Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93081 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

PC boots up but can't open software [Solved]


  • This topic is locked This topic is locked
123 replies to this topic

#1 cousinkevin

cousinkevin

    Authentic Member

  • Authentic Member
  • PipPip
  • 66 posts

Posted 30 October 2013 - 06:49 PM

Hi, I have a XP home SP2 machine and it has been running slow for a while. After dealing with virgin tech support recently I now have 6 'virgin media support' windows load on boot up which they cannot remove. Also a few days ago I had a java update notice HHTP://dlp.123mediaplayer.com which I didn't install as I suspected it was malware. Now as the title says the pc boots up but no software will load and can't shutdown the normal way, I have press the button on the tower. Before this catastrophy I'd recently run AVG free and Spybot S&D I'm using my mother's laptop to write this. Please can anyone help?

    Advertisements

Register to Remove


#2 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 02 November 2013 - 10:22 AM

Hi cousinkevin,

Can you transfer tools from a flash drive onto the infected computer and run a scan?

If so, run these tools and post the logs generated. If not report back.

=========================

bullseye_zpse9eaf36e.gif aswMBR

Download aswMBR.exe and save it to your desktop.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click Scan
  • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
=========================
bullseye_zpse9eaf36e.gif OTL

Download OTL to your desktop.
  • Make sure all other windows are closed and to let it run uninterrupted.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Under Custom Scan paste this in

    %USERPROFILE%\..|smtmp;true;true;true /FP
    %temp%\smtmp\*.* /s >
    /md5start
    iexplore.*
    explorer.*
    winlogon.*
    dll
    zx.dll
    hlp.dat
    consrv.dll
    services.*
    /md5stop
    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    dir "%systemdrive%\*" /S /A:L /C
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    %PROGRAMFILES%\Internet Explorer\*.dat
    %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
    %USERPROFILE%\Desktop\*.exe
    %PROGRAMFILES%\Common Files\*.*
    %systemroot%\*.src
    %systemroot%\install\*.*
    %systemroot%\system32\DLL\*.*
    %systemroot%\system32\HelpFiles\*.*
    %systemroot%\system32\rundll\*.*
    %systemroot%\winn32\*.*
    %systemroot%\Java\*.*
    %systemroot%\system32\test\*.*
    %systemroot%\system32\Rundll32\*.*
    %systemroot%\AppPatch\Custom\*.*
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    BASESERVICES
    DRIVES
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
    • You may need two posts to fit them both in.
=========================

In your next post please provide the following:
  • aswMBR.txt
  • attach MBR.zip
  • OTL.txt
  • Extras.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#3 cousinkevin

cousinkevin

    Authentic Member

  • Authentic Member
  • PipPip
  • 66 posts

Posted 02 November 2013 - 12:01 PM

Firstly, thanks for replying. The PC I used to start this topic has stopped working, the fan went on full and I shut it down but the fan has stayed on and I can't reboot. It never rains it pours!!!

 

So I've booted my infected PC in safe mode with networking. It's not recognising either a flash drive or an external drive through USB in the computer folder. Shall I follow your instructions in current safe mode?

 

I'd also ran Spybot S&D in safe mode but I didn't know which entries I should fix so I left alone.

 

Correction to first post my computer states service pack 3


Edited by cousinkevin, 02 November 2013 - 12:08 PM.


#4 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 02 November 2013 - 12:08 PM

Hi cousinkevin,

 

Are you able to run any scans (either Safe or Normal mode)?


OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#5 cousinkevin

cousinkevin

    Authentic Member

  • Authentic Member
  • PipPip
  • 66 posts

Posted 02 November 2013 - 12:31 PM

Yes I downloaded the asw file although it was automatically put into a downloads folder so I moved it to the desktop after.

 

I ran the tool, then I clicked the tool icon in the the taskbar and it ran again oops. Shall I save the log or start again?



#6 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 02 November 2013 - 12:36 PM

Save the log, run the other scan/s if you can and post the logs when you have finished.


OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#7 cousinkevin

cousinkevin

    Authentic Member

  • Authentic Member
  • PipPip
  • 66 posts

Posted 02 November 2013 - 12:57 PM

I right clicked the MBR.dat file but it showed save to compressed ( zipped ) folder  then a window came up "compressed zip folder" do you want to designate compressed ( zipped ) folders as the application for handling ZIP files?

 

I can see the MBR zip file as well as the .dat file


Edited by cousinkevin, 02 November 2013 - 01:03 PM.


#8 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 02 November 2013 - 01:14 PM

Hi cousinkevin,

 

Don't worry about the MBR.zip file for now. Just post the aswMBR.txt log. The forum is undergoing some changes and I don't think all the "kinks" are fully worked out yet.


OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#9 cousinkevin

cousinkevin

    Authentic Member

  • Authentic Member
  • PipPip
  • 66 posts

Posted 02 November 2013 - 02:21 PM

Hi OCD,

Do you want all 4 files pasted as I can't see an attach option?

BTW, if I have too much software on my PC I'm quite prepared to uninstall some.

 

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-11-02 18:19:44
-----------------------------
18:19:44.296    OS Version: Windows 5.1.2600 Service Pack 3
18:19:44.296    Number of processors: 1 586 0x409
18:19:44.296    ComputerName: USER-E862545A71  UserName: Paul_2
18:19:44.750    Initialize success
18:21:15.125    AVAST engine defs: 13110200
18:21:58.031    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5
18:21:58.046    Disk 0 Vendor: ST3160811AS 3.AAE Size: 152627MB BusType: 3
18:21:58.187    Disk 0 MBR read successfully
18:21:58.203    Disk 0 MBR scan
18:21:58.265    Disk 0 Windows XP default MBR code
18:21:58.296    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       152617 MB offset 63
18:21:58.328    Disk 0 scanning sectors +312560640
18:21:58.546    Disk 0 scanning C:\WINDOWS\system32\drivers
18:22:12.046    Service scanning
18:22:47.140    Modules scanning
18:23:18.046    Disk 0 trace - called modules:
18:23:18.046    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
18:23:18.046    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a6a58f0]
18:23:18.046    3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\0000005e[0x8a6309e8]
18:23:18.046    5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-5[0x8a61f940]
18:23:18.406    AVAST engine scan C:\WINDOWS
18:23:23.109    AVAST engine scan C:\WINDOWS\system32
18:27:42.000    AVAST engine scan C:\WINDOWS\system32\drivers
18:28:18.625    AVAST engine scan C:\Documents and Settings\Paul_2
18:28:25.000    File: C:\Documents and Settings\Paul_2\Application Data\Betcat\dat\Desktop.OS.dll  **INFECTED** Win32:Webcake-A [Adw]
18:28:25.109    File: C:\Documents and Settings\Paul_2\Application Data\Betcat\dat\Dora.dat  **INFECTED** Win32:Webcake-A [Adw]
18:28:25.296    File: C:\Documents and Settings\Paul_2\Application Data\Betcat\dat\Maintain.dat  **INFECTED** Win32:Webcake-A [Adw]
18:28:25.406    File: C:\Documents and Settings\Paul_2\Application Data\Betcat\dat\Paladin.dat  **INFECTED** Win32:Webcake-A [Adw]
18:28:25.562    File: C:\Documents and Settings\Paul_2\Application Data\Betcat\dat\Phoenix.dat  **INFECTED** Win32:Webcake-A [Adw]
18:28:25.921    File: C:\Documents and Settings\Paul_2\Application Data\Betcat\WebCakeDesktop.exe  **INFECTED** Win32:Webcake-A [Adw]
18:40:22.937    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Paul_2\Desktop\MBR.dat"
18:40:23.046    The log file has been saved successfully to "C:\Documents and Settings\Paul_2\Desktop\aswMBR.txt"

3À?Ð? |ûPPü?|?PW?åó?Ë???8n |    u?ÅâôÍ?õ?ÆIt8,tö?µ??ð?< tü? ?Íëò?NèF s*þF?~
t
?~t??uÒ?F?F?V
 è! s??ë??>þ}Uªt
?~ tÈ??ë??üW?õË? ?V ?Ír#?Á$???Þ?üC?ã?Ñ?Ö?ÒîB?â9V
w#r9Fs?? |?N?V ÍsQOtN2ä?V Íëä?V `?ªU?AÍr6?ûUªu0öÁt+a`j j ÿv
ÿvj h |jj?B?ôÍaasOt
2ä?V ÍëÖaùÃInvalid partition table Error loading operating system Missing operating system                                                          ,DcÆÍÆÍ  ? þÿÿ?   ÁK?                                                Uª

 

 

OTL logfile created on: 02/11/2013 19:16:39 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Paul_2\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 80.76% Memory free
3.35 Gb Paging File | 3.18 Gb Available in Paging File | 94.82% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 1.77 Gb Free Space | 1.18% Space Free | Partition Type: NTFS
 
Computer Name: USER-E862545A71 | User Name: Paul_2 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Documents and Settings\Paul_2\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\WINDOWS\system32\quartz.dll ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files\winrar\RarExt.dll ()
MOD - C:\WINDOWS\system32\splitter.ax ()
MOD - C:\WINDOWS\system32\mkx.dll ()
MOD - C:\WINDOWS\system32\avi.dll ()
MOD - C:\WINDOWS\system32\mp4.dll ()
MOD - C:\WINDOWS\system32\mkzlib.dll ()
MOD - C:\WINDOWS\system32\mkunicode.dll ()
MOD - C:\WINDOWS\system32\mmfinfo.dll ()
MOD - C:\Program Files\File Shredder\fsshell.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (RapportMgmtService) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (LMIRescue_190e1fbc-265c-49bc-9ee4-2036b1499f28) -- C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0006.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_e70e3a79-1da6-47e0-a93a-2366de83597d) -- C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0005.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (LMIRescue_ea12e1ca-77c2-45ea-a3e6-ed8e18c08b69) -- C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0004.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_0e3fbcc9-499d-4383-9a4d-8f9de0582633) -- C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0003.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_25efa157-0bf7-422c-8c9e-11820b0bddfa) -- C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0002.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_f0557919-9c33-47c3-9d09-09b1244b2f5f) -- C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (VideoAcceleratorService) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe (SpeedBit Ltd.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (aswMBR) -- C:\DOCUME~1\Paul_2\LOCALS~1\Temp\aswMBR.sys File not found
DRV - (RapportIaso) -- c:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys (Trusteer Ltd.)
DRV - (RapportCerberus_59849) -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys ()
DRV - (RapportEI) -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys (Trusteer Ltd.)
DRV - (RapportPG) -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)
DRV - (RapportKELL) -- C:\WINDOWS\system32\drivers\RapportKELL.sys (Trusteer Ltd.)
DRV - (Avgdiskx) -- C:\WINDOWS\system32\drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\WINDOWS\system32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\WINDOWS\system32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-se...122147&tsp=4951
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 14 C4 D8 9E 58 A1 CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\daplinkchecker@speedbit.com: C:\Program Files\DAP\daplinkchecker [2012/10/17 00:23:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/10/25 00:11:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/07/14 15:34:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/07/14 15:34:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/10/25 00:11:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2012/10/17 00:23:33 | 000,000,000 | ---D | M]
 
[2013/07/13 21:46:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Paul_2\Application Data\Mozilla\Extensions
[2013/11/02 18:27:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/11/02 18:27:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/02 18:28:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2012/11/19 22:12:34 | 000,444,743 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1    www.007guard.com
O1 - Hosts: 127.0.0.1    007guard.com
O1 - Hosts: 127.0.0.1    008i.com
O1 - Hosts: 127.0.0.1    www.008k.com
O1 - Hosts: 127.0.0.1    008k.com
O1 - Hosts: 127.0.0.1    www.00hq.com
O1 - Hosts: 127.0.0.1    00hq.com
O1 - Hosts: 127.0.0.1    010402.com
O1 - Hosts: 127.0.0.1    www.032439.com
O1 - Hosts: 127.0.0.1    032439.com
O1 - Hosts: 127.0.0.1    www.0scan.com
O1 - Hosts: 127.0.0.1    0scan.com
O1 - Hosts: 127.0.0.1    www.1000gratisproben.com
O1 - Hosts: 127.0.0.1    1000gratisproben.com
O1 - Hosts: 127.0.0.1    1001namen.com
O1 - Hosts: 127.0.0.1    www.1001namen.com
O1 - Hosts: 127.0.0.1    100888290cs.com
O1 - Hosts: 127.0.0.1    www.100888290cs.com
O1 - Hosts: 127.0.0.1    www.100sexlinks.com
O1 - Hosts: 127.0.0.1    100sexlinks.com
O1 - Hosts: 127.0.0.1    www.10sek.com
O1 - Hosts: 127.0.0.1    10sek.com
O1 - Hosts: 127.0.0.1    www.1-2005-search.com
O1 - Hosts: 127.0.0.1    1-2005-search.com
O1 - Hosts: 15277 more lines...
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - No CLSID value found.
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll (Speedbit Ltd.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (SBCONVERT Class) - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files\SpeedBit Video Downloader\TBUE5\tbcore3.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SpeedBit Video Downloader\TBUE5\Grabber.dll (SPEEDbit)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\TBUE5\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_8_800_168_Plugin.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1349191978390 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BCCFDC7E-C44D-4C7C-8F3A-86869B58B6B8}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No CLSID value found.
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/24 16:44:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.divx - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.vp60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 10
 
