PC boots up but can't open software [Solved]
#1
Posted 30 October 2013 - 06:49 PM
Register to Remove
#2
Posted 02 November 2013 - 10:22 AM
Can you transfer tools from a flash drive onto the infected computer and run a scan?
If so, run these tools and post the logs generated. If not report back.
=========================
aswMBR
Download aswMBR.exe and save it to your desktop.
- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
- When asked if you want to download Avast's virus definitions please select Yes.
- Click Scan
- Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
- You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
OTL
Download OTL to your desktop.
- Make sure all other windows are closed and to let it run uninterrupted.
- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
- When the window appears, underneath Output at the top change it to Minimal Output.
- Check the boxes beside LOP Check and Purity Check.
- Under Custom Scan paste this in
%USERPROFILE%\..|smtmp;true;true;true /FP
%temp%\smtmp\*.* /s >
/md5start
iexplore.*
explorer.*
winlogon.*
dll
zx.dll
hlp.dat
consrv.dll
services.*
/md5stop
netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
dir "%systemdrive%\*" /S /A:L /C
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%PROGRAMFILES%\Internet Explorer\*.dat
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
BASESERVICES
DRIVES
CREATERESTOREPOINT - Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
- You may need two posts to fit them both in.
In your next post please provide the following:
- aswMBR.txt
- attach MBR.zip
- OTL.txt
- Extras.txt
Proud Graduate of WTT Classroom
Member of UNITE
Threads will be closed if no response after 5 days
If you are satisfied with the help you have received, please consider making a donation.
#3
Posted 02 November 2013 - 12:01 PM
Firstly, thanks for replying. The PC I used to start this topic has stopped working, the fan went on full and I shut it down but the fan has stayed on and I can't reboot. It never rains it pours!!!
So I've booted my infected PC in safe mode with networking. It's not recognising either a flash drive or an external drive through USB in the computer folder. Shall I follow your instructions in current safe mode?
I'd also ran Spybot S&D in safe mode but I didn't know which entries I should fix so I left alone.
Correction to first post my computer states service pack 3
Edited by cousinkevin, 02 November 2013 - 12:08 PM.
#4
Posted 02 November 2013 - 12:08 PM
Hi cousinkevin,
Are you able to run any scans (either Safe or Normal mode)?
Proud Graduate of WTT Classroom
Member of UNITE
Threads will be closed if no response after 5 days
If you are satisfied with the help you have received, please consider making a donation.
#5
Posted 02 November 2013 - 12:31 PM
Yes I downloaded the asw file although it was automatically put into a downloads folder so I moved it to the desktop after.
I ran the tool, then I clicked the tool icon in the the taskbar and it ran again oops. Shall I save the log or start again?
#6
Posted 02 November 2013 - 12:36 PM
Save the log, run the other scan/s if you can and post the logs when you have finished.
Proud Graduate of WTT Classroom
Member of UNITE
Threads will be closed if no response after 5 days
If you are satisfied with the help you have received, please consider making a donation.
#7
Posted 02 November 2013 - 12:57 PM
I right clicked the MBR.dat file but it showed save to compressed ( zipped ) folder then a window came up "compressed zip folder" do you want to designate compressed ( zipped ) folders as the application for handling ZIP files?
I can see the MBR zip file as well as the .dat file
Edited by cousinkevin, 02 November 2013 - 01:03 PM.
#8
Posted 02 November 2013 - 01:14 PM
Hi cousinkevin,
Don't worry about the MBR.zip file for now. Just post the aswMBR.txt log. The forum is undergoing some changes and I don't think all the "kinks" are fully worked out yet.
Proud Graduate of WTT Classroom
Member of UNITE
Threads will be closed if no response after 5 days
If you are satisfied with the help you have received, please consider making a donation.
#9
Posted 02 November 2013 - 02:21 PM
Hi OCD,
Do you want all 4 files pasted as I can't see an attach option?
BTW, if I have too much software on my PC I'm quite prepared to uninstall some.
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-11-02 18:19:44
-----------------------------
18:19:44.296 OS Version: Windows 5.1.2600 Service Pack 3
18:19:44.296 Number of processors: 1 586 0x409
18:19:44.296 ComputerName: USER-E862545A71 UserName: Paul_2
18:19:44.750 Initialize success
18:21:15.125 AVAST engine defs: 13110200
18:21:58.031 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5
18:21:58.046 Disk 0 Vendor: ST3160811AS 3.AAE Size: 152627MB BusType: 3
18:21:58.187 Disk 0 MBR read successfully
18:21:58.203 Disk 0 MBR scan
18:21:58.265 Disk 0 Windows XP default MBR code
18:21:58.296 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 63
18:21:58.328 Disk 0 scanning sectors +312560640
18:21:58.546 Disk 0 scanning C:\WINDOWS\system32\drivers
18:22:12.046 Service scanning
18:22:47.140 Modules scanning
18:23:18.046 Disk 0 trace - called modules:
18:23:18.046 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
18:23:18.046 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a6a58f0]
18:23:18.046 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\0000005e[0x8a6309e8]
18:23:18.046 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-5[0x8a61f940]
18:23:18.406 AVAST engine scan C:\WINDOWS
18:23:23.109 AVAST engine scan C:\WINDOWS\system32
18:27:42.000 AVAST engine scan C:\WINDOWS\system32\drivers
18:28:18.625 AVAST engine scan C:\Documents and Settings\Paul_2
18:28:25.000 File: C:\Documents and Settings\Paul_2\Application Data\Betcat\dat\Desktop.OS.dll **INFECTED** Win32:Webcake-A [Adw]
18:28:25.109 File: C:\Documents and Settings\Paul_2\Application Data\Betcat\dat\Dora.dat **INFECTED** Win32:Webcake-A [Adw]
18:28:25.296 File: C:\Documents and Settings\Paul_2\Application Data\Betcat\dat\Maintain.dat **INFECTED** Win32:Webcake-A [Adw]
18:28:25.406 File: C:\Documents and Settings\Paul_2\Application Data\Betcat\dat\Paladin.dat **INFECTED** Win32:Webcake-A [Adw]
18:28:25.562 File: C:\Documents and Settings\Paul_2\Application Data\Betcat\dat\Phoenix.dat **INFECTED** Win32:Webcake-A [Adw]
18:28:25.921 File: C:\Documents and Settings\Paul_2\Application Data\Betcat\WebCakeDesktop.exe **INFECTED** Win32:Webcake-A [Adw]
18:40:22.937 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Paul_2\Desktop\MBR.dat"
18:40:23.046 The log file has been saved successfully to "C:\Documents and Settings\Paul_2\Desktop\aswMBR.txt"
3À?Ð? |ûPPü?|?PW?åó?Ë???8n | u?ÅâôÍ?õ?ÆIt8,tö?µ??ð?< tü? ?Íëò?NèF s*þF?~
t
?~t??uÒ?F?F?V
è! s??ë??>þ}Uªt
?~ tÈ??ë??üW?õË? ?V ?Ír#?Á$???Þ?üC?ã?Ñ?Ö?ÒîB?â9V
w#r9Fs?? |?N?V ÍsQOtN2ä?V Íëä?V `?ªU?AÍr6?ûUªu0öÁt+a`j j ÿv
ÿvj h |jj?B?ôÍaasOt
2ä?V ÍëÖaùÃInvalid partition table Error loading operating system Missing operating system ,DcÆÍÆÍ ? þÿÿ? ÁK? Uª
OTL logfile created on: 02/11/2013 19:16:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Paul_2\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 80.76% Memory free
3.35 Gb Paging File | 3.18 Gb Available in Paging File | 94.82% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 1.77 Gb Free Space | 1.18% Space Free | Partition Type: NTFS
Computer Name: USER-E862545A71 | User Name: Paul_2 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Paul_2\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\WINDOWS\system32\quartz.dll ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files\winrar\RarExt.dll ()
MOD - C:\WINDOWS\system32\splitter.ax ()
MOD - C:\WINDOWS\system32\mkx.dll ()
MOD - C:\WINDOWS\system32\avi.dll ()
MOD - C:\WINDOWS\system32\mp4.dll ()
MOD - C:\WINDOWS\system32\mkzlib.dll ()
MOD - C:\WINDOWS\system32\mkunicode.dll ()
MOD - C:\WINDOWS\system32\mmfinfo.dll ()
MOD - C:\Program Files\File Shredder\fsshell.dll ()
========== Services (SafeList) ==========
SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (RapportMgmtService) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (LMIRescue_190e1fbc-265c-49bc-9ee4-2036b1499f28) -- C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0006.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_e70e3a79-1da6-47e0-a93a-2366de83597d) -- C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0005.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (LMIRescue_ea12e1ca-77c2-45ea-a3e6-ed8e18c08b69) -- C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0004.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_0e3fbcc9-499d-4383-9a4d-8f9de0582633) -- C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0003.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_25efa157-0bf7-422c-8c9e-11820b0bddfa) -- C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0002.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_f0557919-9c33-47c3-9d09-09b1244b2f5f) -- C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (VideoAcceleratorService) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe (SpeedBit Ltd.)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (aswMBR) -- C:\DOCUME~1\Paul_2\LOCALS~1\Temp\aswMBR.sys File not found
DRV - (RapportIaso) -- c:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys (Trusteer Ltd.)
DRV - (RapportCerberus_59849) -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys ()
DRV - (RapportEI) -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys (Trusteer Ltd.)
DRV - (RapportPG) -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)
DRV - (RapportKELL) -- C:\WINDOWS\system32\drivers\RapportKELL.sys (Trusteer Ltd.)
DRV - (Avgdiskx) -- C:\WINDOWS\system32\drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\WINDOWS\system32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\WINDOWS\system32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-se...122147&tsp=4951
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 14 C4 D8 9E 58 A1 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\daplinkchecker@speedbit.com: C:\Program Files\DAP\daplinkchecker [2012/10/17 00:23:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/10/25 00:11:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/07/14 15:34:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/07/14 15:34:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/10/25 00:11:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2012/10/17 00:23:33 | 000,000,000 | ---D | M]
[2013/07/13 21:46:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Paul_2\Application Data\Mozilla\Extensions
[2013/11/02 18:27:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/11/02 18:27:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/02 18:28:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2012/11/19 22:12:34 | 000,444,743 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15277 more lines...
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - No CLSID value found.
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll (Speedbit Ltd.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (SBCONVERT Class) - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files\SpeedBit Video Downloader\TBUE5\tbcore3.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SpeedBit Video Downloader\TBUE5\Grabber.dll (SPEEDbit)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\TBUE5\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_8_800_168_Plugin.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1349191978390 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BCCFDC7E-C44D-4C7C-8F3A-86869B58B6B8}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No CLSID value found.
