Solved Recurrent Rookits

S

SPasini

Posts: 50   +0
HEY EVERYONE THERE! WELL I HOPE I'LL FIND SOME HELP

BECAUSE I GOT A COUPLE OF LITTLE ****ERS BOTHERING ME -

PARDON MY FRENCH - AND AVAST DETECT 'EM EVERY SINGLE

TIME I START OR RESTART MY LAPTOP EQUIPPED WITH THE

MARVELOUS XP PACK 3 PRO ECC. AND THESE ROOKITS OR SO

AVAST SAYS.. THEY ARE BUILDED AS A LARGE CODE SVC OR

SOMETHING ALIKE PLUS A LARGE CODE WITH NUMBERS MAINLY

AND SOME SYMBOLS AND LETTERS..! PLS I NEED SOME HELP TO

ERASE 'EM FOR GOOD AND TO TRY TO IDENTIFY THE KIND

BECAUSE AVAST IN THIS CASE DIDN'T TELL ME ANYTHING ELSE

JUST THE ACTION RECOMMENDED - DELETE - AND THEY SHOW UP

AFTERWARD WITH EVERY REBOOT..WELL IF SOMEONE GOT SOMETHING LIKE

THAT AND HAVING THE FIX AVAILABLE PLS SHARE IT WITH ME! TKS COMRADES..!!
It might be of some help:
SVC:(B2049677-E533-44OA-8C
SVC:(FABD812A-51AA-491C-A
Both detected as rookits by Avast and the following

message in each one: Rookit hidden service.
Repeated twice
Tks again!
 

Attachments

  • mbam.txt
    1.2 KB · Views: 1
  • FRST.txt
    41.6 KB · Views: 1
  • Addition.txt
    39.4 KB · Views: 0
  • aswMBR.txt
    4.4 KB · Views: 2
First of all, please do NOT write in capital letters. I can read normal letters just fine.
Secondly, observe forum rules. All logs have to be pasted not attached.
Thirdly. our preliminaries ask only for FRST logs, nothing else.
 
Sorry and tks for your reply!

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-08-2015 01
Ran by S_PASINI (administrator) on SERGIOPASINI (10-04-2018 18:28:51)
Running from C:\Documents and Settings\S_PASINI\Desktop
Loaded Profiles: S_PASINI (Available Profiles: S_PASINI & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: Italiano (Italia)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\programmi\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\programmi\Intel\Wireless\Bin\S24EvMon.exe
(Intel(R) Corporation) C:\programmi\Intel\Wireless\Bin\WLKEEPER.exe
(AVAST Software) C:\programmi\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\netdde.exe
(SUPERAntiSpyware.com) C:\programmi\SUPERAntiSpyware\SASCORE.EXE
() C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
() C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\DatacardService\HWDeviceService.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
(PC Tools) C:\programmi\Norton Utilities 16\sMonitor\StartManSvc.exe
(O2Micro International) C:\WINDOWS\system32\drivers\o2flash.exe
(Intel Corporation) C:\programmi\Intel\Wireless\Bin\RegSrvc.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Malwarebytes) C:\programmi\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software) C:\programmi\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Synaptics, Inc.) C:\programmi\Synaptics\SynTP\SynTPEnh.exe
(Mister Group) C:\programmi\System Explorer\SystemExplorer.exe
(QFX Software Corporation) C:\programmi\KeyScrambler\KeyScrambler.exe
(Mister Group) C:\programmi\System Explorer\service\SystemExplorerService.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Intel Corporation) C:\programmi\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\programmi\Intel\Wireless\Bin\iFrmewrk.exe
(Motorola Inc.) C:\WINDOWS\sm56hlpr.exe
(Intel Corporation) C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
(Piriform Ltd) C:\programmi\Speccy\Speccy.exe
(ALCPU) C:\programmi\Core Temp\Core Temp.exe
(VideoLAN) C:\programmi\VideoLAN\VLC\vlc.exe
(Piriform Ltd) C:\programmi\CCleaner\CCleaner.exe
(Adobe Systems Incorporated) C:\programmi\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Malwarebytes) C:\programmi\Malwarebytes\Anti-Malware\mbamtray.exe
(Adobe Systems Incorporated) C:\programmi\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\programmi\windows media player\wmplayer.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\programmi\Mozilla Firefox\firefox.exe
(AVAST Software) C:\programmi\AVAST Software\Avast\AvastUI.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AzMixerSel] => C:\programmi\Realtek\InstallShield\AzMixerSel.exe [53248 2005-08-25] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Programmi\Synaptics\SynTP\SynTPEnh.exe [761946 2006-03-09] (Synaptics, Inc.)
HKLM\...\Run: [SystemExplorerAutoStart] => C:\Programmi\System Explorer\SystemExplorer.exe [3390776 2016-04-12] (Mister Group)
HKLM\...\Run: [KeyScrambler] => C:\Programmi\KeyScrambler\keyscrambler.exe [515600 2017-04-23] (QFX Software Corporation)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20146192 2017-10-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Programmi\AVAST Software\Avast\AvLaunch.exe [242392 2018-04-04] (AVAST Software)
HKLM\...\Run: [IntelZeroConfig] => C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe [667718 2005-12-28] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe [602182 2005-12-28] (Intel Corporation)
HKLM\...\Run: [SMSERIAL] => C:\WINDOWS\sm56hlpr.exe [557056 2005-11-09] (Motorola Inc.)
HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Run: [Speccy] => C:\Programmi\Speccy\Speccy.exe [5120216 2017-06-27] (Piriform Ltd)
HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Run: [Core Temp] => C:\Programmi\Core Temp\Core Temp.exe [881240 2017-11-04] (ALCPU)
HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Run: [vlc.exe] => C:\programmi\VideoLAN\VLC\vlc.exe [144304 2017-11-29] (VideoLAN)
HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Run: [mbam.exe] => C:\programmi\Malwarebytes\Anti-Malware\mbam.exe [10155984 2017-12-26] (Malwarebytes)
HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Run: [AvastSvc.exe] => C:\Programmi\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-04] (AVAST Software)
HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Run: [CCleaner Monitoring] => C:\programmi\CCleaner\CCleaner.exe [12762872 2018-03-06] (Piriform Ltd)
HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Run: [CCleaner] => C:\Programmi\CCleaner\CCleaner.exe [12762872 2018-03-06] (Piriform Ltd)
HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Run: [AcroRd32.exe] => C:\programmi\Adobe\Reader 11.0\Reader\AcroRd32.exe [1457552 2014-08-05] (Adobe Systems Incorporated)
HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Run: [firefox.exe] => C:\programmi\Mozilla Firefox\firefox.exe [517072 2018-03-28] (Mozilla Corporation)
HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Run: [mbamtray.exe] => C:\programmi\Malwarebytes\Anti-Malware\mbamtray.exe [3515856 2017-12-26] (Malwarebytes)
HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Run: [Mobile Partner] => C:\programmi\Claro Internet\Claro Internet.exe [515072 2018-03-25] ()
HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Run: [wmplayer.exe] => C:\programmi\windows media player\wmplayer.exe [64512 2009-01-30] (Microsoft Corporation)
HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Run: [Spybot-S&D Cleaning] => C:\programmi\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programmi\AVAST Software\Avast\ashShell.dll [2018-04-04] (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-823518204-484061587-842925246-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-823518204-484061587-842925246-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie
HKU\S-1-5-21-823518204-484061587-842925246-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKU\S-1-5-21-823518204-484061587-842925246-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKU\S-1-5-21-823518204-484061587-842925246-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll [2018-02-21] (AVAST Software)
BHO: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Programmi\Free Download Manager\iefdm2.dll [2015-08-07] (FreeDownloadManager.ORG)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
ShellExecuteHooks: Hook per l'esecuzione degli URL - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8492032 2012-06-08] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programmi\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\S_PASINI\Dati applicazioni\Mozilla\Firefox\Profiles\5mq4bsee.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-11] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programmi\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-10-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programmi\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-10-12] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Programmi\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Programmi\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Extension: No Name - C:\Documents and Settings\S_PASINI\Dati applicazioni\Mozilla\Firefox\Profiles\5mq4bsee.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2017-11-03]
FF Extension: No Name - C:\Documents and Settings\S_PASINI\Dati applicazioni\Mozilla\Firefox\Profiles\5mq4bsee.default\Extensions\wrc@avast.com.xpi [2017-12-17]
FF Extension: Default - C:\Programmi\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2018-03-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-04-30]
FF HKU\S-1-5-21-823518204-484061587-842925246-1003\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Free Download Manager\Firefox\Extensions\2.1.13
FF Extension: Free Download Manager extension - C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Free Download Manager\Firefox\Extensions\2.1.13 [2017-10-12]

Chrome:
=======
CHR Profile: C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-11]
CHR Extension: (Google Drive) - C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-11]
CHR Extension: (YouTube) - C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-11]
CHR Extension: (Google Search) - C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2017-10-11]
CHR Extension: (Google Docs Offline) - C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-13]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-12]
CHR Extension: (Gmail) - C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-11]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Programmi\SUPERAntiSpyware\SASCORE.EXE [143776 2017-10-12] (SUPERAntiSpyware.com)
S2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
R3 aswbIDSAgent; C:\Programmi\AVAST Software\Avast\aswidsagent.exe [5947256 2018-04-04] (AVAST Software)
R2 avast! Antivirus; C:\Programmi\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-04] (AVAST Software)
S2 Claro Internet. RunOuc; C:\Programmi\Claro Internet\UpdateDog\ouc.exe [655712 2011-12-23] ()
S3 DiskDoctorService; C:\Programmi\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1150552 2015-03-17] (Symantec Corporation)
R2 EvtEng; C:\Programmi\Intel\Wireless\Bin\EvtEng.exe [114753 2005-12-28] (Intel Corporation) [File not signed]
S2 gupdate; C:\Programmi\Google\Update\GoogleUpdate.exe [107848 2017-10-12] (Google Inc.)
S3 gupdatem; C:\Programmi\Google\Update\GoogleUpdate.exe [107848 2017-10-12] (Google Inc.)
R2 HWDeviceService.exe; C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 MBAMService; C:\Programmi\Malwarebytes\Anti-Malware\mbamservice.exe [4563920 2017-11-01] (Malwarebytes)
S2 MozillaMaintenance; C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe [174032 2018-03-28] (Mozilla Foundation)
R2 NU16StartManagerSvc; C:\Programmi\Norton Utilities 16\sMonitor\StartManSvc.exe [795736 2015-03-17] (PC Tools)
R2 O2Flash; C:\WINDOWS\system32\DRIVERS\o2flash.exe [72224 2017-10-16] (O2Micro International)
S3 QFXUpdateService; C:\Programmi\KeyScrambler\QFXUpdateService.exe [75792 2017-04-23] ()
R2 RegSrvc; C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe [217164 2005-12-28] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-12-28] (Intel Corporation ) [File not signed]
S3 SDScannerService; C:\Programmi\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Programmi\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
S2 SDWSCService; C:\Programmi\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
S3 SpeedDiskService; C:\Programmi\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1163864 2015-03-17] (Symantec Corporation)
R3 SystemExplorerHelpService; C:\Programmi\System Explorer\service\SystemExplorerService.exe [567008 2014-12-20] (Mister Group)
R2 WLANKEEPER; C:\Programmi\Intel\Wireless\Bin\WLKeeper.exe [262217 2005-12-28] (Intel(R) Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Programmi\Windows Media Player\WMPNetwk.exe [913408 2009-01-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2018-02-25] (Meetinghouse Data Communications) [File not signed]
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1693456 2017-10-16] (Creative)
S3 andnetndis; C:\WINDOWS\System32\DRIVERS\lgandnetndis.sys [71808 2016-03-02] (LG Electronics Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167040 2018-04-04] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [185432 2018-03-05] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [157368 2018-03-05] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [276688 2018-03-05] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [50336 2018-03-05] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [180984 2018-04-04] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42808 2018-04-04] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [124392 2018-04-04] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70576 2018-04-04] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [70816 2018-04-04] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [783600 2018-04-04] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [391856 2018-04-04] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [205352 2018-04-04] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310784 2018-04-04] (AVAST Software)
R3 cpuz143; C:\Documents and Settings\S_PASINI\Impostazioni locali\temp\cpuz143\cpuz143_x32.sys [49592 2018-04-10] (CPUID) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [59896 2017-12-26] ()
R3 huawei_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_jucdcacm.sys [95744 2011-11-24] (Huawei Technologies Co., Ltd.)
R3 huawei_cdcecm; C:\WINDOWS\System32\DRIVERS\ew_jucdcecm.sys [67584 2011-11-24] (Huawei Technologies Co., Ltd.)
R3 huawei_ext_ctrl; C:\WINDOWS\System32\DRIVERS\ew_juextctrl.sys [27520 2011-11-24] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2017-10-12] (REALiX(tm))
R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [220192 2017-02-19] (QFX Software Corporation)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [40376 2018-04-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [221112 2018-04-10] (Malwarebytes)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1397776 2017-10-16] (Creative Technology Ltd.)
R3 NETwLx32; C:\WINDOWS\System32\DRIVERS\NETwLx32.sys [6609920 2017-10-16] (Intel Corporation)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13568 2005-12-28] (Intel Corporation) [File not signed]
R1 SASDIFSV; C:\Programmi\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Programmi\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
R3 ALSysIO; \??\C:\DOCUME~1\S_PASINI\IMPOST~1\Temp\ALSysIO.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 catchme; \??\C:\DOCUME~1\S_PASINI\IMPOST~1\Temp\catchme.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [245376 2011-12-30] (Huawei Technologies Co., Ltd.)
S3 w39n51; system32\DRIVERS\w39n51.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-10 18:28 - 2018-04-10 18:30 - 00021339 _____ C:\Documents and Settings\S_PASINI\Desktop\FRST.txt
2018-04-10 18:24 - 2018-04-10 18:29 - 00000000 ____D C:\FRST
2018-04-10 18:23 - 2017-10-03 18:12 - 00797760 _____ C:\Documents and Settings\S_PASINI\Desktop\delfix_1.013.exe
2018-04-10 18:23 - 2017-05-06 18:53 - 01673728 _____ (Farbar) C:\Documents and Settings\S_PASINI\Desktop\FRST.exe
2018-04-10 17:26 - 2018-04-10 18:27 - 00158500 _____ C:\WINDOWS\setupapi.log
2018-04-04 13:38 - 2018-04-04 13:37 - 00320728 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-04-01 19:21 - 2018-04-01 19:21 - 00000029 _____ C:\Documents and Settings\S_PASINI\Songs_to_look4.txt
2018-04-01 17:28 - 2018-04-01 17:28 - 00000000 ____D C:\Documents and Settings\S_PASINI\Dati applicazioni\LG Electronics
2018-04-01 17:10 - 2018-04-01 17:10 - 00000839 _____ C:\Documents and Settings\All Users.WINDOWS\Desktop\LG PC Suite.lnk
2018-04-01 17:09 - 2018-04-01 17:09 - 00000000 ____D C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\LG Electronics
2018-04-01 17:09 - 2018-04-01 17:09 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\LG PC Suite
2018-04-01 17:09 - 2018-04-01 17:09 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\LG PC Suite
2018-03-31 09:04 - 2018-03-31 09:04 - 00000194 _____ C:\drwtsn32.log
2018-03-29 20:13 - 2018-04-05 19:11 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\TEMP
2018-03-29 20:13 - 2018-04-05 19:11 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\TEMP
2018-03-28 22:08 - 2018-03-29 07:49 - 00000000 ____D C:\Programmi\Mozilla Firefox
2018-03-25 20:50 - 2018-03-26 09:02 - 00000290 _____ C:\WINDOWS\Tasks\Driver Booster Scheduler.job
2018-03-25 20:50 - 2018-03-25 20:55 - 00001845 _____ C:\Documents and Settings\All Users.WINDOWS\Desktop\Driver Booster 5.lnk
2018-03-25 20:50 - 2018-03-25 20:50 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Driver Booster 5
2018-03-25 20:50 - 2018-03-25 20:50 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Driver Booster 5
2018-03-25 20:49 - 2018-03-25 20:49 - 00000000 ____D C:\Programmi\IObit
2018-03-25 20:48 - 2018-03-26 08:32 - 00000000 ____D C:\Documents and Settings\S_PASINI\Dati applicazioni\IObit
2018-03-25 20:48 - 2018-03-25 20:55 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\IObit
2018-03-25 20:48 - 2018-03-25 20:55 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\IObit
2018-03-25 00:15 - 2018-03-25 00:15 - 00000726 _____ C:\Documents and Settings\All Users.WINDOWS\Desktop\Claro Internet.lnk
2018-03-25 00:15 - 2018-03-25 00:15 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Claro Internet
2018-03-25 00:15 - 2018-03-25 00:15 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Claro Internet
2018-03-25 00:10 - 2018-03-25 00:15 - 00000000 ____D C:\Programmi\Claro Internet
2018-03-24 21:02 - 2011-12-30 22:22 - 00245376 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbnet.sys
2018-03-24 21:02 - 2011-12-30 22:20 - 00199168 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2018-03-24 21:02 - 2011-11-24 08:30 - 00095744 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys
2018-03-24 21:02 - 2011-11-24 08:30 - 00076544 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2018-03-24 21:02 - 2011-11-24 08:30 - 00067584 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys
2018-03-24 21:02 - 2011-11-24 08:30 - 00027520 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys
2018-03-24 21:02 - 2010-10-08 05:55 - 00025856 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys
2018-03-24 21:02 - 2010-09-26 07:09 - 00019200 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys
2018-03-24 21:02 - 2010-08-05 20:42 - 00861696 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys
2018-03-24 21:02 - 2010-07-26 22:52 - 00102784 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys
2018-03-24 21:02 - 2010-03-20 01:06 - 00011136 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys
2018-03-24 21:02 - 2005-05-13 05:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccid.sys
2018-03-24 17:56 - 2018-04-10 18:30 - 00000000 ____D C:\Documents and Settings\S_PASINI\Impostazioni locali\temp
2018-03-24 17:56 - 2018-04-10 01:20 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY.009\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\NetworkService.NT AUTHORITY.008\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\NetworkService.NT AUTHORITY.005\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\NetworkService.NT AUTHORITY.003\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\NetworkService.NT AUTHORITY.001\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\NetworkService.NT AUTHORITY.000\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY.008\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY.005\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY.004\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY.003\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY.002\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY.001\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY.000\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\Administrator\Impostazioni locali\temp
2018-03-24 17:56 - 2018-03-24 17:56 - 00000000 ____D C:\Documents and Settings\Administrator.SERGIOPASINI\Impostazioni locali\temp
2018-03-17 20:11 - 2018-03-17 20:11 - 00000000 ____D C:\Programmi\Tweaking.com