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 10
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/11/02 19:07:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Paul_2\Desktop\OTL.exe
[2013/11/02 18:27:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/02 18:15:15 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Paul_2\Desktop\aswMBR.exe
[2013/10/23 00:02:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Paul_2\Desktop\Old Firefox Data
[2013/10/21 00:51:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Paul_2\My Documents\1366568217
[2013/10/18 19:57:51 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/10/18 19:57:51 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/10/18 19:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2013/10/18 19:57:16 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/10/18 19:57:16 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/10/18 19:57:16 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/10/17 15:04:56 | 000,108,816 | ---- | C] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2013/10/12 20:41:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/10/09 23:08:59 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2013/10/09 23:08:49 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2013/10/09 21:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Paul_2\Application Data\AVG2014
[2013/10/09 20:53:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2013/10/09 20:48:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\Avg2014
[2013/10/09 11:24:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidparse.sys
[2013/10/09 11:24:17 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2013/10/09 11:24:10 | 000,026,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2013/10/09 11:23:23 | 000,144,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbport.sys
[2013/10/09 11:23:23 | 000,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2013/10/09 11:23:23 | 000,030,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbehci.sys
[2013/10/09 11:23:23 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbd.sys
[2013/10/07 19:42:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Paul_2\Recent
[2012/10/01 14:48:38 | 048,745,576 | ---- | C] (Safer-Networking Ltd.                                       ) -- C:\Program Files\spybotsd-2.0.10-rc2.exe
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Paul_2\*.tmp files -> C:\Documents and Settings\Paul_2\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/11/02 19:07:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Paul_2\Desktop\OTL.exe
[2013/11/02 19:00:15 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/11/02 18:52:12 | 000,000,499 | ---- | M] () -- C:\Documents and Settings\Paul_2\Desktop\MBR.zip
[2013/11/02 18:40:23 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Paul_2\Desktop\MBR.dat
[2013/11/02 18:15:15 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Paul_2\Desktop\aswMBR.exe
[2013/11/02 17:00:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/02 17:00:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/31 16:13:00 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B4DD41ED-D92A-4751-8FBA-5EC5BF6021DA}.job
[2013/10/31 15:47:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/31 15:39:43 | 000,000,620 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013/10/31 15:39:43 | 000,000,476 | ---- | M] () -- C:\WINDOWS\tasks\AVG_REG_0913b.job
[2013/10/31 15:39:43 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\AVG_SYS_TASK_DELETE.job
[2013/10/31 15:39:42 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Express FilesUpdate.job
[2013/10/31 15:39:42 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1005.job
[2013/10/31 15:39:41 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1007.job
[2013/10/31 15:39:41 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1005.job
[2013/10/31 15:39:39 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1006.job
[2013/10/31 15:39:37 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\ROC_REG_JAN.job
[2013/10/31 15:39:37 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1009.job
[2013/10/31 15:39:37 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1007.job
[2013/10/30 23:10:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/10/30 23:07:37 | 000,071,900 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/10/24 01:02:01 | 000,078,848 | ---- | M] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/10/23 21:09:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1993962763-362288127-1177238915-1007.job
[2013/10/22 23:30:00 | 000,000,616 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013/10/21 13:52:22 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1993962763-362288127-1177238915-1005.job
[2013/10/17 15:04:56 | 000,108,816 | ---- | M] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2013/10/17 11:33:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/10/16 20:31:12 | 000,001,106 | ---- | M] () -- C:\Documents and Settings\Paul_2\Desktop\My DAP Downloads.lnk
[2013/10/16 20:26:03 | 016,200,397 | ---- | M] () -- C:\Documents and Settings\Paul_2\My Documents\PLVR-895 cam 19082012.flv
[2013/10/16 20:21:50 | 021,371,405 | ---- | M] () -- C:\Documents and Settings\Paul_2\My Documents\PLVR-show_2899126741_1371750122306_external.flv
[2013/10/15 21:25:00 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1993962763-362288127-1177238915-1009.job
[2013/10/12 20:41:08 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
[2013/10/10 20:22:07 | 000,234,163 | ---- | M] () -- C:\Documents and Settings\Paul_2\My Documents\VAT Exemption form_MarconMedical.pdf
[2013/10/09 20:25:08 | 000,121,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/10/09 16:50:41 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/10/08 06:50:41 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/10/08 06:46:52 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/10/08 06:46:47 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/10/08 06:46:23 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/10/08 06:29:36 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Paul_2\*.tmp files -> C:\Documents and Settings\Paul_2\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/11/02 18:42:39 | 000,000,499 | ---- | C] () -- C:\Documents and Settings\Paul_2\Desktop\MBR.zip
[2013/11/02 18:40:22 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Paul_2\Desktop\MBR.dat
[2013/10/21 13:44:27 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1005.job
[2013/10/21 13:44:26 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1993962763-362288127-1177238915-1005.job
[2013/10/16 20:24:50 | 016,200,397 | ---- | C] () -- C:\Documents and Settings\Paul_2\My Documents\PLVR-895 cam 19082012.flv
[2013/10/16 20:20:18 | 021,371,405 | ---- | C] () -- C:\Documents and Settings\Paul_2\My Documents\PLVR-show_2899126741_1371750122306_external.flv
[2013/10/10 20:22:07 | 000,234,163 | ---- | C] () -- C:\Documents and Settings\Paul_2\My Documents\VAT Exemption form_MarconMedical.pdf
[2013/10/09 20:56:59 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
[2013/10/09 16:33:55 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/01/23 22:33:35 | 000,026,900 | ---- | C] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\dt.dat
[2013/01/22 21:13:34 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/25 00:03:39 | 000,172,507 | ---- | C] () -- C:\WINDOWS\hpoins38.dat
[2012/10/25 00:03:39 | 000,000,548 | ---- | C] () -- C:\WINDOWS\hpomdl38.dat
[2012/10/04 12:33:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/10/04 12:28:36 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2012/10/01 15:35:23 | 000,000,961 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/10/01 01:12:03 | 000,069,780 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sjpsusgqpvupxbp
[2012/09/29 00:05:43 | 000,006,464 | ---- | C] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\chromeupdate.crx
[2012/08/16 21:57:30 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\jejtrhljsoaszej
[2012/06/03 20:20:13 | 000,161,744 | ---- | C] () -- C:\Program Files\0cres.dll
[2012/02/16 22:10:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/02 01:06:22 | 000,109,216 | ---- | C] () -- C:\WINDOWS\System32\EasyHook64.dll
[2011/12/02 01:06:21 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\EasyHook32.dll
[2011/06/10 21:46:52 | 000,078,848 | ---- | C] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/20 19:00:52 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\FASTWiz.html
 
========== ZeroAccess Check ==========
 
[2010/12/09 15:15:09 | 000,002,048 | -HS- | M] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\{723ef22e-f32d-2ba4-3345-6802360e9c88}\@
[2012/07/05 20:10:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\{723ef22e-f32d-2ba4-3345-6802360e9c88}\L
[2013/05/25 22:32:28 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\{723ef22e-f32d-2ba4-3345-6802360e9c88}\U
[2012/07/06 21:36:12 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\{723ef22e-f32d-2ba4-3345-6802360e9c88}\L\00000004.@
[2011/09/29 20:42:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"ThreadingModel" = Both
"" = C:\Documents and Settings\Paul_2\Local Settings\Application Data\{723ef22e-f32d-2ba4-3345-6802360e9c88}\n.
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 12:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010/09/24 20:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2012/10/25 00:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG
[2013/09/27 22:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG 0913b Campaign
[2013/01/21 10:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign
[2013/10/10 17:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/10/09 20:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2012/10/03 16:56:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/10/01 01:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ikfakadekhjzsrb
[2010/11/04 12:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2010/11/04 12:39:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2013/10/31 15:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/10/01 01:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nppbhtenxgrgcaf
[2011/09/29 20:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2012/10/17 00:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2013/08/17 16:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2013/10/16 20:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/07/15 18:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2011/12/29 21:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Audacity
[2012/10/17 21:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\AVG
[2013/10/09 21:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\AVG2014
[2013/08/17 15:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Betcat
[2012/03/24 22:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\FreeFLVConverter
[2012/07/05 09:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Hooc
[2011/06/15 18:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\OpenOffice.org
[2012/03/29 21:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\SanDisk
[2011/06/20 20:19:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Systweak
[2011/11/04 17:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\TeamViewer
[2011/12/02 01:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Toolbar4
[2012/07/04 23:19:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Toziiz
[2013/04/26 20:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\TuneUp Software
[2012/10/17 21:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Usenet.nl
[2012/07/04 23:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Yxxy
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %USERPROFILE%\..|smtmp;true;true;true /FP >
 
< %temp%\smtmp\*.* /s > >
 
< MD5 for: EXPLORER.EXE  >
[2008/04/14 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2012/08/30 13:11:18 | 003,694,616 | ---- | M] (Safer-Networking Ltd.) MD5=F285BBA4744BA4CCF351E415464D4B6B -- C:\Program Files\Spybot - Search & Destroy 2\explorer.exe
 
< MD5 for: EXPLORER.EXE-082F38A9.PF  >
[2013/10/31 15:40:53 | 000,101,542 | ---- | M] () MD5=35E9C1726209379473BD8E3EF1FCFDB7 -- C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
 
< MD5 for: EXPLORER.SCF  >
[2008/04/14 12:00:00 | 000,000,080 | ---- | M] () MD5=A3975A7D2C98B30A2AE010754FFB9392 -- C:\WINDOWS\explorer.scf
 
< MD5 for: IEXPLORE.CHM  >
[2009/02/21 00:21:24 | 000,529,818 | ---- | M] () MD5=1435F4731719DF5F57D17DC38196245D -- C:\WINDOWS\Help\iexplore.chm
[2008/04/14 12:00:00 | 000,204,810 | ---- | M] () MD5=60858526AAD1CC55F5F0055B8E3B66FE -- C:\WINDOWS\ie8\iexplore.chm
 
< MD5 for: IEXPLORE.CHW  >
[2010/11/05 12:50:03 | 000,153,185 | ---- | M] () MD5=B76FC8B4841992C75252A18618598717 -- C:\WINDOWS\Help\iexplore.chw
 
< MD5 for: IEXPLORE.EXE  >
[2008/04/14 12:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=55794B97A7FAABD2910873C85274F409 -- C:\WINDOWS\ie8\iexplore.exe
[2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\system32\dllcache\iexplore.exe
 
< MD5 for: IEXPLORE.EXE.1000.HTML  >
[2013/08/03 10:35:35 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1000.html
 
< MD5 for: IEXPLORE.EXE.1036.HTML  >
[2013/04/29 10:06:45 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1036.html
 
< MD5 for: IEXPLORE.EXE.1092.HTML  >
[2013/03/07 13:27:24 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1092.html
 
< MD5 for: IEXPLORE.EXE.1100.HTML  >
[2013/03/04 10:58:42 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1100.html
 
< MD5 for: IEXPLORE.EXE.1160.HTML  >
[2013/04/23 11:28:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1160.html
 
< MD5 for: IEXPLORE.EXE.1212.HTML  >
[2013/02/22 13:08:34 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1212.html
 
< MD5 for: IEXPLORE.EXE.1224.HTML  >
[2013/04/29 17:17:31 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1224.html
 
< MD5 for: IEXPLORE.EXE.1256.HTML  >
[2013/05/02 09:44:05 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1256.html
 
< MD5 for: IEXPLORE.EXE.1264.HTML  >
[2013/02/11 11:36:52 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1264.html
 
< MD5 for: IEXPLORE.EXE.1328.HTML  >
[2013/03/06 13:05:49 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1328.html
 
< MD5 for: IEXPLORE.EXE.1332.HTML  >
[2013/02/23 12:43:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1332.html
 
< MD5 for: IEXPLORE.EXE.1336.HTML  >
[2013/08/10 10:25:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1336.html
 
< MD5 for: IEXPLORE.EXE.1384.HTML  >
[2013/02/19 11:31:25 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1384.html
 
< MD5 for: IEXPLORE.EXE.1400.HTML  >
[2013/03/13 10:33:26 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1400.html
 
< MD5 for: IEXPLORE.EXE.1416.HTML  >
[2013/02/28 13:28:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1416.html
 
< MD5 for: IEXPLORE.EXE.1424.HTML  >
[2013/07/12 16:18:56 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1424.html
 
< MD5 for: IEXPLORE.EXE.1444.HTML  >
[2013/03/06 13:54:24 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1444.html
 
< MD5 for: IEXPLORE.EXE.1452.HTML  >
[2013/06/11 10:58:07 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1452.html
 
< MD5 for: IEXPLORE.EXE.1532.HTML  >
[2013/03/04 12:56:18 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1532.html
 
< MD5 for: IEXPLORE.EXE.1536.HTML  >
[2013/02/11 11:20:16 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1536.html
 
< MD5 for: IEXPLORE.EXE.1612.HTML  >
[2013/06/08 10:39:09 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1612.html
 
< MD5 for: IEXPLORE.EXE.1620.HTML  >
[2013/04/29 10:06:38 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1620.html
 
< MD5 for: IEXPLORE.EXE.1636.HTML  >
[2013/03/04 11:30:59 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1636.html
 
< MD5 for: IEXPLORE.EXE.164.HTML  >
[2013/04/23 11:44:59 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.164.html
 
< MD5 for: IEXPLORE.EXE.1688.HTML  >
[2013/02/19 11:21:12 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1688.html
 
< MD5 for: IEXPLORE.EXE.1720.HTML  >
[2013/03/04 10:58:40 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1720.html
 
< MD5 for: IEXPLORE.EXE.1780.HTML  >
[2013/05/23 12:53:58 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1780.html
 
< MD5 for: IEXPLORE.EXE.1800.HTML  >
[2013/03/27 12:49:51 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1800.html
 
< MD5 for: IEXPLORE.EXE.1848.HTML  >
[2013/03/22 13:23:06 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1848.html
 
< MD5 for: IEXPLORE.EXE.1864.HTML  >
[2013/04/29 11:48:10 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1864.html
 
< MD5 for: IEXPLORE.EXE.1888.HTML  >
[2013/03/06 10:43:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1888.html
 
< MD5 for: IEXPLORE.EXE.1892.HTML  >
[2013/03/27 12:21:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1892.html
 
< MD5 for: IEXPLORE.EXE.1896.HTML  >
[2013/03/22 12:20:58 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1896.html
 
< MD5 for: IEXPLORE.EXE.1916.HTML  >
[2013/02/19 11:28:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1916.html
 
< MD5 for: IEXPLORE.EXE.1940.HTML  >
[2013/03/27 12:21:48 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1940.html
 
< MD5 for: IEXPLORE.EXE.1948.HTML  >
[2013/06/03 12:12:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1948.html
 