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/24 16:44:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.divx - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.vp60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 10
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 10
========== Files/Folders - Created Within 30 Days ==========
[2013/11/02 19:07:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Paul_2\Desktop\OTL.exe
[2013/11/02 18:27:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/02 18:15:15 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Paul_2\Desktop\aswMBR.exe
[2013/10/23 00:02:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Paul_2\Desktop\Old Firefox Data
[2013/10/21 00:51:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Paul_2\My Documents\1366568217
[2013/10/18 19:57:51 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/10/18 19:57:51 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/10/18 19:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2013/10/18 19:57:16 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/10/18 19:57:16 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/10/18 19:57:16 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/10/17 15:04:56 | 000,108,816 | ---- | C] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2013/10/12 20:41:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/10/09 23:08:59 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2013/10/09 23:08:49 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2013/10/09 21:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Paul_2\Application Data\AVG2014
[2013/10/09 20:53:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2013/10/09 20:48:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\Avg2014
[2013/10/09 11:24:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidparse.sys
[2013/10/09 11:24:17 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2013/10/09 11:24:10 | 000,026,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2013/10/09 11:23:23 | 000,144,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbport.sys
[2013/10/09 11:23:23 | 000,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2013/10/09 11:23:23 | 000,030,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbehci.sys
[2013/10/09 11:23:23 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbd.sys
[2013/10/07 19:42:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Paul_2\Recent
[2012/10/01 14:48:38 | 048,745,576 | ---- | C] (Safer-Networking Ltd. ) -- C:\Program Files\spybotsd-2.0.10-rc2.exe
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Paul_2\*.tmp files -> C:\Documents and Settings\Paul_2\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/11/02 19:07:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Paul_2\Desktop\OTL.exe
[2013/11/02 19:00:15 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/11/02 18:52:12 | 000,000,499 | ---- | M] () -- C:\Documents and Settings\Paul_2\Desktop\MBR.zip
[2013/11/02 18:40:23 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Paul_2\Desktop\MBR.dat
[2013/11/02 18:15:15 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Paul_2\Desktop\aswMBR.exe
[2013/11/02 17:00:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/02 17:00:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/31 16:13:00 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B4DD41ED-D92A-4751-8FBA-5EC5BF6021DA}.job
[2013/10/31 15:47:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/31 15:39:43 | 000,000,620 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013/10/31 15:39:43 | 000,000,476 | ---- | M] () -- C:\WINDOWS\tasks\AVG_REG_0913b.job
[2013/10/31 15:39:43 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\AVG_SYS_TASK_DELETE.job
[2013/10/31 15:39:42 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Express FilesUpdate.job
[2013/10/31 15:39:42 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1005.job
[2013/10/31 15:39:41 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1007.job
[2013/10/31 15:39:41 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1005.job
[2013/10/31 15:39:39 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1006.job
[2013/10/31 15:39:37 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\ROC_REG_JAN.job
[2013/10/31 15:39:37 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1009.job
[2013/10/31 15:39:37 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1007.job
[2013/10/30 23:10:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/10/30 23:07:37 | 000,071,900 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/10/24 01:02:01 | 000,078,848 | ---- | M] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/10/23 21:09:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1993962763-362288127-1177238915-1007.job
[2013/10/22 23:30:00 | 000,000,616 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013/10/21 13:52:22 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1993962763-362288127-1177238915-1005.job
[2013/10/17 15:04:56 | 000,108,816 | ---- | M] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2013/10/17 11:33:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/10/16 20:31:12 | 000,001,106 | ---- | M] () -- C:\Documents and Settings\Paul_2\Desktop\My DAP Downloads.lnk
[2013/10/16 20:26:03 | 016,200,397 | ---- | M] () -- C:\Documents and Settings\Paul_2\My Documents\PLVR-895 cam 19082012.flv
[2013/10/16 20:21:50 | 021,371,405 | ---- | M] () -- C:\Documents and Settings\Paul_2\My Documents\PLVR-show_2899126741_1371750122306_external.flv
[2013/10/15 21:25:00 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1993962763-362288127-1177238915-1009.job
[2013/10/12 20:41:08 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
[2013/10/10 20:22:07 | 000,234,163 | ---- | M] () -- C:\Documents and Settings\Paul_2\My Documents\VAT Exemption form_MarconMedical.pdf
[2013/10/09 20:25:08 | 000,121,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/10/09 16:50:41 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/10/08 06:50:41 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/10/08 06:46:52 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/10/08 06:46:47 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/10/08 06:46:23 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/10/08 06:29:36 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Paul_2\*.tmp files -> C:\Documents and Settings\Paul_2\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/11/02 18:42:39 | 000,000,499 | ---- | C] () -- C:\Documents and Settings\Paul_2\Desktop\MBR.zip
[2013/11/02 18:40:22 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Paul_2\Desktop\MBR.dat
[2013/10/21 13:44:27 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1993962763-362288127-1177238915-1005.job
[2013/10/21 13:44:26 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1993962763-362288127-1177238915-1005.job
[2013/10/16 20:24:50 | 016,200,397 | ---- | C] () -- C:\Documents and Settings\Paul_2\My Documents\PLVR-895 cam 19082012.flv
[2013/10/16 20:20:18 | 021,371,405 | ---- | C] () -- C:\Documents and Settings\Paul_2\My Documents\PLVR-show_2899126741_1371750122306_external.flv
[2013/10/10 20:22:07 | 000,234,163 | ---- | C] () -- C:\Documents and Settings\Paul_2\My Documents\VAT Exemption form_MarconMedical.pdf
[2013/10/09 20:56:59 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
[2013/10/09 16:33:55 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/01/23 22:33:35 | 000,026,900 | ---- | C] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\dt.dat
[2013/01/22 21:13:34 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/25 00:03:39 | 000,172,507 | ---- | C] () -- C:\WINDOWS\hpoins38.dat
[2012/10/25 00:03:39 | 000,000,548 | ---- | C] () -- C:\WINDOWS\hpomdl38.dat
[2012/10/04 12:33:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/10/04 12:28:36 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2012/10/01 15:35:23 | 000,000,961 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/10/01 01:12:03 | 000,069,780 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sjpsusgqpvupxbp
[2012/09/29 00:05:43 | 000,006,464 | ---- | C] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\chromeupdate.crx
[2012/08/16 21:57:30 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\jejtrhljsoaszej
[2012/06/03 20:20:13 | 000,161,744 | ---- | C] () -- C:\Program Files\0cres.dll
[2012/02/16 22:10:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/02 01:06:22 | 000,109,216 | ---- | C] () -- C:\WINDOWS\System32\EasyHook64.dll
[2011/12/02 01:06:21 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\EasyHook32.dll
[2011/06/10 21:46:52 | 000,078,848 | ---- | C] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/20 19:00:52 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\FASTWiz.html
========== ZeroAccess Check ==========
[2010/12/09 15:15:09 | 000,002,048 | -HS- | M] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\{723ef22e-f32d-2ba4-3345-6802360e9c88}\@
[2012/07/05 20:10:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\{723ef22e-f32d-2ba4-3345-6802360e9c88}\L
[2013/05/25 22:32:28 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\{723ef22e-f32d-2ba4-3345-6802360e9c88}\U
[2012/07/06 21:36:12 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Paul_2\Local Settings\Application Data\{723ef22e-f32d-2ba4-3345-6802360e9c88}\L\00000004.@
[2011/09/29 20:42:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"ThreadingModel" = Both
"" = C:\Documents and Settings\Paul_2\Local Settings\Application Data\{723ef22e-f32d-2ba4-3345-6802360e9c88}\n.
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 12:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010/09/24 20:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2012/10/25 00:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG
[2013/09/27 22:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG 0913b Campaign
[2013/01/21 10:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign
[2013/10/10 17:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/10/09 20:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2012/10/03 16:56:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/10/01 01:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ikfakadekhjzsrb
[2010/11/04 12:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2010/11/04 12:39:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2013/10/31 15:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/10/01 01:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nppbhtenxgrgcaf
[2011/09/29 20:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2012/10/17 00:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2013/08/17 16:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2013/10/16 20:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/07/15 18:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2011/12/29 21:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Audacity
[2012/10/17 21:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\AVG
[2013/10/09 21:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\AVG2014
[2013/08/17 15:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Betcat
[2012/03/24 22:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\FreeFLVConverter
[2012/07/05 09:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Hooc
[2011/06/15 18:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\OpenOffice.org
[2012/03/29 21:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\SanDisk
[2011/06/20 20:19:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Systweak
[2011/11/04 17:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\TeamViewer
[2011/12/02 01:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Toolbar4
[2012/07/04 23:19:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Toziiz
[2013/04/26 20:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\TuneUp Software
[2012/10/17 21:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Usenet.nl
[2012/07/04 23:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Paul_2\Application Data\Yxxy
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.EXE >
[2008/04/14 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2012/08/30 13:11:18 | 003,694,616 | ---- | M] (Safer-Networking Ltd.) MD5=F285BBA4744BA4CCF351E415464D4B6B -- C:\Program Files\Spybot - Search & Destroy 2\explorer.exe
< MD5 for: EXPLORER.EXE-082F38A9.PF >
[2013/10/31 15:40:53 | 000,101,542 | ---- | M] () MD5=35E9C1726209379473BD8E3EF1FCFDB7 -- C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
< MD5 for: EXPLORER.SCF >
[2008/04/14 12:00:00 | 000,000,080 | ---- | M] () MD5=A3975A7D2C98B30A2AE010754FFB9392 -- C:\WINDOWS\explorer.scf
< MD5 for: IEXPLORE.CHM >
[2009/02/21 00:21:24 | 000,529,818 | ---- | M] () MD5=1435F4731719DF5F57D17DC38196245D -- C:\WINDOWS\Help\iexplore.chm
[2008/04/14 12:00:00 | 000,204,810 | ---- | M] () MD5=60858526AAD1CC55F5F0055B8E3B66FE -- C:\WINDOWS\ie8\iexplore.chm
< MD5 for: IEXPLORE.CHW >
[2010/11/05 12:50:03 | 000,153,185 | ---- | M] () MD5=B76FC8B4841992C75252A18618598717 -- C:\WINDOWS\Help\iexplore.chw
< MD5 for: IEXPLORE.EXE >
[2008/04/14 12:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=55794B97A7FAABD2910873C85274F409 -- C:\WINDOWS\ie8\iexplore.exe
[2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\system32\dllcache\iexplore.exe
< MD5 for: IEXPLORE.EXE.1000.HTML >
[2013/08/03 10:35:35 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1000.html
< MD5 for: IEXPLORE.EXE.1036.HTML >
[2013/04/29 10:06:45 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1036.html
< MD5 for: IEXPLORE.EXE.1092.HTML >
[2013/03/07 13:27:24 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1092.html
< MD5 for: IEXPLORE.EXE.1100.HTML >
[2013/03/04 10:58:42 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1100.html
< MD5 for: IEXPLORE.EXE.1160.HTML >
[2013/04/23 11:28:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1160.html
< MD5 for: IEXPLORE.EXE.1212.HTML >
[2013/02/22 13:08:34 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1212.html
< MD5 for: IEXPLORE.EXE.1224.HTML >
[2013/04/29 17:17:31 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1224.html
< MD5 for: IEXPLORE.EXE.1256.HTML >
[2013/05/02 09:44:05 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1256.html
< MD5 for: IEXPLORE.EXE.1264.HTML >
[2013/02/11 11:36:52 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1264.html
< MD5 for: IEXPLORE.EXE.1328.HTML >
[2013/03/06 13:05:49 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1328.html
< MD5 for: IEXPLORE.EXE.1332.HTML >
[2013/02/23 12:43:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1332.html
< MD5 for: IEXPLORE.EXE.1336.HTML >
[2013/08/10 10:25:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1336.html
< MD5 for: IEXPLORE.EXE.1384.HTML >
[2013/02/19 11:31:25 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1384.html
< MD5 for: IEXPLORE.EXE.1400.HTML >
[2013/03/13 10:33:26 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1400.html
< MD5 for: IEXPLORE.EXE.1416.HTML >
[2013/02/28 13:28:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1416.html
< MD5 for: IEXPLORE.EXE.1424.HTML >
[2013/07/12 16:18:56 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1424.html
< MD5 for: IEXPLORE.EXE.1444.HTML >
[2013/03/06 13:54:24 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1444.html
< MD5 for: IEXPLORE.EXE.1452.HTML >
[2013/06/11 10:58:07 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1452.html
< MD5 for: IEXPLORE.EXE.1532.HTML >
[2013/03/04 12:56:18 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1532.html
< MD5 for: IEXPLORE.EXE.1536.HTML >
[2013/02/11 11:20:16 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1536.html
< MD5 for: IEXPLORE.EXE.1612.HTML >
[2013/06/08 10:39:09 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1612.html
< MD5 for: IEXPLORE.EXE.1620.HTML >
[2013/04/29 10:06:38 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1620.html
< MD5 for: IEXPLORE.EXE.1636.HTML >
[2013/03/04 11:30:59 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1636.html
< MD5 for: IEXPLORE.EXE.164.HTML >
[2013/04/23 11:44:59 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.164.html
< MD5 for: IEXPLORE.EXE.1688.HTML >
[2013/02/19 11:21:12 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1688.html