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-10 18:23 - 2017-10-11 22:03 - 01750083 ____C C:\WINDOWS\WindowsUpdate.log
2018-04-10 17:41 - 2017-12-17 09:06 - 00000350 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2018-04-10 17:27 - 2017-10-11 22:15 - 00000000 ___HD C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni
2018-04-10 17:25 - 2017-10-11 22:15 - 00000000 ____D C:\Documents and Settings\S_PASINI
2018-04-10 17:23 - 2017-12-24 17:14 - 00040376 ____C (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-04-10 17:22 - 2017-12-24 17:14 - 00221112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2018-04-10 17:20 - 2017-10-11 22:11 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2018-04-10 01:30 - 2018-03-05 09:23 - 00064200 _____ C:\Documents and Settings\LocalService.NT AUTHORITY.009\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2018-04-10 01:30 - 2017-10-11 22:11 - 00000000 ___HD C:\Documents and Settings\LocalService.NT AUTHORITY.009\Impostazioni locali\Dati applicazioni
2018-04-10 01:29 - 2017-10-19 18:57 - 00086502 ____C C:\Documents and Settings\LocalService.NT AUTHORITY.009\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-System.dat
2018-04-10 01:29 - 2017-10-11 22:15 - 00000194 __SHC C:\Documents and Settings\S_PASINI\ntuser.ini
2018-04-10 01:29 - 2017-10-11 22:11 - 00032420 ____N C:\WINDOWS\SchedLgU.Txt
2018-04-10 01:11 - 2018-01-11 17:43 - 00000000 ____D C:\Documents and Settings\S_PASINI\Dati applicazioni\vlc
2018-04-09 01:06 - 2017-10-12 21:14 - 00000000 ____D C:\Documents and Settings\S_PASINI\Dati applicazioni\Free Download Manager
2018-04-07 19:38 - 2014-05-02 17:48 - 00000000 ____D C:\WINDOWS\Minidump
2018-04-06 19:46 - 2017-10-11 22:15 - 00000000 ___RD C:\Documents and Settings\S_PASINI\Menu Avvio\Programmi
2018-04-06 19:44 - 2017-10-11 18:43 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Esecuzione automatica
2018-04-06 19:44 - 2017-10-11 18:43 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Esecuzione automatica
2018-04-06 19:44 - 2017-10-11 18:43 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi
2018-04-06 19:44 - 2017-10-11 18:43 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi
2018-04-06 19:32 - 2017-10-12 19:22 - 00000000 ____D C:\Programmi\Speccy
2018-04-06 18:48 - 2017-10-12 13:36 - 00000000 ____D C:\Programmi\SUPERAntiSpyware
2018-04-06 17:10 - 2017-10-13 07:59 - 00000000 ____D C:\Programmi\Hard Disk Sentinel
2018-04-06 08:18 - 2015-11-05 16:36 - 00000000 ____D C:\Documents and Settings\S_PASINI\Documenti\ThyBooks'n stuff
2018-04-06 07:38 - 2017-10-11 18:44 - 01266812 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-06 07:38 - 2008-04-14 09:00 - 00553950 ____C C:\WINDOWS\system32\perfh010.dat
2018-04-06 07:38 - 2008-04-14 09:00 - 00104576 ____C C:\WINDOWS\system32\perfc010.dat
2018-04-05 19:16 - 2017-10-11 22:15 - 00000000 __SHD C:\Documents and Settings\S_PASINI\Impostazioni locali\Cronologia
2018-04-05 19:11 - 2018-01-01 19:50 - 00000000 ____D C:\Documents and Settings\S_PASINI\Dati applicazioni\Norton Utilities 16
2018-04-05 19:11 - 2017-10-22 10:14 - 05087232 _____ C:\Documents and Settings\Administrator.SERGIOPASINI\s-1-5-21-823518204-484061587-842925246-500.rrr
2018-04-05 19:11 - 2017-10-19 19:16 - 00000000 ____D C:\Documents and Settings\Administrator.SERGIOPASINI
2018-04-05 19:11 - 2017-10-12 17:05 - 07847936 _____ C:\Documents and Settings\S_PASINI\s-1-5-21-823518204-484061587-842925246-1003.rrr
2018-04-05 19:11 - 2017-10-12 17:05 - 00245760 _____ C:\Documents and Settings\LocalService.NT AUTHORITY.009\s-1-5-19.rrr
2018-04-05 19:11 - 2017-10-11 22:11 - 00000000 __SHD C:\Documents and Settings\LocalService.NT AUTHORITY.009
2018-04-05 19:10 - 2017-10-12 17:05 - 26447872 _____ C:\WINDOWS\system32\config\software.rrr
2018-04-05 19:10 - 2017-10-12 17:05 - 04931584 _____ C:\WINDOWS\system32\config\default.rrr
2018-04-05 19:10 - 2017-10-12 17:05 - 00245760 _____ C:\Documents and Settings\NetworkService.NT AUTHORITY.008\s-1-5-20.rrr
2018-04-05 19:10 - 2017-10-11 22:11 - 00000000 __SHD C:\Documents and Settings\NetworkService.NT AUTHORITY.008
2018-04-05 18:56 - 2014-04-27 02:10 - 00000000 ____D C:\WINDOWS\Registration
2018-04-05 18:48 - 2017-12-25 19:18 - 00000000 ____D C:\Programmi\Norton Utilities 16
2018-04-04 13:37 - 2017-12-17 09:06 - 00391856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-04-04 13:37 - 2017-12-17 09:06 - 00310784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-04-04 13:37 - 2017-12-17 09:06 - 00205352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2018-04-04 13:37 - 2017-12-17 09:06 - 00167040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-04-04 13:37 - 2017-12-17 09:06 - 00124392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-04-04 13:37 - 2017-12-17 09:06 - 00070816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-04-04 13:37 - 2017-12-17 09:06 - 00070576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2018-04-04 13:37 - 2017-12-17 09:06 - 00042808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-04-04 13:36 - 2017-12-21 14:16 - 00180984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-04-04 13:36 - 2017-12-17 09:06 - 00783600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-04-04 12:48 - 2012-12-30 16:33 - 00000000 ____D C:\Documents and Settings\Documenti\Personal PH
2018-04-04 08:30 - 2017-12-12 17:58 - 00000000 ____D C:\Documents and Settings\S_PASINI\Dati applicazioni\Software Informer
2018-04-03 21:03 - 2017-10-12 16:28 - 00000000 ____D C:\Documents and Settings\S_PASINI\Dati applicazioni\BitTorrent
2018-04-02 17:26 - 2016-12-20 16:15 - 00000332 ___SH C:\boot.ini
2018-04-02 01:14 - 2017-10-11 22:15 - 00000000 ___RD C:\Documents and Settings\S_PASINI\Documenti
2018-04-01 17:28 - 2017-10-11 22:15 - 00000000 __RHD C:\Documents and Settings\S_PASINI\Dati applicazioni
2018-04-01 17:08 - 2017-10-21 13:01 - 00000000 ____D C:\Programmi\LG Electronics
2018-04-01 17:07 - 2017-10-11 21:57 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Accessori
2018-04-01 17:07 - 2017-10-11 21:57 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Accessori
2018-03-30 12:33 - 2013-05-16 11:23 - 00000000 ____D C:\Documents and Settings\Documenti\Documenti\movies
2018-03-30 02:41 - 2017-10-11 22:39 - 00008704 ____C C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-03-29 20:47 - 2017-10-11 22:20 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\DatacardService
2018-03-29 20:47 - 2017-10-11 22:20 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\DatacardService
2018-03-29 20:13 - 2016-12-20 16:38 - 00000000 __RHD C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni
2018-03-29 19:47 - 2014-04-27 02:24 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
2018-03-29 19:45 - 2018-01-08 16:17 - 00000000 ____D C:\Programmi\Intel
2018-03-29 12:52 - 2017-10-19 17:50 - 00000000 ____D C:\Programmi\Mozilla Maintenance Service
2018-03-29 07:49 - 2014-05-08 18:55 - 00000000 ____D C:\programmi
2018-03-27 13:30 - 2008-04-14 09:00 - 00013062 ____C C:\WINDOWS\system32\wpa.dbl
2018-03-27 08:53 - 2017-10-11 22:11 - 00000042 __SHC C:\Documents and Settings\LocalService.NT AUTHORITY.009\ntuser.ini
2018-03-25 20:57 - 2017-10-12 14:03 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\ProductData
2018-03-25 20:57 - 2017-10-12 14:03 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\ProductData
2018-03-25 01:33 - 2014-05-08 18:55 - 00000000 ____D C:\Programmi\file comuni
2018-03-24 17:56 - 2017-10-19 19:16 - 00000000 ___HD C:\Documents and Settings\Administrator.SERGIOPASINI\Impostazioni locali
2018-03-24 17:56 - 2017-10-11 22:15 - 00000000 ___HD C:\Documents and Settings\S_PASINI\Impostazioni locali
2018-03-24 17:56 - 2017-10-11 22:11 - 00000000 ___HD C:\Documents and Settings\NetworkService.NT AUTHORITY.008\Impostazioni locali
2018-03-24 17:56 - 2017-10-11 22:11 - 00000000 ___HD C:\Documents and Settings\LocalService.NT AUTHORITY.009\Impostazioni locali
2018-03-24 17:56 - 2016-12-20 20:16 - 00000000 ___HD C:\Documents and Settings\LocalService.NT AUTHORITY.008\Impostazioni locali
2018-03-24 17:56 - 2015-05-11 10:19 - 00000000 ___HD C:\Documents and Settings\Administrator\Impostazioni locali
2018-03-24 17:56 - 2014-05-08 21:18 - 00000000 ___HD C:\Documents and Settings\LocalService.NT AUTHORITY.005\Impostazioni locali
2018-03-24 17:56 - 2014-05-08 21:17 - 00000000 ___HD C:\Documents and Settings\NetworkService.NT AUTHORITY.005\Impostazioni locali
2018-03-24 17:56 - 2014-05-06 01:44 - 00000000 ___HD C:\Documents and Settings\LocalService.NT AUTHORITY.004\Impostazioni locali
2018-03-24 17:56 - 2014-05-06 01:43 - 00000000 ___HD C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Impostazioni locali
2018-03-24 17:56 - 2014-04-27 02:20 - 00000000 ___HD C:\Documents and Settings\NetworkService.NT AUTHORITY.003\Impostazioni locali
2018-03-24 17:56 - 2014-04-27 02:20 - 00000000 ___HD C:\Documents and Settings\LocalService.NT AUTHORITY.003\Impostazioni locali
2018-03-24 17:56 - 2014-04-15 14:22 - 00000000 ___HD C:\Documents and Settings\LocalService.NT AUTHORITY.002\Impostazioni locali
2018-03-24 17:56 - 2014-03-22 22:28 - 00000000 ___HD C:\Documents and Settings\LocalService.NT AUTHORITY.001\Impostazioni locali
2018-03-24 17:56 - 2014-03-22 22:26 - 00000000 ___HD C:\Documents and Settings\NetworkService.NT AUTHORITY.001\Impostazioni locali
2018-03-24 17:56 - 2013-07-27 20:39 - 00000000 ___HD C:\Documents and Settings\NetworkService.NT AUTHORITY.000\Impostazioni locali
2018-03-24 17:56 - 2013-07-27 20:39 - 00000000 ___HD C:\Documents and Settings\LocalService.NT AUTHORITY.000\Impostazioni locali
2018-03-24 17:56 - 2013-07-25 12:17 - 00000000 ___HD C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali
2018-03-24 17:52 - 2008-04-14 09:00 - 00000227 _____ C:\WINDOWS\system.ini
2018-03-24 00:49 - 2017-12-27 17:59 - 00000326 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2018-03-24 00:06 - 2017-10-19 17:53 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Malwarebytes' Anti-Malware (portable)
2018-03-24 00:06 - 2017-10-19 17:53 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Malwarebytes' Anti-Malware (portable)
2018-03-21 07:27 - 2018-02-22 07:24 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\OnlineUpdate
2018-03-21 07:27 - 2018-02-22 07:24 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\OnlineUpdate
2018-03-21 07:27 - 2018-02-22 07:24 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\log
2018-03-21 07:27 - 2018-02-22 07:24 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\log
2018-03-19 20:39 - 2018-02-08 22:07 - 00000534 _____ C:\WINDOWS\Tasks\Tweaking.com - Windows Repair Tray Icon.job
2018-03-17 20:52 - 2017-12-27 17:58 - 00000654 ____C C:\Documents and Settings\All Users.WINDOWS\Desktop\CCleaner.lnk
2018-03-17 20:25 - 2017-12-12 17:57 - 00000000 ____D C:\Programmi\Software Informer
2018-03-17 20:25 - 2017-10-12 13:58 - 00000717 _____ C:\Documents and Settings\All Users.WINDOWS\Desktop\Software Informer.lnk
2018-03-17 20:25 - 2017-10-12 13:58 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Software Informer
2018-03-17 20:25 - 2017-10-12 13:58 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Software Informer
2018-03-15 20:55 - 2018-01-03 07:16 - 00000000 ____D C:\Documents and Settings\S_PASINI\Dati applicazioni\tor
2018-03-15 00:48 - 2017-10-12 13:29 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Spybot - Search & Destroy
2018-03-15 00:48 - 2017-10-12 13:29 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Spybot - Search & Destroy