< MD5 for: IEXPLORE.EXE.1976.HTML  >
[2013/06/03 12:03:41 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1976.html
 
< MD5 for: IEXPLORE.EXE.1988.HTML  >
[2013/06/08 08:56:59 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1988.html
 
< MD5 for: IEXPLORE.EXE.2008.HTML  >
[2013/03/22 12:20:12 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2008.html
 
< MD5 for: IEXPLORE.EXE.2076.HTML  >
[2013/03/06 13:21:49 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2076.html
 
< MD5 for: IEXPLORE.EXE.208.HTML  >
[2013/07/20 12:27:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.208.html
 
< MD5 for: IEXPLORE.EXE.2084.HTML  >
[2013/07/23 09:16:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2084.html
 
< MD5 for: IEXPLORE.EXE.2088.HTML  >
[2013/03/04 11:52:31 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2088.html
 
< MD5 for: IEXPLORE.EXE.2104.HTML  >
[2013/02/25 09:55:40 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2104.html
 
< MD5 for: IEXPLORE.EXE.2112.HTML  >
[2013/07/23 09:12:23 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2112.html
 
< MD5 for: IEXPLORE.EXE.212.HTML  >
[2013/03/07 14:12:09 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.212.html
 
< MD5 for: IEXPLORE.EXE.2144.HTML  >
[2013/04/02 10:13:45 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2144.html
 
< MD5 for: IEXPLORE.EXE.2204.HTML  >
[2013/05/29 10:24:06 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2204.html
 
< MD5 for: IEXPLORE.EXE.2216.HTML  >
[2013/06/21 09:59:46 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2216.html
 
< MD5 for: IEXPLORE.EXE.2220.HTML  >
[2013/02/28 13:45:07 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2220.html
 
< MD5 for: IEXPLORE.EXE.2236.HTML  >
[2013/02/09 11:25:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2236.html
 
< MD5 for: IEXPLORE.EXE.2276.HTML  >
[2013/04/29 18:31:17 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2276.html
 
< MD5 for: IEXPLORE.EXE.2284.HTML  >
[2013/03/22 11:52:00 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2284.html
 
< MD5 for: IEXPLORE.EXE.2292.HTML  >
[2013/06/11 11:01:26 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2292.html
 
< MD5 for: IEXPLORE.EXE.2304.HTML  >
[2013/02/11 11:18:47 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2304.html
 
< MD5 for: IEXPLORE.EXE.2316.HTML  >
[2013/03/04 11:29:26 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2316.html
 
< MD5 for: IEXPLORE.EXE.2344.HTML  >
[2013/04/02 10:37:26 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2344.html
 
< MD5 for: IEXPLORE.EXE.236.HTML  >
[2013/07/12 16:21:21 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.236.html
 
< MD5 for: IEXPLORE.EXE.2360.HTML  >
[2013/06/26 10:04:36 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2360.html
 
< MD5 for: IEXPLORE.EXE.2388.HTML  >
[2013/03/16 13:27:05 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2388.html
 
< MD5 for: IEXPLORE.EXE.2404.HTML  >
[2013/04/29 18:31:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2404.html
 
< MD5 for: IEXPLORE.EXE.2412.HTML  >
[2013/06/03 12:03:25 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2412.html
 
< MD5 for: IEXPLORE.EXE.2420.HTML  >
[2013/03/07 11:12:22 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2420.html
 
< MD5 for: IEXPLORE.EXE.2424.HTML  >
[2013/05/09 10:21:07 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2424.html
 
< MD5 for: IEXPLORE.EXE.2452.HTML  >
[2013/05/13 11:41:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2452.html
 
< MD5 for: IEXPLORE.EXE.2460.HTML  >
[2013/03/04 11:31:04 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2460.html
 
< MD5 for: IEXPLORE.EXE.2468.HTML  >
[2013/03/04 11:52:01 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2468.html
 
< MD5 for: IEXPLORE.EXE.2472.HTML  >
[2013/08/03 12:23:05 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2472.html
 
< MD5 for: IEXPLORE.EXE.2476.HTML  >
[2013/03/04 10:59:35 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2476.html
 
< MD5 for: IEXPLORE.EXE.2492.HTML  >
[2013/03/07 11:19:38 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2492.html
 
< MD5 for: IEXPLORE.EXE.2500.HTML  >
[2013/04/02 10:37:28 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2500.html
 
< MD5 for: IEXPLORE.EXE.2512.HTML  >
[2013/04/09 12:02:06 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2512.html
 
< MD5 for: IEXPLORE.EXE.2524.HTML  >
[2013/03/04 11:54:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2524.html
 
< MD5 for: IEXPLORE.EXE.2528.HTML  >
[2013/06/03 12:05:34 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2528.html
 
< MD5 for: IEXPLORE.EXE.2532.HTML  >
[2013/02/23 12:49:41 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2532.html
 
< MD5 for: IEXPLORE.EXE.2552.HTML  >
[2013/03/07 11:12:10 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2552.html
 
< MD5 for: IEXPLORE.EXE.2556.HTML  >
[2013/02/15 13:39:59 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2556.html
 
< MD5 for: IEXPLORE.EXE.2568.HTML  >
[2013/02/11 12:30:12 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2568.html
 
< MD5 for: IEXPLORE.EXE.2576.HTML  >
[2013/08/11 10:06:14 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2576.html
 
< MD5 for: IEXPLORE.EXE.2592.HTML  >
[2013/05/27 11:24:36 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2592.html
 
< MD5 for: IEXPLORE.EXE.2596.HTML  >
[2013/08/14 12:00:36 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2596.html
 
< MD5 for: IEXPLORE.EXE.2600.HTML  >
[2013/04/04 12:53:08 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2600.html
 
< MD5 for: IEXPLORE.EXE.2604.HTML  >
[2013/05/09 12:13:19 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2604.html
 
< MD5 for: IEXPLORE.EXE.2624.HTML  >
[2013/06/21 09:49:04 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2624.html
 
< MD5 for: IEXPLORE.EXE.2632.HTML  >
[2013/03/02 09:55:20 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2632.html
 
< MD5 for: IEXPLORE.EXE.2648.HTML  >
[2013/03/13 10:23:11 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2648.html
 
< MD5 for: IEXPLORE.EXE.2668.HTML  >
[2013/03/22 13:23:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2668.html
 
< MD5 for: IEXPLORE.EXE.2672.HTML  >
[2013/03/02 11:00:37 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2672.html
 
< MD5 for: IEXPLORE.EXE.2692.HTML  >
[2013/05/18 11:20:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2692.html
 
< MD5 for: IEXPLORE.EXE.2700.HTML  >
[2013/02/25 09:55:18 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2700.html
 
< MD5 for: IEXPLORE.EXE.272.HTML  >
[2013/06/11 10:55:18 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.272.html
 
< MD5 for: IEXPLORE.EXE.2720.HTML  >
[2013/02/12 10:26:57 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2720.html
 
< MD5 for: IEXPLORE.EXE.2740.HTML  >
[2013/03/02 09:52:05 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2740.html
 
< MD5 for: IEXPLORE.EXE.2788.HTML  >
[2013/05/29 10:44:57 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2788.html
 
< MD5 for: IEXPLORE.EXE.2800.HTML  >
[2013/06/26 09:24:10 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2800.html
 
< MD5 for: IEXPLORE.EXE.2824.HTML  >
[2013/03/27 12:21:45 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2824.html
 
< MD5 for: IEXPLORE.EXE.2852.HTML  >
[2013/04/30 10:04:37 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2852.html
 
< MD5 for: IEXPLORE.EXE.2860.HTML  >
[2013/06/08 08:44:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2860.html
 
< MD5 for: IEXPLORE.EXE.2876.HTML  >
[2013/03/27 12:21:27 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2876.html
 
< MD5 for: IEXPLORE.EXE.2884.HTML  >
[2013/05/29 10:45:04 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2884.html
 
< MD5 for: IEXPLORE.EXE.2892.HTML  >
[2013/04/15 11:22:30 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2892.html
 
< MD5 for: IEXPLORE.EXE.2904.HTML  >
[2013/08/11 10:06:16 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2904.html
 
< MD5 for: IEXPLORE.EXE.2908.HTML  >
[2013/03/23 12:28:33 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2908.html
 
< MD5 for: IEXPLORE.EXE.2912.HTML  >
[2013/05/29 10:45:16 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2912.html
 
< MD5 for: IEXPLORE.EXE.2916.HTML  >
[2013/04/30 10:04:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2916.html
 
< MD5 for: IEXPLORE.EXE.2924.HTML  >
[2013/07/23 10:15:29 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2924.html
 
< MD5 for: IEXPLORE.EXE.2948.HTML  >
[2013/02/25 14:03:50 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2948.html
 
< MD5 for: IEXPLORE.EXE.2964.HTML  >
[2013/06/03 12:12:53 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2964.html
 
< MD5 for: IEXPLORE.EXE.2976.HTML  >
[2013/03/22 12:42:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2976.html
 
< MD5 for: IEXPLORE.EXE.2980.HTML  >
[2013/04/02 11:11:09 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2980.html
 
< MD5 for: IEXPLORE.EXE.2984.HTML  >
[2013/02/28 09:28:54 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2984.html
 
< MD5 for: IEXPLORE.EXE.3028.HTML  >
[2013/05/09 12:12:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3028.html
 
< MD5 for: IEXPLORE.EXE.3032.HTML  >
[2013/02/14 10:44:59 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3032.html
 
< MD5 for: IEXPLORE.EXE.3068.HTML  >
[2013/04/09 11:59:24 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3068.html
 
< MD5 for: IEXPLORE.EXE.3088.HTML  >
[2013/02/09 13:20:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3088.html
 
< MD5 for: IEXPLORE.EXE.3092.HTML  >
[2013/03/13 10:25:14 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3092.html
 
< MD5 for: IEXPLORE.EXE.3100.HTML  >
[2013/07/12 16:22:23 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3100.html
 
< MD5 for: IEXPLORE.EXE.3104.HTML  >
[2013/06/21 09:59:47 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3104.html
 
< MD5 for: IEXPLORE.EXE.3148.HTML  >
[2013/07/23 10:03:14 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3148.html
 
< MD5 for: IEXPLORE.EXE.3160.HTML  >
[2013/04/06 10:18:47 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3160.html
 
< MD5 for: IEXPLORE.EXE.3164.HTML  >
[2013/03/21 11:13:32 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3164.html
 
< MD5 for: IEXPLORE.EXE.3176.HTML  >
[2013/07/17 11:34:05 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3176.html
 
< MD5 for: IEXPLORE.EXE.3192.HTML  >
[2013/07/17 11:34:02 | 000,003,231 | ---- | M] () MD5=8E4CD62DAB5825EB1AE43F6CB123FB28 -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3192.html
 
< MD5 for: IEXPLORE.EXE.3212.HTML  >
[2013/05/31 13:12:14 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3212.html
 
< MD5 for: IEXPLORE.EXE.3228.HTML  >
[2013/04/03 12:45:26 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3228.html
 
< MD5 for: IEXPLORE.EXE.3236.HTML  >
[2013/03/12 16:50:44 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3236.html
 
< MD5 for: IEXPLORE.EXE.324.HTML  >
[2013/02/16 13:56:23 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.324.html
 
< MD5 for: IEXPLORE.EXE.3244.HTML  >
[2013/03/04 11:58:10 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3244.html
 
< MD5 for: IEXPLORE.EXE.3268.HTML  >
[2013/03/18 11:13:33 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3268.html
 
< MD5 for: IEXPLORE.EXE.328.HTML  >
[2013/03/18 11:13:42 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.328.html
 
< MD5 for: IEXPLORE.EXE.3284.HTML  >
[2013/03/04 11:00:42 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3284.html
 
< MD5 for: IEXPLORE.EXE.3288.HTML  >
[2013/02/12 11:16:52 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3288.html
 
< MD5 for: IEXPLORE.EXE.3296.HTML  >
[2013/05/02 09:35:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3296.html
 
< MD5 for: IEXPLORE.EXE.3300.HTML  >
[2013/07/12 16:18:47 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3300.html
 
< MD5 for: IEXPLORE.EXE.3304.HTML  >
[2013/03/22 12:42:43 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3304.html
 
< MD5 for: IEXPLORE.EXE.3308.HTML  >
[2013/03/14 13:28:19 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3308.html
 
< MD5 for: IEXPLORE.EXE.3316.HTML  >
[2013/02/14 10:44:52 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3316.html
 
< MD5 for: IEXPLORE.EXE.332.HTML  >
[2013/02/06 17:31:17 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.332.html
 
< MD5 for: IEXPLORE.EXE.3320.HTML  >
[2013/06/11 11:23:15 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3320.html
 
< MD5 for: IEXPLORE.EXE.3324.HTML  >
[2013/05/27 11:34:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3324.html
 
< MD5 for: IEXPLORE.EXE.3328.HTML  >
[2013/06/21 09:48:59 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3328.html
 
< MD5 for: IEXPLORE.EXE.3336.HTML  >
[2013/06/08 08:52:04 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3336.html
 
< MD5 for: IEXPLORE.EXE.3348.HTML  >
[2013/04/23 11:50:48 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3348.html
 
< MD5 for: IEXPLORE.EXE.3368.HTML  >
[2013/05/09 10:19:25 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3368.html
 
< MD5 for: IEXPLORE.EXE.3376.HTML  >
[2013/03/04 11:58:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3376.html
 
< MD5 for: IEXPLORE.EXE.3388.HTML  >
[2013/06/11 11:00:22 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3388.html
 
< MD5 for: IEXPLORE.EXE.3396.HTML  >
[2013/05/29 11:11:09 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3396.html
 
< MD5 for: IEXPLORE.EXE.3400.HTML  >
[2013/03/04 11:00:47 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3400.html
 
< MD5 for: IEXPLORE.EXE.3416.HTML  >
[2013/03/20 13:51:48 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3416.html
 
< MD5 for: IEXPLORE.EXE.3428.HTML  >
[2013/02/09 11:30:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3428.html
 
< MD5 for: IEXPLORE.EXE.3432.HTML  >
[2013/06/11 11:00:16 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3432.html
 