< MD5 for: IEXPLORE.EXE.1720.HTML >
[2013/03/04 10:58:40 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1720.html
< MD5 for: IEXPLORE.EXE.1780.HTML >
[2013/05/23 12:53:58 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1780.html
< MD5 for: IEXPLORE.EXE.1800.HTML >
[2013/03/27 12:49:51 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1800.html
< MD5 for: IEXPLORE.EXE.1848.HTML >
[2013/03/22 13:23:06 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1848.html
< MD5 for: IEXPLORE.EXE.1864.HTML >
[2013/04/29 11:48:10 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1864.html
< MD5 for: IEXPLORE.EXE.1888.HTML >
[2013/03/06 10:43:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1888.html
< MD5 for: IEXPLORE.EXE.1892.HTML >
[2013/03/27 12:21:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1892.html
< MD5 for: IEXPLORE.EXE.1896.HTML >
[2013/03/22 12:20:58 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1896.html
< MD5 for: IEXPLORE.EXE.1916.HTML >
[2013/02/19 11:28:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.1916.html
< MD5 for: IEXPLORE.EXE.1940.HTML >
[2013/03/27 12:21:48 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1940.html
< MD5 for: IEXPLORE.EXE.1948.HTML >
[2013/06/03 12:12:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1948.html
< MD5 for: IEXPLORE.EXE.1976.HTML >
[2013/06/03 12:03:41 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1976.html
< MD5 for: IEXPLORE.EXE.1988.HTML >
[2013/06/08 08:56:59 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.1988.html
< MD5 for: IEXPLORE.EXE.2008.HTML >
[2013/03/22 12:20:12 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2008.html
< MD5 for: IEXPLORE.EXE.2076.HTML >
[2013/03/06 13:21:49 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2076.html
< MD5 for: IEXPLORE.EXE.208.HTML >
[2013/07/20 12:27:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.208.html
< MD5 for: IEXPLORE.EXE.2084.HTML >
[2013/07/23 09:16:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2084.html
< MD5 for: IEXPLORE.EXE.2088.HTML >
[2013/03/04 11:52:31 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2088.html
< MD5 for: IEXPLORE.EXE.2104.HTML >
[2013/02/25 09:55:40 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2104.html
< MD5 for: IEXPLORE.EXE.2112.HTML >
[2013/07/23 09:12:23 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2112.html
< MD5 for: IEXPLORE.EXE.212.HTML >
[2013/03/07 14:12:09 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.212.html
< MD5 for: IEXPLORE.EXE.2144.HTML >
[2013/04/02 10:13:45 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2144.html
< MD5 for: IEXPLORE.EXE.2204.HTML >
[2013/05/29 10:24:06 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2204.html
< MD5 for: IEXPLORE.EXE.2216.HTML >
[2013/06/21 09:59:46 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2216.html
< MD5 for: IEXPLORE.EXE.2220.HTML >
[2013/02/28 13:45:07 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2220.html
< MD5 for: IEXPLORE.EXE.2236.HTML >
[2013/02/09 11:25:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2236.html
< MD5 for: IEXPLORE.EXE.2276.HTML >
[2013/04/29 18:31:17 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2276.html
< MD5 for: IEXPLORE.EXE.2284.HTML >
[2013/03/22 11:52:00 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2284.html
< MD5 for: IEXPLORE.EXE.2292.HTML >
[2013/06/11 11:01:26 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2292.html
< MD5 for: IEXPLORE.EXE.2304.HTML >
[2013/02/11 11:18:47 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2304.html
< MD5 for: IEXPLORE.EXE.2316.HTML >
[2013/03/04 11:29:26 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2316.html
< MD5 for: IEXPLORE.EXE.2344.HTML >
[2013/04/02 10:37:26 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2344.html
< MD5 for: IEXPLORE.EXE.236.HTML >
[2013/07/12 16:21:21 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.236.html
< MD5 for: IEXPLORE.EXE.2360.HTML >
[2013/06/26 10:04:36 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2360.html
< MD5 for: IEXPLORE.EXE.2388.HTML >
[2013/03/16 13:27:05 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2388.html
< MD5 for: IEXPLORE.EXE.2404.HTML >
[2013/04/29 18:31:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2404.html
< MD5 for: IEXPLORE.EXE.2412.HTML >
[2013/06/03 12:03:25 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2412.html
< MD5 for: IEXPLORE.EXE.2420.HTML >
[2013/03/07 11:12:22 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2420.html
< MD5 for: IEXPLORE.EXE.2424.HTML >
[2013/05/09 10:21:07 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2424.html
< MD5 for: IEXPLORE.EXE.2452.HTML >
[2013/05/13 11:41:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2452.html
< MD5 for: IEXPLORE.EXE.2460.HTML >
[2013/03/04 11:31:04 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2460.html
< MD5 for: IEXPLORE.EXE.2468.HTML >
[2013/03/04 11:52:01 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2468.html
< MD5 for: IEXPLORE.EXE.2472.HTML >
[2013/08/03 12:23:05 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2472.html
< MD5 for: IEXPLORE.EXE.2476.HTML >
[2013/03/04 10:59:35 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2476.html
< MD5 for: IEXPLORE.EXE.2492.HTML >
[2013/03/07 11:19:38 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2492.html
< MD5 for: IEXPLORE.EXE.2500.HTML >
[2013/04/02 10:37:28 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2500.html
< MD5 for: IEXPLORE.EXE.2512.HTML >
[2013/04/09 12:02:06 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2512.html
< MD5 for: IEXPLORE.EXE.2524.HTML >
[2013/03/04 11:54:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2524.html
< MD5 for: IEXPLORE.EXE.2528.HTML >
[2013/06/03 12:05:34 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2528.html
< MD5 for: IEXPLORE.EXE.2532.HTML >
[2013/02/23 12:49:41 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2532.html
< MD5 for: IEXPLORE.EXE.2552.HTML >
[2013/03/07 11:12:10 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2552.html
< MD5 for: IEXPLORE.EXE.2556.HTML >
[2013/02/15 13:39:59 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2556.html
< MD5 for: IEXPLORE.EXE.2568.HTML >
[2013/02/11 12:30:12 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2568.html
< MD5 for: IEXPLORE.EXE.2576.HTML >
[2013/08/11 10:06:14 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2576.html
< MD5 for: IEXPLORE.EXE.2592.HTML >
[2013/05/27 11:24:36 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2592.html
< MD5 for: IEXPLORE.EXE.2596.HTML >
[2013/08/14 12:00:36 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2596.html
< MD5 for: IEXPLORE.EXE.2600.HTML >
[2013/04/04 12:53:08 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2600.html
< MD5 for: IEXPLORE.EXE.2604.HTML >
[2013/05/09 12:13:19 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2604.html
< MD5 for: IEXPLORE.EXE.2624.HTML >
[2013/06/21 09:49:04 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2624.html
< MD5 for: IEXPLORE.EXE.2632.HTML >
[2013/03/02 09:55:20 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2632.html
< MD5 for: IEXPLORE.EXE.2648.HTML >
[2013/03/13 10:23:11 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2648.html
< MD5 for: IEXPLORE.EXE.2668.HTML >
[2013/03/22 13:23:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2668.html
< MD5 for: IEXPLORE.EXE.2672.HTML >
[2013/03/02 11:00:37 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2672.html
< MD5 for: IEXPLORE.EXE.2692.HTML >
[2013/05/18 11:20:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2692.html
< MD5 for: IEXPLORE.EXE.2700.HTML >
[2013/02/25 09:55:18 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2700.html
< MD5 for: IEXPLORE.EXE.272.HTML >
[2013/06/11 10:55:18 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.272.html
< MD5 for: IEXPLORE.EXE.2720.HTML >
[2013/02/12 10:26:57 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2720.html
< MD5 for: IEXPLORE.EXE.2740.HTML >
[2013/03/02 09:52:05 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2740.html
< MD5 for: IEXPLORE.EXE.2788.HTML >
[2013/05/29 10:44:57 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2788.html
< MD5 for: IEXPLORE.EXE.2800.HTML >
[2013/06/26 09:24:10 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2800.html
< MD5 for: IEXPLORE.EXE.2824.HTML >
[2013/03/27 12:21:45 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2824.html
< MD5 for: IEXPLORE.EXE.2852.HTML >
[2013/04/30 10:04:37 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2852.html
< MD5 for: IEXPLORE.EXE.2860.HTML >
[2013/06/08 08:44:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2860.html
< MD5 for: IEXPLORE.EXE.2876.HTML >
[2013/03/27 12:21:27 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2876.html
< MD5 for: IEXPLORE.EXE.2884.HTML >
[2013/05/29 10:45:04 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2884.html
< MD5 for: IEXPLORE.EXE.2892.HTML >
[2013/04/15 11:22:30 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2892.html
< MD5 for: IEXPLORE.EXE.2904.HTML >
[2013/08/11 10:06:16 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2904.html
< MD5 for: IEXPLORE.EXE.2908.HTML >
[2013/03/23 12:28:33 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2908.html
< MD5 for: IEXPLORE.EXE.2912.HTML >
[2013/05/29 10:45:16 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2912.html
< MD5 for: IEXPLORE.EXE.2916.HTML >
[2013/04/30 10:04:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2916.html
< MD5 for: IEXPLORE.EXE.2924.HTML >
[2013/07/23 10:15:29 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2924.html
< MD5 for: IEXPLORE.EXE.2948.HTML >
[2013/02/25 14:03:50 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2948.html
< MD5 for: IEXPLORE.EXE.2964.HTML >
[2013/06/03 12:12:53 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2964.html
< MD5 for: IEXPLORE.EXE.2976.HTML >
[2013/03/22 12:42:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2976.html
< MD5 for: IEXPLORE.EXE.2980.HTML >
[2013/04/02 11:11:09 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.2980.html
< MD5 for: IEXPLORE.EXE.2984.HTML >
[2013/02/28 09:28:54 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.2984.html
< MD5 for: IEXPLORE.EXE.3028.HTML >
[2013/05/09 12:12:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3028.html
< MD5 for: IEXPLORE.EXE.3032.HTML >
[2013/02/14 10:44:59 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3032.html
< MD5 for: IEXPLORE.EXE.3068.HTML >
[2013/04/09 11:59:24 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3068.html
< MD5 for: IEXPLORE.EXE.3088.HTML >
[2013/02/09 13:20:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3088.html
< MD5 for: IEXPLORE.EXE.3092.HTML >
[2013/03/13 10:25:14 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3092.html
< MD5 for: IEXPLORE.EXE.3100.HTML >
[2013/07/12 16:22:23 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3100.html
< MD5 for: IEXPLORE.EXE.3104.HTML >
[2013/06/21 09:59:47 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3104.html
< MD5 for: IEXPLORE.EXE.3148.HTML >
[2013/07/23 10:03:14 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3148.html
< MD5 for: IEXPLORE.EXE.3160.HTML >
[2013/04/06 10:18:47 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3160.html
< MD5 for: IEXPLORE.EXE.3164.HTML >
[2013/03/21 11:13:32 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3164.html
< MD5 for: IEXPLORE.EXE.3176.HTML >
[2013/07/17 11:34:05 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3176.html
< MD5 for: IEXPLORE.EXE.3192.HTML >
[2013/07/17 11:34:02 | 000,003,231 | ---- | M] () MD5=8E4CD62DAB5825EB1AE43F6CB123FB28 -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3192.html
< MD5 for: IEXPLORE.EXE.3212.HTML >
[2013/05/31 13:12:14 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3212.html
< MD5 for: IEXPLORE.EXE.3228.HTML >
[2013/04/03 12:45:26 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3228.html
< MD5 for: IEXPLORE.EXE.3236.HTML >
[2013/03/12 16:50:44 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3236.html
< MD5 for: IEXPLORE.EXE.324.HTML >
[2013/02/16 13:56:23 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.324.html
< MD5 for: IEXPLORE.EXE.3244.HTML >
[2013/03/04 11:58:10 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3244.html
< MD5 for: IEXPLORE.EXE.3268.HTML >
[2013/03/18 11:13:33 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3268.html
< MD5 for: IEXPLORE.EXE.328.HTML >
[2013/03/18 11:13:42 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.328.html
< MD5 for: IEXPLORE.EXE.3284.HTML >
[2013/03/04 11:00:42 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3284.html
< MD5 for: IEXPLORE.EXE.3288.HTML >
[2013/02/12 11:16:52 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3288.html
< MD5 for: IEXPLORE.EXE.3296.HTML >
[2013/05/02 09:35:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3296.html
< MD5 for: IEXPLORE.EXE.3300.HTML >
[2013/07/12 16:18:47 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3300.html
< MD5 for: IEXPLORE.EXE.3304.HTML >
[2013/03/22 12:42:43 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3304.html
< MD5 for: IEXPLORE.EXE.3308.HTML >
[2013/03/14 13:28:19 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3308.html
< MD5 for: IEXPLORE.EXE.3316.HTML >
[2013/02/14 10:44:52 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3316.html
< MD5 for: IEXPLORE.EXE.332.HTML >
[2013/02/06 17:31:17 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.332.html
< MD5 for: IEXPLORE.EXE.3320.HTML >
[2013/06/11 11:23:15 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3320.html
< MD5 for: IEXPLORE.EXE.3324.HTML >
[2013/05/27 11:34:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3324.html
< MD5 for: IEXPLORE.EXE.3328.HTML >
[2013/06/21 09:48:59 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3328.html
< MD5 for: IEXPLORE.EXE.3336.HTML >
[2013/06/08 08:52:04 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3336.html
< MD5 for: IEXPLORE.EXE.3348.HTML >
[2013/04/23 11:50:48 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3348.html
< MD5 for: IEXPLORE.EXE.3368.HTML >
[2013/05/09 10:19:25 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3368.html
< MD5 for: IEXPLORE.EXE.3376.HTML >
[2013/03/04 11:58:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3376.html
< MD5 for: IEXPLORE.EXE.3388.HTML >
[2013/06/11 11:00:22 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3388.html
< MD5 for: IEXPLORE.EXE.3396.HTML >
[2013/05/29 11:11:09 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3396.html
< MD5 for: IEXPLORE.EXE.3400.HTML >
[2013/03/04 11:00:47 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3400.html
< MD5 for: IEXPLORE.EXE.3416.HTML >
[2013/03/20 13:51:48 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3416.html
< MD5 for: IEXPLORE.EXE.3428.HTML >
[2013/02/09 11:30:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3428.html
< MD5 for: IEXPLORE.EXE.3432.HTML >
[2013/06/11 11:00:16 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3432.html
< MD5 for: IEXPLORE.EXE.3436.HTML >
[2013/02/22 11:53:26 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3436.html
< MD5 for: IEXPLORE.EXE.344.HTML >
[2013/05/29 10:45:09 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.344.html
< MD5 for: IEXPLORE.EXE.3448.HTML >
[2013/02/15 11:10:35 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3448.html
< MD5 for: IEXPLORE.EXE.3476.HTML >
[2013/04/08 10:14:32 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3476.html
< MD5 for: IEXPLORE.EXE.3484.HTML >
[2013/03/22 12:14:47 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3484.html
< MD5 for: IEXPLORE.EXE.3488.HTML >
[2013/03/20 13:42:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3488.html
< MD5 for: IEXPLORE.EXE.3492.HTML >
[2013/03/06 13:53:37 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3492.html
< MD5 for: IEXPLORE.EXE.3512.HTML >
[2013/02/17 21:37:39 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3512.html
< MD5 for: IEXPLORE.EXE.3544.HTML >
[2013/03/30 13:31:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3544.html
< MD5 for: IEXPLORE.EXE.3548.HTML >
[2013/06/08 08:53:33 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3548.html