==================== Files in the root of some directories =======

2017-10-11 22:39 - 2018-03-30 02:41 - 0008704 ____C () C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-10-24 20:10 - 2017-10-24 20:10 - 0000036 ____C () C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\housecall.guid.cache

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of log ============================
 
I don't know if this one is necessary but it showed up with the initial scan.

Additional scan result of Farbar Recovery Scan Tool (x86) Version:02-08-2015 01
Ran by S_PASINI (2018-04-10 18:31:32)
Running from C:\Documents and Settings\S_PASINI\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-823518204-484061587-842925246-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator.SERGIOPASINI
ASPNET (S-1-5-21-823518204-484061587-842925246-1004 - Limited - Enabled)
Guest (S-1-5-21-823518204-484061587-842925246-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-823518204-484061587-842925246-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-823518204-484061587-842925246-1002 - Limited - Disabled)
S_PASINI (S-1-5-21-823518204-484061587-842925246-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\S_PASINI

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {D4AC7077-9720-47B0-8B38-DFAF3AA21DB6}
AV: Avast Antivirus (Enabled - Up to date) {7591db91-41f0-48a3-b128-1a293fd8233d}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.195 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM\...\{158D6908-7A47-4126-BFB4-D0C2F9ACC9BE}) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version: - Microsoft Corporation)
Aggiornamento della protezione per Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Aggiornamento rapido per Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.3.2333 - AVAST Software)
BitTorrent (HKU\S-1-5-21-823518204-484061587-842925246-1003\...\BitTorrent) (Version: 7.10.3.44359 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Claro Internet (HKLM\...\Claro Internet) (Version: 23.003.07.00.252 - Huawei Technologies Co.,Ltd)
Core Temp 1.11 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.11 - ALCPU)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Driver Booster 5 (HKLM\...\Driver Booster_is1) (Version: 5.3.0 - IObit)
FileAlyzer 2 (HKLM\...\{29D3773E-54F4-23C2-D523-236A4453B845}_is1) (Version: 2.0.5.57 - Safer Networking Limited)
Free Download Manager 3.9.6 (HKLM\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
Hard Disk Sentinel (HKLM\...\Hard Disk Sentinel_is1) (Version: 5.01 - Janos Mathe)
iDealshare VideoGo 6.1.1.6250 (HKLM\...\{CC4C06C4-7C78-4AAB-B5AF-33FB11CCD850}_is1) (Version: - iDealshare Corporation)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
KC Softwares VideoInspector (HKLM\...\KC Softwares VideoInspector_is1) (Version: 2.11.0.139 - KC Softwares)
KeyScrambler (HKLM\...\KeyScrambler) (Version: 3.11.0.3 - QFX Software Corporation)
LG Mobile Driver (HKLM\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.1.1 - LG Electronics)
LG PC Suite (HKLM\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
mCore (Version: 5.45.0000 - Intel Corporation) Hidden
mDriver (Version: 5.45.0000 - Intel) Hidden
mDrWiFi (Version: 5.45.0000 - Intel Corporation) Hidden
mEoU (Version: 5.45.0000 - Intel Corporation) Hidden
mHelp (Version: 5.45.0000 - Intel) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ITA (HKLM\...\{71CB2612-627C-3D58-8D82-B77444B27B6A}) (Version: 2.1.21022 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - ITA (HKLM\...\{59EC5F32-D8D7-3909-B0CB-255AD09F5993}) (Version: 3.1.21022 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 - Language Pack (italiano) (HKLM\...\Microsoft .NET Framework 3.5 Language Pack - ita) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (HKLM\...\Microsoft .NET Framework 4 Client Profile ITA Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended - Language Pack (ITA) (HKLM\...\Microsoft .NET Framework 4 Extended ITA Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
mIWA (Version: 5.45.0000 - Intel Corporation) Hidden
mLogView (Version: 5.45.0000 - Intel Corporation) Hidden
mMHouse (Version: 5.45.0000 - Intel Corporation) Hidden
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version: - )
Mozilla Firefox 52.7.3 ESR (x86 en-US) (HKLM\...\Mozilla Firefox 52.7.3 ESR (x86 en-US)) (Version: 52.7.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.7.3.6655 - Mozilla)
mPfMgr (Version: 5.45.0000 - Intel Corporation) Hidden
mPfWiz (Version: 5.45.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
mSSO (Version: 5.45.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
mToolkit (Version: 5.45.0000 - Intel Corporation) Hidden
Multilizer PDF Translator (Build 10.3.2) (HKLM\...\Multilizer PDF Translator_is1) (Version: - Rex Partners)
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mWMI (Version: 5.45.0000 - Intel Corporation) Hidden
mXML (Version: 5.45.0000 - Intel Corporation) Hidden
mZConfig (Version: 5.45.0000 - Intel Corporation) Hidden
Norton Utilities 16 (HKLM\...\Norton Utilities 16_is1) (Version: 16.0 - Symantec Corporation)
O2Micro Flash Memory Card Windows Driver V1.9 (HKLM\...\InstallShield_{1AB0745A-FB6D-4E0F-8121-2D9FAB399F3A}) (Version: 1.9 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver V1.9 (Version: 1.9 - O2Micro International LTD.) Hidden
REALTEK GbE & FE Ethernet NIC Driver (HKLM\...\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.7282 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Software Informer 1.5.1334.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Software Intel(R) PROSet/Wireless (HKLM\...\ProInst) (Version: 10.1.0.3 - Intel Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.20.0 - Synaptics)
System Explorer 7.0.0 (HKLM\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

01-01-2018 13:07:18 Punto di arresto del sistema
01-01-2018 13:07:18 Punto di arresto del sistema
01-01-2018 13:07:18 End of disinfection
01-01-2018 13:07:27 End of disinfection
01-01-2018 20:37:33 Created by Norton Utilities

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 09:00 - 2018-03-18 13:54 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Avast Emergency Update.job => C:\Programmi\AVAST Software\Avast\AvEmUpdate.exe
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Programmi\CCleaner\CCUpdate.exe
Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Programmi\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\WINDOWS\Tasks\Driver Booster Scheduler.job => C:\programmi\IObit\Driver Booster\5.3.0\Scheduler.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programmi\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programmi\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Accesso.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Mensile.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\NUAutoUpdate.job => C:\programmi\Norton Utilities 16\SULauncher.exe
Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Programmi\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Programmi\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\WINDOWS\Tasks\Tweaking.com - Windows Repair Tray Icon.job => C:\programmi\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe6C:\programmi\Tweaking.com\Windows Repair (All in One)Tweaking.com - Windows Repair)Created By Tweaking.com

==================== Loaded Modules (Whitelisted) ==============

2005-12-28 12:11 - 2005-12-28 12:11 - 00876544 _____ () C:\Programmi\Intel\Wireless\Bin\LIBEAY32.dll
2005-12-28 12:11 - 2005-12-28 12:11 - 00053322 _____ () C:\Programmi\Intel\Wireless\Bin\IntStngs.dll
2005-12-28 12:11 - 2005-12-28 12:11 - 00208965 _____ () C:\Programmi\Intel\Wireless\Bin\IWMSPROV.DLL
2018-04-04 13:37 - 2018-04-04 13:37 - 00349912 _____ () C:\Programmi\AVAST Software\Avast\streamback_avast.dll
2018-04-04 13:37 - 2018-04-04 13:37 - 00295640 _____ () C:\Programmi\AVAST Software\Avast\streamback.dll
2018-04-04 13:37 - 2018-04-04 13:37 - 00282840 _____ () C:\programmi\AVAST Software\Avast\tasks_core.dll
2018-04-09 13:17 - 2018-04-09 13:17 - 05815952 _____ () C:\Programmi\AVAST Software\Avast\defs\18040902\algo.dll
2018-04-04 13:37 - 2018-04-04 13:37 - 00763608 _____ () C:\programmi\AVAST Software\Avast\ffl2.dll
2018-04-04 13:37 - 2018-04-04 13:37 - 00888536 _____ () C:\programmi\AVAST Software\Avast\anen.dll
2018-04-04 13:36 - 2018-04-04 13:36 - 00172760 _____ () C:\programmi\AVAST Software\Avast\hns_tools.dll
2018-04-04 13:37 - 2018-04-04 13:37 - 00969944 _____ () C:\programmi\AVAST Software\Avast\shepherdsync.dll
2018-04-04 13:37 - 2018-04-04 13:37 - 00501464 _____ () C:\programmi\AVAST Software\Avast\gui_cache.dll
2017-10-11 22:23 - 2011-12-23 07:03 - 00655712 _____ () C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\OnlineUpdate\ouc.exe
2017-10-11 22:23 - 2009-01-10 07:32 - 00011362 ____C () C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\OnlineUpdate\mingwm10.dll
2017-10-11 22:23 - 2009-06-22 15:42 - 00043008 ____C () C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2017-10-11 22:23 - 2010-05-14 06:57 - 02415104 ____C () C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\OnlineUpdate\QtCore4.dll
2017-10-11 22:23 - 2010-02-10 11:10 - 01148416 ____C () C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\OnlineUpdate\QtNetwork4.dll
2017-10-11 22:23 - 2011-12-23 04:52 - 00843264 ____C () C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\OnlineUpdate\QueryStrategy.dll
2017-10-11 22:23 - 2010-02-10 11:06 - 00398336 ____C () C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\OnlineUpdate\QtXml4.dll
2011-03-14 12:27 - 2011-03-14 12:27 - 00271712 _____ () C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\DatacardService\HWDeviceService.exe
2017-12-24 17:14 - 2017-12-26 16:19 - 01934792 _____ () C:\PROGRAMMI\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-04 13:36 - 2018-04-04 13:36 - 00624856 _____ () c:\programmi\AVAST Software\Avast\vaarclient.dll
2018-04-04 13:37 - 2018-04-04 13:37 - 00295640 _____ () c:\programmi\AVAST Software\Avast\StreamBack.dll
2005-12-28 12:11 - 2005-12-28 12:11 - 00876544 _____ () C:\Programmi\Intel\Wireless\bin\LIBEAY32.dll
2005-12-28 12:11 - 2005-12-28 12:11 - 00053322 _____ () C:\Programmi\Intel\Wireless\bin\IntStngs.dll
2017-10-11 22:30 - 2005-11-09 00:44 - 00069632 ____R () C:\WINDOWS\sm56eng.dll
2017-10-11 22:30 - 2005-11-09 00:44 - 00061440 ____R () C:\WINDOWS\sm56fra.dll
2017-10-11 22:30 - 2005-11-09 00:44 - 00069632 ____R () C:\WINDOWS\sm56brz.dll
2017-10-11 22:30 - 2005-11-09 00:44 - 00049152 ____R () C:\WINDOWS\sm56chs.dll
2017-10-11 22:30 - 2005-11-09 00:44 - 00049152 ____R () C:\WINDOWS\sm56cht.dll
2017-10-11 22:30 - 2005-11-09 00:44 - 00061440 ____R () C:\WINDOWS\sm56ger.dll
2017-10-11 22:30 - 2005-11-09 00:44 - 00069632 ____R () C:\WINDOWS\sm56itl.dll
2017-10-11 22:30 - 2005-11-09 00:44 - 00053248 ____R () C:\WINDOWS\sm56jpn.dll
2017-10-11 22:30 - 2005-11-09 00:44 - 00069632 ____R () C:\WINDOWS\sm56spn.dll
2005-11-16 10:05 - 2005-11-16 10:05 - 00970862 _____ () C:\programmi\Intel\Wireless\Bin\acAuth.dll
2005-12-28 12:11 - 2005-12-28 12:11 - 00053322 _____ () C:\programmi\Intel\Wireless\Bin\IntStngs.dll
2005-12-28 12:11 - 2005-12-28 12:11 - 00208965 _____ () C:\programmi\Intel\Wireless\Bin\iWMSProv.dll
2005-12-28 12:11 - 2005-12-28 12:11 - 00876544 _____ () C:\programmi\Intel\Wireless\Bin\Libeay32.dll
2017-10-12 19:32 - 2017-10-12 19:32 - 00054488 _____ () C:\programmi\CCleaner\branding.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 ____C () C:\programmi\Adobe\Reader 11.0\Reader\sqlite.dll
2017-12-17 09:05 - 2017-12-17 09:05 - 48936448 _____ () C:\programmi\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\g2ldr:SummaryInformation
AlternateDataStreams: C:\g2ldr:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\WINDOWS\system32\msdtc.exe:SummaryInformation
AlternateDataStreams: C:\WINDOWS\system32\msdtc.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\TEMP:792D4CF1
AlternateDataStreams: C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\TEMP:792D4CF1

