Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Multiple Issues

Started by Jackler , Aug 08 2010 05:55 PM

  • Please log in to reply

#1
Jackler
Posted 08 August 2010 - 05:55 PM

Jackler

    Member

  • Member
  • PipPip
  • 94 posts
I've been experiencing highly unusual problems lately. There are multiple processes that I don't recognize, and weirdly, there's usually 8 or so svchost.exe processes running, one of which is a memory/resource hog, usually anywhere from 60-200MB. Closing it doesn't seem to create any problems. I recieve multiple redirects and random pages opening. The PC has overall been insanely slow, even with nothing open. Also, random BSOD's.

Here are the logs:

Edited by Jackler, 08 August 2010 - 06:00 PM.

  • 0

Advertisements

#2
Jackler
Posted 08 August 2010 - 06:02 PM

Jackler

    Member

  • Topic Starter
  • Member
  • PipPip
  • 94 posts
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4407

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

8/8/2010 1:42:41 PM
mbam-log-2010-08-08 (13-42-41).txt

Scan type: Quick scan
Objects scanned: 149009
Time elapsed: 7 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\$Recycle.Bin\S-1-5-21-613363634-3199914899-2636470584-1000\$RKRBGI2\POL.006 (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-613363634-3199914899-2636470584-1000\$RKRBGI2\POL.007 (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\USBDeview.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

-------------------------------------------------------------------------------
  • 0

#3
Jackler
Posted 08 August 2010 - 06:03 PM

Jackler

    Member

  • Topic Starter
  • Member
  • PipPip
  • 94 posts
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-08 16:32:51
Windows 6.1.7600
Running: gmer.exe; Driver: C:\Users\Kristen\AppData\Local\Temp\fwldipow.sys


---- System - GMER 1.0.15 ----

INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83028AF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83028104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 830283F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83010FB4
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 830281DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83028958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 830286F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83028F2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 830291A8

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!ZwSaveKeyEx + 13B1 82C438E9 1 Byte [06]
.text ntoskrnl.exe!KiDispatchInterrupt + 5A2 82C633D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? System32\drivers\qdklp.sys The system cannot find the path specified. !
? System32\Drivers\sper.sys The system cannot find the path specified. !
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x91812000, 0x227A14, 0xE8000020]
.text USBPORT.SYS!DllUnload 91DA3CA0 5 Bytes JMP 8646E1D8
.text peauth.sys 9AD59C9D 28 Bytes [DE, 5C, DE, B5, 2A, 56, 42, ...]
.text peauth.sys 9AD59CC1 28 Bytes [DE, 5C, DE, B5, 2A, 56, 42, ...]
.text kernel32.dll 7723FE00 81 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text kernel32.dll 7723FE52 15 Bytes [00, 89, 4D, F4, 89, 4D, F8, ...]
.text kernel32.dll 7723FE62 1 Byte [00]
.text kernel32.dll 7723FE62 7 Bytes [00, 00, 39, 0F, 0F, 85, DA]
.text kernel32.dll 7723FE6A 1 Byte [00]
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\Explorer.EXE[1044] ntdll.dll!NtProtectVirtualMemory 77365360 5 Bytes JMP 0039000A
.text C:\Windows\Explorer.EXE[1044] ntdll.dll!NtWriteVirtualMemory 77365EE0 5 Bytes JMP 003A000A
.text C:\Windows\Explorer.EXE[1044] ntdll.dll!KiUserExceptionDispatcher 77366448 5 Bytes JMP 0038000A
.text C:\Windows\system32\svchost.exe[1304] ntdll.dll!NtProtectVirtualMemory 77365360 5 Bytes JMP 0020000A
.text C:\Windows\system32\svchost.exe[1304] ntdll.dll!NtWriteVirtualMemory 77365EE0 5 Bytes JMP 0021000A
.text C:\Windows\system32\svchost.exe[1304] ntdll.dll!KiUserExceptionDispatcher 77366448 5 Bytes JMP 0017000A
.text C:\Windows\system32\svchost.exe[1304] ole32.dll!CoCreateInstance 76A457FC 5 Bytes JMP 004C000A
.text C:\Windows\system32\svchost.exe[1304] USER32.dll!GetCursorPos 76BFC198 5 Bytes JMP 009D000A
.text C:\Program Files\Mozilla Firefox\firefox.exe[1316] ntdll.dll!NtProtectVirtualMemory 77365360 5 Bytes JMP 004C000A
.text C:\Program Files\Mozilla Firefox\firefox.exe[1316] ntdll.dll!NtWriteVirtualMemory 77365EE0 5 Bytes JMP 004D000A
.text C:\Program Files\Mozilla Firefox\firefox.exe[1316] ntdll.dll!KiUserExceptionDispatcher 77366448 5 Bytes JMP 0049000A
.text C:\Windows\explorer.exe[3280] ntdll.dll!NtProtectVirtualMemory 77365360 5 Bytes JMP 0018000A
.text C:\Windows\explorer.exe[3280] ntdll.dll!NtWriteVirtualMemory 77365EE0 5 Bytes JMP 0019000A
.text C:\Windows\explorer.exe[3280] ntdll.dll!KiUserExceptionDispatcher 77366448 5 Bytes JMP 0017000A
.text C:\Windows\system32\wuauclt.exe[3644] ntdll.dll!NtProtectVirtualMemory 77365360 5 Bytes JMP 0012000A
.text C:\Windows\system32\wuauclt.exe[3644] ntdll.dll!NtWriteVirtualMemory 77365EE0 5 Bytes JMP 0048000A
.text C:\Windows\system32\wuauclt.exe[3644] ntdll.dll!KiUserExceptionDispatcher 77366448 5 Bytes JMP 0011000A