< MD5 for: IEXPLORE.EXE.3572.HTML >
[2013/04/29 11:48:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3572.html
< MD5 for: IEXPLORE.EXE.3600.HTML >
[2013/03/07 14:12:19 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3600.html
< MD5 for: IEXPLORE.EXE.3604.HTML >
[2013/06/03 12:04:41 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3604.html
< MD5 for: IEXPLORE.EXE.3624.HTML >
[2013/04/30 10:04:48 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3624.html
< MD5 for: IEXPLORE.EXE.3632.HTML >
[2013/02/18 13:29:26 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3632.html
< MD5 for: IEXPLORE.EXE.3648.HTML >
[2013/07/23 09:34:58 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3648.html
< MD5 for: IEXPLORE.EXE.3660.HTML >
[2013/08/11 10:06:00 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3660.html
< MD5 for: IEXPLORE.EXE.3664.HTML >
[2013/05/18 11:20:00 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3664.html
< MD5 for: IEXPLORE.EXE.3668.HTML >
[2013/08/11 10:41:39 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3668.html
< MD5 for: IEXPLORE.EXE.3676.HTML >
[2013/07/17 11:34:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3676.html
< MD5 for: IEXPLORE.EXE.368.HTML >
[2013/02/22 13:08:37 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.368.html
< MD5 for: IEXPLORE.EXE.3680.HTML >
[2013/02/23 11:17:59 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3680.html
< MD5 for: IEXPLORE.EXE.3708.HTML >
[2013/08/11 10:50:58 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3708.html
< MD5 for: IEXPLORE.EXE.3720.HTML >
[2013/03/06 13:09:14 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3720.html
< MD5 for: IEXPLORE.EXE.3736.HTML >
[2013/02/28 13:28:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3736.html
< MD5 for: IEXPLORE.EXE.3740.HTML >
[2013/02/20 20:38:50 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3740.html
< MD5 for: IEXPLORE.EXE.3744.HTML >
[2013/02/19 11:31:27 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3744.html
< MD5 for: IEXPLORE.EXE.3756.HTML >
[2013/06/08 08:45:57 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3756.html
< MD5 for: IEXPLORE.EXE.376.HTML >
[2013/03/04 10:59:27 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.376.html
< MD5 for: IEXPLORE.EXE.3760.HTML >
[2013/05/13 11:41:57 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3760.html
< MD5 for: IEXPLORE.EXE.3764.HTML >
[2013/08/10 10:26:29 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3764.html
< MD5 for: IEXPLORE.EXE.3768.HTML >
[2013/05/13 11:01:38 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3768.html
< MD5 for: IEXPLORE.EXE.3792.HTML >
[2013/07/20 12:05:24 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3792.html
< MD5 for: IEXPLORE.EXE.3796.HTML >
[2013/05/09 12:13:15 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3796.html
< MD5 for: IEXPLORE.EXE.3800.HTML >
[2013/03/21 13:29:07 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3800.html
< MD5 for: IEXPLORE.EXE.3816.HTML >
[2013/03/20 13:51:48 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3816.html
< MD5 for: IEXPLORE.EXE.3836.HTML >
[2013/03/06 13:54:37 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3836.html
< MD5 for: IEXPLORE.EXE.3844.HTML >
[2013/06/08 08:45:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3844.html
< MD5 for: IEXPLORE.EXE.3848.HTML >
[2013/03/02 10:55:38 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3848.html
< MD5 for: IEXPLORE.EXE.3864.HTML >
[2013/04/02 10:13:55 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3864.html
< MD5 for: IEXPLORE.EXE.3888.HTML >
[2013/03/07 11:13:07 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3888.html
< MD5 for: IEXPLORE.EXE.3892.HTML >
[2013/03/09 12:08:58 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3892.html
< MD5 for: IEXPLORE.EXE.3900.HTML >
[2013/07/20 12:02:21 | 000,003,231 | ---- | M] () MD5=8E4CD62DAB5825EB1AE43F6CB123FB28 -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3900.html
< MD5 for: IEXPLORE.EXE.3904.HTML >
[2013/02/12 12:16:25 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3904.html
< MD5 for: IEXPLORE.EXE.3912.HTML >
[2013/04/30 09:23:19 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3912.html
< MD5 for: IEXPLORE.EXE.3916.HTML >
[2013/02/23 13:37:44 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3916.html
< MD5 for: IEXPLORE.EXE.3920.HTML >
[2013/02/12 10:25:16 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3920.html
< MD5 for: IEXPLORE.EXE.3936.HTML >
[2013/03/06 13:17:53 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3936.html
< MD5 for: IEXPLORE.EXE.3940.HTML >
[2013/02/25 09:54:57 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.3940.html
< MD5 for: IEXPLORE.EXE.3948.HTML >
[2013/04/23 11:50:50 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3948.html
< MD5 for: IEXPLORE.EXE.3952.HTML >
[2013/02/22 11:45:21 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3952.html
< MD5 for: IEXPLORE.EXE.3984.HTML >
[2013/05/29 10:44:36 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.3984.html
< MD5 for: IEXPLORE.EXE.4008.HTML >
[2013/03/06 13:09:06 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4008.html
< MD5 for: IEXPLORE.EXE.4024.HTML >
[2013/03/06 13:21:40 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4024.html
< MD5 for: IEXPLORE.EXE.4036.HTML >
[2013/05/09 10:26:29 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4036.html
< MD5 for: IEXPLORE.EXE.4044.HTML >
[2013/03/09 12:10:58 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4044.html
< MD5 for: IEXPLORE.EXE.4048.HTML >
[2013/07/10 11:18:45 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4048.html
< MD5 for: IEXPLORE.EXE.4052.HTML >
[2013/06/11 10:57:49 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4052.html
< MD5 for: IEXPLORE.EXE.4068.HTML >
[2013/07/08 11:00:41 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4068.html
< MD5 for: IEXPLORE.EXE.4072.HTML >
[2013/02/23 11:00:27 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4072.html
< MD5 for: IEXPLORE.EXE.408.HTML >
[2013/02/12 11:18:52 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.408.html
< MD5 for: IEXPLORE.EXE.4120.HTML >
[2013/08/14 12:04:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4120.html
< MD5 for: IEXPLORE.EXE.4196.HTML >
[2013/03/27 14:01:54 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4196.html
< MD5 for: IEXPLORE.EXE.4204.HTML >
[2013/04/06 11:21:12 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4204.html
< MD5 for: IEXPLORE.EXE.428.HTML >
[2013/06/03 12:18:25 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.428.html
< MD5 for: IEXPLORE.EXE.4348.HTML >
[2013/08/20 00:37:01 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.4348.html
< MD5 for: IEXPLORE.EXE.436.HTML >
[2013/02/25 09:56:12 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.436.html
< MD5 for: IEXPLORE.EXE.4432.HTML >
[2013/04/09 12:13:14 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4432.html
< MD5 for: IEXPLORE.EXE.448.HTML >
[2013/03/22 13:22:57 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.448.html
< MD5 for: IEXPLORE.EXE.456.HTML >
[2013/06/08 08:51:52 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.456.html
< MD5 for: IEXPLORE.EXE.4576.HTML >
[2013/04/15 11:22:23 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4576.html
< MD5 for: IEXPLORE.EXE.4668.HTML >
[2013/05/29 12:08:12 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4668.html
< MD5 for: IEXPLORE.EXE.4756.HTML >
[2013/04/02 10:48:35 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4756.html
< MD5 for: IEXPLORE.EXE.484.HTML >
[2013/04/17 12:46:09 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.484.html
< MD5 for: IEXPLORE.EXE.4864.HTML >
[2013/07/23 10:00:40 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4864.html
< MD5 for: IEXPLORE.EXE.4952.HTML >
[2013/08/03 12:23:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.4952.html
< MD5 for: IEXPLORE.EXE.5180.HTML >
[2013/04/17 12:31:54 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5180.html
< MD5 for: IEXPLORE.EXE.5260.HTML >
[2013/07/16 12:15:34 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5260.html
< MD5 for: IEXPLORE.EXE.528.HTML >
[2013/07/23 10:00:15 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.528.html
< MD5 for: IEXPLORE.EXE.5332.HTML >
[2013/07/20 12:27:09 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5332.html
< MD5 for: IEXPLORE.EXE.5400.HTML >
[2013/08/03 12:29:06 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5400.html
< MD5 for: IEXPLORE.EXE.5424.HTML >
[2013/07/23 10:15:36 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5424.html
< MD5 for: IEXPLORE.EXE.5472.HTML >
[2013/03/16 13:01:05 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5472.html
< MD5 for: IEXPLORE.EXE.5536.HTML >
[2013/08/03 10:36:39 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5536.html
< MD5 for: IEXPLORE.EXE.556.HTML >
[2013/04/29 18:31:13 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.556.html
< MD5 for: IEXPLORE.EXE.5600.HTML >
[2013/04/09 12:13:15 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5600.html
< MD5 for: IEXPLORE.EXE.5704.HTML >
[2013/08/03 12:01:54 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5704.html
< MD5 for: IEXPLORE.EXE.5712.HTML >
[2013/03/16 13:26:16 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5712.html
< MD5 for: IEXPLORE.EXE.5720.HTML >
[2013/04/08 12:30:48 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5720.html
< MD5 for: IEXPLORE.EXE.5728.HTML >
[2013/03/16 13:35:29 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5728.html
< MD5 for: IEXPLORE.EXE.5780.HTML >
[2013/04/09 11:59:24 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5780.html
< MD5 for: IEXPLORE.EXE.5876.HTML >
[2013/04/15 12:38:08 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5876.html
< MD5 for: IEXPLORE.EXE.5960.HTML >
[2013/07/23 10:15:39 | 000,002,154 | ---- | M] () MD5=2D593902F8766125827C41DE14F0D34F -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5960.html
< MD5 for: IEXPLORE.EXE.5964.HTML >
[2013/04/30 10:00:22 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5964.html
< MD5 for: IEXPLORE.EXE.5968.HTML >
[2013/07/17 11:27:51 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.5968.html
< MD5 for: IEXPLORE.EXE.6004.HTML >
[2013/04/06 10:18:53 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.6004.html
< MD5 for: IEXPLORE.EXE.6056.HTML >
[2013/07/20 12:05:10 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.6056.html
< MD5 for: IEXPLORE.EXE.652.HTML >
[2013/02/12 10:24:03 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.652.html
< MD5 for: IEXPLORE.EXE.660.HTML >
[2013/04/29 18:31:24 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.660.html
< MD5 for: IEXPLORE.EXE.672.HTML >
[2013/03/06 13:08:46 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.672.html
< MD5 for: IEXPLORE.EXE.684.HTML >
[2013/05/27 11:23:24 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.684.html
< MD5 for: IEXPLORE.EXE.692.HTML >
[2013/02/17 21:45:38 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.692.html
< MD5 for: IEXPLORE.EXE.708.HTML >
[2013/02/12 10:24:53 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.708.html
< MD5 for: IEXPLORE.EXE.712.HTML >
[2013/08/03 12:29:18 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.712.html
< MD5 for: IEXPLORE.EXE.752.HTML >
[2013/02/25 14:03:53 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.752.html
< MD5 for: IEXPLORE.EXE.7888.HTML >
[2013/07/23 10:03:07 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.7888.html
< MD5 for: IEXPLORE.EXE.820.HTML >
[2013/08/11 10:06:02 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.820.html
< MD5 for: IEXPLORE.EXE.932.HTML >
[2013/06/08 08:45:34 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.932.html
< MD5 for: IEXPLORE.EXE.940.HTML >
[2013/07/10 11:18:37 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\IEXPLORE.EXE.940.html
< MD5 for: IEXPLORE.EXE.952.HTML >
[2013/02/12 12:16:28 | 000,001,077 | ---- | M] () MD5=0A170ED6EBCB531315E62B64806C108E -- C:\Documents and Settings\Lynda\Local Settings\Temp\__skype_toolbar_v5_logs\html\iexplore.exe.952.html
< MD5 for: IEXPLORE.EXE.MUI >
[2009/03/08 13:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2009/03/08 13:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-27122324.PF >
[2013/10/30 23:28:52 | 000,049,912 | ---- | M] () MD5=54299400DE34F18E447C6BA9C4988488 -- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
< MD5 for: IEXPLORE.HLP >
[2008/04/14 12:00:00 | 000,180,335 | ---- | M] () MD5=3F19AF1B745140DAFAC6F78F561A3C62 -- C:\WINDOWS\Help\iexplore.hlp
< MD5 for: SERVICES >
[2008/04/14 12:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services
< MD5 for: SERVICES.EXE >
[2009/02/06 11:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
< MD5 for: SERVICES.LNK >
[2012/10/03 16:22:31 | 000,001,602 | ---- | M] () MD5=C7091E1FDBE9469597C725B7A0A100C7 -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk
< MD5 for: SERVICES.MSC >
[2008/04/14 12:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc
< MD5 for: SERVICES.RDB >
[2010/11/06 23:07:46 | 000,237,568 | ---- | M] () MD5=507957679AE4579C15D57FA741EA6FFA -- C:\Program Files\OpenOffice.org 3\URE\misc\services.rdb
[2010/11/06 23:07:06 | 005,539,328 | ---- | M] () MD5=F2B666905F7FDAA80C86A101A7DE62F9 -- C:\Program Files\OpenOffice.org 3\Basis\program\services.rdb
< MD5 for: SERVICES.SBS >
[2011/03/01 08:58:46 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files\Spybot - Search & Destroy 2\Includes\Services.sbs
[2013/07/16 12:21:30 | 000,034,818 | ---- | M] () MD5=E2ACBC77020C8D5CE97CA61D0D859A44 -- C:\Program Files\Spybot - Search & Destroy\Includes\Services.sbs
< MD5 for: WINLOGON.EXE >
[2008/04/14 12:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 12:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< %SYSTEMDRIVE%\*.* >
[2010/09/24 16:44:15 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013/04/03 18:24:37 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/09/24 16:44:15 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013/06/25 01:11:39 | 000,000,774 | ---- | M] () -- C:\drwtsn32.log
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 07:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 07:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 07:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 07:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 07:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 07:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 07:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 07:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 07:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 07:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 07:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2010/09/24 16:44:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/09/24 16:44:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 12:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/11/02 17:00:25 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2012/10/24 22:54:40 | 000,003,072 | -HS- | M] () -- C:\Thumbs.db
[2007/11/07 07:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 07:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 07:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
< %systemroot%\Fonts\*.com >
[2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2012/10/03 16:21:40 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 12:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2009/04/20 12:23:48 | 000,315,904 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpfpp70w.dll
[2008/07/06 10:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2011/09/10 10:24:23 | 000,161,744 | ---- | M] () -- C:\Program Files\0cres.dll
[2012/10/01 14:51:00 | 048,745,576 | ---- | M] (Safer-Networking Ltd. ) -- C:\Program Files\spybotsd-2.0.10-rc2.exe
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is DC69-A602
Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices
09/10/2013 16:57 <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\CCC
04/10/2012 12:31 <JUNCTION> 2.0.0.0__90ba9c70f846762e
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\CLI