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\03125554.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\72221037.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\91603510.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\03125554.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\72221037.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\91603510.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7936 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-823518204-484061587-842925246-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\S_PASINI\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
DNS Servers: Media is not connected to internet.
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users.WINDOWS^Menu Avvio^Programmi^Esecuzione automatica^Secunia PSI Tray.lnk => C:\WINDOWS\pss\Secunia PSI Tray.lnkCommon Startup
MSCONFIG\startupreg: AdobeARM.exe => "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BitTorrent => "C:\Documents and Settings\S_PASINI\Dati applicazioni\BitTorrent\BitTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: CTFMON.EXE => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: EOUApp => "C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe"
MSCONFIG\startupreg: Free Download Manager => "C:\programmi\Free Download Manager\fdm.exe" -autorun
MSCONFIG\startupreg: IntelWireless => "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
MSCONFIG\startupreg: IntelZeroConfig => "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~1\file comuni\INSTAL~1\UPDATE~1\isuspm.exe -startup
MSCONFIG\startupreg: SDTray => "C:\Programmi\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SMSERIAL => sm56hlpr.exe
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\programmi\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Programmi\File comuni\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: tor.exe => "C:\programmi\Tor Browser\Browser\TorBrowser\Tor\tor.exe"
MSCONFIG\startupreg: wmplayer.exe => "C:\programmi\windows media player\wmplayer.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\Documents and Settings\S_PASINI\Dati applicazioni\BitTorrent\BitTorrent.exe] => Enabled:BitTorrent
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\sessmgr.exe] => Disabled:mad:xpsp2res.dll,-22019
StandardProfile\AuthorizedApplications: [C:\programmi\Tor Browser\Browser\firefox.exe] => Enabled:Start Tor Browser
StandardProfile\AuthorizedApplications: [C:\programmi\Google\Google Earth\client\googleearth.exe] => Enabled:Start Google Earth
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\mmc.exe] => Disabled:Microsoft Management Console
StandardProfile\AuthorizedApplications: [C:\programmi\AVAST Software\Avast\AvastUI.exe] => Enabled:Avast Free Antivirus
StandardProfile\AuthorizedApplications: [C:\programmi\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\programmi\Free Download Manager\fdm.exe] => Enabled:Free Download Manager
StandardProfile\AuthorizedApplications: [C:\programmi\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\programmi\Mozilla Firefox)
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22008

==================== Faulty Device Manager Devices =============

Name: Porta di comunicazione (COM8)
Description: Porta di comunicazione
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Tipi di porte standard)
Service: Serial
Problem: : Windows cannot determine the settings for this device. Consult the documentation that came with this device and use the Resource tab to set the configuration. (Code 34)
Resolution: The device requires manual configuration. See the hardware documentation or contact the hardware vendor for instructions on manually configuring the device. After you configure the device itself, you can use the "Resources" tab in Device Manager to configure the resource settings in Windows.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/09/2018 01:10:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Applicazione che ha provocato l'errore claro internet.exe, versione 0.0.0.0, modulo che ha provocato l'errore osadapt.dll, versione 0.0.0.0, indirizzo errore 0x0000a54e.
Elaborazione evento specifico al supporto per [claro internet.exe!ws!] in corso

Error: (04/09/2018 01:05:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Applicazione in stallo AvastUI.exe, versione 18.3.3860.309, modulo in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error: (04/06/2018 07:46:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Applicazione che ha provocato l'errore repair_windows.exe, versione 4.0.0.13, modulo che ha provocato l'errore gdi32.dll, versione 5.1.2600.6460, indirizzo errore 0x0000ef4b.
Elaborazione evento specifico al supporto per [repair_windows.exe!ws!] in corso

Error: (04/06/2018 02:21:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Applicazione in stallo AcroRd32.exe, versione 11.0.8.4, modulo in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error: (04/06/2018 01:54:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Applicazione che ha provocato l'errore claro internet.exe, versione 0.0.0.0, modulo che ha provocato l'errore , versione 0.0.0.0, indirizzo errore 0x0000a54e.
Elaborazione evento specifico al supporto per [claro internet.exe!ws!] in corso

Error: (04/06/2018 08:46:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Applicazione che ha provocato l'errore frst.exe, versione 2.8.2015.1, modulo che ha provocato l'errore frst.exe, versione 2.8.2015.1, indirizzo errore 0x0002105e.
Elaborazione evento specifico al supporto per [frst.exe!ws!] in corso

Error: (04/02/2018 09:01:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Applicazione in stallo rundll32.exe, versione 5.1.2600.5512, modulo in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error: (03/31/2018 09:02:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Applicazione che ha provocato l'errore sftgc.exe, versione 2.0.0.60, modulo che ha provocato l'errore sftgc.exe, versione 2.0.0.60, indirizzo errore 0x00016a3c.
Elaborazione evento specifico al supporto per [sftgc.exe!ws!] in corso

Error: (03/30/2018 08:24:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Applicazione in stallo SFTGC.exe, versione 2.0.0.60, modulo in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error: (03/30/2018 08:23:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Applicazione che ha provocato l'errore sftgc.exe, versione 2.0.0.60, modulo che ha provocato l'errore sftgc.exe, versione 2.0.0.60, indirizzo errore 0x00016a3c.
Elaborazione evento specifico al supporto per [sftgc.exe!ws!] in corso


System errors:
=============
Error: (04/10/2018 06:08:49 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Il lease 10.219.42.100 dell'indirizzo IP della scheda di rete con indirizzo 582C80139263 è stato
negato dal server DHCP 10.219.0.153. Il server DHCP ha inviato un messaggio DHCPNACK.

Error: (04/10/2018 05:30:34 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Il lease 10.67.63.141 dell'indirizzo IP della scheda di rete con indirizzo 582C80139263 è stato
negato dal server DHCP 10.219.42.97. Il server DHCP ha inviato un messaggio DHCPNACK.

Error: (04/10/2018 05:23:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni specifiche dell'applicazione non attribuiscono all'utente NT AUTHORITY\SERVIZIO DI RETE SID (S-1-5-20) l'autorizzazione di Attivazione in modalità Locale per l'applicazione server COM con CLSID
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
. Per modificare tale autorizzazione di protezione, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (04/10/2018 05:21:03 PM) (Source: 0) (EventID: 4311) (User: )
Description:

Error: (04/10/2018 05:21:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio Spybot-S&D 2 Security Center Service non è stato avviato per il seguente errore:
%%193

Error: (04/10/2018 05:21:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Human Interface Device Access terminato con l'errore:
%%126

Error: (04/10/2018 05:21:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio Claro Internet. OUC non è stato avviato per il seguente errore:
%%1053

Error: (04/10/2018 05:21:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio Claro Internet. OUC.

Error: (04/10/2018 01:19:17 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni specifiche dell'applicazione non attribuiscono all'utente NT AUTHORITY\SERVIZIO DI RETE SID (S-1-5-20) l'autorizzazione di Attivazione in modalità Locale per l'applicazione server COM con CLSID
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
. Per modificare tale autorizzazione di protezione, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (04/10/2018 01:17:07 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Servizio helper IPv6 bloccato in partenza.


Microsoft Office:
=========================
Error: (04/09/2018 01:10:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: claro internet.exe0.0.0.0osadapt.dll0.0.0.00000a54e

Error: (04/09/2018 01:05:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: AvastUI.exe18.3.3860.309hungapp0.0.0.000000000

Error: (04/06/2018 07:46:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: repair_windows.exe4.0.0.13gdi32.dll5.1.2600.64600000ef4b

Error: (04/06/2018 02:21:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: AcroRd32.exe11.0.8.4hungapp0.0.0.000000000

Error: (04/06/2018 01:54:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: claro internet.exe0.0.0.00.0.0.00000a54e

Error: (04/06/2018 08:46:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: frst.exe2.8.2015.1frst.exe2.8.2015.10002105e

Error: (04/02/2018 09:01:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: rundll32.exe5.1.2600.5512hungapp0.0.0.000000000

Error: (03/31/2018 09:02:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: sftgc.exe2.0.0.60sftgc.exe2.0.0.6000016a3c

Error: (03/30/2018 08:24:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SFTGC.exe2.0.0.60hungapp0.0.0.000000000

Error: (03/30/2018 08:23:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: sftgc.exe2.0.0.60sftgc.exe2.0.0.6000016a3c


==================== Memory info ===========================

Processor: Intel(R) Core(TM) Duo CPU U2400 @ 1.06GHz
Percentage of memory in use: 89%
Total physical RAM: 1015.3 MB
Available physical RAM: 104.75 MB
Total Virtual: 2439.82 MB
Available Virtual: 1036.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.04 GB) (Free:3.35 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (Claro Internet) (CDROM) (Total:0.05 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 5BC53D8B)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of log ============================
 
So far I don't see any signs of any rootkits.

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
Sorry to delay my answer -busy week- and to give you the scan results!

RogueKiller V12.12.12.0 [Apr 9 2018] (Gratuito) di Adlice Software
posta : http://www.adlice.com/contact/
Commenti : https://forum.adlice.com
Sito Web : http://www.adlice.com/download/roguekiller/
Discussione : http://www.adlice.com

Sistema Operativo : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Iniziato in : Modalità Normale
Utente : S_PASINI [Amministratore]
Iniziato da : C:\Programmi\RogueKiller\RogueKiller.exe
Modalità : Cancella -- Data : 04/11/2018 22:49:37 (Durata : 00:57:01)

¤¤¤ Processi : 2 ¤¤¤
[Suspicious.Path] ouc.exe(1792) -- C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\OnlineUpdate\ouc.exe[7] -> Trovato
[Suspicious.Path] (SVC) ALSysIO -- \??\C:\DOCUME~1\S_PASINI\IMPOST~1\Temp\ALSysIO.sys[x] -> Trovato

¤¤¤ Registro : 2 ¤¤¤
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALSysIO (\??\C:\DOCUME~1\S_PASINI\IMPOST~1\Temp\ALSysIO.sys) -> Non selezionato
[PUM.StartMenu] HKEY_USERS\S-1-5-21-823518204-484061587-842925246-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 2 -> Rimpiazzato (1)

¤¤¤ Attività : 0 ¤¤¤

¤¤¤ Archivi : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Archivio Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Caricato) ¤¤¤

¤¤¤ Web Browser : 0 ¤¤¤

¤¤¤ Controllo MBR : ¤¤¤
+++++ PhysicalDrive0: FUJITSU MHZ2160BH G2 +++++
--- User ---
[MBR] 253d2713b09981c94d3b985c68593aab
[BSP] f3a2fc39b2be6ff1e6c1d45980974645 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 152617 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: HUAWEI SD Storage USB Device +++++
Error reading User MBR! ([15] Periferica non pronta. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Richiesta non supportata. )
 
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/14/18
Scan Time: 7:08 PM
Log File: 6a5f3092-4030-11e8-b1bc-582c80139263.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.4732
License: Premium

-System Information-
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 129116
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 23 min, 41 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)
 
# AdwCleaner v6.047 - Logfile created 14/04/2018 at 20:11:47
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-05-19.1 [Local]
# Operating System : Microsoft Windows XP Service Pack 3 (X86)
# Username : S_PASINI - SERGIOPASINI
# Running from : C:\Documents and Settings\S_PASINI\Desktop\adwcleaner_6.047.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

No malicious registry entries found.


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1187 Bytes] - [14/04/2018 19:59:45]
C:\AdwCleaner\AdwCleaner[S1].txt - [1260 Bytes] - [14/04/2018 20:06:09]
C:\AdwCleaner\AdwCleaner[S2].txt - [1181 Bytes] - [14/04/2018 20:11:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1254 Bytes] ##########
 
Last edited:
All looks clean so far, so whatever Avast finds it looks like false positive to me.
Just to be 100% sure...

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download
51a5f31352b88-icon_MBAR.png
Malwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"
NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.
 
OK tks for your response and I'm gonna run Malwarebytes AntiRookit App as soon as possible and I'll let you know the outcome and possibly you are right it's just a false positive but the thing is that always prompt me to delete'em and to do a scan afterwards so it's a bit bothering and I did try to keep them - like false positive - as Avast give that choice but they still - after taken this option - show up! Well thank you again but I think it's enough fun for a saturday night! Good night!
 
