ok
23:22:51.0437 0x0dd8  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
23:22:51.0453 0x0dd8  wuauserv - ok
23:22:51.0515 0x0dd8  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:22:51.0515 0x0dd8  WudfPf - ok
23:22:51.0515 0x0dd8  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:22:51.0515 0x0dd8  WudfRd - ok
23:22:51.0546 0x0dd8  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
23:22:51.0562 0x0dd8  WudfSvc - ok
23:22:51.0625 0x0dd8  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
23:22:51.0640 0x0dd8  WZCSVC - ok
23:22:51.0671 0x0dd8  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
23:22:51.0687 0x0dd8  xmlprov - ok
23:22:51.0687 0x0dd8  ================ Scan global ===============================
23:22:51.0734 0x0dd8  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
23:22:51.0796 0x0dd8  [ 8C7DCA4B158BF16894120786A7A5F366, E232E82B45412A636F936567036CB966F28F5C3730982145B8A8239B485E4A7E ] C:\WINDOWS\system32\winsrv.dll
23:22:51.0812 0x0dd8  [ 8C7DCA4B158BF16894120786A7A5F366, E232E82B45412A636F936567036CB966F28F5C3730982145B8A8239B485E4A7E ] C:\WINDOWS\system32\winsrv.dll
23:22:51.0843 0x0dd8  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
23:22:51.0843 0x0dd8  [ Global ] - ok
23:22:51.0843 0x0dd8  ================ Scan MBR ==================================
23:22:51.0875 0x0dd8  [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
23:22:52.0109 0x0dd8  \Device\Harddisk0\DR0 - ok
23:22:52.0109 0x0dd8  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR12
23:22:52.0125 0x0dd8  \Device\Harddisk5\DR12 - ok
23:22:52.0187 0x0dd8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR14
23:22:52.0234 0x0dd8  \Device\Harddisk6\DR14 - ok
23:22:52.0234 0x0dd8  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk7\DR16
23:22:52.0234 0x0dd8  \Device\Harddisk7\DR16 - ok
23:22:52.0234 0x0dd8  ================ Scan VBR ==================================
23:22:52.0250 0x0dd8  [ 96B171F6B0A0E039EC3A2F433BDE2225 ] \Device\Harddisk0\DR0\Partition1
23:22:52.0296 0x0dd8  \Device\Harddisk0\DR0\Partition1 - ok
23:22:52.0296 0x0dd8  [ 2EFB42AA07ADDCCD100E7DD0D2D6D846 ] \Device\Harddisk5\DR12\Partition1
23:22:52.0375 0x0dd8  \Device\Harddisk5\DR12\Partition1 - ok
23:22:52.0375 0x0dd8  [ F16B720A35381386793A01A08CA45890 ] \Device\Harddisk6\DR14\Partition1
23:22:52.0375 0x0dd8  \Device\Harddisk6\DR14\Partition1 - ok
23:22:52.0375 0x0dd8  [ EE3DC49BBC7BDFB67117D318E9B51AA1 ] \Device\Harddisk7\DR16\Partition1
23:22:52.0437 0x0dd8  \Device\Harddisk7\DR16\Partition1 - ok
23:22:52.0437 0x0dd8  Waiting for KSN requests completion. In queue: 278
23:22:53.0437 0x0dd8  Waiting for KSN requests completion. In queue: 278
23:22:54.0437 0x0dd8  Waiting for KSN requests completion. In queue: 278
23:24:09.0015 0x0dd8  ============================================================
23:24:09.0015 0x0dd8  Scan finished
23:24:09.0015 0x0dd8  ============================================================
23:24:09.0031 0x1630  Detected object count: 0
23:24:09.0031 0x1630  Actual detected object count: 0
23:24:27.0484 0x1428  Deinitialize success
 



#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:17 AM

Posted 04 April 2014 - 02:41 AM

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 IPT

IPT
  • Topic Starter

  • Members
  • 99 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 06 April 2014 - 02:52 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014  01
Ran by Louis at 2014-04-06 08:56:28 Run:1
Running from C:\Documents and Settings\Louis\Desktop
Boot Mode: Normal

 

 

 

 

==============================================

 

 

 