04/10/2012 12:31 <JUNCTION> 2.0.0.0__90ba9c70f846762e
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote
09/10/2013 16:57 <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\LOG
04/10/2012 12:30 <JUNCTION> 2.0.3693.42530__90ba9c70f846762e
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\MOM
04/10/2012 12:31 <JUNCTION> 2.0.0.0__90ba9c70f846762e
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
6 Dir(s) 1,895,460,864 bytes free
< %systemroot%\System32\config\*.sav >
[2012/10/03 17:09:18 | 000,524,288 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012/10/03 15:53:31 | 000,524,288 | ---- | M] () -- C:\WINDOWS\System32\config\security.sav
[2012/10/03 17:09:18 | 025,427,968 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012/10/03 17:09:20 | 004,456,448 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2012/10/03 16:22:31 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
[2012/10/04 12:14:08 | 000,005,120 | -HS- | M] () -- C:\WINDOWS\system32\Thumbs.db
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/05/20 18:53:06 | 000,000,060 | -HS- | M] () -- C:\Documents and Settings\Paul_2\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2011/05/20 18:53:05 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Paul_2\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >
[2013/11/02 18:15:15 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Paul_2\Desktop\aswMBR.exe
[2013/11/02 19:07:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Paul_2\Desktop\OTL.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-10-13 21:03:49
========== Base Services ==========
SRV - [2008/04/14 12:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/14 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/14 12:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 13:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/14 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 12:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 17:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/14 12:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/14 12:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008/04/14 12:00:00 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/14 12:00:00 | 000,023,552 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/14 12:00:00 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/14 12:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/14 12:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 16:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 13:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/14 12:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/14 12:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 12:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/14 12:00:00 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/14 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/14 12:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/27 05:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/14 12:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 12:00:00 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/14 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/14 12:00:00 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/14 12:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/27 23:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/14 12:00:00 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/14 12:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/14 12:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/14 12:00:00 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/14 12:00:00 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/14 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
No service found with a name of Wmi
SRV - [2008/04/14 12:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/14 12:00:00 | 000,483,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 06:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
========== Drive Information ==========
Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: ST3160811AS
Partitions: 1
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 149.00GB
Starting Offset: 32256
Hidden sectors: 0
========== Alternate Data Streams ==========
@Alternate Data Stream - 174 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EE9B88C9
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56E2E879
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B11E0DF
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:553CA6CA
< End of report >
OTL Extras logfile created on: 02/11/2013 19:16:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Paul_2\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 80.76% Memory free
3.35 Gb Paging File | 3.18 Gb Available in Paging File | 94.82% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 1.77 Gb Free Space | 1.18% Space Free | Partition Type: NTFS
Computer Name: USER-E862545A71 | User Name: Paul_2 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [SPEEDbitVideoConverter] -- "C:\Program Files\SPEEDbit Video Downloader\Converter.exe" -convert=%1 (SPEEDbit Ltd.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\DAP\DAP.exe" = C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP) -- (Speedbit Ltd.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\AVG\AVG2014\avgmfapx.exe" = C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgnsx.exe" = C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgdiagex.exe" = C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgemcx.exe" = C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Personal Email Scanner -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05BA6FCD-1701-4AB9-8A1B-59008261695E}" = PS_AIO_06_B109a-m_SW_Min
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{408E2517-E30B-4027-959A-BD9B35409D12}" = OpenOffice.org 3.3
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{60101C13-2C13-48FB-855D-33D9F3013133}" = B109a-m
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DA4FC0C-4FB3-45A2-8095-B2F7A9CF8135}" = AVG 2014
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A253A57F-4319-49B5-B405-64587FFBCFE2}" = HP Photosmart B109a-m All-in-One Driver Software 14.0 Rel. 6
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{C4D8B637-D0D7-46B5-9373-773DF79939AF}" = AVG 2014
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.22beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AVG" = AVG 2014
"CCleaner" = CCleaner
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy Shred" = Easy Shred
"File Shredder_is1" = File Shredder 2.0
"Free FLV Converter_is1" = Free FLV Converter V 7.4.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"ie8" = Windows Internet Explorer 8
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.6
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Rapport_msi" = Trusteer Endpoint Protection
"RealPlayer 16.0" = RealPlayer
"Shop for HP Supplies" = Shop for HP Supplies
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"Usenet.nl_is1" = Usenet.nl
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR 4.00 beta 2 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sansa Updater" = Sansa Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 07/10/2013 15:11:09 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (2120) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 07/10/2013 15:11:33 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3716) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 07/10/2013 15:11:55 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3024) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 07/10/2013 15:12:12 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3980) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 07/10/2013 15:12:24 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (872) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 09/10/2013 12:44:28 | Computer Name = USER-E862545A71 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 09/10/2013 12:44:43 | Computer Name = USER-E862545A71 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 16/10/2013 16:39:20 | Computer Name = USER-E862545A71 | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 11.0.5721.5145, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x00010f1e.
Error - 18/10/2013 15:48:38 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3728) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 21/10/2013 14:19:21 | Computer Name = USER-E862545A71 | Source = Application Error | ID = 1000
Description = Faulting application msimn.exe, version 6.0.2900.5512, faulting module
, version 0.0.0.0, fault address 0x00000000.
[ System Events ]
Error - 02/11/2013 14:43:11 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 14:43:42 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 14:46:25 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 14:51:20 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 14:52:30 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 14:56:30 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 14:58:17 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 15:01:02 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 15:01:16 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 15:08:09 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
< End of report >
Edited by cousinkevin, 02 November 2013 - 03:07 PM.
#10
Posted 02 November 2013 - 02:50 PM
OTL Extras logfile created on: 02/11/2013 19:16:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Paul_2\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 80.76% Memory free
3.35 Gb Paging File | 3.18 Gb Available in Paging File | 94.82% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 1.77 Gb Free Space | 1.18% Space Free | Partition Type: NTFS
Computer Name: USER-E862545A71 | User Name: Paul_2 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [SPEEDbitVideoConverter] -- "C:\Program Files\SPEEDbit Video Downloader\Converter.exe" -convert=%1 (SPEEDbit Ltd.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\DAP\DAP.exe" = C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP) -- (Speedbit Ltd.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\AVG\AVG2014\avgmfapx.exe" = C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgnsx.exe" = C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgdiagex.exe" = C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgemcx.exe" = C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Personal Email Scanner -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05BA6FCD-1701-4AB9-8A1B-59008261695E}" = PS_AIO_06_B109a-m_SW_Min
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{408E2517-E30B-4027-959A-BD9B35409D12}" = OpenOffice.org 3.3
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{60101C13-2C13-48FB-855D-33D9F3013133}" = B109a-m
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DA4FC0C-4FB3-45A2-8095-B2F7A9CF8135}" = AVG 2014
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A253A57F-4319-49B5-B405-64587FFBCFE2}" = HP Photosmart B109a-m All-in-One Driver Software 14.0 Rel. 6
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{C4D8B637-D0D7-46B5-9373-773DF79939AF}" = AVG 2014
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.22beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AVG" = AVG 2014
"CCleaner" = CCleaner
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy Shred" = Easy Shred
"File Shredder_is1" = File Shredder 2.0
"Free FLV Converter_is1" = Free FLV Converter V 7.4.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"ie8" = Windows Internet Explorer 8
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.6
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Rapport_msi" = Trusteer Endpoint Protection
"RealPlayer 16.0" = RealPlayer
"Shop for HP Supplies" = Shop for HP Supplies
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"Usenet.nl_is1" = Usenet.nl
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR 4.00 beta 2 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sansa Updater" = Sansa Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 07/10/2013 15:11:09 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (2120) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 07/10/2013 15:11:33 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3716) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 07/10/2013 15:11:55 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3024) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 07/10/2013 15:12:12 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3980) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 07/10/2013 15:12:24 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (872) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 09/10/2013 12:44:28 | Computer Name = USER-E862545A71 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 09/10/2013 12:44:43 | Computer Name = USER-E862545A71 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 16/10/2013 16:39:20 | Computer Name = USER-E862545A71 | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 11.0.5721.5145, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x00010f1e.
Error - 18/10/2013 15:48:38 | Computer Name = USER-E862545A71 | Source = ESENT | ID = 490
Description = wuauclt (3728) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 21/10/2013 14:19:21 | Computer Name = USER-E862545A71 | Source = Application Error | ID = 1000
Description = Faulting application msimn.exe, version 6.0.2900.5512, faulting module
, version 0.0.0.0, fault address 0x00000000.
[ System Events ]
Error - 02/11/2013 14:43:11 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 14:43:42 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 14:46:25 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 14:51:20 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 14:52:30 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 14:56:30 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 14:58:17 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 15:01:02 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 15:01:16 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 02/11/2013 15:08:09 | Computer Name = USER-E862545A71 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
< End of report >
Register to Remove
#11
Posted 02 November 2013 - 03:26 PM
If possible run these tools in Normal Mode.
=========================
TDSSKiller
Please download TDSSKiller.zip - Extract it to your desktop
- TDSSKiller.exe
- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
- Press Start Scan
- Only if Malicious objects are found then ensure Cure is selected
- Then click Continue > Reboot now
- Copy and paste the log in your next reply
- A copy of the log will be saved automatically to the root of the drive (typically C:\)
ComboFix
Refer to the ComboFix User's Guide
- Download ComboFix from the following location:
Link
* IMPORTANT !!! Place ComboFix.exe on your Desktop
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
You can get help on disabling your protection programs here - Double click on ComboFix.exe & follow the prompts.
- Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
- When finished, it shall produce a log for you. Post that log in your next reply
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
--------------------------------------------------------------------------------------------- - Ensure your AntiVirus and AntiSpyware applications are re-enabled.
---------------------------------------------------------------------------------------------NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
=========================
In your next post please provide the following:- TDSSKiller.txt
- Combofix.txt
Proud Graduate of WTT Classroom
Member of UNITE
Threads will be closed if no response after 5 days
If you are satisfied with the help you have received, please consider making a donation.
#12
Posted 02 November 2013 - 04:39 PM
Hi,
I can't run the tools in normal mode as firefox only very partially loads to follow your instructions.
Also still can't shutdown in normal way.
I can't tell if AVG 2014 is disabled, as there is no icon in the taskbar in safe mode and opening from desktop shows a very basic interface without the usual options.