Amazingly today's start with no signs of rookits so far..despite the fact that all scans were clean but who knows later!


Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
main: v2018.04.15.05
rootkit: v2018.04.05.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
S_PASINI :: SERGIOPASINI [administrator]

15/04/2018 13.32.22
mbar-log-2018-04-15 (13-32-22).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 596162
Time elapsed: 45 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.063000 GHz
Memory total: 1064615936, free: 375930880

Downloaded database version: v2018.04.15.04
Downloaded database version: v2018.04.05.01
Downloaded database version: v2018.01.20.01
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.063000 GHz
Memory total: 1064615936, free: 303329280

Downloaded database version: v2018.04.15.05
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
04/15/2018 13:31:35
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
compbatt.sys
\WINDOWS\system32\DRIVERS\BATTC.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
intelide.sys
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
ACPIEC.sys
\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltMgr.sys
sr.sys
KSecDD.sys
WudfPf.sys
Ntfs.sys
NDIS.sys
aswRvrt.sys
aswVmm.sys
Mup.sys
aswbunivx.sys
aswblogx.sys
aswbidshx.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igxpmp32.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\NETwLx32.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\o2sd.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\o2media.sys
\SystemRoot\system32\DRIVERS\Rtnicxp.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\System32\drivers\keyscrambler.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\ew_jubusenum.sys
\SystemRoot\system32\DRIVERS\WDFLDR.SYS
\SystemRoot\System32\Drivers\wdf01000.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RtkHDAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\smserial.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\tcpip6.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\drivers\aswRdr.sys
\SystemRoot\system32\DRIVERS\Ip6Fw.sys
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\??\C:\Programmi\SUPERAntiSpyware\SASKUTIL.SYS
\??\C:\Programmi\SUPERAntiSpyware\SASDIFSV.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS
\SystemRoot\System32\Drivers\Fips.SYS
\??\C:\WINDOWS\system32\drivers\mbae.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswHdsKe.sys
\SystemRoot\system32\drivers\aswbidsdriverx.sys
\SystemRoot\system32\drivers\aswArPot.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\igxpgd32.dll
\SystemRoot\System32\igxprd32.dll
\SystemRoot\System32\igxpdv32.DLL
\SystemRoot\System32\igxpdx32.DLL
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\DRIVERS\AegisP.sys
\SystemRoot\system32\DRIVERS\s24trans.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\aswStmXP.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
\SystemRoot\system32\DRIVERS\ipfltdrv.sys
\??\C:\DOCUME~1\S_PASINI\IMPOST~1\Temp\ALSysIO.sys
\??\C:\DOCUME~1\S_PASINI\IMPOST~1\Temp\cpuz143\cpuz143_x32.sys
\SystemRoot\system32\drivers\kmixer.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\ew_usbenumfilter.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\ew_jucdcacm.sys
\SystemRoot\system32\DRIVERS\ew_jucdcecm.sys
\SystemRoot\system32\DRIVERS\ew_juextctrl.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\3622261F.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
 
Possibly Avast updated its definitions..

In any case...

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
51a5ce45263de-delfix.png
DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings
Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

6. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

7. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

8. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

9. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642
 
Too large! I'll post it in several pages!

Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.063000 GHz
Memory total: 1064615936, free: 375930880

Downloaded database version: v2018.04.15.04
Downloaded database version: v2018.04.05.01
Downloaded database version: v2018.01.20.01
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.063000 GHz
Memory total: 1064615936, free: 303329280

Downloaded database version: v2018.04.15.05
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
04/15/2018 13:31:35
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
compbatt.sys
\WINDOWS\system32\DRIVERS\BATTC.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
intelide.sys
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
ACPIEC.sys
\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltMgr.sys
sr.sys
KSecDD.sys
WudfPf.sys
Ntfs.sys
NDIS.sys
aswRvrt.sys
aswVmm.sys
Mup.sys
aswbunivx.sys
aswblogx.sys
aswbidshx.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igxpmp32.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\NETwLx32.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\o2sd.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\o2media.sys
\SystemRoot\system32\DRIVERS\Rtnicxp.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\System32\drivers\keyscrambler.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\ew_jubusenum.sys
\SystemRoot\system32\DRIVERS\WDFLDR.SYS
\SystemRoot\System32\Drivers\wdf01000.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RtkHDAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\smserial.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\tcpip6.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\drivers\aswRdr.sys
\SystemRoot\system32\DRIVERS\Ip6Fw.sys
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\??\C:\Programmi\SUPERAntiSpyware\SASKUTIL.SYS
\??\C:\Programmi\SUPERAntiSpyware\SASDIFSV.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS
\SystemRoot\System32\Drivers\Fips.SYS
\??\C:\WINDOWS\system32\drivers\mbae.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswHdsKe.sys
\SystemRoot\system32\drivers\aswbidsdriverx.sys
\SystemRoot\system32\drivers\aswArPot.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\igxpgd32.dll
\SystemRoot\System32\igxprd32.dll
\SystemRoot\System32\igxpdv32.DLL
\SystemRoot\System32\igxpdx32.DLL
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\DRIVERS\AegisP.sys
\SystemRoot\system32\DRIVERS\s24trans.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\aswStmXP.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
\SystemRoot\system32\DRIVERS\ipfltdrv.sys
\??\C:\DOCUME~1\S_PASINI\IMPOST~1\Temp\ALSysIO.sys
\??\C:\DOCUME~1\S_PASINI\IMPOST~1\Temp\cpuz143\cpuz143_x32.sys
\SystemRoot\system32\drivers\kmixer.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\ew_usbenumfilter.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\ew_jucdcacm.sys
\SystemRoot\system32\DRIVERS\ew_jucdcecm.sys
\SystemRoot\system32\DRIVERS\ew_juextctrl.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\3622261F.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!

Scan started
Database versions:
main: v2018.04.15.05
rootkit: v2018.04.05.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff87546ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87569930, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff87546ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff875c39e8, DeviceName: \Device\00000085\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff875c4940, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\WINDOWS\system32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\psched.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\psched.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ptilink.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ptilink.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rasacd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rasacd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rasl2tp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rasl2tp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\raspppoe.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\raspppoe.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\raspptp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\raspptp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\raspti.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\raspti.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rawwan.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rawwan.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rdbss.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdbss.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rdpcdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpcdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rdpdr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpdr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rdpwd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpwd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\redbook.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\redbook.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rio8drv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rio8drv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\riodrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\riodrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rmcast.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rmcast.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rndismp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rndismp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rootmdm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rootmdm.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\RTAIODAT.DAT" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\RTAIODAT.DAT" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\RtkHDAud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\RtkHDAud.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\RTL8139.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\RTL8139.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\Rtnicxp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\Rtnicxp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\s24trans.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\s24trans.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\scsiport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\scsiport.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\secdrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\secdrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fltMgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fltMgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fsvga.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fsvga.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fs_rec.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fs_rec.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ftdisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ftdisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\gm.dls" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\gm.dls" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\gmreadme.txt" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\gmreadme.txt" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\http.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\http.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\HWiNFO32.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\HWiNFO32.SYS" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ialmnt5.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ialmnt5.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\igxpmp32.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\igxpmp32.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\imapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\imapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\intelide.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelide.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\MSKSSRV.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\MSKSSRV.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\MSPCLOCK.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\MSPCLOCK.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\MSPQM.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\MSPQM.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mup.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mup.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndis.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ndis.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndistapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ndistapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndisuio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ndisuio.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndiswan.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ndiswan.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndproxy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ndproxy.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\netbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\netbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\netbt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\netbt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\NETwLx32.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\NETwLx32.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nic1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nic1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nikedrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nikedrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nmnt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nmnt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\npfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\npfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ntfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ntfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\null.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\null.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sffdisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sffdisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sffp_mmc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sffp_mmc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sffp_sd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sffp_sd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\smclib.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\smclib.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sonydcam.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sonydcam.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\splitter.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\splitter.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\srv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\srv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\stream.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\stream.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\swmidi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swmidi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\SynTP.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\SynTP.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sysaudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sysaudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tape.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tape.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tcpip.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tcpip.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tcpip6.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tcpip6.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tdi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tdi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tdpipe.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tdpipe.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tdtcp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tdtcp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\termdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\termdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tmcomm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tmcomm.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tosdvd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tosdvd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tsbvcap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tsbvcap.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tunmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tunmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\udfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\udfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usb8023.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usb8023.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbcamd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcamd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbcamd2.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcamd2.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbintel.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbintel.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbscan.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbscan.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\vdmindvd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vdmindvd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\vga.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vga.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\videoprt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\videoprt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wanarp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wanarp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wdf01000.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wdf01000.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\WdfCoInstaller01007.dll" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\WdfCoInstaller01007.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wdfldr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wdfldr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wdmaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wdmaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wmilib.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wmilib.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wpdusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wpdusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ws2ifsl.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ws2ifsl.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\WudfPf.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\WudfPf.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\WudfRd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\WudfRd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ipfltdrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ipfltdrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ipinip.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ipinip.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ipnat.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ipnat.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ipsec.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ipsec.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\irenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\irenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\keyscrambler.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\keyscrambler.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\kmixer.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kmixer.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ks.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ks.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ksecdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ksecdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mbae.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mbae.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mbam.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mbam.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mcd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mcd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mf.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mf.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mnmdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mnmdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\modem.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\modem.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\arp1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\arp1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cdfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fips.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fips.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ip6fw.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ip6fw.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\Monfilt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\Monfilt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\msgpc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msgpc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwlnkflt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nwlnkflt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\parvdm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\parvdm.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\update.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\update.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\1394bus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394bus.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\acpiec.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpiec.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\aec.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\aec.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\afd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\afd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\Ambfilt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\Ambfilt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\amdk6.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk6.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\amdk7.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk7.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cinemst2.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cinemst2.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\classpnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\classpnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\compbatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\compbatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cpqdap01.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cpqdap01.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\crusoe.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\crusoe.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\diskdump.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\diskdump.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\dmboot.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dmboot.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\dmio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dmio.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\dmload.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dmload.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\DMusic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\DMusic.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\dxapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dxapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\dxgthk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dxgthk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\enum1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\enum1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwlnkfwd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nwlnkfwd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwlnkipx.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nwlnkipx.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwlnknb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nwlnknb.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwlnkspx.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nwlnkspx.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwrdr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nwrdr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\o2flash.exe" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\o2flash.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\O2MDDISK.CAT" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\O2MDDISK.CAT" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\O2MDDISK.INF" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\O2MDDISK.INF" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\O2MEDIA.CAT" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\O2MEDIA.CAT" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\O2MEDIA.INF" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\O2MEDIA.INF" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\o2media.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\o2media.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\O2MWXP.CAT" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\O2MWXP.CAT" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\O2MWXP.INF" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\O2MWXP.INF" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\O2SD.CAT" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\O2SD.CAT" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\O2SD.INF" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\O2SD.INF" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\o2sd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\o2sd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\O2SDDISK.CAT" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\O2SDDISK.CAT" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\O2SDDISK.INF" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\O2SDDISK.INF" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ohci1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ohci1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\oprghdlr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\oprghdlr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\p3.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\p3.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\partmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\partmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fastfat.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fastfat.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mountmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mountmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mqac.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mqac.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mrxdav.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mrxdav.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mrxsmb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mrxsmb.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\msfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\asyncmac.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\asyncmac.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\atmarpc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atmarpc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\atmepvc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atmepvc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\atmlane.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atmlane.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\atmuni.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atmuni.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\audstub.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\audstub.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\beep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\beep.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\bridge.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bridge.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cbidf2k.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cbidf2k.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cdaudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdaudio.sys" is compressed (flags = 1)
Done!
 