Content of fixlist:
*****************
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\RECYCLER\S-1-5-18\$ce0dfa64d1422e9ad84769bc1b905d6e\n. ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-1641238353-3198998844-2806619779-1008\...\Run: [Search Protection] - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
HKU\S-1-5-21-1641238353-3198998844-2806619779-1008\...\Run: [Stoluvaru] - rundll32.exe  "C:\WINDOWS\mfatmoc.dll",Startup
HKU\S-1-5-21-1641238353-3198998844-2806619779-1008\...409d6c4515e9\InprocServer32: [Default-shell32] C:\RECYCLER\S-1-5-21-1641238353-3198998844-2806619779-1008\$ce0dfa64d1422e9ad84769bc1b905d6e\n. ATTENTION! ====> ZeroAccess?
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)

C:\RECYCLER\S-1-5-18\$ce0dfa64d1422e9ad84769bc1b905d6e
C:\Program Files\Yahoo!\Search Protection
C:\WINDOWS\mfatmoc.dll
C:\Documents and Settings\All Users\Start Menu\Progr
C:\Program Files\Common Files\Intuit\DataProtectams\Startup\Intuit Data Protect.lnk
2014-03-27 10:29 - 2014-04-02 00:20 - 95027928 ____T () C:\Documents and Settings\All Users\Application Data\mqbod88j6.bbr

REBOOT:
*****************

HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => Value was restored successfully.
HKU\S-1-5-21-1641238353-3198998844-2806619779-1008\Software\Microsoft\Windows\CurrentVersion\Run\\Search Protection => Value deleted successfully.
HKU\S-1-5-21-1641238353-3198998844-2806619779-1008\Software\Microsoft\Windows\CurrentVersion\Run\\Stoluvaru => Value deleted successfully.
HKU\S-1-5-21-1641238353-3198998844-2806619779-1008\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} => Key deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk => Moved successfully.
C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe => Moved successfully.
C:\RECYCLER\S-1-5-18\$ce0dfa64d1422e9ad84769bc1b905d6e => Deleted successfully.
"C:\Program Files\Yahoo!\Search Protection" => File/Directory not found.
"C:\WINDOWS\mfatmoc.dll" => File/Directory not found.
"C:\Documents and Settings\All Users\Start Menu\Progr" => File/Directory not found.
"C:\Program Files\Common Files\Intuit\DataProtectams\Startup\Intuit Data Protect.lnk" => File/Directory not found.
C:\Documents and Settings\All Users\Application Data\mqbod88j6.bbr => Moved successfully.

The system needed a reboot.

==== End of Fixlog ====

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

 

 

Scan Date: 4/6/2014
Scan Time: 11:34:33 AM
Logfile: Maleware log.txt
Administrator: Yes

 

Version: 2.00.1.1004
Malware Database: v2014.04.06.07
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Louis

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 318072
Time Elapsed: 38 min, 26 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
Rogue.DeusCleaner, HKU\S-1-5-21-1641238353-3198998844-2806619779-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3BA4271E-5C1E-48E2-B432-D8BF420DD31D}, Quarantined, [67b881a6601b86b0e43231fca0627d83],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
Rogue.SystemProgressiveProtection, C:\Documents and Settings\Louis\Start Menu\Programs\System Progressive Protection, Quarantined, [64bbe34483f8072fe7ef5cfcae55f10f],
Rogue.AntivirusGT, C:\Program Files\AVGT, Quarantined, [d847af7887f477bfcd133c0bb94918e8],

Files: 1
Rogue.SystemProgressiveProtection, C:\Documents and Settings\Louis\Start Menu\Programs\System Progressive Protection\System Progressive Protection.lnk, Quarantined, [64bbe34483f8072fe7ef5cfcae55f10f],

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

 



#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:17 AM

Posted 07 April 2014 - 05:00 AM

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 IPT

IPT
  • Topic Starter

  • Members
  • 99 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 15 April 2014 - 08:35 PM

Couldn't save the txt file for somereason so here is an image of the results.

 

Text_zps6d893c1b.jpg



#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:17 AM

Posted 16 April 2014 - 04:02 PM

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#12 IPT

IPT
  • Topic Starter

  • Members
  • 99 posts
  • OFFLINE
  •  
  • Local time:12:17 AM

Posted 04 May 2014 - 03:52 PM

thanks for all your help. Out of state for a bit will check that stuff when back.



#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:17 AM

Posted 08 May 2014 - 04:08 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users