22:12:00.0359 0x0488 TDSS rootkit removing tool 3.0.0.16 Nov 1 2013 15:53:38
22:12:13.0078 0x0488 ============================================================
22:12:13.0078 0x0488 Current date / time: 2013/11/02 22:12:13.0078
22:12:13.0078 0x0488 SystemInfo:
22:12:13.0078 0x0488
22:12:13.0078 0x0488 OS Version: 5.1.2600 ServicePack: 3.0
22:12:13.0078 0x0488 Product type: Workstation
22:12:13.0078 0x0488 ComputerName: USER-E862545A71
22:12:13.0078 0x0488 UserName: Paul_2
22:12:13.0078 0x0488 Windows directory: C:\WINDOWS
22:12:13.0078 0x0488 System windows directory: C:\WINDOWS
22:12:13.0078 0x0488 Processor architecture: Intel x86
22:12:13.0078 0x0488 Number of processors: 1
22:12:13.0078 0x0488 Page size: 0x1000
22:12:13.0078 0x0488 Boot type: Safe boot with network
22:12:13.0078 0x0488 ============================================================
22:12:17.0609 0x0488 System UUID: {7D959974-B8C8-214F-CDF4-21C00BDFD112}
22:12:18.0281 0x0488 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:12:18.0281 0x0488 ============================================================
22:12:18.0281 0x0488 \Device\Harddisk0\DR0:
22:12:18.0281 0x0488 MBR partitions:
22:12:18.0281 0x0488 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
22:12:18.0281 0x0488 ============================================================
22:12:18.0296 0x0488 C: <-> \Device\Harddisk0\DR0\Partition1
22:12:18.0312 0x0488 ============================================================
22:12:18.0312 0x0488 Initialize success
22:12:18.0312 0x0488 ============================================================
22:13:23.0281 0x0760 ============================================================
22:13:23.0281 0x0760 Scan started
22:13:23.0281 0x0760 Mode: Manual;
22:13:23.0281 0x0760 ============================================================
22:13:23.0281 0x0760 KSN ping started
22:13:36.0765 0x0760 KSN ping finished: true
22:13:37.0265 0x0760 ================ Scan system memory ========================
22:13:37.0265 0x0760 System memory - ok
22:13:37.0281 0x0760 ================ Scan services =============================
22:13:37.0468 0x0760 Abiosdsk - ok
22:13:37.0484 0x0760 abp480n5 - ok
22:13:37.0609 0x0760 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:13:37.0625 0x0760 ACPI - ok
22:13:37.0796 0x0760 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
22:13:37.0796 0x0760 ACPIEC - ok
22:13:37.0984 0x0760 [ 3109B16A0939BA11696EEB04F345D099, 8863EFE3631F0F4D8F6BAE804DBB01564FF2969D53393B2887F682427C289B25 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:13:38.0000 0x0760 AdobeFlashPlayerUpdateSvc - ok
22:13:38.0031 0x0760 adpu160m - ok
22:13:38.0140 0x0760 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:13:38.0140 0x0760 aec - ok
22:13:38.0234 0x0760 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:13:38.0250 0x0760 AFD - ok
22:13:38.0281 0x0760 Aha154x - ok
22:13:38.0296 0x0760 aic78u2 - ok
22:13:38.0328 0x0760 aic78xx - ok
22:13:38.0625 0x0760 [ F3E15607BA53249C765E36388B332C2F, 379B36493C47080BDA40B6487A19B6DD9DA30E26F652EC5455EF2FFDB075D792 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
22:13:38.0859 0x0760 ALCXWDM - ok
22:13:38.0968 0x0760 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:13:38.0968 0x0760 Alerter - ok
22:13:39.0015 0x0760 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
22:13:39.0015 0x0760 ALG - ok
22:13:39.0046 0x0760 AliIde - ok
22:13:39.0109 0x0760 amsint - ok
22:13:39.0140 0x0760 AppMgmt - ok
22:13:39.0187 0x0760 asc - ok
22:13:39.0234 0x0760 asc3350p - ok
22:13:39.0281 0x0760 asc3550 - ok
22:13:39.0468 0x0760 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:13:39.0515 0x0760 aspnet_state - ok
22:13:39.0593 0x0760 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:13:39.0609 0x0760 AsyncMac - ok
22:13:39.0671 0x0760 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:13:39.0687 0x0760 atapi - ok
22:13:39.0718 0x0760 Atdisk - ok
22:13:39.0843 0x0760 [ 471087B5E1E01CC82604E81EA14781D8, DA6AAFE65232AF3DA3D0D5F399730A1117B0DBBCB6AA2A9BD0D1ADA22A1198B8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
22:13:39.0875 0x0760 Ati HotKey Poller - ok
22:13:40.0000 0x0760 [ B979BA0120B6DB757196A8E2E873FE3C, 4F4CCD1D07485A53CA3ECEB10E029102BBE9946A15C7B67840E64D352808A0CA ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
22:13:40.0046 0x0760 ATI Smart - ok
22:13:40.0281 0x0760 [ C0B86ECB324E50F6BBD529F9D5C6B24B, 6B6E58CBDE1010FF13740DA91482E8A40D7B31CD808C16B524BE012C0EADB0D1 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:13:40.0500 0x0760 ati2mtag - ok
22:13:40.0625 0x0760 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:13:40.0625 0x0760 Atmarpc - ok
22:13:40.0734 0x0760 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:13:40.0750 0x0760 AudioSrv - ok
22:13:40.0828 0x0760 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:13:40.0828 0x0760 audstub - ok
22:13:40.0968 0x0760 [ 8A7DC10E81E73994AF8D8FB4E921BA20, C9905638CC3CACAE77E907DAE061EC3D2A8AACC412004E905D0CD2BEA418EC91 ] Avgdiskx C:\WINDOWS\system32\DRIVERS\avgdiskx.sys
22:13:40.0968 0x0760 Avgdiskx - ok
22:13:41.0375 0x0760 [ 332AEB8F6F9595C8886A7AA7A62322DC, CC2F2856257D10B72558660161732EB5FB5D8CCD8AC78EFED8263895A2529CC9 ] AVGIDSAgent C:\Program Files\AVG\AVG2014\avgidsagent.exe
22:13:41.0609 0x0760 AVGIDSAgent - ok
22:13:41.0718 0x0760 [ E2D441E3F58C04DD91286F38916CE102, C03F50CE5BDFCBC2B0DB062D6517ADE99DFF8EB65859CF6122DC95D3167E7C7E ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
22:13:41.0734 0x0760 AVGIDSDriver - ok
22:13:41.0828 0x0760 [ 7E7E946C5620BD398BFCFA41E435545B, 0B2F496367F36BE20AD075DF0054E8DE083E690179F9C5C9ECF9B3677069D6CF ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
22:13:41.0843 0x0760 AVGIDSHX - ok
22:13:41.0890 0x0760 [ C3828E5C49924969799ED8B1E123A267, 26713E308FC9BBDF28BD4E47234002D6928AAA234F73B2248BB2466EBA41747E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
22:13:41.0890 0x0760 AVGIDSShim - ok
22:13:41.0953 0x0760 [ A997D4A7361F4870A4F13BA5BF36F388, 1DF529F4207081E154BC377154A02FD641C20EF8BDB913C232465519AAC48827 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
22:13:41.0953 0x0760 Avgldx86 - ok
22:13:42.0031 0x0760 [ 62C926243D7875BDE097904E4DE4FFAD, 32730FEB5133F51A62DEDB9528EDE5A8F9A3C8121753D09699C5EEB930E4E217 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
22:13:42.0046 0x0760 Avglogx - ok
22:13:42.0093 0x0760 [ 02C25C2974F728391E33A2E45A23FFA4, B36A9601BF855ABAC4855023913A8D977567AD15EDCC3FFAB3028A9B6FE5D2CA ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
22:13:42.0093 0x0760 Avgmfx86 - ok
22:13:42.0140 0x0760 [ 9745AD34365318593909EDDEDAE66B9A, 16374BF9789053AA0124CB8437E1192442F44E46D14435BF80A049CD0D47F16A ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
22:13:42.0140 0x0760 Avgrkx86 - ok
22:13:42.0187 0x0760 [ E98603F9D1F412F38ADF2F76053F9E5A, 1CE4668E0202ADD8C4C3D7D883DC837F7888F5D6E3B6FEE8338E15A86FE6AC22 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
22:13:42.0203 0x0760 Avgtdix - ok
22:13:42.0296 0x0760 [ 07646F5F37F18F1F978CE3B0378EF1C9, 0BC440C3E8E617FA5D70D28413F091678E9FD4CF9F87CB8ED686609A0291D95B ] avgwd C:\Program Files\AVG\AVG2014\avgwdsvc.exe
22:13:42.0312 0x0760 avgwd - ok
22:13:42.0421 0x0760 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:13:42.0421 0x0760 Beep - ok
22:13:42.0515 0x0760 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
22:13:42.0656 0x0760 BITS - ok
22:13:42.0750 0x0760 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
22:13:42.0750 0x0760 Browser - ok
22:13:42.0843 0x0760 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:13:42.0843 0x0760 cbidf2k - ok
22:13:42.0890 0x0760 cd20xrnt - ok
22:13:42.0953 0x0760 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:13:42.0968 0x0760 Cdaudio - ok
22:13:43.0046 0x0760 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:13:43.0046 0x0760 Cdfs - ok
22:13:43.0140 0x0760 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:13:43.0140 0x0760 Cdrom - ok
22:13:43.0187 0x0760 Changer - ok
22:13:43.0234 0x0760 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:13:43.0234 0x0760 CiSvc - ok
22:13:43.0296 0x0760 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:13:43.0296 0x0760 ClipSrv - ok
22:13:43.0406 0x0760 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:13:43.0546 0x0760 clr_optimization_v2.0.50727_32 - ok
22:13:43.0609 0x0760 CmdIde - ok
22:13:43.0656 0x0760 COMSysApp - ok
22:13:43.0718 0x0760 Cpqarray - ok
22:13:43.0796 0x0760 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:13:43.0796 0x0760 CryptSvc - ok
22:13:43.0859 0x0760 dac2w2k - ok
22:13:43.0890 0x0760 dac960nt - ok
22:13:44.0000 0x0760 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:13:44.0031 0x0760 DcomLaunch - ok
22:13:44.0125 0x0760 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:13:44.0125 0x0760 Dhcp - ok
22:13:44.0218 0x0760 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:13:44.0218 0x0760 Disk - ok
22:13:44.0250 0x0760 dmadmin - ok
22:13:44.0359 0x0760 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:13:44.0406 0x0760 dmboot - ok
22:13:44.0468 0x0760 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:13:44.0484 0x0760 dmio - ok
22:13:44.0531 0x0760 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:13:44.0531 0x0760 dmload - ok
22:13:44.0578 0x0760 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
22:13:44.0578 0x0760 dmserver - ok
22:13:44.0656 0x0760 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:13:44.0671 0x0760 DMusic - ok
22:13:44.0765 0x0760 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:13:44.0781 0x0760 Dnscache - ok
22:13:44.0875 0x0760 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:13:44.0890 0x0760 Dot3svc - ok
22:13:44.0937 0x0760 dpti2o - ok
22:13:45.0031 0x0760 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:13:45.0031 0x0760 drmkaud - ok
22:13:45.0078 0x0760 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:13:45.0078 0x0760 EapHost - ok
22:13:45.0171 0x0760 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:13:45.0171 0x0760 ERSvc - ok
22:13:45.0265 0x0760 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
22:13:45.0265 0x0760 Eventlog - ok
22:13:45.0375 0x0760 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
22:13:45.0390 0x0760 EventSystem - ok
22:13:45.0484 0x0760 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:13:45.0500 0x0760 Fastfat - ok
22:13:45.0593 0x0760 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:13:45.0593 0x0760 FastUserSwitchingCompatibility - ok
22:13:45.0687 0x0760 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
22:13:45.0687 0x0760 Fdc - ok
22:13:45.0781 0x0760 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:13:45.0781 0x0760 Fips - ok
22:13:45.0859 0x0760 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:13:45.0859 0x0760 Flpydisk - ok
22:13:45.0921 0x0760 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:13:45.0953 0x0760 FltMgr - ok
22:13:46.0093 0x0760 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:13:46.0093 0x0760 FontCache3.0.0.0 - ok
22:13:46.0140 0x0760 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:13:46.0140 0x0760 Fs_Rec - ok
22:13:46.0187 0x0760 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:13:46.0203 0x0760 Ftdisk - ok
22:13:46.0281 0x0760 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:13:46.0296 0x0760 Gpc - ok
22:13:46.0421 0x0760 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:13:46.0421 0x0760 helpsvc - ok
22:13:46.0484 0x0760 HidServ - ok
22:13:46.0562 0x0760 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:13:46.0562 0x0760 HidUsb - ok
22:13:46.0640 0x0760 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:13:46.0640 0x0760 hkmsvc - ok
22:13:46.0671 0x0760 hpn - ok
22:13:46.0953 0x0760 [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
22:13:46.0984 0x0760 hpqcxs08 - ok
22:13:47.0031 0x0760 [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
22:13:47.0046 0x0760 hpqddsvc - ok
22:13:47.0125 0x0760 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:13:47.0125 0x0760 HPZid412 - ok
22:13:47.0171 0x0760 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:13:47.0171 0x0760 HPZipr12 - ok
22:13:47.0250 0x0760 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:13:47.0250 0x0760 HPZius12 - ok
22:13:47.0343 0x0760 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:13:47.0359 0x0760 HTTP - ok
22:13:47.0453 0x0760 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:13:47.0453 0x0760 HTTPFilter - ok
22:13:47.0500 0x0760 i2omgmt - ok
22:13:47.0546 0x0760 i2omp - ok