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 85D361F8
Device \FileSystem\fastfat \FatCdrom 854101F8
Device \FileSystem\udfs \UdfsCdRom 860D91F8
Device \FileSystem\udfs \UdfsDisk 860D91F8
Device \Driver\volmgr \Device\VolMgrControl 85D321F8
Device \Driver\usbuhci \Device\USBPDO-0 8647F1F8
Device \Driver\usbuhci \Device\USBPDO-1 8647F1F8
Device \Driver\usbuhci \Device\USBPDO-2 8647F1F8
Device \Driver\ACPI_HAL \Device\00000053 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-3 8647F1F8
Device \Driver\usbehci \Device\USBPDO-4 8644D500

AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\volmgr \Device\HarddiskVolume1 85D321F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\volmgr \Device\HarddiskVolume2 85D321F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\cdrom \Device\CdRom0 860B21F8
Device \Driver\volmgr \Device\HarddiskVolume3 85D321F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\cdrom \Device\CdRom1 860B21F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 85D341F8
Device \Driver\atapi \Device\Ide\IdePort0 85D341F8
Device \Driver\atapi \Device\Ide\IdePort1 85D341F8
Device \Driver\atapi \Device\Ide\IdePort2 85D341F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 85D341F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-4 85D341F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-3 85D341F8
Device \Driver\volmgr \Device\HarddiskVolume4 85D321F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\NetBT \Device\NetBt_Wins_Export 8610D1F8

AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\NetBT \Device\NetBT_Tcpip_{0FEB1BB4-D483-4E9B-831E-2AC1814635F3} 8610D1F8

AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBFDO-0 8647F1F8
Device \Driver\usbuhci \Device\USBFDO-1 8647F1F8
Device \Driver\usbuhci \Device\USBFDO-2 8647F1F8
Device \Driver\usbuhci \Device\USBFDO-3 8647F1F8
Device \Driver\usbehci \Device\USBFDO-4 8644D500
Device \FileSystem\fastfat \Fat 854101F8

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device -> \Driver\atapi \Device\Harddisk0\DR0 86164D01

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792

---- Files - GMER 1.0.15 ----

File C:\Windows\system32\drivers\atapi.sys suspicious modification

---- EOF - GMER 1.0.15 ----
  • 0

#4
Jackler
Posted 08 August 2010 - 06:05 PM

Jackler

    Member

  • Topic Starter
  • Member
  • PipPip
  • 94 posts
OTL logfile created on: 8/8/2010 5:30:26 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Kristen\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 42.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 62.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.75 Gb Total Space | 43.65 Gb Free Space | 39.06% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 2.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 139.91 Gb Total Space | 82.85 Gb Free Space | 59.22% Space Free | Partition Type: NTFS
Drive G: | 175.82 Gb Total Space | 76.74 Gb Free Space | 43.65% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 50.01 Gb Total Space | 49.91 Gb Free Space | 99.80% Space Free | Partition Type: NTFS