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff85a4eab8, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85a5f0c0, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff85a4eab8, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8584b030, DeviceName: \Device\000000b6\, DriverName: \Driver\usbstor\
------------ End ----------
File "C:\WINDOWS\system32\qagentrt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\qagent.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mssha.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dhcpqec.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wlanapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\napipsec.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tsgqec.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\eapqec.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wbemcons.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cryptnet.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wzcdlg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msutb.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\shgina.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\WMVCore.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\WMASF.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\twext.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\shimgvw.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\browselc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\duser.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\shdoclc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mydocs.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\netdde.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\nddenb32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\alrsvc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\eapsvc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\eapphost.dll" is compressed (flags = 1)
File "C:\programmi\WINDOWS MEDIA PLAYER\wmplayer.exe" is compressed (flags = 1)
File "C:\WINDOWS\AppPatch\aclayers.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ctfmon.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rsvpsp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wuauclt.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\msapsspc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\digest.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msnsspc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\userinit.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\asyncmac.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\srv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\dllhost.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\acpiec.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\afd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\aec.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\dmboot.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\netbt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\arp1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\DMusic.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ptilink.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\dmio.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\atmarpc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\audstub.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\rsvp.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\cisvc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\clipsrv.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\MSKSSRV.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mrxdav.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\compbatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmadmin.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\dmload.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ohci1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fltMgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ftdisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\msgpc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\http.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\imapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\imapi.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\intelide.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ip6fw.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ipfltdrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ipinip.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ipnat.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ipsec.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\irenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\kmixer.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\mnmsrvc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rasl2tp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mrxsmb.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\vssvc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\msdtc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\msiexec.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\MSPCLOCK.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\MSPQM.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndistapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndisuio.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndiswan.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\netbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tunmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tcpip.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nic1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwlnkflt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwlnkfwd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\raspptp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\psched.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rasacd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\raspppoe.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\raspti.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rdbss.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rdpcdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rdpdr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\sessmgr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\redbook.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\locator.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\RTL8139.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\scardsvr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\splitter.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\swmidi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sysaudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\smlogsvc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tcpip6.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\termdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\tlntsvr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\update.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\ups.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbscan.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\vga.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wanarp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wdf01000.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wdmaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmiapsrv.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ws2ifsl.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\ssdpsrv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\appmgmts.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msgsvc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\w3ssl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dot3svc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\srsvc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kmsvc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\lmhsvc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntmssvc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rasauto.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\xmlprov.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mprdim.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\termsrv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\upnphost.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mspmsnsv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sclgntfy.dll" is compressed (flags = 1)
File "C:\programmi\OUTLOOK EXPRESS\setup50.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ie4uinit.exe" is compressed (flags = 1)
File "C:\WINDOWS\inf\unregmp2.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rundll32.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\iedkcs32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\shmgrate.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\regsvr32.exe" is compressed (flags = 1)
File "C:\Documents and Settings\S_PASINI\Dati applicazioni\AVAST Software\Avast\log\cef_log.txt" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\AVAST Software\SZBrowser\profile\SergioPasini\13D.tmp" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\AVAST Software\SZBrowser\profile\SergioPasini\13E.tmp" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\AVAST Software\SZBrowser\profile\SergioPasini\19.tmp" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\AVAST Software\SZBrowser\profile\SergioPasini\1A.tmp" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\AVAST Software\SZBrowser\profile\SergioPasini\8B.tmp" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\AVAST Software\SZBrowser\profile\SergioPasini\8C.tmp" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\AVAST Software\SZBrowser\profile\SergioPasini\FA.tmp" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\log\ATR2SMgr.log" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\log\ATRecord.txt" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\log\Interface.log" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\log\NDISAPI.log" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\log\ouc.log" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\log\trace_0.txt" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\userdata\AddrBookDB" is compressed (flags = 1)
File "C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Claro Internet\userdata\SmsDBConnection" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\Microsoft Shared\msinfo\IEINFO5.OCX" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\Microsoft Shared\msinfo\msinfo32.exe" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\Microsoft Shared\vgx\VGX.dll" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\directdb.dll" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\wab32.dll" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\wab32res.dll" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\ado\msader15.dll" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\ado\msado20.tlb" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\ado\msado21.tlb" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\ado\msado25.tlb" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\ado\msado26.tlb" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\ado\msado27.tlb" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\ado\msadomd.dll" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\ado\msador15.dll" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\ado\msadox.dll" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\ado\msadrh15.dll" is compressed (flags = 1)
File "C:\programmi\FILE COMUNI\system\ado\msjro.dll" is compressed (flags = 1)
File "C:\programmi\outlook express\msimn.exe" is compressed (flags = 1)
File "C:\programmi\outlook express\msoe.dll" is compressed (flags = 1)
File "C:\programmi\outlook express\msoeres.dll" is compressed (flags = 1)
File "C:\programmi\outlook express\oeimport.dll" is compressed (flags = 1)
File "C:\programmi\outlook express\oemig50.exe" is compressed (flags = 1)
File "C:\programmi\outlook express\oemiglib.dll" is compressed (flags = 1)
File "C:\programmi\outlook express\wab.exe" is compressed (flags = 1)
File "C:\programmi\outlook express\wabfind.dll" is compressed (flags = 1)
File "C:\programmi\outlook express\wabimp.dll" is compressed (flags = 1)
File "C:\programmi\outlook express\wabmig.exe" is compressed (flags = 1)
File "C:\programmi\internet explorer\hmmapi.dll" is compressed (flags = 1)
File "C:\programmi\internet explorer\iedw.exe" is compressed (flags = 1)
File "C:\programmi\internet explorer\iexplore.exe" is compressed (flags = 1)
File "C:\programmi\internet explorer\iexplore.exe.mui" is compressed (flags = 1)
File "C:\programmi\movie maker\moviemk.exe" is compressed (flags = 1)
File "C:\programmi\movie maker\WMM2AE.dll" is compressed (flags = 1)
File "C:\programmi\movie maker\WMM2ERES.dll" is compressed (flags = 1)
File "C:\programmi\movie maker\WMM2EXT.dll" is compressed (flags = 1)
File "C:\programmi\movie maker\WMM2FILT.dll" is compressed (flags = 1)
File "C:\programmi\movie maker\WMM2FXA.dll" is compressed (flags = 1)
File "C:\programmi\movie maker\WMM2FXB.dll" is compressed (flags = 1)
File "C:\programmi\movie maker\WMM2RES.dll" is compressed (flags = 1)
File "C:\programmi\movie maker\WMM2RES2.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\callcont.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\cb32.exe" is compressed (flags = 1)
File "C:\programmi\netmeeting\conf.exe" is compressed (flags = 1)
File "C:\programmi\netmeeting\confmrsl.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\dcap32.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\h323cc.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\MST120.DLL" is compressed (flags = 1)
File "C:\programmi\netmeeting\MST123.DLL" is compressed (flags = 1)
File "C:\programmi\netmeeting\nac.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\nmas.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\nmasnt.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\nmchat.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\nmcom.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\nmft.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\nmoldwb.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\nmwb.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\rrcm.dll" is compressed (flags = 1)
File "C:\programmi\netmeeting\wb32.exe" is compressed (flags = 1)
File "C:\programmi\windows media player\custsat.dll" is compressed (flags = 1)
File "C:\programmi\windows media player\migrate.exe" is compressed (flags = 1)
File "C:\programmi\windows media player\mplayer2.exe" is compressed (flags = 1)
File "C:\programmi\windows media player\mpvis.dll" is compressed (flags = 1)
File "C:\programmi\windows media player\npdrmv2.dll" is compressed (flags = 1)
File "C:\programmi\windows media player\npdsplay.dll" is compressed (flags = 1)
File "C:\programmi\windows media player\npwmsdrm.dll" is compressed (flags = 1)
File "C:\programmi\windows media player\setup_wm.exe" is compressed (flags = 1)
File "C:\programmi\windows media player\wmpband.dll" is compressed (flags = 1)
File "C:\programmi\windows media player\wmpns.dll" is compressed (flags = 1)
File "C:\programmi\windows nt\dialer.exe" is compressed (flags = 1)
File "C:\programmi\windows nt\htrn_jis.dll" is compressed (flags = 1)
File "C:\programmi\WinRAR\Default.SFX" is compressed (flags = 1)
File "C:\AUTOEXEC.BAT" is compressed (flags = 1)
File "C:\WINDOWS\system32\12520437.cpx" is compressed (flags = 1)
File "C:\WINDOWS\system32\12520850.cpx" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_21866.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_28591.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_28592.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_28593.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\C_28594.NLS" is compressed (flags = 1)
File "C:\WINDOWS\system32\C_28595.NLS" is compressed (flags = 1)
File "C:\WINDOWS\system32\C_28597.NLS" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_28598.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_28599.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_28603.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_28605.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_437.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_500.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_737.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_775.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_850.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_852.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_855.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_857.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_860.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_861.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_863.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_865.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_866.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_869.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_874.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_875.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_932.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_936.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_949.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_950.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\d3d8.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\d3d8thk.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\d3d9.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdgkl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdgr1.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdhe.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdhe220.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdhe319.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdhela2.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdhela3.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdhept.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdhu.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdhu1.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdic.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdinbe1.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdinben.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdinmal.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdir.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdit.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdit142.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdiultn.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdkaz.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdkyr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdla.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdlt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdlt1.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdlv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdlv1.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdmac.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdmaori.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdmlt47.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdmlt48.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdmon.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdne.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\oleaccrc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\olecli.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\oleprn.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\olesvr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\openfiles.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\opengl32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\osk.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rtcshare.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rtipxmib.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rtm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\runas.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\runonce.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rwinsta.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\safrcdlg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\safrdm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\safrslv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\savedump.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\sbe.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sbeio.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\scarddlg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\scardssp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sccbase.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sccsccp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\syssetup.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\system.drv" is compressed (flags = 1)
File "C:\WINDOWS\system32\systeminfo.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\systray.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\t2embed.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tapi3.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tapiperf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tapiui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\taskkill.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\tasklist.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\taskmgr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\tcmsetup.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\atmpvcno.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\avifile.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ckcnv.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\control.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\csseqchk.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_20905.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\d3dim.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ddeshare.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmusic.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dplaysvr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\perfctrs.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\perfdisk.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\perfmon.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\perfnet.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\perfnw.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\perfts.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\vcdex.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\vdmdbg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\vdmredir.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ver.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\verifier.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\verifier.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\vga.drv" is compressed (flags = 1)
File "C:\WINDOWS\system32\vga256.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\vga64k.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\vjoy.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\vssadmin.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\vss_ps.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\vwipxspx.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\vwipxspx.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\w32tm.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\w32topl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\watchdog.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\wavemsp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ctl3d32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ctl3dv2.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ctype.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_037.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_10000.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_10006.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_10007.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_10010.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_10017.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_10029.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_10079.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_10081.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_10082.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_1026.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_1250.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_1251.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_1252.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_1253.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_1254.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_1255.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_1256.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_1257.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_1258.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_20127.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_20261.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\c_20866.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\notepad.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\npptools.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\nslookup.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntbackup.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntdos.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\mycomput.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\napmontr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\napstat.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\narrator.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\narrhook.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\nbtstat.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ncpa.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\ncxpnt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\nddeapir.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\net.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\net1.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rasautou.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rasctrs.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rasdial.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rasmontr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rasmxs.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rasphone.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rasrad.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rassapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tsbyuv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tscfgwmi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tscon.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\tsd32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tsddd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tsdiscon.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\tskill.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\tspkg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tsshutdn.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\txflog.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\typelib.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\typeperf.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\udhisapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ufat.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ulib.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\umandlg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\umdmxfrm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\unicode.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\atrace.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\attrib.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\auditusr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\autochk.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\autoconv.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\autodisc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\autofmt.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\autolfn.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\avicap.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\avicap32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\avifil32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\itircl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\itss.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iuengine.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ixsso.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iyuv_32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\jet500.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\jgsh400.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\jobexec.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\joy.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\jscript.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\jsit.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\jsproxy.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbduzb.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdycc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdycl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kd1394.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kdcom.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\key01.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\keyboard.drv" is compressed (flags = 1)
File "C:\WINDOWS\system32\keyboard.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\keymgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\krnl386.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ksproxy.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\l2gpstore.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\label.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\msrepl40.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msrle32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mssap.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msscds32.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\msscp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msscript.ocx" is compressed (flags = 1)
File "C:\WINDOWS\system32\msshavmsg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mssign32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mssip32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msswch.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msswchx.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mstext40.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mstime.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mstinit.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mstlsapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mstsc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mstscax.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msvcirt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msvcp50.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rexec.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rhttpaa.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\riched20.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\riched32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rnr20.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\route.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\routemon.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\routetab.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rpcns4.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rsfsaps.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rsh.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rshx32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rsm.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rsmps.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rsmsink.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rsmui.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rsnotify.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rsopprov.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rsvpmsg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rsvpperf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mprui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqad.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqbkup.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqcertui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqdscli.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqgentr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqise.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqlogmgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqoa.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqoa.tlb" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqoa10.tlb" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqoa20.tlb" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqperf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqqm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqrt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqrtdep.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqsec.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\senscfg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\serialui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\servdeps.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\serwvdrv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\d3dim700.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\d3dpmesh.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\d3dramp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\d3drm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\d3dxof.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\danim.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\datime.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\daxctle.ocx" is compressed (flags = 1)
File "C:\WINDOWS\system32\dbgeng.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dbnetlib.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dciman32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dcomcnfg.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ddeml.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\advpack.dll.mui" is compressed (flags = 1)
File "C:\WINDOWS\system32\ahui.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\amstream.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ansi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\apcups.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\append.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\appmgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\appwiz.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\arp.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\asctrls.ocx" is compressed (flags = 1)
File "C:\WINDOWS\system32\asferror.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\asr_fmt.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\asr_ldm.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\asr_pfu.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\asycfilt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\at.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\atkctrs.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\atmadm.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\atmlib.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\aaaamon.dll" is compressed (flags = 1)
 