< MD5 for: IEXPLORE.EXE.3436.HTML  >
[2013/02/22 11:53:26 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3436.html
 
< MD5 for: IEXPLORE.EXE.344.HTML  >
[2013/05/29 10:45:09 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.344.html
 
< MD5 for: IEXPLORE.EXE.3448.HTML  >
[2013/02/15 11:10:35 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3448.html
 
< MD5 for: IEXPLORE.EXE.3476.HTML  >
[2013/04/08 10:14:32 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3476.html
 
< MD5 for: IEXPLORE.EXE.3484.HTML  >
[2013/03/22 12:14:47 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3484.html
 
< MD5 for: IEXPLORE.EXE.3488.HTML  >
[2013/03/20 13:42:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3488.html
 
< MD5 for: IEXPLORE.EXE.3492.HTML  >
[2013/03/06 13:53:37 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3492.html
 
< MD5 for: IEXPLORE.EXE.3512.HTML  >
[2013/02/17 21:37:39 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3512.html
 
< MD5 for: IEXPLORE.EXE.3544.HTML  >
[2013/03/30 13:31:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3544.html
 
< MD5 for: IEXPLORE.EXE.3548.HTML  >
[2013/06/08 08:53:33 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3548.html
 
< MD5 for: IEXPLORE.EXE.3572.HTML  >
[2013/04/29 11:48:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3572.html
 
< MD5 for: IEXPLORE.EXE.3600.HTML  >
[2013/03/07 14:12:19 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3600.html
 
< MD5 for: IEXPLORE.EXE.3604.HTML  >
[2013/06/03 12:04:41 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3604.html
 
< MD5 for: IEXPLORE.EXE.3624.HTML  >
[2013/04/30 10:04:48 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3624.html
 
< MD5 for: IEXPLORE.EXE.3632.HTML  >
[2013/02/18 13:29:26 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3632.html
 
< MD5 for: IEXPLORE.EXE.3648.HTML  >
[2013/07/23 09:34:58 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3648.html
 
< MD5 for: IEXPLORE.EXE.3660.HTML  >
[2013/08/11 10:06:00 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3660.html
 
< MD5 for: IEXPLORE.EXE.3664.HTML  >
[2013/05/18 11:20:00 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3664.html
 
< MD5 for: IEXPLORE.EXE.3668.HTML  >
[2013/08/11 10:41:39 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3668.html
 
< MD5 for: IEXPLORE.EXE.3676.HTML  >
[2013/07/17 11:34:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3676.html
 
< MD5 for: IEXPLORE.EXE.368.HTML  >
[2013/02/22 13:08:37 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.368.html
 
< MD5 for: IEXPLORE.EXE.3680.HTML  >
[2013/02/23 11:17:59 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3680.html
 
< MD5 for: IEXPLORE.EXE.3708.HTML  >
[2013/08/11 10:50:58 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3708.html
 
< MD5 for: IEXPLORE.EXE.3720.HTML  >
[2013/03/06 13:09:14 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3720.html
 
< MD5 for: IEXPLORE.EXE.3736.HTML  >
[2013/02/28 13:28:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3736.html
 
< MD5 for: IEXPLORE.EXE.3740.HTML  >
[2013/02/20 20:38:50 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3740.html
 
< MD5 for: IEXPLORE.EXE.3744.HTML  >
[2013/02/19 11:31:27 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3744.html
 
< MD5 for: IEXPLORE.EXE.3756.HTML  >
[2013/06/08 08:45:57 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3756.html
 
< MD5 for: IEXPLORE.EXE.376.HTML  >
[2013/03/04 10:59:27 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.376.html
 
< MD5 for: IEXPLORE.EXE.3760.HTML  >
[2013/05/13 11:41:57 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3760.html
 
< MD5 for: IEXPLORE.EXE.3764.HTML  >
[2013/08/10 10:26:29 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3764.html
 
< MD5 for: IEXPLORE.EXE.3768.HTML  >
[2013/05/13 11:01:38 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3768.html
 
< MD5 for: IEXPLORE.EXE.3792.HTML  >
[2013/07/20 12:05:24 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3792.html
 
< MD5 for: IEXPLORE.EXE.3796.HTML  >
[2013/05/09 12:13:15 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3796.html
 
< MD5 for: IEXPLORE.EXE.3800.HTML  >
[2013/03/21 13:29:07 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3800.html
 
< MD5 for: IEXPLORE.EXE.3816.HTML  >
[2013/03/20 13:51:48 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3816.html
 
< MD5 for: IEXPLORE.EXE.3836.HTML  >
[2013/03/06 13:54:37 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3836.html
 
< MD5 for: IEXPLORE.EXE.3844.HTML  >
[2013/06/08 08:45:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3844.html
 
< MD5 for: IEXPLORE.EXE.3848.HTML  >
[2013/03/02 10:55:38 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3848.html
 
< MD5 for: IEXPLORE.EXE.3864.HTML  >
[2013/04/02 10:13:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3864.html
 
< MD5 for: IEXPLORE.EXE.3888.HTML  >
[2013/03/07 11:13:07 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3888.html
 
< MD5 for: IEXPLORE.EXE.3892.HTML  >
[2013/03/09 12:08:58 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3892.html
 
< MD5 for: IEXPLORE.EXE.3900.HTML  >
[2013/07/20 12:02:21 | 000,003,231 | ---- | M] () MD5=8E4CD62DAB5825EB1AE43F6CB123FB28 -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3900.html
 
< MD5 for: IEXPLORE.EXE.3904.HTML  >
[2013/02/12 12:16:25 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3904.html
 
< MD5 for: IEXPLORE.EXE.3912.HTML  >
[2013/04/30 09:23:19 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3912.html
 
< MD5 for: IEXPLORE.EXE.3916.HTML  >
[2013/02/23 13:37:44 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3916.html
 
< MD5 for: IEXPLORE.EXE.3920.HTML  >
[2013/02/12 10:25:16 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3920.html
 
< MD5 for: IEXPLORE.EXE.3936.HTML  >
[2013/03/06 13:17:53 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3936.html
 
< MD5 for: IEXPLORE.EXE.3940.HTML  >
[2013/02/25 09:54:57 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3940.html
 
< MD5 for: IEXPLORE.EXE.3948.HTML  >
[2013/04/23 11:50:50 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3948.html
 
< MD5 for: IEXPLORE.EXE.3952.HTML  >
[2013/02/22 11:45:21 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3952.html
 
< MD5 for: IEXPLORE.EXE.3984.HTML  >
[2013/05/29 10:44:36 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3984.html
 
< MD5 for: IEXPLORE.EXE.4008.HTML  >
[2013/03/06 13:09:06 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4008.html
 
< MD5 for: IEXPLORE.EXE.4024.HTML  >
[2013/03/06 13:21:40 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4024.html
 
< MD5 for: IEXPLORE.EXE.4036.HTML  >
[2013/05/09 10:26:29 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4036.html
 
< MD5 for: IEXPLORE.EXE.4044.HTML  >
[2013/03/09 12:10:58 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4044.html
 
< MD5 for: IEXPLORE.EXE.4048.HTML  >
[2013/07/10 11:18:45 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4048.html
 
< MD5 for: IEXPLORE.EXE.4052.HTML  >
[2013/06/11 10:57:49 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4052.html
 
< MD5 for: IEXPLORE.EXE.4068.HTML  >
[2013/07/08 11:00:41 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4068.html
 
< MD5 for: IEXPLORE.EXE.4072.HTML  >
[2013/02/23 11:00:27 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4072.html
 
< MD5 for: IEXPLORE.EXE.408.HTML  >
[2013/02/12 11:18:52 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.408.html
 
< MD5 for: IEXPLORE.EXE.4120.HTML  >
[2013/08/14 12:04:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4120.html
 
< MD5 for: IEXPLORE.EXE.4196.HTML  >
[2013/03/27 14:01:54 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4196.html
 
< MD5 for: IEXPLORE.EXE.4204.HTML  >
[2013/04/06 11:21:12 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4204.html
 
< MD5 for: IEXPLORE.EXE.428.HTML  >
[2013/06/03 12:18:25 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.428.html
 
< MD5 for: IEXPLORE.EXE.4348.HTML  >
[2013/08/20 00:37:01 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4348.html
 
< MD5 for: IEXPLORE.EXE.436.HTML  >
[2013/02/25 09:56:12 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.436.html
 
< MD5 for: IEXPLORE.EXE.4432.HTML  >
[2013/04/09 12:13:14 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4432.html
 
< MD5 for: IEXPLORE.EXE.448.HTML  >
[2013/03/22 13:22:57 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.448.html
 
< MD5 for: IEXPLORE.EXE.456.HTML  >
[2013/06/08 08:51:52 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.456.html
 
< MD5 for: IEXPLORE.EXE.4576.HTML  >
[2013/04/15 11:22:23 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4576.html
 
< MD5 for: IEXPLORE.EXE.4668.HTML  >
[2013/05/29 12:08:12 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4668.html
 
< MD5 for: IEXPLORE.EXE.4756.HTML  >
[2013/04/02 10:48:35 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4756.html
 
< MD5 for: IEXPLORE.EXE.484.HTML  >
[2013/04/17 12:46:09 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.484.html
 
< MD5 for: IEXPLORE.EXE.4864.HTML  >
[2013/07/23 10:00:40 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4864.html
 
< MD5 for: IEXPLORE.EXE.4952.HTML  >
[2013/08/03 12:23:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4952.html
 
< MD5 for: IEXPLORE.EXE.5180.HTML  >
[2013/04/17 12:31:54 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5180.html
 
< MD5 for: IEXPLORE.EXE.5260.HTML  >
[2013/07/16 12:15:34 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5260.html
 
< MD5 for: IEXPLORE.EXE.528.HTML  >
[2013/07/23 10:00:15 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.528.html
 
< MD5 for: IEXPLORE.EXE.5332.HTML  >
[2013/07/20 12:27:09 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5332.html
 
< MD5 for: IEXPLORE.EXE.5400.HTML  >
[2013/08/03 12:29:06 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5400.html
 
< MD5 for: IEXPLORE.EXE.5424.HTML  >
[2013/07/23 10:15:36 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5424.html
 
< MD5 for: IEXPLORE.EXE.5472.HTML  >
[2013/03/16 13:01:05 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5472.html
 
< MD5 for: IEXPLORE.EXE.5536.HTML  >
[2013/08/03 10:36:39 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5536.html
 
< MD5 for: IEXPLORE.EXE.556.HTML  >
[2013/04/29 18:31:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.556.html
 
< MD5 for: IEXPLORE.EXE.5600.HTML  >
[2013/04/09 12:13:15 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5600.html
 
< MD5 for: IEXPLORE.EXE.5704.HTML  >
[2013/08/03 12:01:54 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5704.html
 
< MD5 for: IEXPLORE.EXE.5712.HTML  >
[2013/03/16 13:26:16 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5712.html
 
< MD5 for: IEXPLORE.EXE.5720.HTML  >
[2013/04/08 12:30:48 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5720.html
 
< MD5 for: IEXPLORE.EXE.5728.HTML  >
[2013/03/16 13:35:29 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5728.html
 
< MD5 for: IEXPLORE.EXE.5780.HTML  >
[2013/04/09 11:59:24 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5780.html
 
< MD5 for: IEXPLORE.EXE.5876.HTML  >
[2013/04/15 12:38:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5876.html
 
< MD5 for: IEXPLORE.EXE.5960.HTML  >
[2013/07/23 10:15:39 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5960.html
 
< MD5 for: IEXPLORE.EXE.5964.HTML  >
[2013/04/30 10:00:22 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5964.html
 
< MD5 for: IEXPLORE.EXE.5968.HTML  >
[2013/07/17 11:27:51 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5968.html
 
< MD5 for: IEXPLORE.EXE.6004.HTML  >
[2013/04/06 10:18:53 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.6004.html
 
< MD5 for: IEXPLORE.EXE.6056.HTML  >
[2013/07/20 12:05:10 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.6056.html
 
< MD5 for: IEXPLORE.EXE.652.HTML  >
[2013/02/12 10:24:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.652.html
 
< MD5 for: IEXPLORE.EXE.660.HTML  >
[2013/04/29 18:31:24 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.660.html
 
< MD5 for: IEXPLORE.EXE.672.HTML  >
[2013/03/06 13:08:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.672.html
 
< MD5 for: IEXPLORE.EXE.684.HTML  >
[2013/05/27 11:23:24 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.684.html
 
< MD5 for: IEXPLORE.EXE.692.HTML  >
[2013/02/17 21:45:38 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.692.html
 
< MD5 for: IEXPLORE.EXE.708.HTML  >
[2013/02/12 10:24:53 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.708.html
 
< MD5 for: IEXPLORE.EXE.712.HTML  >
[2013/08/03 12:29:18 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.712.html
 
< MD5 for: IEXPLORE.EXE.752.HTML  >
[2013/02/25 14:03:53 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.752.html
 
< MD5 for: IEXPLORE.EXE.7888.HTML  >
[2013/07/23 10:03:07 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.7888.html
 
< MD5 for: IEXPLORE.EXE.820.HTML  >
[2013/08/11 10:06:02 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.820.html
 
< MD5 for: IEXPLORE.EXE.932.HTML  >
[2013/06/08 08:45:34 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.932.html
 
< MD5 for: IEXPLORE.EXE.940.HTML  >
[2013/07/10 11:18:37 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.940.html
 
< MD5 for: IEXPLORE.EXE.952.HTML  >
[2013/02/12 12:16:28 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.952.html
 
< MD5 for: IEXPLORE.EXE.MUI  >
[2009/03/08 13:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2009/03/08 13:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\iexplore.exe.mui
 
< MD5 for: IEXPLORE.EXE-27122324.PF  >
[2013/10/30 23:28:52 | 000,049,912 | ---- | M] () MD5=54299400DE34F18E447C6BA9C4988488 -- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
 
< MD5 for: IEXPLORE.HLP  >
[2008/04/14 12:00:00 | 000,180,335 | ---- | M] () MD5=3F19AF1B745140DAFAC6F78F561A3C62 -- C:\WINDOWS\Help\iexplore.hlp
 
< MD5 for: SERVICES  >
[2008/04/14 12:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services
 
< MD5 for: SERVICES.EXE  >
[2009/02/06 11:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
 
< MD5 for: SERVICES.LNK  >
[2012/10/03 16:22:31 | 000,001,602 | ---- | M] () MD5=C7091E1FDBE9469597C725B7A0A100C7 -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk
 
< MD5 for: SERVICES.MSC  >
[2008/04/14 12:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc
 
< MD5 for: SERVICES.RDB  >
[2010/11/06 23:07:46 | 000,237,568 | ---- | M] () MD5=507957679AE4579C15D57FA741EA6FFA -- C:\Program Files\OpenOffice.org 3\URE\misc\services.rdb
[2010/11/06 23:07:06 | 005,539,328 | ---- | M] () MD5=F2B666905F7FDAA80C86A101A7DE62F9 -- C:\Program Files\OpenOffice.org 3\Basis\program\services.rdb
 
< MD5 for: SERVICES.SBS  >
[2011/03/01 08:58:46 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files\Spybot - Search & Destroy 2\Includes\Services.sbs
[2013/07/16 12:21:30 | 000,034,818 | ---- | M] () MD5=E2ACBC77020C8D5CE97CA61D0D859A44 -- C:\Program Files\Spybot - Search & Destroy\Includes\Services.sbs
 
< MD5 for: WINLOGON.EXE  >
[2008/04/14 12:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 12:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
 
< %SYSTEMDRIVE%\*.* >
[2010/09/24 16:44:15 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013/04/03 18:24:37 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/09/24 16:44:15 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013/06/25 01:11:39 | 000,000,774 | ---- | M] () -- C:\drwtsn32.log
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 07:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 07:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 07:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 07:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 07:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 07:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 07:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 07:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 07:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 07:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 07:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2010/09/24 16:44:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/09/24 16:44:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 12:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/11/02 17:00:25 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2012/10/24 22:54:40 | 000,003,072 | -HS- | M] () -- C:\Thumbs.db
[2007/11/07 07:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 07:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 07:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
 
< %systemroot%\Fonts\*.com >
[2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2012/10/03 16:21:40 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\Fonts\*.exe >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 12:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2009/04/20 12:23:48 | 000,315,904 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpfpp70w.dll
[2008/07/06 10:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.jpg >
 
< %systemroot%\*.png >
 
< %systemroot%\*.scr >
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2011/09/10 10:24:23 | 000,161,744 | ---- | M] () -- C:\Program Files\0cres.dll
[2012/10/01 14:51:00 | 048,745,576 | ---- | M] (Safer-Networking Ltd.                                       ) -- C:\Program Files\spybotsd-2.0.10-rc2.exe
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C has no label.
 Volume Serial Number is DC69-A602
 Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices
09/10/2013  16:57    <JUNCTION>     2.0.0.0__b03f5f7f11d50a3a
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\assembly\GAC_MSIL\CCC
04/10/2012  12:31    <JUNCTION>     2.0.0.0__90ba9c70f846762e
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\assembly\GAC_MSIL\CLI
04/10/2012  12:31    <JUNCTION>     2.0.0.0__90ba9c70f846762e
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote
09/10/2013  16:57    <JUNCTION>     2.0.0.0__b03f5f7f11d50a3a
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\assembly\GAC_MSIL\LOG
04/10/2012  12:30    <JUNCTION>     2.0.3693.42530__90ba9c70f846762e
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\assembly\GAC_MSIL\MOM
04/10/2012  12:31    <JUNCTION>     2.0.0.0__90ba9c70f846762e
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
               6 Dir(s)   1,895,460,864 bytes free
 
< %systemroot%\System32\config\*.sav >
[2012/10/03 17:09:18 | 000,524,288 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012/10/03 15:53:31 | 000,524,288 | ---- | M] () -- C:\WINDOWS\System32\config\security.sav
[2012/10/03 17:09:18 | 025,427,968 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012/10/03 17:09:20 | 004,456,448 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %PROGRAMFILES%\bak. /s >
 
< %systemroot%\system32\bak. /s >
 
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2012/10/03 16:22:31 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
 
< %systemroot%\system32\config\systemprofile\*.dat /x >
 
< %systemroot%\*.config >
 
< %systemroot%\system32\*.db >
[2012/10/04 12:14:08 | 000,005,120 | -HS- | M] () -- C:\WINDOWS\system32\Thumbs.db
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
< %PROGRAMFILES%\Internet Explorer\*.dat >
 
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/05/20 18:53:06 | 000,000,060 | -HS- | M] () -- C:\Documents and Settings\Paul_2\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2011/05/20 18:53:05 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Paul_2\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
 
< %USERPROFILE%\Desktop\*.exe >
[2013/11/02 18:15:15 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Paul_2\Desktop\aswMBR.exe
[2013/11/02 19:07:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Paul_2\Desktop\OTL.exe
 
< %PROGRAMFILES%\Common Files\*.* >
 
< %systemroot%\*.src >
 
< %systemroot%\install\*.* >
 
< %systemroot%\system32\DLL\*.* >
 
< %systemroot%\system32\HelpFiles\*.* >
 
< %systemroot%\system32\rundll\*.* >
 
< %systemroot%\winn32\*.* >
 
< %systemroot%\Java\*.* >
 
< %systemroot%\system32\test\*.* >
 
< %systemroot%\system32\Rundll32\*.* >
 
< %systemroot%\AppPatch\Custom\*.* >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-10-13 21:03:49
 
========== Base Services ==========
SRV - [2008/04/14 12:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/14 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/14 12:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 13:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/14 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 12:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 17:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/14 12:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/14 12:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008/04/14 12:00:00 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/14 12:00:00 | 000,023,552 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/14 12:00:00 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/14 12:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/14 12:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 16:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 13:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/14 12:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/14 12:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 12:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/14 12:00:00 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/14 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/14 12:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/27 05:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/14 12:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 12:00:00 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/14 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/14 12:00:00 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/14 12:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/14 12:00:00 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/14 12:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/14 12:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/14 12:00:00 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/14 12:00:00 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/14 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
No service found with a name of Wmi
SRV - [2008/04/14 12:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/14 12:00:00 | 000,483,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 06:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
 
========== Drive Information ==========
 
Physical Drives
---------------
 
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: ST3160811AS
Partitions: 1
Status: OK
Status Info: 0
 
Partitions
---------------
 
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 149.00GB
Starting Offset: 32256
Hidden sectors: 0
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 174 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EE9B88C9
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56E2E879
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B11E0DF
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:553CA6CA

< End of report >
 

 

OTL Extras logfile created on: 02/11/2013 19:16:39 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Paul_2\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 80.76% Memory free
3.35 Gb Paging File | 3.18 Gb Available in Paging File | 94.82% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 1.77 Gb Free Space | 1.18% Space Free | Partition Type: NTFS
 
Computer Name: USER-E862545A71 | User Name: Paul_2 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [SPEEDbitVideoConverter] -- "C:\Program Files\SPEEDbit Video Downloader\Converter.exe" -convert=%1 (SPEEDbit Ltd.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\DAP\DAP.exe" = C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP) -- (Speedbit Ltd.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\AVG\AVG2014\avgmfapx.exe" = C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgnsx.exe" = C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgdiagex.exe" = C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgemcx.exe" = C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Personal Email Scanner -- (AVG Technologies CZ, s.r.o.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05BA6FCD-1701-4AB9-8A1B-59008261695E}" = PS_AIO_06_B109a-m_SW_Min
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{408E2517-E30B-4027-959A-BD9B35409D12}" = OpenOffice.org 3.3
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{60101C13-2C13-48FB-855D-33D9F3013133}" = B109a-m
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DA4FC0C-4FB3-45A2-8095-B2F7A9CF8135}" = AVG 2014
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A253A57F-4319-49B5-B405-64587FFBCFE2}" = HP Photosmart B109a-m All-in-One Driver Software 14.0 Rel. 6
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{C4D8B637-D0D7-46B5-9373-773DF79939AF}" = AVG 2014
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.22beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AVG" = AVG 2014
"CCleaner" = CCleaner
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy Shred" = Easy Shred
"File Shredder_is1" = File Shredder 2.0
"Free FLV Converter_is1" = Free FLV Converter V 7.4.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"ie8" = Windows Internet Explorer 8
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.6
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Rapport_msi" = Trusteer Endpoint Protection
"RealPlayer 16.0" = RealPlayer
"Shop for HP Supplies" = Shop for HP Supplies
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"Usenet.nl_is1" = Usenet.nl
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR 4.00 beta 2 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sansa Updater" = Sansa Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07/10/2013 15:11:09 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (2120) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
 for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ".  The open
 file operation will fail with error -1032 (0xfffffbf8).
 
Error - 07/10/2013 15:11:33 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3716) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
 for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ".  The open
 file operation will fail with error -1032 (0xfffffbf8).
 
Error - 07/10/2013 15:11:55 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3024) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
 for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ".  The open
 file operation will fail with error -1032 (0xfffffbf8).
 
Error - 07/10/2013 15:12:12 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3980) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
 for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ".  The open
 file operation will fail with error -1032 (0xfffffbf8).
 
Error - 07/10/2013 15:12:24 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (872) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
 for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ".  The open
 file operation will fail with error -1032 (0xfffffbf8).
 
Error - 09/10/2013 12:44:28 | Computer Name = USER-E862545A71 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
 with error: A required certificate is not within its validity period when verifying
 against the current system clock or the timestamp in the signed file.  
 
Error - 09/10/2013 12:44:43 | Computer Name = USER-E862545A71 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
 from: <http://www.download....uthrootseq.txt>
 with error: This operation returned because the timeout period expired.  
 
Error - 16/10/2013 16:39:20 | Computer Name = USER-E862545A71 | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 11.0.5721.5145, faulting
 module ntdll.dll, version 5.1.2600.6055, fault address 0x00010f1e.
 
Error - 18/10/2013 15:48:38 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3728) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
 for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ".  The open
 file operation will fail with error -1032 (0xfffffbf8).
 
Error - 21/10/2013 14:19:21 | Computer Name = USER-E862545A71 | Source = Application Error | ID = 1000
Description = Faulting application msimn.exe, version 6.0.2900.5512, faulting module
 , version 0.0.0.0, fault address 0x00000000.
 
[ System Events ]
Error - 02/11/2013 14:43:11 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 14:43:42 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 14:46:25 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 14:51:20 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 14:52:30 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 14:56:30 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 14:58:17 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 15:01:02 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 15:01:16 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 15:08:09 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
 
< End of report >
 


Edited by cousinkevin, 02 November 2013 - 03:07 PM.


#10 cousinkevin

cousinkevin

    Authentic Member

  • Authentic Member
  • PipPip
  • 66 posts

Posted 02 November 2013 - 02:50 PM

OTL Extras logfile created on: 02/11/2013 19:16:39 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Paul_2\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 80.76% Memory free
3.35 Gb Paging File | 3.18 Gb Available in Paging File | 94.82% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 1.77 Gb Free Space | 1.18% Space Free | Partition Type: NTFS
 
Computer Name: USER-E862545A71 | User Name: Paul_2 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [SPEEDbitVideoConverter] -- "C:\Program Files\SPEEDbit Video Downloader\Converter.exe" -convert=%1 (SPEEDbit Ltd.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\DAP\DAP.exe" = C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP) -- (Speedbit Ltd.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\AVG\AVG2014\avgmfapx.exe" = C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgnsx.exe" = C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgdiagex.exe" = C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgemcx.exe" = C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Personal Email Scanner -- (AVG Technologies CZ, s.r.o.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05BA6FCD-1701-4AB9-8A1B-59008261695E}" = PS_AIO_06_B109a-m_SW_Min
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{408E2517-E30B-4027-959A-BD9B35409D12}" = OpenOffice.org 3.3
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{60101C13-2C13-48FB-855D-33D9F3013133}" = B109a-m
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DA4FC0C-4FB3-45A2-8095-B2F7A9CF8135}" = AVG 2014
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A253A57F-4319-49B5-B405-64587FFBCFE2}" = HP Photosmart B109a-m All-in-One Driver Software 14.0 Rel. 6
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{C4D8B637-D0D7-46B5-9373-773DF79939AF}" = AVG 2014
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.22beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AVG" = AVG 2014
"CCleaner" = CCleaner
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy Shred" = Easy Shred
"File Shredder_is1" = File Shredder 2.0
"Free FLV Converter_is1" = Free FLV Converter V 7.4.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"ie8" = Windows Internet Explorer 8
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.6
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Rapport_msi" = Trusteer Endpoint Protection
"RealPlayer 16.0" = RealPlayer
"Shop for HP Supplies" = Shop for HP Supplies
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"Usenet.nl_is1" = Usenet.nl
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR 4.00 beta 2 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sansa Updater" = Sansa Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07/10/2013 15:11:09 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (2120) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
 for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ".  The open
 file operation will fail with error -1032 (0xfffffbf8).
 
Error - 07/10/2013 15:11:33 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3716) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
 for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ".  The open
 file operation will fail with error -1032 (0xfffffbf8).
 
Error - 07/10/2013 15:11:55 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3024) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
 for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ".  The open
 file operation will fail with error -1032 (0xfffffbf8).
 
Error - 07/10/2013 15:12:12 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3980) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
 for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ".  The open
 file operation will fail with error -1032 (0xfffffbf8).
 
Error - 07/10/2013 15:12:24 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (872) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
 for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ".  The open
 file operation will fail with error -1032 (0xfffffbf8).
 
Error - 09/10/2013 12:44:28 | Computer Name = USER-E862545A71 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
 with error: A required certificate is not within its validity period when verifying
 against the current system clock or the timestamp in the signed file.  
 
Error - 09/10/2013 12:44:43 | Computer Name = USER-E862545A71 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
 from: <http://www.download....uthrootseq.txt>
 with error: This operation returned because the timeout period expired.  
 
Error - 16/10/2013 16:39:20 | Computer Name = USER-E862545A71 | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 11.0.5721.5145, faulting
 module ntdll.dll, version 5.1.2600.6055, fault address 0x00010f1e.
 
Error - 18/10/2013 15:48:38 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3728) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
 for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ".  The open
 file operation will fail with error -1032 (0xfffffbf8).
 
Error - 21/10/2013 14:19:21 | Computer Name = USER-E862545A71 | Source = Application Error | ID = 1000
Description = Faulting application msimn.exe, version 6.0.2900.5512, faulting module
 , version 0.0.0.0, fault address 0x00000000.
 
[ System Events ]
Error - 02/11/2013 14:43:11 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 14:43:42 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 14:46:25 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 14:51:20 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 14:52:30 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 14:56:30 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 14:58:17 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 15:01:02 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 15:01:16 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 02/11/2013 15:08:09 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
 arguments ""  in order to run the server:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
 
< End of report >
 


    Advertisements

Register to Remove


#11 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 02 November 2013 - 03:26 PM

Hi cousinkevin,

If possible run these tools in Normal Mode.

=========================

bullseye_zpse9eaf36e.gif TDSSKiller

Please download TDSSKiller.zip - Extract it to your desktop
  • TDSSKiller.exe
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Press Start Scan
    • Only if Malicious objects are found then ensure Cure is selected
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)
=========================

bullseye_zpse9eaf36e.gif ComboFix

Refer to the ComboFix User's Guide
  • Download ComboFix from the following location:

    Link

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  • When finished, it shall produce a log for you. Post that log in your next reply

    Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

    ---------------------------------------------------------------------------------------------
  • Ensure your AntiVirus and AntiSpyware applications are re-enabled.
    ---------------------------------------------------------------------------------------------NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

    =========================

    In your next post please provide the following:
    • TDSSKiller.txt
    • Combofix.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#12 cousinkevin

cousinkevin

    Authentic Member

  • Authentic Member
  • PipPip
  • 66 posts

Posted 02 November 2013 - 04:39 PM

Hi,

 

I can't run the tools in normal mode as firefox only very partially loads to follow your instructions.

Also still can't shutdown in normal way.

 

I can't tell if AVG 2014 is disabled, as there is no icon in the taskbar in safe mode and opening from desktop shows a very basic interface without the usual options.

 

 

22:12:00.0359 0x0488  TDSS rootkit removing tool 3.0.0.16 Nov  1 2013 15:53:38
22:12:13.0078 0x0488  ============================================================
22:12:13.0078 0x0488  Current date / time: 2013/11/02 22:12:13.0078
22:12:13.0078 0x0488  SystemInfo:
22:12:13.0078 0x0488  
22:12:13.0078 0x0488  OS Version: 5.1.2600 ServicePack: 3.0
22:12:13.0078 0x0488  Product type: Workstation
22:12:13.0078 0x0488  ComputerName: USER-E862545A71
22:12:13.0078 0x0488  UserName: Paul_2
22:12:13.0078 0x0488  Windows directory: C:\WINDOWS
22:12:13.0078 0x0488  System windows directory: C:\WINDOWS
22:12:13.0078 0x0488  Processor architecture: Intel x86
22:12:13.0078 0x0488  Number of processors: 1
22:12:13.0078 0x0488  Page size: 0x1000
22:12:13.0078 0x0488  Boot type: Safe boot with network
22:12:13.0078 0x0488  ============================================================
22:12:17.0609 0x0488  System UUID: {7D959974-B8C8-214F-CDF4-21C00BDFD112}
22:12:18.0281 0x0488  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:12:18.0281 0x0488  ============================================================
22:12:18.0281 0x0488  \Device\Harddisk0\DR0:
22:12:18.0281 0x0488  MBR partitions:
22:12:18.0281 0x0488  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
22:12:18.0281 0x0488  ============================================================
22:12:18.0296 0x0488  C: <-> \Device\Harddisk0\DR0\Partition1
22:12:18.0312 0x0488  ============================================================
22:12:18.0312 0x0488  Initialize success
22:12:18.0312 0x0488  ============================================================
22:13:23.0281 0x0760  ============================================================
22:13:23.0281 0x0760  Scan started
22:13:23.0281 0x0760  Mode: Manual;
22:13:23.0281 0x0760  ============================================================
22:13:23.0281 0x0760  KSN ping started
22:13:36.0765 0x0760  KSN ping finished: true
22:13:37.0265 0x0760  ================ Scan system memory ========================
22:13:37.0265 0x0760  System memory - ok
22:13:37.0281 0x0760  ================ Scan services =============================
22:13:37.0468 0x0760  Abiosdsk - ok
22:13:37.0484 0x0760  abp480n5 - ok
22:13:37.0609 0x0760  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:13:37.0625 0x0760  ACPI - ok
22:13:37.0796 0x0760  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
22:13:37.0796 0x0760  ACPIEC - ok
22:13:37.0984 0x0760  [ 3109B16A0939BA11696EEB04F345D099, 8863EFE3631F0F4D8F6BAE804DBB01564FF2969D53393B2887F682427C289B25 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:13:38.0000 0x0760  AdobeFlashPlayerUpdateSvc - ok
22:13:38.0031 0x0760  adpu160m - ok
22:13:38.0140 0x0760  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
22:13:38.0140 0x0760  aec - ok
22:13:38.0234 0x0760  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
22:13:38.0250 0x0760  AFD - ok
22:13:38.0281 0x0760  Aha154x - ok
22:13:38.0296 0x0760  aic78u2 - ok
22:13:38.0328 0x0760  aic78xx - ok
22:13:38.0625 0x0760  [ F3E15607BA53249C765E36388B332C2F, 379B36493C47080BDA40B6487A19B6DD9DA30E26F652EC5455EF2FFDB075D792 ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS
22:13:38.0859 0x0760  ALCXWDM - ok
22:13:38.0968 0x0760  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
22:13:38.0968 0x0760  Alerter - ok
22:13:39.0015 0x0760  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
22:13:39.0015 0x0760  ALG - ok
22:13:39.0046 0x0760  AliIde - ok
22:13:39.0109 0x0760  amsint - ok
22:13:39.0140 0x0760  AppMgmt - ok
22:13:39.0187 0x0760  asc - ok
22:13:39.0234 0x0760  asc3350p - ok
22:13:39.0281 0x0760  asc3550 - ok
22:13:39.0468 0x0760  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:13:39.0515 0x0760  aspnet_state - ok
22:13:39.0593 0x0760  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:13:39.0609 0x0760  AsyncMac - ok
22:13:39.0671 0x0760  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
22:13:39.0687 0x0760  atapi - ok
22:13:39.0718 0x0760  Atdisk - ok
22:13:39.0843 0x0760  [ 471087B5E1E01CC82604E81EA14781D8, DA6AAFE65232AF3DA3D0D5F399730A1117B0DBBCB6AA2A9BD0D1ADA22A1198B8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
22:13:39.0875 0x0760  Ati HotKey Poller - ok
22:13:40.0000 0x0760  [ B979BA0120B6DB757196A8E2E873FE3C, 4F4CCD1D07485A53CA3ECEB10E029102BBE9946A15C7B67840E64D352808A0CA ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe
22:13:40.0046 0x0760  ATI Smart - ok
22:13:40.0281 0x0760  [ C0B86ECB324E50F6BBD529F9D5C6B24B, 6B6E58CBDE1010FF13740DA91482E8A40D7B31CD808C16B524BE012C0EADB0D1 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:13:40.0500 0x0760  ati2mtag - ok
22:13:40.0625 0x0760  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:13:40.0625 0x0760  Atmarpc - ok
22:13:40.0734 0x0760  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
22:13:40.0750 0x0760  AudioSrv - ok
22:13:40.0828 0x0760  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
22:13:40.0828 0x0760  audstub - ok
22:13:40.0968 0x0760  [ 8A7DC10E81E73994AF8D8FB4E921BA20, C9905638CC3CACAE77E907DAE061EC3D2A8AACC412004E905D0CD2BEA418EC91 ] Avgdiskx        C:\WINDOWS\system32\DRIVERS\avgdiskx.sys
22:13:40.0968 0x0760  Avgdiskx - ok
22:13:41.0375 0x0760  [ 332AEB8F6F9595C8886A7AA7A62322DC, CC2F2856257D10B72558660161732EB5FB5D8CCD8AC78EFED8263895A2529CC9 ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe
22:13:41.0609 0x0760  AVGIDSAgent - ok
22:13:41.0718 0x0760  [ E2D441E3F58C04DD91286F38916CE102, C03F50CE5BDFCBC2B0DB062D6517ADE99DFF8EB65859CF6122DC95D3167E7C7E ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
22:13:41.0734 0x0760  AVGIDSDriver - ok
22:13:41.0828 0x0760  [ 7E7E946C5620BD398BFCFA41E435545B, 0B2F496367F36BE20AD075DF0054E8DE083E690179F9C5C9ECF9B3677069D6CF ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
22:13:41.0843 0x0760  AVGIDSHX - ok
22:13:41.0890 0x0760  [ C3828E5C49924969799ED8B1E123A267, 26713E308FC9BBDF28BD4E47234002D6928AAA234F73B2248BB2466EBA41747E ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
22:13:41.0890 0x0760  AVGIDSShim - ok
22:13:41.0953 0x0760  [ A997D4A7361F4870A4F13BA5BF36F388, 1DF529F4207081E154BC377154A02FD641C20EF8BDB913C232465519AAC48827 ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
22:13:41.0953 0x0760  Avgldx86 - ok
22:13:42.0031 0x0760  [ 62C926243D7875BDE097904E4DE4FFAD, 32730FEB5133F51A62DEDB9528EDE5A8F9A3C8121753D09699C5EEB930E4E217 ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys
22:13:42.0046 0x0760  Avglogx - ok
22:13:42.0093 0x0760  [ 02C25C2974F728391E33A2E45A23FFA4, B36A9601BF855ABAC4855023913A8D977567AD15EDCC3FFAB3028A9B6FE5D2CA ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
22:13:42.0093 0x0760  Avgmfx86 - ok
22:13:42.0140 0x0760  [ 9745AD34365318593909EDDEDAE66B9A, 16374BF9789053AA0124CB8437E1192442F44E46D14435BF80A049CD0D47F16A ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
22:13:42.0140 0x0760  Avgrkx86 - ok
22:13:42.0187 0x0760  [ E98603F9D1F412F38ADF2F76053F9E5A, 1CE4668E0202ADD8C4C3D7D883DC837F7888F5D6E3B6FEE8338E15A86FE6AC22 ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
22:13:42.0203 0x0760  Avgtdix - ok
22:13:42.0296 0x0760  [ 07646F5F37F18F1F978CE3B0378EF1C9, 0BC440C3E8E617FA5D70D28413F091678E9FD4CF9F87CB8ED686609A0291D95B ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe
22:13:42.0312 0x0760  avgwd - ok
22:13:42.0421 0x0760  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
22:13:42.0421 0x0760  Beep - ok
22:13:42.0515 0x0760  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
22:13:42.0656 0x0760  BITS - ok
22:13:42.0750 0x0760  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
22:13:42.0750 0x0760  Browser - ok
22:13:42.0843 0x0760  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
22:13:42.0843 0x0760  cbidf2k - ok
22:13:42.0890 0x0760  cd20xrnt - ok
22:13:42.0953 0x0760  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
22:13:42.0968 0x0760  Cdaudio - ok
22:13:43.0046 0x0760  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
22:13:43.0046 0x0760  Cdfs - ok
22:13:43.0140 0x0760  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:13:43.0140 0x0760  Cdrom - ok
22:13:43.0187 0x0760  Changer - ok
22:13:43.0234 0x0760  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
22:13:43.0234 0x0760  CiSvc - ok
22:13:43.0296 0x0760  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
22:13:43.0296 0x0760  ClipSrv - ok
22:13:43.0406 0x0760  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:13:43.0546 0x0760  clr_optimization_v2.0.50727_32 - ok
22:13:43.0609 0x0760  CmdIde - ok
22:13:43.0656 0x0760  COMSysApp - ok
22:13:43.0718 0x0760  Cpqarray - ok
22:13:43.0796 0x0760  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
22:13:43.0796 0x0760  CryptSvc - ok
22:13:43.0859 0x0760  dac2w2k - ok
22:13:43.0890 0x0760  dac960nt - ok
22:13:44.0000 0x0760  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
22:13:44.0031 0x0760  DcomLaunch - ok
22:13:44.0125 0x0760  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
22:13:44.0125 0x0760  Dhcp - ok
22:13:44.0218 0x0760  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
22:13:44.0218 0x0760  Disk - ok
22:13:44.0250 0x0760  dmadmin - ok
22:13:44.0359 0x0760  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
22:13:44.0406 0x0760  dmboot - ok
22:13:44.0468 0x0760  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
22:13:44.0484 0x0760  dmio - ok
22:13:44.0531 0x0760  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
22:13:44.0531 0x0760  dmload - ok
22:13:44.0578 0x0760  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
22:13:44.0578 0x0760  dmserver - ok
22:13:44.0656 0x0760  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
22:13:44.0671 0x0760  DMusic - ok
22:13:44.0765 0x0760  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
22:13:44.0781 0x0760  Dnscache - ok
22:13:44.0875 0x0760  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
22:13:44.0890 0x0760  Dot3svc - ok
22:13:44.0937 0x0760  dpti2o - ok
22:13:45.0031 0x0760  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
22:13:45.0031 0x0760  drmkaud - ok
22:13:45.0078 0x0760  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
22:13:45.0078 0x0760  EapHost - ok
22:13:45.0171 0x0760  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
22:13:45.0171 0x0760  ERSvc - ok
22:13:45.0265 0x0760  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
22:13:45.0265 0x0760  Eventlog - ok
22:13:45.0375 0x0760  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
22:13:45.0390 0x0760  EventSystem - ok
22:13:45.0484 0x0760  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
22:13:45.0500 0x0760  Fastfat - ok
22:13:45.0593 0x0760  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:13:45.0593 0x0760  FastUserSwitchingCompatibility - ok
22:13:45.0687 0x0760  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
22:13:45.0687 0x0760  Fdc - ok
22:13:45.0781 0x0760  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
22:13:45.0781 0x0760  Fips - ok
22:13:45.0859 0x0760  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:13:45.0859 0x0760  Flpydisk - ok
22:13:45.0921 0x0760  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:13:45.0953 0x0760  FltMgr - ok
22:13:46.0093 0x0760  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:13:46.0093 0x0760  FontCache3.0.0.0 - ok
22:13:46.0140 0x0760  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:13:46.0140 0x0760  Fs_Rec - ok
22:13:46.0187 0x0760  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:13:46.0203 0x0760  Ftdisk - ok
22:13:46.0281 0x0760  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:13:46.0296 0x0760  Gpc - ok
22:13:46.0421 0x0760  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:13:46.0421 0x0760  helpsvc - ok
22:13:46.0484 0x0760  HidServ - ok
22:13:46.0562 0x0760  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:13:46.0562 0x0760  HidUsb - ok
22:13:46.0640 0x0760  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
22:13:46.0640 0x0760  hkmsvc - ok
22:13:46.0671 0x0760  hpn - ok
22:13:46.0953 0x0760  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
22:13:46.0984 0x0760  hpqcxs08 - ok
22:13:47.0031 0x0760  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
22:13:47.0046 0x0760  hpqddsvc - ok
22:13:47.0125 0x0760  [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:13:47.0125 0x0760  HPZid412 - ok
22:13:47.0171 0x0760  [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:13:47.0171 0x0760  HPZipr12 - ok
22:13:47.0250 0x0760  [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:13:47.0250 0x0760  HPZius12 - ok
22:13:47.0343 0x0760  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
22:13:47.0359 0x0760  HTTP - ok
22:13:47.0453 0x0760  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
22:13:47.0453 0x0760  HTTPFilter - ok
22:13:47.0500 0x0760  i2omgmt - ok
22:13:47.0546 0x0760  i2omp - ok
22:13:47.0625 0x0760  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:13:47.0625 0x0760  i8042prt - ok
22:13:47.0781 0x0760  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:13:47.0812 0x0760  idsvc - ok
22:13:47.0859 0x0760  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
22:13:47.0859 0x0760  Imapi - ok
22:13:47.0968 0x0760  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
22:13:47.0968 0x0760  ImapiService - ok
22:13:48.0046 0x0760  ini910u - ok
22:13:48.0109 0x0760  IntelIde - ok
22:13:48.0187 0x0760  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:13:48.0187 0x0760  intelppm - ok
22:13:48.0250 0x0760  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:13:48.0265 0x0760  Ip6Fw - ok
22:13:48.0328 0x0760  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:13:48.0328 0x0760  IpFilterDriver - ok
22:13:48.0390 0x0760  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:13:48.0390 0x0760  IpInIp - ok
22:13:48.0468 0x0760  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:13:48.0468 0x0760  IpNat - ok
22:13:48.0562 0x0760  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:13:48.0562 0x0760  IPSec - ok
22:13:48.0640 0x0760  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
22:13:48.0640 0x0760  IRENUM - ok
22:13:48.0718 0x0760  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:13:48.0734 0x0760  isapnp - ok
22:13:48.0921 0x0760  [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
22:13:48.0921 0x0760  JavaQuickStarterService - ok
22:13:48.0984 0x0760  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:13:48.0984 0x0760  Kbdclass - ok
22:13:49.0062 0x0760  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
22:13:49.0078 0x0760  kmixer - ok
22:13:49.0156 0x0760  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
22:13:49.0156 0x0760  KSecDD - ok
22:13:49.0250 0x0760  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
22:13:49.0250 0x0760  LanmanServer - ok
22:13:49.0312 0x0760  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:13:49.0328 0x0760  lanmanworkstation - ok
22:13:49.0375 0x0760  lbrtfdc - ok
22:13:49.0500 0x0760  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
22:13:49.0500 0x0760  LmHosts - ok
22:13:49.0906 0x0760  [ 14B0B207DEDFAB58B157B5A66CABB937, 56B0BEAA68E50B7A2B14131AB28E1A3AB6C3599E0A50212EBD373A99D7851BA6 ] LMIRescue_0e3fbcc9-499d-4383-9a4d-8f9de0582633 C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0003.tmp\LMI_Rescue_srv.exe
22:13:50.0093 0x0760  LMIRescue_0e3fbcc9-499d-4383-9a4d-8f9de0582633 - ok
22:13:50.0312 0x0760  [ C6267D349A65F67A611D5AE313F9F93A, 9B0301ABA8C0DF75488B93A80DC63168B78604E4E13438ED14979031A637CB89 ] LMIRescue_190e1fbc-265c-49bc-9ee4-2036b1499f28 C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0006.tmp\LMI_Rescue_srv.exe
22:13:50.0500 0x0760  LMIRescue_190e1fbc-265c-49bc-9ee4-2036b1499f28 - ok
22:13:50.0734 0x0760  [ 14B0B207DEDFAB58B157B5A66CABB937, 56B0BEAA68E50B7A2B14131AB28E1A3AB6C3599E0A50212EBD373A99D7851BA6 ] LMIRescue_25efa157-0bf7-422c-8c9e-11820b0bddfa C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0002.tmp\LMI_Rescue_srv.exe
22:13:50.0906 0x0760  LMIRescue_25efa157-0bf7-422c-8c9e-11820b0bddfa - ok
22:13:51.0109 0x0760  [ C6267D349A65F67A611D5AE313F9F93A, 9B0301ABA8C0DF75488B93A80DC63168B78604E4E13438ED14979031A637CB89 ] LMIRescue_e70e3a79-1da6-47e0-a93a-2366de83597d C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0005.tmp\LMI_Rescue_srv.exe
22:13:51.0250 0x0760  LMIRescue_e70e3a79-1da6-47e0-a93a-2366de83597d - ok
22:13:51.0500 0x0760  [ 14B0B207DEDFAB58B157B5A66CABB937, 56B0BEAA68E50B7A2B14131AB28E1A3AB6C3599E0A50212EBD373A99D7851BA6 ] LMIRescue_ea12e1ca-77c2-45ea-a3e6-ed8e18c08b69 C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0004.tmp\LMI_Rescue_srv.exe
22:13:51.0640 0x0760  LMIRescue_ea12e1ca-77c2-45ea-a3e6-ed8e18c08b69 - ok
22:13:51.0859 0x0760  [ 14B0B207DEDFAB58B157B5A66CABB937, 56B0BEAA68E50B7A2B14131AB28E1A3AB6C3599E0A50212EBD373A99D7851BA6 ] LMIRescue_f0557919-9c33-47c3-9d09-09b1244b2f5f C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe
22:13:52.0015 0x0760  LMIRescue_f0557919-9c33-47c3-9d09-09b1244b2f5f - ok
22:13:52.0109 0x0760  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
22:13:52.0125 0x0760  Messenger - ok
22:13:52.0203 0x0760  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
22:13:52.0203 0x0760  mnmdd - ok
22:13:52.0296 0x0760  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
22:13:52.0296 0x0760  mnmsrvc - ok
22:13:52.0375 0x0760  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
22:13:52.0375 0x0760  Modem - ok
22:13:52.0421 0x0760  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:13:52.0421 0x0760  Mouclass - ok
22:13:52.0484 0x0760  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:13:52.0500 0x0760  mouhid - ok
22:13:52.0562 0x0760  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
22:13:52.0562 0x0760  MountMgr - ok
22:13:52.0703 0x0760  [ F9359ADA531A75FB98FA7A864B97D30B, C417D9EB3233A19ACEC0FD2934FD93FC527068E2E7AD8C74717EDC4868AFBDD7 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:13:52.0703 0x0760  MozillaMaintenance - ok
22:13:52.0750 0x0760  mraid35x - ok
22:13:52.0812 0x0760  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:13:52.0812 0x0760  MRxDAV - ok
22:13:52.0906 0x0760  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:13:52.0921 0x0760  MRxSmb - ok
22:13:53.0000 0x0760  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
22:13:53.0000 0x0760  MSDTC - ok
22:13:53.0109 0x0760  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
22:13:53.0109 0x0760  Msfs - ok
22:13:53.0156 0x0760  MSIServer - ok
22:13:53.0234 0x0760  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:13:53.0234 0x0760  MSKSSRV - ok
22:13:53.0281 0x0760  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:13:53.0281 0x0760  MSPCLOCK - ok
22:13:53.0328 0x0760  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
22:13:53.0328 0x0760  MSPQM - ok
22:13:53.0375 0x0760  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:13:53.0375 0x0760  mssmbios - ok
22:13:53.0453 0x0760  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
22:13:53.0453 0x0760  Mup - ok
22:13:53.0578 0x0760  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
22:13:53.0578 0x0760  napagent - ok
22:13:53.0640 0x0760  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
22:13:53.0656 0x0760  NDIS - ok
22:13:53.0734 0x0760  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:13:53.0734 0x0760  NdisTapi - ok
22:13:53.0812 0x0760  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:13:53.0812 0x0760  Ndisuio - ok
22:13:53.0875 0x0760  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:13:53.0875 0x0760  NdisWan - ok
22:13:53.0937 0x0760  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
22:13:53.0937 0x0760  NDProxy - ok
22:13:54.0031 0x0760  [ 69C503C004F49AEE8B8E3067CC047BA7, 0E7A2FB0CC7669E6400EDA4D2220BBB1A85CF3D3529739DA5AE2C073FFA08313 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
22:13:54.0031 0x0760  Net Driver HPZ12 - ok
22:13:54.0078 0x0760  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
22:13:54.0093 0x0760  NetBIOS - ok
22:13:54.0156 0x0760  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
22:13:54.0171 0x0760  NetBT - ok
22:13:54.0265 0x0760  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
22:13:54.0265 0x0760  NetDDE - ok
22:13:54.0312 0x0760  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
22:13:54.0312 0x0760  NetDDEdsdm - ok
22:13:54.0437 0x0760  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
22:13:54.0437 0x0760  Netlogon - ok
22:13:54.0468 0x0760  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
22:13:54.0484 0x0760  Netman - ok
22:13:54.0578 0x0760  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:13:54.0578 0x0760  NetTcpPortSharing - ok
22:13:54.0656 0x0760  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
22:13:54.0671 0x0760  Nla - ok
22:13:54.0765 0x0760  [ C82F4CC10AD315B6D6BCB14D0A7CAD66, 7B12A7CB54DF475A4CCD23228A822FE29A04CF2850D64FCFA80DEFE3003074B1 ] nmwcd           C:\WINDOWS\system32\drivers\ccdcmb.sys
22:13:54.0765 0x0760  nmwcd - ok
22:13:54.0828 0x0760  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
22:13:54.0843 0x0760  Npfs - ok
22:13:54.0937 0x0760  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
22:13:54.0984 0x0760  Ntfs - ok
22:13:55.0015 0x0760  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
22:13:55.0015 0x0760  NtLmSsp - ok
22:13:55.0093 0x0760  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
22:13:55.0109 0x0760  NtmsSvc - ok
22:13:55.0171 0x0760  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
22:13:55.0171 0x0760  Null - ok
22:13:55.0234 0x0760  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:13:55.0234 0x0760  NwlnkFlt - ok
22:13:55.0281 0x0760  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:13:55.0281 0x0760  NwlnkFwd - ok
22:13:55.0343 0x0760  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
22:13:55.0359 0x0760  Parport - ok
22:13:55.0421 0x0760  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
22:13:55.0421 0x0760  PartMgr - ok
22:13:55.0515 0x0760  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
22:13:55.0515 0x0760  ParVdm - ok
22:13:55.0546 0x0760  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
22:13:55.0562 0x0760  PCI - ok
22:13:55.0593 0x0760  PCIDump - ok
22:13:55.0687 0x0760  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
22:13:55.0687 0x0760  PCIIde - ok
22:13:55.0781 0x0760  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
22:13:55.0781 0x0760  Pcmcia - ok
22:13:55.0828 0x0760  PDCOMP - ok
22:13:55.0859 0x0760  PDFRAME - ok
22:13:55.0921 0x0760  PDRELI - ok
22:13:55.0984 0x0760  PDRFRAME - ok
22:13:56.0015 0x0760  perc2 - ok
22:13:56.0062 0x0760  perc2hib - ok
22:13:56.0203 0x0760  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
22:13:56.0203 0x0760  PlugPlay - ok
22:13:56.0250 0x0760  [ 12B4549D515CB26BB8D375038017CA65, B09ED2BED994D2B04862BBF62EF56F110235D3489D3B1762432F22A3A8F97BB8 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
22:13:56.0250 0x0760  Pml Driver HPZ12 - ok
22:13:56.0296 0x0760  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
22:13:56.0312 0x0760  PolicyAgent - ok
22:13:56.0359 0x0760  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:13:56.0359 0x0760  PptpMiniport - ok
22:13:56.0390 0x0760  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:13:56.0390 0x0760  ProtectedStorage - ok
22:13:56.0421 0x0760  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
22:13:56.0421 0x0760  PSched - ok
22:13:56.0484 0x0760  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:13:56.0484 0x0760  Ptilink - ok
22:13:56.0515 0x0760  ql1080 - ok
22:13:56.0562 0x0760  Ql10wnt - ok
22:13:56.0593 0x0760  ql12160 - ok
22:13:56.0640 0x0760  ql1240 - ok
22:13:56.0687 0x0760  ql1280 - ok
22:13:56.0906 0x0760  [ AB51E1F08C8E789D6C9E8B94D15BE9A9, 35386087B0D57D181FE39E4AFBFFE4DB5B827DACA6D87F1F5563B26547993E24 ] RapportCerberus_59849 C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys
22:13:56.0937 0x0760  RapportCerberus_59849 - ok
22:13:57.0078 0x0760  [ 9D52A4DEB9F28CC41EB61346E3808E4D, 6025F833B27B7A86E2F69F2D6D994DE95DCAD33FFC8FFA52BF45E350417BAAA0 ] RapportEI       C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
22:13:57.0078 0x0760  RapportEI - ok
22:13:57.0187 0x0760  [ 4136175FABB89CB493DF1D237DB50CF4, F38E6AA084A910D2445CEF53EC7E6FFB74AE3FE518A052562A0AEEC8F1DD37C1 ] RapportKELL     C:\WINDOWS\system32\Drivers\RapportKELL.sys
22:13:57.0187 0x0760  RapportKELL - ok
22:13:57.0390 0x0760  [ 02396BD77121751A738444325E1F14E8, C9A0B4D423C18014DD6523332B378BD0E85E5EE9F9B33C892DCA5DEECEEF805C ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
22:13:57.0500 0x0760  RapportMgmtService - ok
22:13:57.0687 0x0760  [ A9B99416DE6CADEE2D3C369B634F20F1, A2836B5BD439EE9163317ADA1E10D911F55FF0E3459CF3AEFDC3FBB6C16570ED ] RapportPG       C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
22:13:57.0687 0x0760  RapportPG - ok
22:13:57.0750 0x0760  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:13:57.0750 0x0760  RasAcd - ok
22:13:57.0828 0x0760  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
22:13:57.0828 0x0760  RasAuto - ok
22:13:57.0906 0x0760  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:13:57.0906 0x0760  Rasl2tp - ok
22:13:57.0953 0x0760  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
22:13:57.0968 0x0760  RasMan - ok
22:13:58.0015 0x0760  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:13:58.0015 0x0760  RasPppoe - ok
22:13:58.0062 0x0760  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
22:13:58.0062 0x0760  Raspti - ok
22:13:58.0109 0x0760  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:13:58.0125 0x0760  Rdbss - ok
22:13:58.0156 0x0760  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:13:58.0156 0x0760  RDPCDD - ok
22:13:58.0250 0x0760  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
22:13:58.0265 0x0760  RDPWD - ok
22:13:58.0328 0x0760  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
22:13:58.0343 0x0760  RDSessMgr - ok
22:13:58.0437 0x0760  [ B2D01290C0E0465ACA54C2088E947823, 6FB6E6CFAF3F2F948B753A0CFF6F9058BF3ED0E421204EE58848F0DFD694A747 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
22:13:58.0437 0x0760  RealNetworks Downloader Resolver Service - ok
22:13:58.0531 0x0760  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
22:13:58.0546 0x0760  redbook - ok
22:13:58.0625 0x0760  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
22:13:58.0640 0x0760  RemoteAccess - ok
22:13:58.0734 0x0760  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
22:13:58.0734 0x0760  RpcLocator - ok
22:13:58.0796 0x0760  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
22:13:58.0828 0x0760  RpcSs - ok
22:13:58.0921 0x0760  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
22:13:58.0937 0x0760  RSVP - ok
22:13:58.0984 0x0760  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
22:13:58.0984 0x0760  SamSs - ok
22:13:59.0109 0x0760  [ A3281AEC37E0720A2BC28034C2DF2A56, E8C122D17DD695D4EEAD115A5E1A388605EB77E5F2E8DA98C7BD93E0FDCFD01A ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:13:59.0109 0x0760  SASDIFSV - ok
22:13:59.0171 0x0760  [ 61DB0D0756A99506207FD724E3692B25, 90A43A650B8FDC2DC15172CD43357ED622CBFC6124BA14C63EAC63898125EADA ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:13:59.0171 0x0760  SASKUTIL - ok
22:13:59.0265 0x0760  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
22:13:59.0265 0x0760  SCardSvr - ok
22:13:59.0359 0x0760  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
22:13:59.0375 0x0760  Schedule - ok
22:13:59.0562 0x0760  [ D98E936BDD4A6CFE39535F3696D0EC6F, 78F4D7A1AACCCC5F77C7FFDA9E51D3BDCC454DD7D0FBB27260E6C7D56956C98E ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
22:13:59.0625 0x0760  SDScannerService - ok
22:13:59.0750 0x0760  [ 2D5088524613D1ED55D20195AF42DDC7, DD31882890524D237AA3A58D15C7EBB2CC181C56E17FA62671CFC14BD275D3A0 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
22:13:59.0828 0x0760  SDUpdateService - ok
22:13:59.0921 0x0760  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:13:59.0921 0x0760  Secdrv - ok
22:13:59.0984 0x0760  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
22:14:00.0000 0x0760  seclogon - ok
22:14:00.0078 0x0760  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
22:14:00.0078 0x0760  SENS - ok
22:14:00.0125 0x0760  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
22:14:00.0125 0x0760  serenum - ok
22:14:00.0171 0x0760  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
22:14:00.0171 0x0760  Serial - ok
22:14:00.0296 0x0760  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
22:14:00.0296 0x0760  Sfloppy - ok
22:14:00.0359 0x0760  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
22:14:00.0359 0x0760  SharedAccess - ok
22:14:00.0437 0x0760  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:14:00.0437 0x0760  ShellHWDetection - ok
22:14:00.0484 0x0760  Simbad - ok
22:14:00.0562 0x0760  [ 3FBB6EF8B5A71A2FA11F5F461BB73219, E71F7BB8F690351ACB0C02B2BC01F8837F55645B9BF7682C0F9329BA00637F0A ] SISNIC          C:\WINDOWS\system32\DRIVERS\sisnic.sys
22:14:00.0562 0x0760  SISNIC - ok
22:14:00.0828 0x0760  [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
22:14:01.0000 0x0760  Skype C2C Service - ok
22:14:01.0203 0x0760  [ B866E8C5ED1DCBEA72285BA4107892C2, F1750C9AC9B0A556DB3D5BC211D8DEDB2A278BFFEE4E21649B4D3B2CC10263E5 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
22:14:01.0218 0x0760  SkypeUpdate - ok
22:14:01.0265 0x0760  Sparrow - ok
22:14:01.0343 0x0760  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
22:14:01.0343 0x0760  splitter - ok
22:14:01.0437 0x0760  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
22:14:01.0453 0x0760  Spooler - ok
22:14:01.0531 0x0760  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
22:14:01.0531 0x0760  sr - ok
22:14:01.0593 0x0760  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
22:14:01.0593 0x0760  srservice - ok
22:14:01.0671 0x0760  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
22:14:01.0687 0x0760  Srv - ok
22:14:01.0781 0x0760  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
22:14:01.0796 0x0760  SSDPSRV - ok
22:14:01.0890 0x0760  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
22:14:01.0921 0x0760  stisvc - ok
22:14:01.0953 0x0760  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
22:14:01.0968 0x0760  swenum - ok
22:14:02.0062 0x0760  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
22:14:02.0078 0x0760  swmidi - ok
22:14:02.0109 0x0760  SwPrv - ok
22:14:02.0156 0x0760  symc810 - ok
22:14:02.0203 0x0760  symc8xx - ok
22:14:02.0234 0x0760  sym_hi - ok
22:14:02.0281 0x0760  sym_u3 - ok
22:14:02.0359 0x0760  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
22:14:02.0359 0x0760  sysaudio - ok
22:14:02.0453 0x0760  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
22:14:02.0468 0x0760  SysmonLog - ok
22:14:02.0562 0x0760  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
22:14:02.0578 0x0760  TapiSrv - ok
22:14:02.0671 0x0760  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:14:02.0687 0x0760  Tcpip - ok
22:14:02.0765 0x0760  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
22:14:02.0765 0x0760  TDPIPE - ok
22:14:02.0796 0x0760  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
22:14:02.0796 0x0760  TDTCP - ok
22:14:02.0859 0x0760  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
22:14:02.0859 0x0760  TermDD - ok
22:14:02.0906 0x0760  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
22:14:02.0921 0x0760  TermService - ok
22:14:02.0968 0x0760  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
22:14:02.0968 0x0760  Themes - ok
22:14:03.0000 0x0760  TosIde - ok
22:14:03.0031 0x0760  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
22:14:03.0031 0x0760  TrkWks - ok
22:14:03.0078 0x0760  [ D85938F272D1BCF3DB3A31FC0A048928, 798328C8C06EEE7B0852E6D2B16C3AF24D529737ECA2E9725415261A5736D051 ] uagp35          C:\WINDOWS\system32\DRIVERS\uagp35.sys
22:14:03.0093 0x0760  uagp35 - ok
22:14:03.0171 0x0760  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
22:14:03.0171 0x0760  Udfs - ok
22:14:03.0218 0x0760  ultra - ok
22:14:03.0296 0x0760  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
22:14:03.0312 0x0760  Update - ok
22:14:03.0421 0x0760  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
22:14:03.0437 0x0760  upnphost - ok
22:14:03.0484 0x0760  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
22:14:03.0484 0x0760  UPS - ok
22:14:03.0593 0x0760  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:14:03.0593 0x0760  usbccgp - ok
22:14:03.0640 0x0760  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:14:03.0640 0x0760  usbehci - ok
22:14:03.0687 0x0760  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:14:03.0687 0x0760  usbhub - ok
22:14:03.0734 0x0760  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:14:03.0734 0x0760  usbohci - ok
22:14:03.0828 0x0760  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:14:03.0828 0x0760  usbprint - ok
22:14:03.0906 0x0760  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:14:03.0953 0x0760  usbscan - ok
22:14:03.0984 0x0760  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:14:03.0984 0x0760  USBSTOR - ok
22:14:04.0031 0x0760  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
22:14:04.0031 0x0760  VgaSave - ok
22:14:04.0062 0x0760  ViaIde - ok
22:14:04.0156 0x0760  VideoAcceleratorService - ok
22:14:04.0203 0x0760  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
22:14:04.0203 0x0760  VolSnap - ok
22:14:04.0312 0x0760  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
22:14:04.0328 0x0760  VSS - ok
22:14:04.0437 0x0760  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
22:14:04.0453 0x0760  W32Time - ok
22:14:04.0500 0x0760  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:14:04.0500 0x0760  Wanarp - ok
22:14:04.0625 0x0760  [ FD47474BD21794508AF449D9D91AF6E6, 2AD586390824F673B5DC5D86FC2423ED9252413D221E1C7EC3A760782DB6436A ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
22:14:04.0656 0x0760  Wdf01000 - ok
22:14:04.0687 0x0760  WDICA - ok
22:14:04.0750 0x0760  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
22:14:04.0765 0x0760  wdmaud - ok
22:14:04.0828 0x0760  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
22:14:04.0828 0x0760  WebClient - ok
22:14:04.0984 0x0760  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
22:14:05.0000 0x0760  winmgmt - ok
22:14:05.0125 0x0760  [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
22:14:05.0187 0x0760  WinRM - ok
22:14:05.0359 0x0760  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
22:14:05.0359 0x0760  WmdmPmSN - ok
22:14:05.0484 0x0760  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:14:05.0484 0x0760  WmiApSrv - ok
22:14:05.0656 0x0760  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
22:14:05.0687 0x0760  WMPNetworkSvc - ok
22:14:05.0765 0x0760  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:14:05.0765 0x0760  WpdUsb - ok
22:14:05.0828 0x0760  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:14:05.0828 0x0760  WS2IFSL - ok
22:14:05.0921 0x0760  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
22:14:05.0921 0x0760  wscsvc - ok
22:14:06.0000 0x0760  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
22:14:06.0031 0x0760  wuauserv - ok
22:14:06.0109 0x0760  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:14:06.0125 0x0760  WudfPf - ok
22:14:06.0187 0x0760  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:14:06.0187 0x0760  WudfRd - ok
22:14:06.0296 0x0760  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
22:14:06.0312 0x0760  WudfSvc - ok
22:14:06.0437 0x0760  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
22:14:06.0453 0x0760  WZCSVC - ok
22:14:06.0546 0x0760  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
22:14:06.0546 0x0760  xmlprov - ok
22:14:06.0609 0x0760  ================ Scan global ===============================
22:14:06.0687 0x0760  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
22:14:06.0750 0x0760  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
22:14:06.0796 0x0760  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
22:14:06.0843 0x0760  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
22:14:06.0843 0x0760  [ Global ] - ok
22:14:06.0859 0x0760  ================ Scan MBR ==================================
22:14:06.0906 0x0760  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
22:14:07.0078 0x0760  \Device\Harddisk0\DR0 - ok
22:14:07.0093 0x0760  ================ Scan VBR ==================================
22:14:07.0109 0x0760  [ A6ECC1562352C948CB62B59E8B91F96D ] \Device\Harddisk0\DR0\Partition1
22:14:07.0125 0x0760  \Device\Harddisk0\DR0\Partition1 - ok
22:14:07.0140 0x0760  Waiting for KSN requests completion. In queue: 217
22:14:08.0140 0x0760  Waiting for KSN requests completion. In queue: 217
22:14:09.0140 0x0760  Waiting for KSN requests completion. In queue: 217
22:14:10.0187 0x0760  AV detected via SS1: AVG AntiVirus Free Edition 2014, 2014.0, enabled, updated
22:14:10.0187 0x0760  FW detected via SS1: AVG Internet Security 2013, 2013.0, enabled
22:14:12.0546 0x0760  ============================================================
22:14:12.0546 0x0760  Scan finished
22:14:12.0546 0x0760  ============================================================
22:14:12.0593 0x0688  Detected object count: 0
22:14:12.0593 0x0688  Actual detected object count: 0
22:27:35.0578 0x0320  Deinitialize success
 



#13 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 02 November 2013 - 05:51 PM

Hi cousinkevin,

 

Please post the ComboFix.txt log when it is ready.


OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#14 cousinkevin

cousinkevin

    Authentic Member

  • Authentic Member
  • PipPip
  • 66 posts

Posted 02 November 2013 - 06:38 PM

Now I have a warning box that combofix has detected AVG and only to click OK when disabled. I did say I can't switch off AVG in safe mode now I'm frightened to wreck my pc. As I said there are no options to disable in safe mode. The AVG window states "command line scanner" and there is no menu.

 

What can I do now, I want to go to bed as it's late and I have a chronic illness?


Edited by cousinkevin, 02 November 2013 - 06:59 PM.


#15 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 02 November 2013 - 06:47 PM

Hi cousinkevin,

 

You have a few options:

 

Disconnect from the Internet

Uninstall AVG, then run ComboFix

 

or

 

Just acknowledge the ComboFix prompt about AVG and run ComboFix with AVG enabled.


OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users