Computer Name: HINATA
Current User Name: Kristen
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/08 16:47:32 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kristen\Downloads\OTL.exe
PRC - [2010/08/08 14:39:44 | 001,053,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/08/08 14:39:44 | 000,597,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/08/08 14:39:44 | 000,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/08/08 14:39:43 | 000,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/08/08 14:39:42 | 004,010,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgui.exe
PRC - [2010/08/08 14:39:40 | 002,007,320 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/08/08 14:39:36 | 000,826,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/08/08 14:39:31 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/08/08 14:39:30 | 000,744,728 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgscanx.exe
PRC - [2010/07/30 01:22:07 | 003,856,752 | ---- | M] (MediaMall Technologies, Inc.) -- C:\Program Files\MediaMall\MediaMallServer.exe
PRC - [2010/06/14 19:17:48 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/01/23 15:44:00 | 001,039,360 | ---- | M] () -- C:\Program Files\WinRAR\WinRAR.exe
PRC - [2009/12/21 18:04:02 | 000,036,352 | ---- | M] (Orb Networks) -- C:\Program Files\Orb Networks\Orb\bin\OrbMediaService.exe
PRC - [2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/10/16 15:07:56 | 000,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/07/17 22:12:12 | 000,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe
PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 20:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/15 18:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exe


========== Modules (SafeList) ==========

MOD - [2010/08/08 16:47:32 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kristen\Downloads\OTL.exe
MOD - [2010/08/08 14:40:09 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2009/07/13 20:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 20:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 20:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 20:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 20:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 20:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 20:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 20:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 20:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/13 20:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (jyrecfjxzsqyuc)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - File not found [Auto | Stopped] -- C:\Windows\System32\hazmzl.exe -- (cfaxanufebwpae)
SRV - [2010/08/08 14:39:31 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/07/30 01:22:07 | 003,856,752 | ---- | M] (MediaMall Technologies, Inc.) [Auto | Running] -- C:\Program Files\MediaMall\MediaMallServer.exe -- (MediaMall Server)
SRV - [2010/03/04 04:00:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/12/30 18:24:34 | 000,703,488 | ---- | M] (FileZilla Project) [Disabled | Stopped] -- C:\Program Files\FileZilla Server\FileZilla Server.exe -- (FileZilla Server)
SRV - [2009/12/21 18:04:02 | 000,036,352 | ---- | M] (Orb Networks) [Auto | Running] -- C:\Program Files\Orb Networks\Orb\bin\OrbMediaService.exe -- (OrbMediaService)
SRV - [2009/11/29 17:08:04 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/13 20:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 20:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 20:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 20:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 20:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 20:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 20:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 20:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 20:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 20:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 20:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 20:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 20:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 20:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 20:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 20:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/15 18:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [File_System | Auto | Stopped] -- C:\Windows\System32\DRIVERS\eamonm.sys -- (eamonm)
DRV - [2010/08/08 14:40:08 | 000,161,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/08/08 14:40:06 | 000,356,616 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/08/08 14:40:04 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/08/08 14:40:03 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/12/11 02:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/11/09 09:19:01 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/10/26 17:54:26 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/10/17 07:26:02 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2009/10/16 20:12:02 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2009/10/14 10:59:38 | 000,022,696 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/07/13 20:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/13 20:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 20:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 20:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 20:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 20:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 20:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/13 20:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 20:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/13 20:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/13 20:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/13 20:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 20:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/13 20:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 20:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 20:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 20:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 20:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 20:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 20:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/13 20:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 20:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 20:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 20:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 20:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 20:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 20:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 20:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/13 20:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 20:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/13 20:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 20:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 20:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 20:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 20:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 20:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/13 19:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 19:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 19:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 18:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 18:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 18:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 18:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 18:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 18:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2009/07/13 18:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 18:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 18:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 18:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 18:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 18:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 18:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 18:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 18:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 17:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 17:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 17:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 17:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 17:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 17:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 17:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/13 17:02:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2009/07/13 17:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 17:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 17:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/05/09 01:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009/02/24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/04/18 08:59:40 | 000,098,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\COMMONFX.DLL -- (COMMONFX.DLL)
DRV - [2007/04/12 08:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2007/04/12 08:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2007/04/12 08:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2007/04/12 08:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2007/04/12 08:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2007/04/12 08:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2007/04/12 08:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - [2007/04/12 08:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - [2007/04/12 08:10:16 | 000,560,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV - [2007/04/12 08:10:16 | 000,546,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - [2007/04/10 06:00:24 | 000,157,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2007/04/10 05:59:04 | 000,126,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2007/04/10 04:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2007/04/10 04:31:18 | 000,163,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2007/04/10 04:29:10 | 000,797,992 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2007/04/10 04:28:36 | 000,092,968 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2007/04/10 04:25:46 | 000,014,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2007/04/10 04:21:06 | 000,347,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2007/04/10 04:20:38 | 000,520,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2007/04/10 04:19:30 | 000,511,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)