File "C:\WINDOWS\system32\aaclient.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\access.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\acctres.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\accwiz.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\acledit.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\aclui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\activeds.tlb" is compressed (flags = 1)
File "C:\WINDOWS\system32\actmovie.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\admparse.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\adptif.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\adsldp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\adsmsext.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\adsnds.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\adsnt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\adsnw.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\bitsprx2.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\bitsprx3.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\bitsprx4.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\blackbox.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\blastcln.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\bootcfg.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\bootok.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\bootvid.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\bootvrfy.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\browsewm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\bthci.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\bthprops.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\bthserv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\btpanui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cabview.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cacls.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\calc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\camocx.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\capesnpn.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cards.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\catsrv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\catsrvps.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\catsrvut.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ccfgnt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cdfview.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cdm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cdmodem.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cdosys.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\certmgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cewmdm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cfgbkend.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\charmap.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\chkdsk.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\chkntfs.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ciadmin.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cic.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cidaemon.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ciodm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cipher.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\comaddin.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\comcat.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\commdlg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\comp.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\compact.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\compatUI.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\compobj.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\compstui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\comrepl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\comsnap.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\comuid.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\confmsp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\conime.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\console.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\clb.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\clbcatex.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\clipbrd.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\cmcfg32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cmd.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\cmdial32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cmdl32.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\cmmon32.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\cmpbk32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cmprops.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cmsetACL.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cmstp.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\cmutil.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cnetcfg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cnvfat.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ddraw.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ddrawex.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\debug.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\defrag.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\desk.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\deskadp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\deskmon.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\deskperf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\devenum.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\devmgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dfrgfat.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dfrgntfs.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dfrgres.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dfrgsnap.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dfrgui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dfsshlex.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dgnet.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dgrpsetu.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dgsetup.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dllhst3g.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmband.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmcompos.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmconfig.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmdlgs.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmdskmgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmdskres.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmime.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmintf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmloader.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmocx.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmremote.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmscript.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmstyle.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmsynth.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\drwatson.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drwtsn32.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ds16gt.dLL" is compressed (flags = 1)
File "C:\WINDOWS\system32\ds32gt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dsauth.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dsdmo.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dsdmoprp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dskquoui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dsound3d.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dsprop.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dsprpres.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dsquery.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dssec.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmutil.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dmview.ocx" is compressed (flags = 1)
File "C:\WINDOWS\system32\docprop.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\docprop2.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\doskey.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dosx.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dot3cfg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dot3gpclnt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dot3msm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dot3ui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpcdll.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dplay.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dplayx.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpmodemx.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpnaddr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpnet.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpnhpast.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpnhupnp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpnlobby.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpnmodem.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpnsvr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpnwsock.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpserial.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpvacm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpvoice.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpvsetup.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpvvox.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpwsock.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dpwsockx.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\driverquery.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\drmclien.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\drmstor.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\drmv2clt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\edlin.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\efsadu.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\els.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\encapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\encdec.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\EqnClass.Dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\esent97.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\esentprf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\esentutl.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\eudcedit.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\eventcls.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\eventcreate.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\eventquery.vbs" is compressed (flags = 1)
File "C:\WINDOWS\system32\eventtriggers.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\eventvwr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\exe2bin.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\expand.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\expsrv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\extmgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\extrac32.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\exts.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\fastopen.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\faultrep.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\fc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\fde.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\fdeploy.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\feclient.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\filemgmt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\imeshare.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\imgutil.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\inetcfg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\inetcomm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\inetcpl.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\inetcplc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\inetmib1.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\inetppui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\inetres.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\infosoft.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\initpki.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\input.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\inseng.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\intl.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\iologmsg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipconfig.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\loghours.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\logman.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\logoff.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\logon.scr" is compressed (flags = 1)
File "C:\WINDOWS\system32\logonui.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\lpk.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\lpq.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\lpr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\lprhelp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\lprmonui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\lzexpand.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\l_except.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\l_intl.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\magnify.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mag_hook.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mmcshext.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mprmsg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqsnap.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mscdexnt.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\msimsg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\netapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntdos404.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\nwprovau.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\osuninst.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rasser.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dswave.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dumprep.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dvdplay.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dvdupgrd.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dwwin.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dx7vb.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dx8vb.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dxdiag.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dxdiagn.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dxmasf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dxtmsft.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dxtrans.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\eapp3hst.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\eappgnui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\fsquirt.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\fsusd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\fsutil.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ftp.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ftsrch.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\fwcfg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\g711codc.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\gcdef.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\gdi.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\geo.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\getmac.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\getuname.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\glmf32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\glu32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\gpedit.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\gpkcsp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\gpkrsrc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\gpresult.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\miglibnt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mimefilt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mlang.dat" is compressed (flags = 1)
File "C:\WINDOWS\system32\mll_hp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mll_mtf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mll_qic.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mmc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mmcbase.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mmcex.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mmcfxcommon.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mmcndmgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mmcperf.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\gpupdate.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\grpconv.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\h323msp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\hccoin.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\hdwwiz.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\help.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\hhsetup.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msdtclog.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msdtcprx.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msdtctm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msdtcuiu.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msdxm.ocx" is compressed (flags = 1)
File "C:\WINDOWS\system32\msdxmlc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msexch40.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msexcl40.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msftedit.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msg.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipmontr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ippromon.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iprop.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iprtprio.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iprtrmgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipsec6.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipsecsnp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipsmsnap.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipv6.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipv6mon.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipxmontr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipxpromn.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipxrip.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipxroute.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipxrtmgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipxsap.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ipxwan.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\irclass.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\irprops.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\isign32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\isrdbg32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\makecab.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mcastmib.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mcd32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mcdsrv32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mchgrcoi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mciavi.drv" is compressed (flags = 1)
File "C:\WINDOWS\system32\mciavi32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mcicda.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mciole16.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mciole32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mciqtz32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mciseq.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mciseq.drv" is compressed (flags = 1)
File "C:\WINDOWS\system32\mciwave.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mciwave.drv" is compressed (flags = 1)
File "C:\WINDOWS\system32\mdhcp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mmdrv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mmfutil.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mmsys.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\mmsystem.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mmtask.tsk" is compressed (flags = 1)
File "C:\WINDOWS\system32\mmutilse.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mnmdd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mobsync.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mobsync.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\modex.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\moricons.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mountvol.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mouse.drv" is compressed (flags = 1)
File "C:\WINDOWS\system32\MP43DMOD.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\MP4SDMOD.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mpeg2data.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\mpg2splt.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\MPG4DMOD.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mpg4ds32.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\mplay32.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mpnotify.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mprddm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqsvc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqtgsvc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqtrig.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqupgrd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mqutil.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mrinfo.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\msaatext.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msacm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msadds32.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\msafd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msaudite.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mscat32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntmsdba.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntmsevt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntmsmgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntprint.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntsd.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntsdexts.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntvdm.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntvdmd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\nusrmgr.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\nw16.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\nwapi16.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\nwapi32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\nwc.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\nwcfg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\nwevent.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\prflbmsg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\print.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\printui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\prncnfg.vbs" is compressed (flags = 1)
File "C:\WINDOWS\system32\prndrvr.vbs" is compressed (flags = 1)
File "C:\WINDOWS\system32\prnjobs.vbs" is compressed (flags = 1)
File "C:\WINDOWS\system32\prnmngr.vbs" is compressed (flags = 1)
File "C:\WINDOWS\system32\prnport.vbs" is compressed (flags = 1)
File "C:\WINDOWS\system32\prnqctl.vbs" is compressed (flags = 1)
File "C:\WINDOWS\system32\proctexe.ocx" is compressed (flags = 1)
File "C:\WINDOWS\system32\progman.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\proquota.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\proxycfg.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\pschdprf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\MSIMTF.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msisip.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msjetoledb40.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msjtes40.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mslbui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msls31.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msltus40.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msnetobj.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msobjs.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msoeacct.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msoert2.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msorc32r.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msorcl32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mspaint.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mspbde40.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mspmsp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msports.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msr2c.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msr2cenu.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msratelc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msrating.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msrd2x40.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msrd3x40.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msvcrt20.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msvcrt40.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msvidc32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msvidctl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msvideo.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msw3prt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mswdat10.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mswebdvd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mswmdm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msxbde40.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msxml.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msxml2.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msxml2r.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msxml3r.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msxml6.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msxml6r.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msxmlr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msyuv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mtxdm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mtxex.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mtxlegih.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mtxoci.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\netevent.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\neth.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\netid.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\netmsg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\netplwiz.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\netsetup.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\netsetup.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\netsh.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\netstat.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\netui2.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\newdev.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\nlhtml.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\nlsfunc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\nmevtmsg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\nmmkcert.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\nwscript.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\nwwks.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\objsel.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ocmanage.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\odbc16gt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\odbc32gt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\odbcad32.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\odbcconf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\odbcconf.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\odbcconf.rsp" is compressed (flags = 1)
File "C:\WINDOWS\system32\odbccp32.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\odbccr32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\odbccu32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrcntra.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrcoina.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrdpa.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrdtea.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrfaxa.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrlbva.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrmlnka.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrprbda.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrrtosa.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrsdpia.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrshuta.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrsvpia.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrv42a.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrv80a.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrvoica.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usrvpa.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\utildll.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\utilman.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\vbajet32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\vbicodec.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\vbisurf.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\vbscript.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\photowiz.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\pid.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\pid.inf" is compressed (flags = 1)
File "C:\WINDOWS\system32\pidgen.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\pifmgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ping.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ping6.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\plustab.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\pmspl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\pngfilt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\pnrpnsp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\polstore.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\powercfg.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\powercfg.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\winshfhc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\winsock.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\winspool.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\winstrm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\winver.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\WMADMOD.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\WMADMOE.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rcbdyctl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rcimlby.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rcp.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rdchost.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rdpcfgex.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rdpclip.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rdpdd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rdpsnd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rdpwsx.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\rdsaddin.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\rdshost.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\recover.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\redir.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\reg.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\regedt32.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\regini.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\regwiz.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\regwizc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\relog.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\remotepg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\remotesp.tsp" is compressed (flags = 1)
File "C:\WINDOWS\system32\rend.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\replace.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\reset.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\schtasks.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\scoit.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\scredir.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\scriptpw.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\scrnsave.scr" is compressed (flags = 1)
File "C:\WINDOWS\system32\scrobj.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\scrrnit.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\scrrun.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sdbinst.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\sdhcinst.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sdpblb.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\secedit.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\secupd.dat" is compressed (flags = 1)
File "C:\WINDOWS\system32\secupd.sig" is compressed (flags = 1)
File "C:\WINDOWS\system32\sendcmsg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sendmail.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ss3dfo.scr" is compressed (flags = 1)
File "C:\WINDOWS\system32\ssbezier.scr" is compressed (flags = 1)
File "C:\WINDOWS\system32\ssdpapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ssflwbox.scr" is compressed (flags = 1)
File "C:\WINDOWS\system32\ssmarque.scr" is compressed (flags = 1)
File "C:\WINDOWS\system32\ssmypics.scr" is compressed (flags = 1)
File "C:\WINDOWS\system32\ssmyst.scr" is compressed (flags = 1)
File "C:\WINDOWS\system32\sspipes.scr" is compressed (flags = 1)
File "C:\WINDOWS\system32\ssstars.scr" is compressed (flags = 1)
File "C:\WINDOWS\system32\sstext3d.scr" is compressed (flags = 1)
File "C:\WINDOWS\system32\stclient.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\stdole32.tlb" is compressed (flags = 1)
File "C:\WINDOWS\system32\stimon.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\sti_ci.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sol.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\sort.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\sortkey.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\sorttbls.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\sound.drv" is compressed (flags = 1)
File "C:\WINDOWS\system32\spider.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\spiisupd.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\spnike.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\spnpinst.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\sprestrt.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\sprio600.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sprio800.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\spxcoins.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sqlunirl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\srrstr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tcpmonui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tcpsvcs.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\tdc.ocx" is compressed (flags = 1)
File "C:\WINDOWS\system32\telephon.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\telnet.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\termmgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tftp.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\timedate.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\timer.drv" is compressed (flags = 1)
File "C:\WINDOWS\system32\tlntadmn.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\tlntsess.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\tlntsvrp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\toolhelp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tourstart.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\tracerpt.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\tracert.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\tracert6.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\traffic.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\webvw.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wextract.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wfwnet.drv" is compressed (flags = 1)
File "C:\WINDOWS\system32\wiaacmgr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wiadefui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wiadss.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wiascr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wiasf.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\wiashext.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wiavideo.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wiavusd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wifeman.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\win87em.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\winbrand.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\winchat.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wowdeb.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wowexec.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wowfax.dll" is compressed (flags = 1)
 
File "C:\WINDOWS\system32\wowfaxui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wpabaln.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wpnpinst.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\write.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wscntfy.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wscript.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wscui.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\wsecedit.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wshatm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wshbth.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wshcon.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wshext.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wship6.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wshit.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wshnetbs.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wshom.ocx" is compressed (flags = 1)
File "C:\WINDOWS\system32\WshRm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wsnmp32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wstdecod.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wstpager.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\wstrenderer.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\wuauclt1.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\psnppagn.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\pstorec.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\pubprn.vbs" is compressed (flags = 1)
File "C:\WINDOWS\system32\qappsrv.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\qasf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\qcap.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\qcliprov.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\qdv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\qdvd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\qedit.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\qedwipes.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\qosname.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\qprocess.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\quartz.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\qwinsta.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\racpldlg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\skdll.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\storage.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tcpmib.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\tsappcmp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\vbsit.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\webhits.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmdmlog.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wshisn.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wuaucpl.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmdmps.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmerrITA.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmerror.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmidx.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmiprop.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmiscmgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\WMNetMgr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmp.ocx" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmpasf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmpcd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmpcore.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmpdxm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dhcpmon.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dhcpsapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\diactfrm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\diantz.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dimap.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dimsroam.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dinput.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dinput8.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\diskcopy.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\diskpart.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\diskperf.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\dispex.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\unlodctr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\untfs.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\upnp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\upnpcont.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\upnpui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ureg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\usbui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\user.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdnepr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdno.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdno1.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdpash.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdpl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdpl1.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdpo.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdro.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdru.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdru1.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdsf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdsg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdsl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdsl1.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdsmsfi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdsmsno.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdsp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdsw.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdtat.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdtuf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdtuq.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbduk.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdukx.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdur.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdus.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdusl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdusr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdaze.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdazel.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdbe.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdbene.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdbhc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdblr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdbr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdbu.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdca.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdcan.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdcr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdcz.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdcz1.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdcz2.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdda.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbddv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdes.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdest.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdfc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdfi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdfi1.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdfo.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdfr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\LAPRXY.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\licdll.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\licmgr10.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\licwmi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\lights.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\lmrt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\lnkstub.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\loadperf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\locale.nls" is compressed (flags = 1)
File "C:\WINDOWS\system32\localsec.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\localui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\lodctr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\logagent.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\convert.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\corpol.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\country.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\credssp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\crtdll.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cryptdlg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cryptext.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\cscript.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\storprop.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\streamci.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\strmdll.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\strmfilt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\subst.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\svcpack.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\swprv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\syncapp.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\synceng.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\syncui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sysdm.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\sysedit.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\sysinv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\syskey.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\sysmon.ocx" is compressed (flags = 1)
File "C:\WINDOWS\system32\sysocmgr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ie4uinit.exe.mui" is compressed (flags = 1)
File "C:\WINDOWS\system32\ieakeng.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ieaksie.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ieakui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iepeers.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iernonce.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iesetup.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iexpress.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ifmon.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ifsutil.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\odbcp32r.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\odbctrac.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\oddbse32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\odexl32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\odfox32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\odpdx32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\odtext32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\oembios.bin" is compressed (flags = 1)
File "C:\WINDOWS\system32\oembios.dat" is compressed (flags = 1)
File "C:\WINDOWS\system32\oembios.sig" is compressed (flags = 1)
File "C:\WINDOWS\system32\offfilt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ole2.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ole2disp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ole2nls.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\igfxpers.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\igmpagnt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iissuba.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ils.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\hlink.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\hnetmon.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\hnetwiz.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\hostname.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\hotplug.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\httpapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\htui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\shellstyle.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\shmedia.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\shrpubw.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\shscrap.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\shutdown.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\sigtab.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sigverif.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\simpdata.tlb" is compressed (flags = 1)
File "C:\WINDOWS\system32\sisbkup.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\dsuiext.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\find.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\gptext.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\himem.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\idq.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\KBDAL.DLL" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdgae.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdnec.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\kbdusx.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\langwrbk.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\main.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\mdminst.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\skeys.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\slayerxp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\slbcsp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\slbiop.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\slbrccsp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\smbinst.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\smlogcfg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sndrec32.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\sndvol32.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\snmpapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\snmpsnap.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\softpub.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\xmlprovi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\xolehlp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\xpob2res.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\xpsp1res.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\xpsp3res.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\zipfldr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wuaueng1.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wucltui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wupdmgr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wuweb.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\xactsrv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\xcopy.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\xenroll.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmpshell.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmpui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmsdmod.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmsdmoe.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmsdmoe2.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmspdmod.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\WMSPDMOE.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmstream.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmv8ds32.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmvdmod.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmvdmoe2.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wmvds32.ax" is compressed (flags = 1)
File "C:\WINDOWS\system32\sethc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\setup.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\setupdll.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\setupn.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\sfc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\sfcfiles.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\sfmapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\shadow.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\share.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\shell.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iasacct.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iasads.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iashlpr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iasnap.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iaspolcy.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iasrad.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iasrecst.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iassam.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iassdo.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\iassvcs.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\icaapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\icfgnt5.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\icm32.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\icmp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\icmui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\icwdial.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\icwphbk.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntdos411.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntdos412.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntdos804.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntdsbcli.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntio.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntio404.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntio411.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntio412.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntio804.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntkrnlpa.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntlanui.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntlanui2.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\ntmsapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mdwmdmsp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mem.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mf3216.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mshearts.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mshta.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\mshta.exe.mui" is compressed (flags = 1)
File "C:\WINDOWS\system32\mshtml.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mshtml.tlb" is compressed (flags = 1)
File "C:\WINDOWS\system32\mshtmled.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mshtmler.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msident.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msidntld.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msieftp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msihnd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mfc40.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mfc40loc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mfc40u.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mfc42u.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mfcsubs.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mgmtapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\microsoft.managementconsole.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msconf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\mscpx32r.dLL" is compressed (flags = 1)
File "C:\WINDOWS\system32\mscpxl32.dLL" is compressed (flags = 1)
File "C:\WINDOWS\system32\MSCTFP.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msdadiag.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\msdatsrc.tlb" is compressed (flags = 1)
File "C:\WINDOWS\system32\msdmo.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\winfax.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\winhlp32.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\winmine.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\winmsd.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\winnls.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\winntbbu.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\findstr.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\finger.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\firewall.cpl" is compressed (flags = 1)
File "C:\WINDOWS\system32\fixmapi.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\fldrclnr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\fltMc.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\fmifs.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\fontext.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\fontsub.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\fontview.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\forcedos.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\framebuf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\freecell.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\avmeter.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\avtapi.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\avwav.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\azroles.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\batt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\bidispl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\p2p.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\p2pgasvc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\p2pgraph.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\p2pnetsh.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\p2psvc.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\packager.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\pagefileconfig.vbs" is compressed (flags = 1)
File "C:\WINDOWS\system32\panmap.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\paqsp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\pathping.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\pautoenr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\pentnt.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\Com\comadmin.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\Com\comrepl.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\Com\comrereg.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\Com\mtsadmin.tlb" is compressed (flags = 1)
File "C:\WINDOWS\system32\config\SECURITY.TPBAK" is compressed (flags = 1)
File "C:\WINDOWS\system32\config\software.bak" is compressed (flags = 1)
File "C:\WINDOWS\system32\config\software.sav" is compressed (flags = 1)
File "C:\WINDOWS\system32\config\default.bak" is compressed (flags = 1)
File "C:\WINDOWS\system32\config\default.sav" is compressed (flags = 1)
File "C:\WINDOWS\system32\config\SAM.bak" is compressed (flags = 1)
File "C:\WINDOWS\system32\config\SAM.TPBAK" is compressed (flags = 1)
File "C:\WINDOWS\system32\config\SECURITY.bak" is compressed (flags = 1)
File "C:\WINDOWS\system32\config\SECURITY.tmp.LOG" is compressed (flags = 1)
File "C:\WINDOWS\system32\config\systemprofile\NtUser.dat.LOG" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rawwan.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rdpwd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rio8drv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\riodrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rmcast.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rndismp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rootmdm.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\scsiport.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fsvga.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fs_rec.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\gm.dls" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mup.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndis.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndproxy.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nikedrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nmnt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\npfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ntfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\null.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sffdisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sffp_sd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\smclib.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sonydcam.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\stream.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tape.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tdi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tdpipe.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tdtcp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tosdvd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tsbvcap.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\udfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usb8023.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbcamd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbcamd2.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbintel.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\vdmindvd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\videoprt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wmilib.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ks.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ksecdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mcd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mf.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mnmdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\modem.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cdfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fips.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\parvdm.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\1394bus.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\amdk6.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\amdk7.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cinemst2.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\classpnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cpqdap01.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\crusoe.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\diskdump.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\dxapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\dxgthk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\enum1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwlnkipx.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwlnknb.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwlnkspx.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwrdr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\oprghdlr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\p3.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\partmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fastfat.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mountmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mqac.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\msfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\atmepvc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\atmlane.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\atmuni.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\beep.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\bridge.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cbidf2k.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cdaudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\etc\services" is compressed (flags = 1)
File "C:\WINDOWS\system32\oobe\msobcomm.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\oobe\msobdl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\oobe\msobmain.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\oobe\msobshel.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\oobe\msobweb.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\oobe\msoobe.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\oobe\oobebaln.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\mofcomp.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\mofd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\msiprov.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\ntevt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\winmgmt.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\winmgmtr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmiadap.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmiapres.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmiaprpl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmic.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmicookr.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\policman.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\provthrd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\scrcons.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\smtpcons.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\stdprov.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\tmplprov.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\trnsprov.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\fwdprov.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\krnlprov.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\evntrprv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmidcprv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\CmdEvTgProv.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\dsprov.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\updprov.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\viewprov.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wbemads.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wbemads.tlb" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wbemcntl.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wbemdisp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wbemdisp.tlb" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wbemperf.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wbemtest.exe" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wbemupgd.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmimsg.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmipcima.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmipdskq.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmipicmp.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmipiprt.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmipjobj.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmiprov.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmipsess.dll" is compressed (flags = 1)
File "C:\WINDOWS\system32\wbem\wmitimep.dll" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService\NTUSER.DAT" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService\NTUSER.DAT.bak" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService\NTUSER.DAT" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService\NTUSER.DAT.bak" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService.NT AUTHORITY.000\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService.NT AUTHORITY.000\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService.NT AUTHORITY.001\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService.NT AUTHORITY.002\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService.NT AUTHORITY.001\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService.NT AUTHORITY.002\NTUSER.DAT" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService.NT AUTHORITY.002\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService.NT AUTHORITY.003\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService.NT AUTHORITY.003\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService.NT AUTHORITY.004\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService.NT AUTHORITY.004\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService.NT AUTHORITY.005\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService.NT AUTHORITY.005\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\TEMP\NTUSER.DAT" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService.NT AUTHORITY.006\NTUSER.DAT" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService.NT AUTHORITY.006\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\LOCALSERVICE.NT AUTHORITY.007\NTUSER.DAT" is compressed (flags = 1)
File "C:\Documents and Settings\LOCALSERVICE.NT AUTHORITY.007\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService.NT AUTHORITY.006\NTUSER.DAT" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService.NT AUTHORITY.006\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService.NT AUTHORITY.008\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService.NT AUTHORITY.007\NTUSER.DAT" is compressed (flags = 1)
File "C:\Documents and Settings\NetworkService.NT AUTHORITY.007\ntuser.dat.LOG" is compressed (flags = 1)
File "C:\Documents and Settings\LocalService.NT AUTHORITY.009\Cookies\index.dat" is compressed (flags = 1)
File "C:\Documents and Settings\Default User.WINDOWS\NTUSER.DAT" is compressed (flags = 1)
File "C:\Documents and Settings\S_PASINI\IETldCache\index.dat" is compressed (flags = 1)
File "C:\WINDOWS\NOTEPAD.EXE" is compressed (flags = 1)
File "C:\WINDOWS\hh.exe" is compressed (flags = 1)
File "C:\WINDOWS\regedit.exe" is compressed (flags = 1)
File "C:\WINDOWS\twain_32.dll" is compressed (flags = 1)
File "C:\WINDOWS\twunk_16.exe" is compressed (flags = 1)
File "C:\WINDOWS\twunk_32.exe" is compressed (flags = 1)
File "C:\WINDOWS\vmmreg32.dll" is compressed (flags = 1)
File "C:\WINDOWS\TASKMAN.EXE" is compressed (flags = 1)
File "C:\WINDOWS\twain.dll" is compressed (flags = 1)
File "C:\WINDOWS\WindowsUpdate.log" is compressed (flags = 1)
File "C:\WINDOWS\winhelp.exe" is compressed (flags = 1)
File "C:\WINDOWS\winhlp32.exe" is compressed (flags = 1)
File "C:\WINDOWS\AppPatch\AcLua.dll" is compressed (flags = 1)
File "C:\WINDOWS\AppPatch\AcSpecfc.dll" is compressed (flags = 1)
File "C:\WINDOWS\AppPatch\AcXtrnal.dll" is compressed (flags = 1)
File "C:\WINDOWS\AppPatch\apphelp.sdb" is compressed (flags = 1)
File "C:\WINDOWS\AppPatch\apph_sp.sdb" is compressed (flags = 1)
File "C:\WINDOWS\AppPatch\drvmain.sdb" is compressed (flags = 1)
File "C:\WINDOWS\AppPatch\msimain.sdb" is compressed (flags = 1)
File "C:\WINDOWS\AppPatch\sysmain.sdb" is compressed (flags = 1)
File "C:\WINDOWS\Fonts\marlett.ttf" is compressed (flags = 1)
File "C:\WINDOWS\Fonts\micross.ttf" is compressed (flags = 1)
File "C:\WINDOWS\Fonts\modern.fon" is compressed (flags = 1)
File "C:\WINDOWS\Fonts\script.fon" is compressed (flags = 1)
File "C:\WINDOWS\Fonts\tahoma.ttf" is compressed (flags = 1)
File "C:\WINDOWS\Fonts\tahomabd.ttf" is compressed (flags = 1)
File "C:\WINDOWS\Fonts\dosapp.fon" is compressed (flags = 1)
File "C:\WINDOWS\Fonts\vgaoem.fon" is compressed (flags = 1)
File "C:\WINDOWS\Fonts\framd.ttf" is compressed (flags = 1)
File "C:\WINDOWS\Fonts\framdit.ttf" is compressed (flags = 1)
File "C:\WINDOWS\Help\sniffpol.dll" is compressed (flags = 1)
File "C:\WINDOWS\Help\tshoot.dll" is compressed (flags = 1)
File "C:\WINDOWS\Help\apps.chm" is compressed (flags = 1)
File "C:\WINDOWS\Help\bnts.dll" is compressed (flags = 1)
File "C:\WINDOWS\Help\sstub.dll" is compressed (flags = 1)
File "C:\WINDOWS\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe" is compressed (flags = 1)
File "C:\WINDOWS\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe" is compressed (flags = 1)
File "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe" is compressed (flags = 1)
File "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regasm.exe.config" is compressed (flags = 1)
File "C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\vbc.exe" is compressed (flags = 1)
File "C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\vbc.exe.config" is compressed (flags = 1)
File "C:\WINDOWS\system\AVICAP.DLL" is compressed (flags = 1)
File "C:\WINDOWS\system\AVIFILE.DLL" is compressed (flags = 1)
File "C:\WINDOWS\system\COMMDLG.DLL" is compressed (flags = 1)
File "C:\WINDOWS\system\KEYBOARD.DRV" is compressed (flags = 1)
File "C:\WINDOWS\system\LZEXPAND.DLL" is compressed (flags = 1)
File "C:\WINDOWS\system\MCIAVI.DRV" is compressed (flags = 1)
File "C:\WINDOWS\system\MCISEQ.DRV" is compressed (flags = 1)
File "C:\WINDOWS\system\MCIWAVE.DRV" is compressed (flags = 1)
File "C:\WINDOWS\system\MMSYSTEM.DLL" is compressed (flags = 1)
File "C:\WINDOWS\system\MMTASK.TSK" is compressed (flags = 1)
File "C:\WINDOWS\system\MOUSE.DRV" is compressed (flags = 1)
File "C:\WINDOWS\system\MSVIDEO.DLL" is compressed (flags = 1)
File "C:\WINDOWS\system\OLECLI.DLL" is compressed (flags = 1)
File "C:\WINDOWS\system\OLESVR.DLL" is compressed (flags = 1)
File "C:\WINDOWS\system\SHELL.DLL" is compressed (flags = 1)
File "C:\WINDOWS\system\SOUND.DRV" is compressed (flags = 1)
File "C:\WINDOWS\system\stdole.tlb" is compressed (flags = 1)
File "C:\WINDOWS\system\SYSTEM.DRV" is compressed (flags = 1)
File "C:\WINDOWS\system\TAPI.DLL" is compressed (flags = 1)
File "C:\WINDOWS\system\TIMER.DRV" is compressed (flags = 1)
File "C:\WINDOWS\system\VER.DLL" is compressed (flags = 1)
File "C:\WINDOWS\system\VGA.DRV" is compressed (flags = 1)
File "C:\WINDOWS\system\WFWNET.DRV" is compressed (flags = 1)
File "C:\WINDOWS\system\WINSPOOL.DRV" is compressed (flags = 1)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
Removing C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-I.mbam...
Removing C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 
Well I think we got rid of those rookits alright because there weren't any traces so far and we'll hope they went away for good..!Tks again because we didn't miss any step I mean I did'em all the way you told me to! Tks again and if I can be of some help in matters as language/interpretation/translations - italian/spanish-English pairs just let me know and I'll give you some advice for free! Tks!
 
You must log in or register to reply here.

Similar threads

D
Rogue Chrome extensions can steal passwords from websites such as Gmail, Amazon & Facebook
Replies
2
Views
385
Eldritch
Eldritch
Bob O'Donnell
Data Governance and Provenance: Two words that are critical to the future of generative AI
Replies
1
Views
117
human7
H
Jimmy2x
Harvard is bringing its own brand of generative AI to the classroom
Replies
0
Views
418
Jimmy2x
Jimmy2x

Latest posts

Back