22:13:47.0625 0x0760 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:13:47.0625 0x0760 i8042prt - ok
22:13:47.0781 0x0760 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:13:47.0812 0x0760 idsvc - ok
22:13:47.0859 0x0760 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:13:47.0859 0x0760 Imapi - ok
22:13:47.0968 0x0760 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
22:13:47.0968 0x0760 ImapiService - ok
22:13:48.0046 0x0760 ini910u - ok
22:13:48.0109 0x0760 IntelIde - ok
22:13:48.0187 0x0760 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:13:48.0187 0x0760 intelppm - ok
22:13:48.0250 0x0760 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:13:48.0265 0x0760 Ip6Fw - ok
22:13:48.0328 0x0760 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:13:48.0328 0x0760 IpFilterDriver - ok
22:13:48.0390 0x0760 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:13:48.0390 0x0760 IpInIp - ok
22:13:48.0468 0x0760 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:13:48.0468 0x0760 IpNat - ok
22:13:48.0562 0x0760 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:13:48.0562 0x0760 IPSec - ok
22:13:48.0640 0x0760 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:13:48.0640 0x0760 IRENUM - ok
22:13:48.0718 0x0760 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:13:48.0734 0x0760 isapnp - ok
22:13:48.0921 0x0760 [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
22:13:48.0921 0x0760 JavaQuickStarterService - ok
22:13:48.0984 0x0760 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:13:48.0984 0x0760 Kbdclass - ok
22:13:49.0062 0x0760 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:13:49.0078 0x0760 kmixer - ok
22:13:49.0156 0x0760 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:13:49.0156 0x0760 KSecDD - ok
22:13:49.0250 0x0760 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
22:13:49.0250 0x0760 LanmanServer - ok
22:13:49.0312 0x0760 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:13:49.0328 0x0760 lanmanworkstation - ok
22:13:49.0375 0x0760 lbrtfdc - ok
22:13:49.0500 0x0760 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:13:49.0500 0x0760 LmHosts - ok
22:13:49.0906 0x0760 [ 14B0B207DEDFAB58B157B5A66CABB937, 56B0BEAA68E50B7A2B14131AB28E1A3AB6C3599E0A50212EBD373A99D7851BA6 ] LMIRescue_0e3fbcc9-499d-4383-9a4d-8f9de0582633 C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0003.tmp\LMI_Rescue_srv.exe
22:13:50.0093 0x0760 LMIRescue_0e3fbcc9-499d-4383-9a4d-8f9de0582633 - ok
22:13:50.0312 0x0760 [ C6267D349A65F67A611D5AE313F9F93A, 9B0301ABA8C0DF75488B93A80DC63168B78604E4E13438ED14979031A637CB89 ] LMIRescue_190e1fbc-265c-49bc-9ee4-2036b1499f28 C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0006.tmp\LMI_Rescue_srv.exe
22:13:50.0500 0x0760 LMIRescue_190e1fbc-265c-49bc-9ee4-2036b1499f28 - ok
22:13:50.0734 0x0760 [ 14B0B207DEDFAB58B157B5A66CABB937, 56B0BEAA68E50B7A2B14131AB28E1A3AB6C3599E0A50212EBD373A99D7851BA6 ] LMIRescue_25efa157-0bf7-422c-8c9e-11820b0bddfa C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0002.tmp\LMI_Rescue_srv.exe
22:13:50.0906 0x0760 LMIRescue_25efa157-0bf7-422c-8c9e-11820b0bddfa - ok
22:13:51.0109 0x0760 [ C6267D349A65F67A611D5AE313F9F93A, 9B0301ABA8C0DF75488B93A80DC63168B78604E4E13438ED14979031A637CB89 ] LMIRescue_e70e3a79-1da6-47e0-a93a-2366de83597d C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0005.tmp\LMI_Rescue_srv.exe
22:13:51.0250 0x0760 LMIRescue_e70e3a79-1da6-47e0-a93a-2366de83597d - ok
22:13:51.0500 0x0760 [ 14B0B207DEDFAB58B157B5A66CABB937, 56B0BEAA68E50B7A2B14131AB28E1A3AB6C3599E0A50212EBD373A99D7851BA6 ] LMIRescue_ea12e1ca-77c2-45ea-a3e6-ed8e18c08b69 C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0004.tmp\LMI_Rescue_srv.exe
22:13:51.0640 0x0760 LMIRescue_ea12e1ca-77c2-45ea-a3e6-ed8e18c08b69 - ok
22:13:51.0859 0x0760 [ 14B0B207DEDFAB58B157B5A66CABB937, 56B0BEAA68E50B7A2B14131AB28E1A3AB6C3599E0A50212EBD373A99D7851BA6 ] LMIRescue_f0557919-9c33-47c3-9d09-09b1244b2f5f C:\Documents and Settings\Lynda\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe
22:13:52.0015 0x0760 LMIRescue_f0557919-9c33-47c3-9d09-09b1244b2f5f - ok
22:13:52.0109 0x0760 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:13:52.0125 0x0760 Messenger - ok
22:13:52.0203 0x0760 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:13:52.0203 0x0760 mnmdd - ok
22:13:52.0296 0x0760 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
22:13:52.0296 0x0760 mnmsrvc - ok
22:13:52.0375 0x0760 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:13:52.0375 0x0760 Modem - ok
22:13:52.0421 0x0760 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:13:52.0421 0x0760 Mouclass - ok
22:13:52.0484 0x0760 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:13:52.0500 0x0760 mouhid - ok
22:13:52.0562 0x0760 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:13:52.0562 0x0760 MountMgr - ok
22:13:52.0703 0x0760 [ F9359ADA531A75FB98FA7A864B97D30B, C417D9EB3233A19ACEC0FD2934FD93FC527068E2E7AD8C74717EDC4868AFBDD7 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:13:52.0703 0x0760 MozillaMaintenance - ok
22:13:52.0750 0x0760 mraid35x - ok
22:13:52.0812 0x0760 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:13:52.0812 0x0760 MRxDAV - ok
22:13:52.0906 0x0760 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:13:52.0921 0x0760 MRxSmb - ok
22:13:53.0000 0x0760 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
22:13:53.0000 0x0760 MSDTC - ok
22:13:53.0109 0x0760 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:13:53.0109 0x0760 Msfs - ok
22:13:53.0156 0x0760 MSIServer - ok
22:13:53.0234 0x0760 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:13:53.0234 0x0760 MSKSSRV - ok
22:13:53.0281 0x0760 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:13:53.0281 0x0760 MSPCLOCK - ok
22:13:53.0328 0x0760 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:13:53.0328 0x0760 MSPQM - ok
22:13:53.0375 0x0760 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:13:53.0375 0x0760 mssmbios - ok
22:13:53.0453 0x0760 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:13:53.0453 0x0760 Mup - ok
22:13:53.0578 0x0760 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
22:13:53.0578 0x0760 napagent - ok
22:13:53.0640 0x0760 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:13:53.0656 0x0760 NDIS - ok
22:13:53.0734 0x0760 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:13:53.0734 0x0760 NdisTapi - ok
22:13:53.0812 0x0760 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:13:53.0812 0x0760 Ndisuio - ok
22:13:53.0875 0x0760 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:13:53.0875 0x0760 NdisWan - ok
22:13:53.0937 0x0760 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:13:53.0937 0x0760 NDProxy - ok
22:13:54.0031 0x0760 [ 69C503C004F49AEE8B8E3067CC047BA7, 0E7A2FB0CC7669E6400EDA4D2220BBB1A85CF3D3529739DA5AE2C073FFA08313 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
22:13:54.0031 0x0760 Net Driver HPZ12 - ok
22:13:54.0078 0x0760 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:13:54.0093 0x0760 NetBIOS - ok
22:13:54.0156 0x0760 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:13:54.0171 0x0760 NetBT - ok
22:13:54.0265 0x0760 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
22:13:54.0265 0x0760 NetDDE - ok
22:13:54.0312 0x0760 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:13:54.0312 0x0760 NetDDEdsdm - ok
22:13:54.0437 0x0760 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:13:54.0437 0x0760 Netlogon - ok
22:13:54.0468 0x0760 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
22:13:54.0484 0x0760 Netman - ok
22:13:54.0578 0x0760 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:13:54.0578 0x0760 NetTcpPortSharing - ok
22:13:54.0656 0x0760 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
22:13:54.0671 0x0760 Nla - ok
22:13:54.0765 0x0760 [ C82F4CC10AD315B6D6BCB14D0A7CAD66, 7B12A7CB54DF475A4CCD23228A822FE29A04CF2850D64FCFA80DEFE3003074B1 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
22:13:54.0765 0x0760 nmwcd - ok
22:13:54.0828 0x0760 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:13:54.0843 0x0760 Npfs - ok
22:13:54.0937 0x0760 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:13:54.0984 0x0760 Ntfs - ok
22:13:55.0015 0x0760 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
22:13:55.0015 0x0760 NtLmSsp - ok
22:13:55.0093 0x0760 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:13:55.0109 0x0760 NtmsSvc - ok
22:13:55.0171 0x0760 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
22:13:55.0171 0x0760 Null - ok
22:13:55.0234 0x0760 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:13:55.0234 0x0760 NwlnkFlt - ok
22:13:55.0281 0x0760 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:13:55.0281 0x0760 NwlnkFwd - ok
22:13:55.0343 0x0760 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
22:13:55.0359 0x0760 Parport - ok
22:13:55.0421 0x0760 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:13:55.0421 0x0760 PartMgr - ok
22:13:55.0515 0x0760 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:13:55.0515 0x0760 ParVdm - ok
22:13:55.0546 0x0760 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:13:55.0562 0x0760 PCI - ok
22:13:55.0593 0x0760 PCIDump - ok
22:13:55.0687 0x0760 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
22:13:55.0687 0x0760 PCIIde - ok
22:13:55.0781 0x0760 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
22:13:55.0781 0x0760 Pcmcia - ok
22:13:55.0828 0x0760 PDCOMP - ok
22:13:55.0859 0x0760 PDFRAME - ok
22:13:55.0921 0x0760 PDRELI - ok
22:13:55.0984 0x0760 PDRFRAME - ok
22:13:56.0015 0x0760 perc2 - ok
22:13:56.0062 0x0760 perc2hib - ok
22:13:56.0203 0x0760 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
22:13:56.0203 0x0760 PlugPlay - ok
22:13:56.0250 0x0760 [ 12B4549D515CB26BB8D375038017CA65, B09ED2BED994D2B04862BBF62EF56F110235D3489D3B1762432F22A3A8F97BB8 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
22:13:56.0250 0x0760 Pml Driver HPZ12 - ok
22:13:56.0296 0x0760 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
22:13:56.0312 0x0760 PolicyAgent - ok
22:13:56.0359 0x0760 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:13:56.0359 0x0760 PptpMiniport - ok
22:13:56.0390 0x0760 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:13:56.0390 0x0760 ProtectedStorage - ok
22:13:56.0421 0x0760 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:13:56.0421 0x0760 PSched - ok
22:13:56.0484 0x0760 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:13:56.0484 0x0760 Ptilink - ok
22:13:56.0515 0x0760 ql1080 - ok
22:13:56.0562 0x0760 Ql10wnt - ok
22:13:56.0593 0x0760 ql12160 - ok
22:13:56.0640 0x0760 ql1240 - ok
22:13:56.0687 0x0760 ql1280 - ok
22:13:56.0906 0x0760 [ AB51E1F08C8E789D6C9E8B94D15BE9A9, 35386087B0D57D181FE39E4AFBFFE4DB5B827DACA6D87F1F5563B26547993E24 ] RapportCerberus_59849 C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys
22:13:56.0937 0x0760 RapportCerberus_59849 - ok
22:13:57.0078 0x0760 [ 9D52A4DEB9F28CC41EB61346E3808E4D, 6025F833B27B7A86E2F69F2D6D994DE95DCAD33FFC8FFA52BF45E350417BAAA0 ] RapportEI C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
22:13:57.0078 0x0760 RapportEI - ok
22:13:57.0187 0x0760 [ 4136175FABB89CB493DF1D237DB50CF4, F38E6AA084A910D2445CEF53EC7E6FFB74AE3FE518A052562A0AEEC8F1DD37C1 ] RapportKELL C:\WINDOWS\system32\Drivers\RapportKELL.sys
22:13:57.0187 0x0760 RapportKELL - ok
22:13:57.0390 0x0760 [ 02396BD77121751A738444325E1F14E8, C9A0B4D423C18014DD6523332B378BD0E85E5EE9F9B33C892DCA5DEECEEF805C ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
22:13:57.0500 0x0760 RapportMgmtService - ok
22:13:57.0687 0x0760 [ A9B99416DE6CADEE2D3C369B634F20F1, A2836B5BD439EE9163317ADA1E10D911F55FF0E3459CF3AEFDC3FBB6C16570ED ] RapportPG C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
22:13:57.0687 0x0760 RapportPG - ok
22:13:57.0750 0x0760 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:13:57.0750 0x0760 RasAcd - ok
22:13:57.0828 0x0760 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:13:57.0828 0x0760 RasAuto - ok
22:13:57.0906 0x0760 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:13:57.0906 0x0760 Rasl2tp - ok
22:13:57.0953 0x0760 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:13:57.0968 0x0760 RasMan - ok
22:13:58.0015 0x0760 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:13:58.0015 0x0760 RasPppoe - ok
22:13:58.0062 0x0760 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:13:58.0062 0x0760 Raspti - ok
22:13:58.0109 0x0760 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:13:58.0125 0x0760 Rdbss - ok
22:13:58.0156 0x0760 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:13:58.0156 0x0760 RDPCDD - ok