========== Standard Registry (SafeList) ==========
  • 0

#5
Jackler
Posted 08 August 2010 - 06:07 PM

Jackler

    Member

  • Topic Starter
  • Member
  • PipPip
  • 94 posts
========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1E FE 7F 34 F3 FD CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/08/08 14:39:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/14 19:18:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/14 19:19:03 | 000,000,000 | ---D | M]

[2010/07/30 23:44:01 | 000,000,000 | ---D | M] -- C:\Users\Kristen\AppData\Roaming\Mozilla\Extensions
[2010/07/30 23:44:01 | 000,000,000 | ---D | M] -- C:\Users\Kristen\AppData\Roaming\Mozilla\Firefox\Profiles\jmydy8m3.default\extensions
[2010/08/08 14:25:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/10 10:49:27 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (VidToMP3.com Toolbar) - {BBF89FDA-07F1-4AD3-86B1-0DE425EE8097} - C:\Program Files\vidtomp3Tb\vidtomp3Dx.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (VidToMP3.com Toolbar) - {BBF89FDA-07F1-4AD3-86B1-0DE425EE8097} - C:\Program Files\vidtomp3Tb\vidtomp3Dx.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/07/14 04:26:40 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{7dc0adac-c3ae-11de-af4d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7dc0adac-c3ae-11de-af4d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2009/07/14 04:26:40 | 000,111,880 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\Windows\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\Windows\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

========== Files/Folders - Created Within 90 Days ==========

[2010/08/08 15:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Gosu
[2010/08/08 14:40:17 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/08/08 14:40:09 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/08/08 14:40:07 | 000,161,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010/08/08 14:40:06 | 000,356,616 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/08/08 14:40:04 | 000,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/08/08 14:40:03 | 000,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/08/08 14:40:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010/08/08 14:39:29 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/08/08 14:39:29 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/08/08 13:51:53 | 000,000,000 | ---D | C] -- C:\Users\Kristen\Desktop\AVG Anti-Virus Professional 9.0 Build 663a1706
[2010/08/08 13:26:46 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Roaming\Malwarebytes
[2010/08/08 13:26:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/08/08 13:26:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/08/08 13:26:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/08 13:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/08 13:22:12 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/08 13:21:21 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/08/08 06:16:17 | 000,000,000 | ---D | C] -- C:\NewOS
[2010/08/08 03:46:12 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Local\ApplicationHistory
[2010/08/05 18:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010/07/30 23:43:49 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Local\Mozilla
[2010/07/28 22:18:02 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2010/07/27 13:36:45 | 000,000,000 | ---D | C] -- C:\Users\Kristen\Desktop\sd
[2010/07/11 12:30:38 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Local\Blizzard Entertainment
[2010/07/11 10:29:54 | 000,000,000 | -HSD | C] -- C:\Program Files\Services
[2010/07/07 01:14:15 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Roaming\skypePM
[2010/07/07 01:12:43 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Roaming\Skype
[2010/06/29 10:42:32 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Local\Diagnostics
[2010/06/17 12:28:00 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Roaming\vlc
[2010/06/14 19:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/06/14 19:17:50 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/06/14 19:17:49 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/06/14 19:17:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2010/06/14 19:17:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010/06/14 19:17:43 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Roaming\Real
[2010/06/14 19:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/06/14 19:15:26 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Roaming\Yahoo!
[2010/06/06 13:23:51 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Local\Unity
[2010/06/03 20:43:24 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/06/02 21:03:01 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Local\Apple
[2010/06/02 10:48:28 | 000,000,000 | ---D | C] -- C:\ProgramData\EmailNotifier
[2010/06/02 10:48:19 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Roaming\Mozilla
[2010/06/02 10:48:13 | 000,000,000 | ---D | C] -- C:\Program Files\vidtomp3Tb
[2010/06/02 09:49:32 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Local\Adobe
[2010/06/01 15:47:35 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Local\Google
[2010/06/01 15:47:19 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Local\Deployment
[2010/06/01 15:47:19 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Local\Apps
[2010/05/28 11:14:45 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/05/27 19:00:15 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Roaming\WinRAR
[2010/05/27 18:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/05/27 18:44:47 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Local\ESET
[2010/05/27 18:20:09 | 000,000,000 | ---D | C] -- C:\Users\Kristen\AppData\Roaming\Teleca
[2010/05/17 10:06:02 | 000,000,000 | ---D | C] -- C:\ProgramData\UOAM
[2010/05/17 10:01:46 | 000,000,000 | ---D | C] -- C:\Program Files\UOAM
[2010/05/15 22:44:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sallos
[2010/05/15 22:38:54 | 000,000,000 | ---D | C] -- C:\Program Files\Managed DirectX (0901)
[2010/05/11 19:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\ConnectUO 2.0
[2010/05/11 19:24:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2010/05/11 18:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2010/05/11 18:13:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2010/05/11 17:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2010/05/11 17:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010/05/11 16:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\Razor
[2007/04/09 12:32:58 | 000,034,816 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll

========== Files - Modified Within 90 Days ==========

[2010/08/08 17:40:41 | 002,621,440 | -HS- | M] () -- C:\Users\Kristen\NTUSER.DAT
[2010/08/08 17:22:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-613363634-3199914899-2636470584-1000UA.job
[2010/08/08 17:15:08 | 063,098,205 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/08/08 15:55:34 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/08 15:11:19 | 000,020,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/08 15:11:19 | 000,020,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/08 15:03:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/08 15:02:52 | 1609,867,264 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/08 15:02:10 | 000,031,056 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000002-00000000-00000007-00001102-00000004-10021102}.rfx
[2010/08/08 15:02:10 | 000,031,056 | ---- | M] () -- C:\Windows\System32\BMXState-{00000002-00000000-00000007-00001102-00000004-10021102}.rfx
[2010/08/08 15:02:10 | 000,030,528 | ---- | M] () -- C:\Windows\System32\BMXCtrlState-{00000002-00000000-00000007-00001102-00000004-10021102}.rfx
[2010/08/08 15:02:10 | 000,030,528 | ---- | M] () -- C:\Windows\System32\BMXBkpCtrlState-{00000002-00000000-00000007-00001102-00000004-10021102}.rfx
[2010/08/08 15:02:10 | 000,011,564 | ---- | M] () -- C:\Windows\System32\DVCState-{00000002-00000000-00000007-00001102-00000004-10021102}.rfx
[2010/08/08 15:01:49 | 002,038,918 | -H-- | M] () -- C:\Users\Kristen\AppData\Local\IconCache.db
[2010/08/08 14:43:11 | 000,031,232 | ---- | M] () -- C:\Windows\System32\cmdow.exe
[2010/08/08 14:42:49 | 000,142,495 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2010/08/08 14:40:14 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/08/08 14:40:09 | 000,492,629 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2010/08/08 14:40:09 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/08/08 14:40:09 | 000,001,812 | ---- | M] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010/08/08 14:40:08 | 000,161,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010/08/08 14:40:06 | 000,356,616 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/08/08 14:40:04 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/08/08 14:40:03 | 006,061,540 | ---- | M] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2010/08/08 14:40:03 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/08/08 13:26:41 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/08 13:04:59 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010/08/08 13:04:59 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2010/08/08 12:11:16 | 000,001,236 | RHS- | M] () -- C:\Users\Kristen\ntuser.pol
[2010/08/08 06:14:56 | 000,000,002 | ---- | M] () -- C:\$UpgDrv$
[2010/08/07 23:22:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-613363634-3199914899-2636470584-1000Core.job
[2010/08/05 21:25:12 | 000,000,723 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010/07/28 22:20:39 | 000,000,186 | ---- | M] () -- C:\Windows\tasks\{BF41C2A3-DC54-4289-BD4F-2B8FF56821FD}.job
[2010/07/28 22:18:29 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/07/28 20:02:24 | 000,000,000 | -H-- | M] () -- C:\Windows\MEMORY.DMP
[2010/07/27 14:10:37 | 000,727,362 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/27 14:10:37 | 000,623,890 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/27 14:10:37 | 000,107,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/24 01:00:28 | 000,040,224 | ---- | M] () -- C:\Users\Kristen\ForYourInspectionGoodSir.rtf
[2010/07/07 21:32:43 | 000,000,466 | ---- | M] () -- C:\Users\Kristen\Desktop\World of Warcraft Installer.lnk
[2010/07/04 18:22:13 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\Install Microsoft IntelliType Pro.lnk
[2010/06/14 19:18:58 | 000,001,234 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/06/14 19:17:50 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/06/11 17:31:17 | 000,060,208 | ---- | M] () -- C:\Users\Kristen\633734487345979110-YOU.jpg
[2010/06/07 20:27:56 | 000,041,862 | ---- | M] () -- C:\Users\Kristen\DaBear.JPG
[2010/06/04 09:08:56 | 000,211,528 | ---- | M] () -- C:\Users\Kristen\WoWScrnShot_060410_081317.jpg
[2010/06/04 09:08:51 | 000,191,068 | ---- | M] () -- C:\Users\Kristen\WoWScrnShot_060410_081308.jpg
[2010/06/01 15:48:41 | 000,002,320 | ---- | M] () -- C:\Users\Kristen\Desktop\Google Chrome.lnk
[2010/06/01 15:47:37 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-613363634-3199914899-2636470584-1003Core.job
[2010/05/31 04:14:20 | 754,379,907 | ---- | M] () -- C:\Users\Kristen\Desktop\Kick [bleep] 2010.mp4
[2010/05/29 22:39:34 | 000,001,098 | ---- | M] () -- C:\Users\Kristen\Desktop\DirectKiss - Shortcut.lnk
[2010/05/27 18:48:40 | 004,958,588 | ---- | M] () -- C:\Windows\{00000002-00000000-00000007-00001102-00000004-10021102}.CDF
[2010/05/27 18:48:23 | 004,958,588 | ---- | M] () -- C:\Windows\{00000002-00000000-00000007-00001102-00000004-10021102}.BAK
[2010/05/17 10:01:47 | 000,000,933 | ---- | M] () -- C:\Users\Kristen\Desktop\UO Auto-Map.lnk
[2010/05/16 11:25:27 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/05/15 22:37:18 | 000,057,344 | ---- | M] () -- C:\Windows\System32\zlib32.dll
[2010/05/11 19:47:21 | 000,001,007 | ---- | M] () -- C:\Users\Kristen\Desktop\ConnectUO 2.0.lnk
[2010/05/11 16:41:09 | 000,000,939 | ---- | M] () -- C:\Users\Kristen\Desktop\Razor.lnk
  • 0

#6
Jackler
Posted 08 August 2010 - 06:09 PM

Jackler

    Member

  • Topic Starter
  • Member
  • PipPip
  • 94 posts
========== Files Created - No Company Name ==========

[2010/08/08 14:43:11 | 000,031,232 | ---- | C] () -- C:\Windows\System32\cmdow.exe
[2010/08/08 14:40:14 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/08/08 14:40:09 | 063,098,205 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/08/08 14:40:09 | 000,492,629 | ---- | C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2010/08/08 14:40:09 | 000,142,495 | ---- | C] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2010/08/08 14:40:09 | 000,001,812 | ---- | C] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010/08/08 14:40:02 | 006,061,540 | ---- | C] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2010/08/08 13:26:41 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/08 06:14:56 | 000,000,002 | ---- | C] () -- C:\$UpgDrv$
[2010/08/08 06:00:06 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010/08/08 06:00:06 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2010/07/28 22:20:39 | 000,000,186 | ---- | C] () -- C:\Windows\tasks\{BF41C2A3-DC54-4289-BD4F-2B8FF56821FD}.job
[2010/07/28 20:02:22 | 000,000,000 | -H-- | C] () -- C:\Windows\MEMORY.DMP
[2010/07/24 01:00:26 | 000,040,224 | ---- | C] () -- C:\Users\Kristen\ForYourInspectionGoodSir.rtf
[2010/07/10 09:42:58 | 000,000,723 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010/06/17 17:20:35 | 754,379,907 | ---- | C] () -- C:\Users\Kristen\Desktop\Kick [bleep] 2010.mp4
[2010/06/14 19:18:58 | 000,001,234 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/06/11 17:31:15 | 000,060,208 | ---- | C] () -- C:\Users\Kristen\633734487345979110-YOU.jpg
[2010/06/07 20:27:53 | 000,041,862 | ---- | C] () -- C:\Users\Kristen\DaBear.JPG
[2010/06/04 09:09:27 | 000,081,920 | -HS- | C] () -- C:\Users\Kristen\Thumbs.db
[2010/06/04 09:08:51 | 000,211,528 | ---- | C] () -- C:\Users\Kristen\WoWScrnShot_060410_081317.jpg
[2010/06/04 09:08:47 | 000,191,068 | ---- | C] () -- C:\Users\Kristen\WoWScrnShot_060410_081308.jpg
[2010/06/01 15:48:41 | 000,002,320 | ---- | C] () -- C:\Users\Kristen\Desktop\Google Chrome.lnk
[2010/06/01 15:47:37 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-613363634-3199914899-2636470584-1003Core.job
[2010/05/31 15:30:42 | 004,608,064 | ---- | C] () -- C:\Users\Kristen\Desktop\HTC_IME_hi.apk
[2010/05/29 22:39:34 | 000,001,098 | ---- | C] () -- C:\Users\Kristen\Desktop\DirectKiss - Shortcut.lnk
[2010/05/17 10:01:47 | 000,000,933 | ---- | C] () -- C:\Users\Kristen\Desktop\UO Auto-Map.lnk
[2010/05/16 11:25:27 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/05/15 22:37:18 | 000,057,344 | ---- | C] () -- C:\Windows\System32\zlib32.dll
[2010/05/11 19:47:21 | 000,001,007 | ---- | C] () -- C:\Users\Kristen\Desktop\ConnectUO 2.0.lnk
[2010/05/11 18:14:22 | 000,000,466 | ---- | C] () -- C:\Users\Kristen\Desktop\World of Warcraft Installer.lnk
[2010/05/11 16:39:56 | 000,000,939 | ---- | C] () -- C:\Users\Kristen\Desktop\Razor.lnk
[2010/04/27 14:29:39 | 000,347,136 | ---- | C] () -- C:\Windows\binkw32.dll
[2010/04/27 14:26:28 | 000,347,136 | ---- | C] () -- C:\Windows\System32\binkw32.dll
[2010/04/26 21:43:06 | 000,000,274 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010/02/21 09:25:24 | 000,009,839 | ---- | C] () -- C:\Windows\System32\mswanaore.dll
[2010/01/27 08:17:20 | 000,000,000 | ---- | C] () -- C:\Windows\DbgOut.INI
[2010/01/14 13:49:57 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/01/14 13:49:56 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/01/14 13:49:55 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/01/14 13:49:55 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/01/14 13:49:53 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2010/01/14 13:49:52 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/11/09 09:19:01 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2008/12/27 09:18:20 | 000,005,120 | ---- | C] () -- C:\Windows\System32\lwel-manifest.dll
[2008/08/31 09:54:09 | 000,155,648 | ---- | C] () -- C:\Windows\System32\msnacaord.dll
[2007/04/12 08:10:28 | 000,105,728 | ---- | C] () -- C:\Windows\System32\APOMgrH.dll
[2007/04/09 12:55:14 | 000,097,785 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2007/04/09 12:55:14 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2007/04/09 12:33:50 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CTBurst.dll
[2006/10/02 09:25:18 | 000,000,307 | ---- | C] () -- C:\Windows\System32\kill.ini
[2005/06/16 10:17:16 | 000,071,680 | ---- | C] () -- C:\Windows\System32\ctmmactl.dll