22:13:58.0250 0x0760 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:13:58.0265 0x0760 RDPWD - ok
22:13:58.0328 0x0760 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:13:58.0343 0x0760 RDSessMgr - ok
22:13:58.0437 0x0760 [ B2D01290C0E0465ACA54C2088E947823, 6FB6E6CFAF3F2F948B753A0CFF6F9058BF3ED0E421204EE58848F0DFD694A747 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
22:13:58.0437 0x0760 RealNetworks Downloader Resolver Service - ok
22:13:58.0531 0x0760 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:13:58.0546 0x0760 redbook - ok
22:13:58.0625 0x0760 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:13:58.0640 0x0760 RemoteAccess - ok
22:13:58.0734 0x0760 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
22:13:58.0734 0x0760 RpcLocator - ok
22:13:58.0796 0x0760 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:13:58.0828 0x0760 RpcSs - ok
22:13:58.0921 0x0760 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
22:13:58.0937 0x0760 RSVP - ok
22:13:58.0984 0x0760 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
22:13:58.0984 0x0760 SamSs - ok
22:13:59.0109 0x0760 [ A3281AEC37E0720A2BC28034C2DF2A56, E8C122D17DD695D4EEAD115A5E1A388605EB77E5F2E8DA98C7BD93E0FDCFD01A ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:13:59.0109 0x0760 SASDIFSV - ok
22:13:59.0171 0x0760 [ 61DB0D0756A99506207FD724E3692B25, 90A43A650B8FDC2DC15172CD43357ED622CBFC6124BA14C63EAC63898125EADA ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:13:59.0171 0x0760 SASKUTIL - ok
22:13:59.0265 0x0760 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:13:59.0265 0x0760 SCardSvr - ok
22:13:59.0359 0x0760 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:13:59.0375 0x0760 Schedule - ok
22:13:59.0562 0x0760 [ D98E936BDD4A6CFE39535F3696D0EC6F, 78F4D7A1AACCCC5F77C7FFDA9E51D3BDCC454DD7D0FBB27260E6C7D56956C98E ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
22:13:59.0625 0x0760 SDScannerService - ok
22:13:59.0750 0x0760 [ 2D5088524613D1ED55D20195AF42DDC7, DD31882890524D237AA3A58D15C7EBB2CC181C56E17FA62671CFC14BD275D3A0 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
22:13:59.0828 0x0760 SDUpdateService - ok
22:13:59.0921 0x0760 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:13:59.0921 0x0760 Secdrv - ok
22:13:59.0984 0x0760 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
22:14:00.0000 0x0760 seclogon - ok
22:14:00.0078 0x0760 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
22:14:00.0078 0x0760 SENS - ok
22:14:00.0125 0x0760 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
22:14:00.0125 0x0760 serenum - ok
22:14:00.0171 0x0760 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
22:14:00.0171 0x0760 Serial - ok
22:14:00.0296 0x0760 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
22:14:00.0296 0x0760 Sfloppy - ok
22:14:00.0359 0x0760 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:14:00.0359 0x0760 SharedAccess - ok
22:14:00.0437 0x0760 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:14:00.0437 0x0760 ShellHWDetection - ok
22:14:00.0484 0x0760 Simbad - ok
22:14:00.0562 0x0760 [ 3FBB6EF8B5A71A2FA11F5F461BB73219, E71F7BB8F690351ACB0C02B2BC01F8837F55645B9BF7682C0F9329BA00637F0A ] SISNIC C:\WINDOWS\system32\DRIVERS\sisnic.sys
22:14:00.0562 0x0760 SISNIC - ok
22:14:00.0828 0x0760 [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
22:14:01.0000 0x0760 Skype C2C Service - ok
22:14:01.0203 0x0760 [ B866E8C5ED1DCBEA72285BA4107892C2, F1750C9AC9B0A556DB3D5BC211D8DEDB2A278BFFEE4E21649B4D3B2CC10263E5 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:14:01.0218 0x0760 SkypeUpdate - ok
22:14:01.0265 0x0760 Sparrow - ok
22:14:01.0343 0x0760 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:14:01.0343 0x0760 splitter - ok
22:14:01.0437 0x0760 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
22:14:01.0453 0x0760 Spooler - ok
22:14:01.0531 0x0760 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:14:01.0531 0x0760 sr - ok
22:14:01.0593 0x0760 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
22:14:01.0593 0x0760 srservice - ok
22:14:01.0671 0x0760 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:14:01.0687 0x0760 Srv - ok
22:14:01.0781 0x0760 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:14:01.0796 0x0760 SSDPSRV - ok
22:14:01.0890 0x0760 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:14:01.0921 0x0760 stisvc - ok
22:14:01.0953 0x0760 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:14:01.0968 0x0760 swenum - ok
22:14:02.0062 0x0760 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:14:02.0078 0x0760 swmidi - ok
22:14:02.0109 0x0760 SwPrv - ok
22:14:02.0156 0x0760 symc810 - ok
22:14:02.0203 0x0760 symc8xx - ok
22:14:02.0234 0x0760 sym_hi - ok
22:14:02.0281 0x0760 sym_u3 - ok
22:14:02.0359 0x0760 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:14:02.0359 0x0760 sysaudio - ok
22:14:02.0453 0x0760 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:14:02.0468 0x0760 SysmonLog - ok
22:14:02.0562 0x0760 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:14:02.0578 0x0760 TapiSrv - ok
22:14:02.0671 0x0760 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:14:02.0687 0x0760 Tcpip - ok
22:14:02.0765 0x0760 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:14:02.0765 0x0760 TDPIPE - ok
22:14:02.0796 0x0760 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:14:02.0796 0x0760 TDTCP - ok
22:14:02.0859 0x0760 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:14:02.0859 0x0760 TermDD - ok
22:14:02.0906 0x0760 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
22:14:02.0921 0x0760 TermService - ok
22:14:02.0968 0x0760 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
22:14:02.0968 0x0760 Themes - ok
22:14:03.0000 0x0760 TosIde - ok
22:14:03.0031 0x0760 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:14:03.0031 0x0760 TrkWks - ok
22:14:03.0078 0x0760 [ D85938F272D1BCF3DB3A31FC0A048928, 798328C8C06EEE7B0852E6D2B16C3AF24D529737ECA2E9725415261A5736D051 ] uagp35 C:\WINDOWS\system32\DRIVERS\uagp35.sys
22:14:03.0093 0x0760 uagp35 - ok
22:14:03.0171 0x0760 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:14:03.0171 0x0760 Udfs - ok
22:14:03.0218 0x0760 ultra - ok
22:14:03.0296 0x0760 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:14:03.0312 0x0760 Update - ok
22:14:03.0421 0x0760 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
22:14:03.0437 0x0760 upnphost - ok
22:14:03.0484 0x0760 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
22:14:03.0484 0x0760 UPS - ok
22:14:03.0593 0x0760 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:14:03.0593 0x0760 usbccgp - ok
22:14:03.0640 0x0760 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:14:03.0640 0x0760 usbehci - ok
22:14:03.0687 0x0760 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:14:03.0687 0x0760 usbhub - ok
22:14:03.0734 0x0760 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:14:03.0734 0x0760 usbohci - ok
22:14:03.0828 0x0760 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:14:03.0828 0x0760 usbprint - ok
22:14:03.0906 0x0760 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:14:03.0953 0x0760 usbscan - ok
22:14:03.0984 0x0760 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:14:03.0984 0x0760 USBSTOR - ok
22:14:04.0031 0x0760 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:14:04.0031 0x0760 VgaSave - ok
22:14:04.0062 0x0760 ViaIde - ok
22:14:04.0156 0x0760 VideoAcceleratorService - ok
22:14:04.0203 0x0760 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:14:04.0203 0x0760 VolSnap - ok
22:14:04.0312 0x0760 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
22:14:04.0328 0x0760 VSS - ok
22:14:04.0437 0x0760 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll
22:14:04.0453 0x0760 W32Time - ok
22:14:04.0500 0x0760 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:14:04.0500 0x0760 Wanarp - ok
22:14:04.0625 0x0760 [ FD47474BD21794508AF449D9D91AF6E6, 2AD586390824F673B5DC5D86FC2423ED9252413D221E1C7EC3A760782DB6436A ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
22:14:04.0656 0x0760 Wdf01000 - ok
22:14:04.0687 0x0760 WDICA - ok
22:14:04.0750 0x0760 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:14:04.0765 0x0760 wdmaud - ok
22:14:04.0828 0x0760 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
22:14:04.0828 0x0760 WebClient - ok
22:14:04.0984 0x0760 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:14:05.0000 0x0760 winmgmt - ok
22:14:05.0125 0x0760 [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM C:\WINDOWS\system32\WsmSvc.dll
22:14:05.0187 0x0760 WinRM - ok
22:14:05.0359 0x0760 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
22:14:05.0359 0x0760 WmdmPmSN - ok
22:14:05.0484 0x0760 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:14:05.0484 0x0760 WmiApSrv - ok
22:14:05.0656 0x0760 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
22:14:05.0687 0x0760 WMPNetworkSvc - ok
22:14:05.0765 0x0760 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:14:05.0765 0x0760 WpdUsb - ok
22:14:05.0828 0x0760 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:14:05.0828 0x0760 WS2IFSL - ok
22:14:05.0921 0x0760 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
22:14:05.0921 0x0760 wscsvc - ok
22:14:06.0000 0x0760 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
22:14:06.0031 0x0760 wuauserv - ok
22:14:06.0109 0x0760 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:14:06.0125 0x0760 WudfPf - ok
22:14:06.0187 0x0760 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:14:06.0187 0x0760 WudfRd - ok
22:14:06.0296 0x0760 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
22:14:06.0312 0x0760 WudfSvc - ok
22:14:06.0437 0x0760 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:14:06.0453 0x0760 WZCSVC - ok
22:14:06.0546 0x0760 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:14:06.0546 0x0760 xmlprov - ok
22:14:06.0609 0x0760 ================ Scan global ===============================
22:14:06.0687 0x0760 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
22:14:06.0750 0x0760 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
22:14:06.0796 0x0760 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
22:14:06.0843 0x0760 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
22:14:06.0843 0x0760 [ Global ] - ok
22:14:06.0859 0x0760 ================ Scan MBR ==================================
22:14:06.0906 0x0760 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
22:14:07.0078 0x0760 \Device\Harddisk0\DR0 - ok
22:14:07.0093 0x0760 ================ Scan VBR ==================================
22:14:07.0109 0x0760 [ A6ECC1562352C948CB62B59E8B91F96D ] \Device\Harddisk0\DR0\Partition1
22:14:07.0125 0x0760 \Device\Harddisk0\DR0\Partition1 - ok
22:14:07.0140 0x0760 Waiting for KSN requests completion. In queue: 217
22:14:08.0140 0x0760 Waiting for KSN requests completion. In queue: 217
22:14:09.0140 0x0760 Waiting for KSN requests completion. In queue: 217
22:14:10.0187 0x0760 AV detected via SS1: AVG AntiVirus Free Edition 2014, 2014.0, enabled, updated
22:14:10.0187 0x0760 FW detected via SS1: AVG Internet Security 2013, 2013.0, enabled
22:14:12.0546 0x0760 ============================================================
22:14:12.0546 0x0760 Scan finished
22:14:12.0546 0x0760 ============================================================
22:14:12.0593 0x0688 Detected object count: 0
22:14:12.0593 0x0688 Actual detected object count: 0
22:27:35.0578 0x0320 Deinitialize success
#13
Posted 02 November 2013 - 05:51 PM
Proud Graduate of WTT Classroom
Member of UNITE
Threads will be closed if no response after 5 days
If you are satisfied with the help you have received, please consider making a donation.
#14
Posted 02 November 2013 - 06:38 PM
Now I have a warning box that combofix has detected AVG and only to click OK when disabled. I did say I can't switch off AVG in safe mode now I'm frightened to wreck my pc. As I said there are no options to disable in safe mode. The AVG window states "command line scanner" and there is no menu.
What can I do now, I want to go to bed as it's late and I have a chronic illness?
Edited by cousinkevin, 02 November 2013 - 06:59 PM.
#15
Posted 02 November 2013 - 06:47 PM
Hi cousinkevin,
You have a few options:
Disconnect from the Internet
Uninstall AVG, then run ComboFix
or
Just acknowledge the ComboFix prompt about AVG and run ComboFix with AVG enabled.
Proud Graduate of WTT Classroom
Member of UNITE
Threads will be closed if no response after 5 days
If you are satisfied with the help you have received, please consider making a donation.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users