========== LOP Check ==========

[2010/05/27 18:43:51 | 000,000,000 | ---D | M] -- C:\Users\Kristen\AppData\Roaming\Teleca
[2010/08/08 15:54:31 | 000,032,642 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/07/28 22:20:39 | 000,000,186 | ---- | M] () -- C:\Windows\Tasks\{BF41C2A3-DC54-4289-BD4F-2B8FF56821FD}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/08/08 06:14:56 | 000,000,002 | ---- | M] () -- C:\$UpgDrv$
[2009/09/22 22:26:16 | 000,082,694 | ---- | M] () -- C:\-_Demonoid.com_-Batman_Arkham_Asylum_READNFO_PC_FULL_GAME_windows_fast_upload_1745186.196_[mininova].torrent
[2008/07/25 23:55:45 | 008,312,832 | ---- | M] () -- C:\01 - Blind Guardian - Time What Is Time.mp3
[2008/07/25 23:56:01 | 006,234,112 | ---- | M] () -- C:\03 - Blind Guardian - Bright Eyes.mp3
[2009/05/16 00:19:44 | 000,069,468 | ---- | M] () -- C:\AppstoSD2.apk
[2010/01/28 06:19:12 | 000,046,524 | ---- | M] () -- C:\AppstoSD2.zip
[2009/06/10 16:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/03/02 20:43:32 | 000,000,089 | ---- | M] () -- C:\bmr.txt
[2009/07/04 23:24:33 | 000,000,211 | -H-- | M] () -- C:\Boot.BAK
[2009/10/28 06:41:05 | 000,000,355 | RHS- | M] () -- C:\Boot.ini.saved
[2009/07/13 20:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009/10/28 06:41:07 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009/06/10 16:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2009/05/18 00:45:13 | 000,035,260 | ---- | M] () -- C:\cover.jpg
[2010/03/10 16:26:04 | 000,000,215 | ---- | M] () -- C:\dailymeal.txt
[2009/10/05 20:15:57 | 018,948,706 | ---- | M] () -- C:\dvd-ripper-ultimate.exe
[2009/10/28 18:00:40 | 000,203,836 | RHS- | M] () -- C:\grldr
[2010/08/08 15:02:52 | 1609,867,264 | -HS- | M] () -- C:\hiberfil.sys
[2009/09/08 21:00:24 | 000,000,429 | ---- | M] () -- C:\Install Info - Read First.rtf
[2009/01/01 21:51:28 | 000,000,188 | ---- | M] () -- C:\INSTALL.LOG
[2008/11/23 09:42:07 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/11/19 16:42:50 | 000,001,266 | -H-- | M] () -- C:\IPH.PH
[2010/03/28 22:05:38 | 000,000,435 | ---- | M] () -- C:\LOGE70C.log
[2010/04/14 20:34:44 | 000,004,615 | ---- | M] () -- C:\Lorens Diet.txt
[2010/04/14 20:30:16 | 000,000,776 | ---- | M] () -- C:\Lorens Example Diet Day Example.txt
[2010/04/14 20:29:34 | 000,000,776 | ---- | M] () -- C:\Lorens Example Diet Day-Week.txt
[2008/12/06 00:14:15 | 000,000,350 | ---- | M] () -- C:\Media.lnk
[2009/10/06 22:11:27 | 001,895,859 | ---- | M] () -- C:\MLyricsPPC.CAB
[2008/11/23 09:42:07 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/05/03 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/05/03 07:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2009/10/13 10:37:44 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2009/10/13 10:37:44 | 000,001,024 | -H-- | M] () -- C:\ntuser.dat.LOG
[2010/08/08 15:03:00 | 2146,492,416 | -HS- | M] () -- C:\pagefile.sys
[2009/09/17 10:28:05 | 000,000,148 | ---- | M] () -- C:\Prosper.txt
[2010/01/29 00:34:26 | 000,166,021 | ---- | M] () -- C:\Root.Explorer.v2.7.apk
[2009/10/05 20:14:35 | 000,000,316 | ---- | M] () -- C:\Serial.zip
[2009/11/29 17:50:55 | 001,764,741 | ---- | M] () -- C:\SK-JPN-L1-NA-PE-NA-NA-Y-3.rsi
[2009/01/24 00:29:37 | 000,921,624 | ---- | M] () -- C:\snp2sxp-001.raw
[2009/10/05 20:23:18 | 000,000,216 | ---- | M] () -- C:\temp.txt
[2010/01/13 00:12:25 | 004,691,389 | ---- | M] () -- C:\tgf_beta.zip
[2009/09/08 21:00:24 | 000,000,059 | ---- | M] () -- C:\Torrent downloaded from AhaShare.com.txt
[2010/02/15 22:33:08 | 000,049,215 | ---- | M] () -- C:\TR.pdf
[2010/01/28 06:22:38 | 000,000,798 | ---- | M] () -- C:\USBDeview.cfg
[2009/10/28 18:00:41 | 000,000,000 | RHS- | M] () -- C:\winx.ld
  • 0

#7
Jackler
Posted 08 August 2010 - 06:14 PM

Jackler

    Member

  • Topic Starter
  • Member
  • PipPip
  • 94 posts
< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2010/01/24 02:01:14 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2010/01/24 02:01:14 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2010/01/24 02:01:14 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2010/01/24 02:01:14 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 16:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/07/13 20:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2009/07/13 20:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >.

Edited by Jackler, 08 August 2010 - 06:22 PM.

  • 0

#8
Jackler
Posted 08 August 2010 - 06:27 PM

Jackler

    Member

  • Topic Starter
  • Member
  • PipPip
  • 94 posts
For some reason I cannot post the last part of this report, Ive absolutely no clue why.

Well, if theres anything else I can provide you with, please let me know. Thank you.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP