Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google redirect infection, did not respond to the "How to fix Goog

Started by Arwen3000 , Oct 06 2011 02:51 PM

  • This topic is locked This topic is locked

#1
Arwen3000
Posted 06 October 2011 - 02:51 PM

Arwen3000

    Member

  • Member
  • PipPip
  • 23 posts
This problem became apparent yesterday (the 5th of October). When I click on any search result (regardless of whether I actually use Google as the search engine) I am redirected to another site, usually something called "filmannex.com". I use Firefox version 3.6.23. While the page is loading, the small area at the lower left corner of the browser (a descriptive text of what the browser is doing, I forget the name for this, but it usually says something like 'loading google.com' etc) will say "waiting for marveloussearchsystems.com". Firefox has also opened itself on a couple of occasions, and begun to open one of these advertising pages. This has most notably happened when I have been running OTL or Superspyware. While running OTL, the browser tried to open a link like "marveloussearchsystems.com/norton/2011" (this is not exact, I'm sorry), but it failed to load.

I'm not always redirected to filmannex.com, but it is the most common one. Sometimes I get a page called "info.com", for example. I'm not sure if the exact site where I am redirected is of much importance. If so, let me know and I can provide more examples. When I click on links within other pages, I don't have any problems. It is only with search engine results.

I scanned the computer this morning with Superantispyware. It found approximately 200 threats, most of them adware tracking cookies, except for four registry threats, which were reported as malware traces. I have the scan results and can post them, if this will be helpful.

Earlier today, I found this site and followed the directions on the "fix Google redirects" thread. When I ran TDSSKiller, it said that no problems were detected; however, the problem persists.

I use Ad Blocker with Firefox and I used to use NoScript, but I got irritated with constantly having to ok everything so I stopped using it. Maybe this was a mistake.

My OTL log is below. Thank you so much for your help! I feel so guilty about letting this happen to my little laptop.

**********

OTL logfile created on: 06/10/2011 10:36:26 PM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Dawn\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.75 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 42.92% Memory free
7.72 Gb Paging File | 5.07 Gb Available in Paging File | 65.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 220.55 Gb Total Space | 105.51 Gb Free Space | 47.84% Space Free | Partition Type: NTFS
Drive D: | 12.33 Gb Total Space | 1.96 Gb Free Space | 15.91% Space Free | Partition Type: NTFS
Drive G: | 3.31 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DAWN-LAPTOP | User Name: Dawn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Dawn\Downloads\OTL(2).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\SMINST\BLService.exe ()
PRC - C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
PRC - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.)
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe ()
PRC - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Windows\SysWOW64\conime.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\js3250.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Java\jre6\bin\jp2native.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
MOD - \\?\globalroot\systemroot\syswow64\mswsock.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe ()
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (Recovery Service for Windows) -- C:\Program Files (x86)\SMINST\BLService.exe ()
SRV - (DpHost) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.)
SRV - (TVCapSvc) TV Background Capture Service (TVBCS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe ()
SRV - (TVSched) TV Task Scheduler (TVTS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys ()
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys ()
DRV:64bit: - (smserial) -- C:\Windows\SysNative\DRIVERS\smserial.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys ()
DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\DRIVERS\mcdbus.sys ()
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys ()
DRV:64bit: - (ahcix64s) -- C:\Windows\SysNative\DRIVERS\ahcix64s.sys ()
DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS ()
DRV:64bit: - (enecir) -- C:\Windows\SysNative\DRIVERS\enecir.sys ()
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys ()
DRV:64bit: - (NtrigDigitizerUSBLowerFilter) -- C:\Windows\SysNative\DRIVERS\NtrigDigitizerUSBLowerFilter.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys ()
DRV:64bit: - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\Windows\SysNative\DRIVERS\ATSwpDrv.sys ()
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\DRIVERS\usbfilter.sys ()
DRV:64bit: - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys ()
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:64bit: - (NETw3v64) Intel® -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys ()
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys ()
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys ()
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys ()
DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.ca"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.2.2
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.7
FF - prefs.js..extensions.enabledItems: {8b86149f-01fb-4842-9dd8-4d7eb02fd055}:0.22.1
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.5
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.3.0
FF - prefs.js..extensions.enabledItems: {a95d8332-e4b4-6e7f-98ac-20b733364387}:0.5.2
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.8013
FF - prefs.js..extensions.enabledItems: {58c64034-c5f3-4179-85f5-81642f42b6d5}:2.22.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Dawn\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Dawn\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Dawn\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dawn\AppData\Local\Google\Update\1.3.21.71\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dawn\AppData\Local\Google\Update\1.3.21.71\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2009/06/23 12:23:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/05 03:01:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/04/01 20:36:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/04/01 20:36:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/03 01:59:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/02 19:50:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DigitalPersona\Bin\firefoxext [2009/06/23 12:23:33 | 000,000,000 | ---D | M]

[2010/03/16 12:25:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions
[2010/03/16 12:25:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/10/20 12:20:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/10/06 03:22:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions
[2010/05/18 19:32:31 | 000,000,000 | ---D | M] (Auto Copy) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}
[2010/05/18 19:32:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/09 01:31:04 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2011/09/01 13:51:15 | 000,000,000 | ---D | M] (Fingerfox (SE)) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{58c64034-c5f3-4179-85f5-81642f42b6d5}
[2011/09/01 13:49:08 | 000,000,000 | ---D | M] (Showcase) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}
[2011/09/07 03:22:29 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
[2011/09/07 03:22:28 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2011/03/22 01:04:18 | 000,000,000 | ---D | M] (LeechBlock) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}
[2011/09/28 14:13:09 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/03/09 19:38:46 | 000,000,000 | ---D | M] (EBrary Reader Plugin) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\[email protected]
[2010/09/12 01:46:26 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\[email protected]
[2010/09/10 15:39:07 | 000,001,030 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\searchplugins\wikipedia-sv.xml
[2010/09/10 15:34:18 | 000,002,275 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\searchplugins\wolframalpha.xml
[2011/10/06 03:22:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/26 15:33:22 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/10/02 19:50:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/11/04 14:04:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2010/05/18 20:08:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/12/17 18:18:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/01 20:36:49 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011/04/01 20:36:49 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2011/10/02 19:50:02 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2011/10/02 19:50:02 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/02 19:50:05 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2011/09/05 19:04:56 | 000,183,696 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2011/09/29 00:55:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2011/09/29 00:55:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2011/09/29 00:55:59 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2011/09/29 00:55:59 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2011/09/29 00:55:59 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2011/09/29 00:56:00 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2011/09/29 00:56:00 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2011/10/02 19:50:05 | 000,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2011/10/02 19:50:05 | 000,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
[2011/10/02 19:50:05 | 000,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
[2011/10/02 19:50:05 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2011/10/02 19:50:05 | 000,002,371 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2011/10/02 19:50:05 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2011/10/02 19:50:05 | 000,001,096 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2011/10/06 21:52:28 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard)
O4 - HKCU..\Run: [Google Update] C:\Users\Dawn\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [PUT2VIDQLG] C:\Users\Dawn\AppData\Local\Temp\c.exe File not found
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Dawn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\mswsock.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\napinsp.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\mswsock.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\winrnr.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CFBFE645-EA36-471B-ACBD-A863ECCCF8BF}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6F58D1A-ADBF-4192-B2A8-F06ADB763CD4}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\msvidctl.dll ()
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll ()
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll ()
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll ()
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\msvidctl.dll ()
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll ()
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll ()
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll ()
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20:64bit: - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysNative\shell32.dll ()
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysNative\sysdm.cpl ()
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\Windows\SysWow64\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\Windows\SysWow64\sysdm.cpl (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysNative\webcheck.dll ()
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysNative\browseui.dll ()
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysWOW64\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img7.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img7.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) -C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) -C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll ()
O30 - LSA: Authentication Packages - (msv1_0) -C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll ()
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll ()
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll ()
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll ()
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll ()
O30 - LSA: Security Packages - (kerberos) -C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) -C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) -C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) -C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) -C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/04/20 01:57:31 | 000,000,086 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2008/08/05 17:58:42 | 000,000,000 | ---D | M] - G:\Autoplay -- [ CDFS ]
O32 - AutoRun File - [2007/01/23 07:57:44 | 000,186,552 | R--- | M] (Adobe Systems Incorporated) - G:\Autoplay.exe -- [ CDFS ]
O33 - MountPoints2\{75667b5d-fb1c-11de-8cc3-00238be6b707}\Shell\AutoRun\command - "" = F:\Menu.exe
O33 - MountPoints2\{cbfe9d47-0599-11df-9f09-00238be6b707}\Shell\AutoRun\command - "" = F:\WebarooPortable\WebarooPortable.exe
O33 - MountPoints2\{d852dd7d-8f92-11de-b47a-00238be6b707}\Shell - "" = AutoRun
O33 - MountPoints2\{d852dd7d-8f92-11de-b47a-00238be6b707}\Shell\AutoRun\command - "" = G:\Autoplay.exe -- [2007/01/23 07:57:44 | 000,186,552 | R--- | M] (Adobe Systems Incorporated)
O33 - MountPoints2\{f0b13784-a6b9-11de-b57d-00238be6b707}\Shell - "" = AutoRun
O33 - MountPoints2\{f0b13784-a6b9-11de-b57d-00238be6b707}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/06 21:05:19 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Desktop\GooredFix Backups
[2011/10/06 20:58:10 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/10/06 20:16:45 | 000,000,000 | ---D | C] -- C:\Users\Dawn\AppData\Roaming\SPE
[2011/10/06 03:48:06 | 000,000,000 | ---D | C] -- C:\Users\Dawn\AppData\Roaming\SUPERAntiSpyware.com
[2011/10/06 03:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/10/06 03:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/10/06 03:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/10/06 02:28:43 | 000,000,000 | ---D | C] -- C:\Windows\system64
[2011/10/05 20:53:52 | 001,548,592 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Dawn\Desktop\TDSSKiller.exe
[2011/10/04 23:24:37 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Documents\MA 2011-12
[2011/10/02 19:42:58 | 000,000,000 | R--D | C] -- C:\Users\Dawn\Dropbox
[2011/10/02 19:38:57 | 000,000,000 | ---D | C] -- C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2011/10/02 19:38:08 | 000,000,000 | ---D | C] -- C:\Users\Dawn\AppData\Roaming\Dropbox
[2011/09/29 00:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/09/09 01:41:48 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Documents\Adobe Scripts
[2011/09/07 03:25:40 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/09/07 03:25:40 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/09/07 03:25:37 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/09/07 03:25:37 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/09/07 03:25:37 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/09/07 03:25:37 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/09/07 03:25:36 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2011/09/07 03:24:31 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/09/07 03:24:31 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/09/07 03:24:23 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/09/07 03:24:22 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/09/07 03:23:50 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/09/07 03:23:04 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011/09/07 03:23:02 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011/09/07 03:22:54 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/09/07 03:22:54 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011/09/07 03:22:54 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011/09/07 03:22:54 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbeio.dll
[2011/09/07 03:09:53 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe

========== Files - Modified Within 30 Days ==========

[2011/10/06 22:19:04 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2010556232-2437373572-405493-1000UA.job
[2011/10/06 21:59:04 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/06 21:59:04 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/06 21:58:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/06 21:58:43 | 4023,533,568 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/06 21:07:28 | 001,548,592 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Dawn\Desktop\TDSSKiller.exe
[2011/10/06 20:47:35 | 000,124,390 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\SMRResults210.dat
[2011/10/06 03:47:35 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/10/06 03:37:10 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AE9E65B5-E830-4C7E-9D8C-73FB700A3CDC}.job
[2011/10/06 03:28:05 | 000,002,341 | ---- | M] () -- C:\Users\Dawn\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/10/06 02:19:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2010556232-2437373572-405493-1000Core.job
[2011/10/06 00:58:44 | 000,000,089 | ---- | M] () -- C:\Users\Dawn\Desktop\page2.htm
[2011/10/06 00:58:36 | 000,000,089 | ---- | M] () -- C:\Users\Dawn\Desktop\page1.htm
[2011/10/06 00:58:22 | 000,000,210 | ---- | M] () -- C:\Users\Dawn\Desktop\mainpage.htm
[2011/10/02 19:50:01 | 000,000,916 | ---- | M] () -- C:\Users\Dawn\Desktop\Dropbox.lnk
[2011/10/02 19:50:01 | 000,000,896 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/09/29 00:55:38 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/09/09 02:21:37 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/09/08 02:15:03 | 000,007,052 | ---- | M] () -- C:\Users\Dawn\AppData\Local\d3d9caps.dat
[2011/09/07 15:38:52 | 002,315,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/09/07 04:33:32 | 000,000,016 | ---- | M] () -- C:\Windows\popcinfo.dat

========== Files Created - No Company Name ==========

[2011/10/06 20:47:20 | 000,124,390 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\SMRResults210.dat
[2011/10/06 03:47:35 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/10/06 00:58:43 | 000,000,089 | ---- | C] () -- C:\Users\Dawn\Desktop\page2.htm
[2011/10/06 00:58:35 | 000,000,089 | ---- | C] () -- C:\Users\Dawn\Desktop\page1.htm
[2011/10/06 00:58:21 | 000,000,210 | ---- | C] () -- C:\Users\Dawn\Desktop\mainpage.htm
[2011/10/02 19:42:58 | 000,000,916 | ---- | C] () -- C:\Users\Dawn\Desktop\Dropbox.lnk
[2011/10/02 19:39:13 | 000,000,896 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/09/29 00:55:38 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/09/07 04:33:32 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011/09/07 03:26:13 | 004,678,032 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe
[2011/09/07 03:26:11 | 001,562,008 | ---- | C] () -- C:\Windows\SysNative\ntdll.dll
[2011/09/07 03:26:03 | 000,090,624 | ---- | C] () -- C:\Windows\SysNative\drivers\bowser.sys
[2011/09/07 03:25:53 | 005,702,144 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2011/09/07 03:25:49 | 007,016,960 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2011/09/07 03:25:45 | 001,427,968 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2011/09/07 03:25:44 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2011/09/07 03:25:44 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2011/09/07 03:25:41 | 000,759,808 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2011/09/07 03:25:40 | 000,590,848 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2011/09/07 03:25:40 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2011/09/07 03:25:40 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2011/09/07 03:25:39 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2011/09/07 03:25:37 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2011/09/07 03:25:37 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2011/09/07 03:25:37 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2011/09/07 03:25:36 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2011/09/07 03:25:36 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2011/09/07 03:25:36 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2011/09/07 03:25:36 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2011/09/07 03:25:18 | 000,975,360 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2011/09/07 03:24:56 | 000,301,568 | ---- | C] () -- C:\Windows\SysNative\shsvcs.dll
[2011/09/07 03:24:38 | 012,898,304 | ---- | C] () -- C:\Windows\SysNative\shell32.dll
[2011/09/07 03:24:35 | 000,454,144 | ---- | C] () -- C:\Windows\SysNative\shlwapi.dll
[2011/09/07 03:24:31 | 000,367,616 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2011/09/07 03:24:31 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2011/09/07 03:24:25 | 001,360,384 | ---- | C] () -- C:\Windows\SysNative\mfc42u.dll
[2011/09/07 03:24:24 | 001,398,784 | ---- | C] () -- C:\Windows\SysNative\mfc42.dll
[2011/09/07 03:24:16 | 000,407,552 | ---- | C] () -- C:\Windows\SysNative\drivers\afd.sys
[2011/09/07 03:24:13 | 000,274,432 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2011/09/07 03:24:13 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2011/09/07 03:24:13 | 000,105,984 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2011/09/07 03:24:08 | 000,461,312 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2011/09/07 03:24:05 | 000,176,128 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2011/09/07 03:24:05 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys
[2011/09/07 03:23:51 | 000,753,152 | ---- | C] () -- C:\Windows\SysNative\jscript.dll
[2011/09/07 03:23:51 | 000,603,648 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2011/09/07 03:23:42 | 002,762,240 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2011/09/07 03:23:32 | 000,979,344 | ---- | C] () -- C:\Windows\SysNative\winresume.exe
[2011/09/07 03:23:29 | 001,075,600 | ---- | C] () -- C:\Windows\SysNative\winload.efi
[2011/09/07 03:23:29 | 001,062,800 | ---- | C] () -- C:\Windows\SysNative\winload.exe
[2011/09/07 03:23:29 | 000,990,096 | ---- | C] () -- C:\Windows\SysNative\winresume.efi
[2011/09/07 03:23:27 | 000,018,320 | ---- | C] () -- C:\Windows\SysNative\kdcom.dll
[2011/09/07 03:23:23 | 000,020,880 | ---- | C] () -- C:\Windows\SysNative\kdusb.dll
[2011/09/07 03:23:23 | 000,018,832 | ---- | C] () -- C:\Windows\SysNative\kd1394.dll
[2011/09/07 03:23:14 | 000,847,872 | ---- | C] () -- C:\Windows\SysNative\oleaut32.dll
[2011/09/07 03:23:05 | 002,424,320 | ---- | C] () -- C:\Windows\SysNative\mstscax.dll
[2011/09/07 03:23:02 | 000,730,624 | ---- | C] () -- C:\Windows\SysNative\mstsc.exe
[2011/09/07 03:22:55 | 000,560,128 | ---- | C] () -- C:\Windows\SysNative\EncDec.dll
[2011/09/07 03:22:54 | 000,416,768 | ---- | C] () -- C:\Windows\SysNative\sbe.dll
[2011/09/07 03:22:54 | 000,226,816 | ---- | C] () -- C:\Windows\SysNative\mpg2splt.ax
[2011/09/07 03:22:53 | 000,210,944 | ---- | C] () -- C:\Windows\SysNative\sbeio.dll
[2011/09/07 03:22:42 | 000,344,576 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2011/09/07 03:22:30 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\drivers\dfsc.sys
[2011/09/07 03:22:22 | 000,450,048 | ---- | C] () -- C:\Windows\SysNative\winsrv.dll
[2011/09/07 03:22:22 | 000,085,504 | ---- | C] () -- C:\Windows\SysNative\csrsrv.dll
[2011/09/07 03:09:53 | 000,221,184 | ---- | C] () -- C:\Windows\SysNative\dnsapi.dll
[2011/09/07 03:09:53 | 000,117,760 | ---- | C] () -- C:\Windows\SysNative\dnsrslvr.dll
[2011/09/07 03:09:53 | 000,028,672 | ---- | C] () -- C:\Windows\SysNative\dnscacheugc.exe
[2010/04/08 13:48:33 | 000,000,732 | ---- | C] () -- C:\Users\Dawn\AppData\Local\d3d9caps64.dat
[2010/03/16 12:25:32 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/02/05 15:24:54 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2009/12/12 22:25:42 | 018,030,130 | ---- | C] () -- C:\Program Files\vlc-1.0.3-win32.exe
[2009/11/22 23:08:58 | 000,027,528 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\UserTile.png
[2009/11/02 17:47:56 | 000,002,896 | ---- | C] () -- C:\Windows\dhstatus.dat
[2009/10/25 19:57:41 | 000,177,136 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2009/10/08 15:27:45 | 000,002,883 | ---- | C] () -- C:\Windows\checkip.dat
[2009/09/24 01:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/09/11 16:40:42 | 000,007,052 | ---- | C] () -- C:\Users\Dawn\AppData\Local\d3d9caps.dat
[2009/09/04 18:16:33 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2009/08/24 20:47:19 | 001,490,168 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/08/23 08:01:22 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2009/08/23 01:55:46 | 000,248,320 | ---- | C] () -- C:\Users\Dawn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/23 11:59:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/05/29 17:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/05/29 17:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/02/11 09:18:12 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/02/11 09:18:12 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/12/10 18:28:16 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2008/01/21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/21 04:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/09/04 13:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007/02/05 21:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2009/11/10 23:17:38 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\BitZipper
[2009/08/22 23:39:47 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\DigitalPersona
[2011/10/06 22:03:08 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Dropbox
[2010/02/28 17:38:53 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Facebook
[2011/09/01 13:51:26 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Fingerfox (SE)
[2010/02/07 14:20:15 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\funkitron
[2010/04/23 11:25:14 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Microgaming
[2009/10/21 09:10:07 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Opera
[2009/11/22 23:08:57 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\PeerNetworking
[2009/10/04 19:57:35 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Personal
[2011/10/06 20:29:43 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\SPE
[2011/10/06 02:40:43 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Spotify
[2010/03/16 12:25:30 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Thunderbird
[2009/11/04 13:25:30 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\VistaCodecs
[2011/10/06 21:57:17 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/10/06 03:37:10 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{AE9E65B5-E830-4C7E-9D8C-73FB700A3CDC}.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Arwen3000
Posted 06 October 2011 - 03:07 PM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Sorry, I forgot to mention that I also ran Spybot S&D after running Super anti-spyware, when it was apparent that the problem had not been resolved. Spybot found one error, the name of which I have unfortunately not recorded, but, again, the problem persists.

Thanks!
  • 0

#3
Arwen3000
Posted 07 October 2011 - 08:55 AM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi again, I'm really sorry to post yet another addition to this thread, but I want to make sure you have all the information you need for a diagnosis, and another symptom has appeared since I posted yesterday. Namely, when I put my computer to sleep (i.e. shutting the lid) and leave it for more than a few moments, it becomes unresponsive. I have had to do a hard shut-down and restart in order to get it running again. This does not appear to occur when the computer has put itself to sleep, i.e. when I leave it alone and the screen goes off. However, again, it could be that I simply haven't observed this yet.

Thanks again, and I promise to stop adding things now!
  • 0

#4
SweetTech
Posted 10 October 2011 - 11:05 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hello and welcome to the forums!

My secret agent name on the forums is SweetTech (you can call me Agent ST for short), it's a pleasure to meet you. :yes:

I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.

I would be glad to take a look at your log and help you with solving any malware problems.

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:


  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
  • Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together :)
    Because of this, you must reply within three days     failure to reply will result in the topic being closed!
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.

____________________________________________________

It looks like you maybe infected with an infection known as ZeroAccess.

You should be aware of the following warning:

Posted Image One or more of the identified infections is a backdoor trojan and password stealer.

This type of infection allows hackers to access and remotely control your computer, log keystrokes, steal critical system information, and download and execute files without your knowledge.
If you do any banking or other financial transactions on the PC or if it contains any other sensitive information, then from a clean computer, change all passwords where applicable.
It would also be wise to contact those same financial institutions to appraise them of your situation.


I highly suggest you take a look at the two links provided below:
1. How Do I Handle Possible Identify Theft, Internet Fraud, and CC Fraud?
2. When should I re-format? How should I reinstall?


We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.



NEXT:



Running ComboFix
Download Combofix from either of the links below, and save it to your desktop.

Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Note: If AVG or CA Internet Security Suite is installed, you must remove these programs before using Combofix. If for some reason these applications will not uninstall, try uninstalling with AppRemover by Opswat.
--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.

  • 0

#5
Arwen3000
Posted 10 October 2011 - 01:38 PM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi!

Thank you SO MUCH for your help, you are definitely my hero for volunteering your time with this.

I've decided to go ahead and clean the machine, rather than to re-format and re-install, at least for the time being. I don't have a lot of terribly sensitive information on this computer, although I have used it to access my banking. I changed the password and will contact the bank when they re-open after today's holiday, and we'll see how it goes, I guess.

Here is the log from running ComboFix:

Thanks again!

*****
ComboFix 11-10-10.02 - Dawn 10/10/2011 20:47:09.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.2.1033.18.3836.1937 [GMT 2:00]
Running from: c:\users\Dawn\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AutocompletePro
c:\program files (x86)\AutocompletePro\AutocompletePro.dll
c:\program files (x86)\AutocompletePro\chrome\autocompleteprochrome.crx
c:\program files (x86)\AutocompletePro\FireFoxExtension.exe
c:\program files (x86)\AutocompletePro\InstTracker.exe
c:\program files (x86)\AutocompletePro\[email protected]\chrome.manifest
c:\program files (x86)\AutocompletePro\[email protected]\chrome\content\browserOverlay.xul
c:\program files (x86)\AutocompletePro\[email protected]\chrome\content\options.js
c:\program files (x86)\AutocompletePro\[email protected]\chrome\content\options.xul
c:\program files (x86)\AutocompletePro\[email protected]\chrome\content\utils.js
c:\program files (x86)\AutocompletePro\[email protected]\defaults\preferences\predictad.js
c:\program files (x86)\AutocompletePro\[email protected]\install.rdf
c:\program files (x86)\AutocompletePro\unins000.dat
c:\program files (x86)\AutocompletePro\unins000.exe
c:\users\Public\6a00d8341c4ea853ef01347f9a79fc970c-350wi.jpg
c:\windows\assembly\tmp\U
c:\windows\assembly\tmp\U\000000c0.@
c:\windows\assembly\tmp\U\000000cb.@
c:\windows\assembly\tmp\U\000000cf.@
c:\windows\assembly\tmp\U\80000000.@
c:\windows\assembly\tmp\U\800000c0.@
c:\windows\assembly\tmp\U\800000cb.@
c:\windows\assembly\tmp\U\800000cf.@
c:\windows\system32\consrv.dll
c:\windows\System64
.
.
((((((((((((((((((((((((( Files Created from 2011-09-10 to 2011-10-10 )))))))))))))))))))))))))))))))
.
.
2011-10-10 19:09 . 2011-10-10 19:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-06 18:58 . 2011-10-06 18:58 -------- d-----w- C:\_OTM
2011-10-06 18:16 . 2011-10-06 18:29 -------- d-----w- c:\users\Dawn\AppData\Roaming\SPE
2011-10-06 01:48 . 2011-10-06 01:48 -------- d-----w- c:\users\Dawn\AppData\Roaming\SUPERAntiSpyware.com
2011-10-06 01:47 . 2011-10-06 01:48 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-10-06 01:47 . 2011-10-06 01:47 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-10-02 17:42 . 2011-10-10 18:20 -------- d-----r- c:\users\Dawn\Dropbox
2011-10-02 17:38 . 2011-10-10 19:23 -------- d-----w- c:\users\Dawn\AppData\Roaming\Dropbox
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-10 19:20 . 2011-10-10 19:20 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{692CCF5E-2BF0-4E75-B267-39DED6479579}\offreg.dll
2011-09-13 00:26 . 2011-10-06 01:23 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{692CCF5E-2BF0-4E75-B267-39DED6479579}\mpengine.dll
2011-07-22 20:51 . 2011-07-22 20:51 94208 ----a-w- c:\windows\SysWow64\dpl100.dll
2009-12-12 20:26 . 2009-12-12 20:25 18030130 ----a-w- c:\program files\vlc-1.0.3-win32.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Dawn\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Dawn\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Dawn\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Dawn\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1555968]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-09-14 5492096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-30 61440]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-25 189736]
"UCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-11-15 218408]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-11-26 210216]
"DpAgent"="c:\program files (x86)\DigitalPersona\Bin\dpagent.exe" [2008-12-11 842816]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
"UpdatePDIRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-14 623992]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
c:\users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Dawn\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-9-2 24183152]
OneNote Table Of Contents.onetoc2 [2009-8-28 3656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-19 222512]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 NETw3v64;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw3v64.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk60x64.sys [x]
S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/06/23 03:07];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-11-29 01:04 146928]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2008-09-25 88576]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files (x86)\SMINST\BLService.exe [2008-12-18 365952]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2008-11-27 296320]
S2 TVSched;TV Task Scheduler (TVTS);c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2008-11-27 116096]
S3 ALSysIO;ALSysIO;c:\users\Dawn\AppData\Local\Temp\ALSysIO64.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 NtrigDigitizerUSBLowerFilter;N-trig HID Tablet Digitizer KMDF Filter Driver;c:\windows\system32\DRIVERS\NtrigDigitizerUSBLowerFilter.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ALSYSIO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2010556232-2437373572-405493-1000Core.job
- c:\users\Dawn\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-13 00:37]
.
2011-10-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2010556232-2437373572-405493-1000UA.job
- c:\users\Dawn\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-13 00:37]
.
2011-10-10 c:\windows\Tasks\User_Feed_Synchronization-{AE9E65B5-E830-4C7E-9D8C-73FB700A3CDC}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:50]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Dawn\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Dawn\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Dawn\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Dawn\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1533736]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-10-26 1702400]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2008-12-02 6942240]
"combofix"="c:\combofix\CF25643.3XE" [2008-01-21 363008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
mLocal Page = %SystemRoot%\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &D&ownload &with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\
FF - prefs.js: browser.startup.homepage - www.google.ca
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Click to call with Skype: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Auto Copy: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F} - %profile%\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: Showcase: {89506680-e3f4-484c-a2c0-ed711d481eda} - %profile%\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}
FF - Ext: All-in-One Gestures: {8b86149f-01fb-4842-9dd8-4d7eb02fd055} - %profile%\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: AutocompletePro - Your handy search suggestions tool: [email protected] - %profile%\extensions\[email protected]
FF - Ext: EBrary Reader Plugin: [email protected] - %profile%\extensions\[email protected]
FF - Ext: LeechBlock: {a95d8332-e4b4-6e7f-98ac-20b733364387} - %profile%\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}
FF - Ext: Fingerfox (SE): {58c64034-c5f3-4179-85f5-81642f42b6d5} - %profile%\extensions\{58c64034-c5f3-4179-85f5-81642f42b6d5}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa
.
.
------- File Associations -------
.
.txt=
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
AddRemove-AutocompletePro3_is1 - c:\program files (x86)\AutocompletePro\unins000.exe
AddRemove-MagicDisc 2.7.106 - c:\progra~2\MAGICD~1\UNWISE.EXE
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files (x86)\DivX\DivXCodecUninstall.exe
AddRemove-{8ADFC4160D694100B5B8A22DE9DCABD9} - c:\program files (x86)\DivX\DivXPlayerUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
.
**************************************************************************
.
Completion time: 2011-10-10 21:33:59 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-10 19:33
.
Pre-Run: 108,891,783,168 bytes free
Post-Run: 109,080,129,536 bytes free
.
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 14246CB285F4DE3889E1193FAEE3CDDF
  • 0

#6
SweetTech
Posted 10 October 2011 - 01:50 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

No problem! I'm glad to be able to lend my expertise to you!! :)

Please run this utility below and let me know how things are running in your next reply.

Running TDSSKiller

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
  • 0

#7
Arwen3000
Posted 10 October 2011 - 02:15 PM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi, here is the TDSSKiller log.

Thanks!

*****

22:08:19.0828 4424 TDSS rootkit removing tool 2.6.7.0 Oct 10 2011 09:40:06
22:08:20.0171 4424 ============================================================
22:08:20.0171 4424 Current date / time: 2011/10/10 22:08:20.0171
22:08:20.0171 4424 SystemInfo:
22:08:20.0171 4424
22:08:20.0171 4424 OS Version: 6.0.6001 ServicePack: 1.0
22:08:20.0171 4424 Product type: Workstation
22:08:20.0171 4424 ComputerName: DAWN-LAPTOP
22:08:20.0218 4424 UserName: Dawn
22:08:20.0218 4424 Windows directory: C:\Windows
22:08:20.0218 4424 System windows directory: C:\Windows
22:08:20.0218 4424 Running under WOW64
22:08:20.0218 4424 Processor architecture: Intel x64
22:08:20.0218 4424 Number of processors: 2
22:08:20.0218 4424 Page size: 0x1000
22:08:20.0218 4424 Boot type: Normal boot
22:08:20.0218 4424 ============================================================
22:08:23.0808 4424 Initialize success
22:08:39.0608 1712 ============================================================
22:08:39.0608 1712 Scan started
22:08:39.0608 1712 Mode: Manual; SigCheck; TDLFS;
22:08:39.0608 1712 ============================================================
22:08:43.0276 1712 ACPI (8c99ed256a889d647935a97c543b7b85) C:\Windows\system32\drivers\acpi.sys
22:08:43.0432 1712 ACPI ( UnsignedFile.Multi.Generic ) - warning
22:08:43.0432 1712 ACPI - detected UnsignedFile.Multi.Generic (1)
22:08:43.0745 1712 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
22:08:43.0792 1712 adp94xx ( UnsignedFile.Multi.Generic ) - warning
22:08:43.0792 1712 adp94xx - detected UnsignedFile.Multi.Generic (1)
22:08:44.0119 1712 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
22:08:44.0166 1712 adpahci ( UnsignedFile.Multi.Generic ) - warning
22:08:44.0166 1712 adpahci - detected UnsignedFile.Multi.Generic (1)
22:08:44.0603 1712 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
22:08:44.0665 1712 adpu160m ( UnsignedFile.Multi.Generic ) - warning
22:08:44.0665 1712 adpu160m - detected UnsignedFile.Multi.Generic (1)
22:08:44.0774 1712 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
22:08:44.0774 1712 adpu320 ( UnsignedFile.Multi.Generic ) - warning
22:08:44.0774 1712 adpu320 - detected UnsignedFile.Multi.Generic (1)
22:08:45.0242 1712 AFD (9bb97042fa331a0fb4bdd98b9280a50a) C:\Windows\system32\drivers\afd.sys
22:08:45.0258 1712 AFD ( UnsignedFile.Multi.Generic ) - warning
22:08:45.0258 1712 AFD - detected UnsignedFile.Multi.Generic (1)
22:08:45.0383 1712 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
22:08:45.0414 1712 agp440 ( UnsignedFile.Multi.Generic ) - warning
22:08:45.0414 1712 agp440 - detected UnsignedFile.Multi.Generic (1)
22:08:45.0929 1712 ahcix64s (97dd49ccdb89a22cfcea78b29d393d87) C:\Windows\system32\DRIVERS\ahcix64s.sys
22:08:45.0929 1712 ahcix64s ( UnsignedFile.Multi.Generic ) - warning
22:08:45.0929 1712 ahcix64s - detected UnsignedFile.Multi.Generic (1)
22:08:46.0568 1712 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
22:08:46.0615 1712 aic78xx ( UnsignedFile.Multi.Generic ) - warning
22:08:46.0615 1712 aic78xx - detected UnsignedFile.Multi.Generic (1)
22:08:46.0724 1712 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys
22:08:46.0818 1712 aliide ( UnsignedFile.Multi.Generic ) - warning
22:08:46.0818 1712 aliide - detected UnsignedFile.Multi.Generic (1)
22:08:46.0943 1712 ALSysIO - ok
22:08:47.0270 1712 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys
22:08:47.0286 1712 amdide ( UnsignedFile.Multi.Generic ) - warning
22:08:47.0286 1712 amdide - detected UnsignedFile.Multi.Generic (1)
22:08:47.0894 1712 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
22:08:47.0941 1712 AmdK8 ( UnsignedFile.Multi.Generic ) - warning
22:08:47.0941 1712 AmdK8 - detected UnsignedFile.Multi.Generic (1)
22:08:48.0238 1712 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
22:08:48.0347 1712 arc ( UnsignedFile.Multi.Generic ) - warning
22:08:48.0362 1712 arc - detected UnsignedFile.Multi.Generic (1)
22:08:48.0409 1712 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
22:08:48.0409 1712 arcsas ( UnsignedFile.Multi.Generic ) - warning
22:08:48.0409 1712 arcsas - detected UnsignedFile.Multi.Generic (1)
22:08:48.0456 1712 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
22:08:48.0456 1712 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
22:08:48.0456 1712 AsyncMac - detected UnsignedFile.Multi.Generic (1)
22:08:48.0503 1712 atapi (aca311fac841a06e4a7ef9a0f1c195f8) C:\Windows\system32\drivers\atapi.sys
22:08:48.0503 1712 atapi ( UnsignedFile.Multi.Generic ) - warning
22:08:48.0503 1712 atapi - detected UnsignedFile.Multi.Generic (1)
22:08:48.0706 1712 atikmdag (a4379447148ee55330768cc491ee999e) C:\Windows\system32\DRIVERS\atikmdag.sys
22:08:49.0049 1712 atikmdag ( UnsignedFile.Multi.Generic ) - warning
22:08:49.0049 1712 atikmdag - detected UnsignedFile.Multi.Generic (1)
22:08:49.0454 1712 AtiPcie (db0d3de15edc96e7529fc0d3f7760894) C:\Windows\system32\DRIVERS\AtiPcie.sys
22:08:49.0470 1712 AtiPcie ( UnsignedFile.Multi.Generic ) - warning
22:08:49.0470 1712 AtiPcie - detected UnsignedFile.Multi.Generic (1)
22:08:49.0876 1712 ATSWPDRV (4810b3923d07bec33c15b2f6b489fbc5) C:\Windows\system32\DRIVERS\ATSwpDrv.sys
22:08:49.0891 1712 ATSWPDRV ( UnsignedFile.Multi.Generic ) - warning
22:08:49.0891 1712 ATSWPDRV - detected UnsignedFile.Multi.Generic (1)
22:08:51.0046 1712 BCM43XX (370504f7b1085dddab63581e0e19bb9e) C:\Windows\system32\DRIVERS\bcmwl664.sys
22:08:51.0264 1712 BCM43XX ( UnsignedFile.Multi.Generic ) - warning
22:08:51.0264 1712 BCM43XX - detected UnsignedFile.Multi.Generic (1)
22:08:51.0732 1712 Beep - ok
22:08:52.0465 1712 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
22:08:52.0528 1712 blbdrive ( UnsignedFile.Multi.Generic ) - warning
22:08:52.0528 1712 blbdrive - detected UnsignedFile.Multi.Generic (1)
22:08:53.0432 1712 bowser (f0f035fcec3554cc1b70c5611bd87951) C:\Windows\system32\DRIVERS\bowser.sys
22:08:53.0526 1712 bowser ( UnsignedFile.Multi.Generic ) - warning
22:08:53.0526 1712 bowser - detected UnsignedFile.Multi.Generic (1)
22:08:54.0259 1712 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
22:08:54.0275 1712 BrFiltLo ( UnsignedFile.Multi.Generic ) - warning
22:08:54.0275 1712 BrFiltLo - detected UnsignedFile.Multi.Generic (1)
22:08:54.0618 1712 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
22:08:54.0696 1712 BrFiltUp ( UnsignedFile.Multi.Generic ) - warning
22:08:54.0696 1712 BrFiltUp - detected UnsignedFile.Multi.Generic (1)
22:08:54.0961 1712 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
22:08:55.0024 1712 Brserid ( UnsignedFile.Multi.Generic ) - warning
22:08:55.0024 1712 Brserid - detected UnsignedFile.Multi.Generic (1)
22:08:55.0070 1712 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
22:08:55.0086 1712 BrSerWdm ( UnsignedFile.Multi.Generic ) - warning
22:08:55.0086 1712 BrSerWdm - detected UnsignedFile.Multi.Generic (1)
22:08:55.0211 1712 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
22:08:55.0211 1712 BrUsbMdm ( UnsignedFile.Multi.Generic ) - warning
22:08:55.0211 1712 BrUsbMdm - detected UnsignedFile.Multi.Generic (1)
22:08:55.0226 1712 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
22:08:55.0226 1712 BrUsbSer ( UnsignedFile.Multi.Generic ) - warning
22:08:55.0226 1712 BrUsbSer - detected UnsignedFile.Multi.Generic (1)
22:08:55.0304 1712 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
22:08:55.0304 1712 BTHMODEM ( UnsignedFile.Multi.Generic ) - warning
22:08:55.0304 1712 BTHMODEM - detected UnsignedFile.Multi.Generic (1)
22:08:55.0336 1712 catchme - ok
22:08:55.0382 1712 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
22:08:55.0398 1712 cdfs ( UnsignedFile.Multi.Generic ) - warning
22:08:55.0398 1712 cdfs - detected UnsignedFile.Multi.Generic (1)
22:08:55.0492 1712 cdrom (3b2fb35363423ed60c8fbf15fc8680bd) C:\Windows\system32\DRIVERS\cdrom.sys
22:08:55.0507 1712 cdrom ( UnsignedFile.Multi.Generic ) - warning
22:08:55.0507 1712 cdrom - detected UnsignedFile.Multi.Generic (1)
22:08:55.0570 1712 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
22:08:55.0585 1712 circlass ( UnsignedFile.Multi.Generic ) - warning
22:08:55.0585 1712 circlass - detected UnsignedFile.Multi.Generic (1)
22:08:55.0804 1712 CLFS (c12c4ee07843b595036da0baa6317936) C:\Windows\system32\CLFS.sys
22:08:55.0897 1712 CLFS ( UnsignedFile.Multi.Generic ) - warning
22:08:55.0897 1712 CLFS - detected UnsignedFile.Multi.Generic (1)
22:08:56.0006 1712 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
22:08:56.0022 1712 CmBatt ( UnsignedFile.Multi.Generic ) - warning
22:08:56.0022 1712 CmBatt - detected UnsignedFile.Multi.Generic (1)
22:08:56.0116 1712 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys
22:08:56.0287 1712 cmdide ( UnsignedFile.Multi.Generic ) - warning
22:08:56.0287 1712 cmdide - detected UnsignedFile.Multi.Generic (1)
22:08:57.0053 1712 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
22:08:57.0162 1712 Compbatt ( UnsignedFile.Multi.Generic ) - warning
22:08:57.0162 1712 Compbatt - detected UnsignedFile.Multi.Generic (1)
22:08:57.0755 1712 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
22:08:58.0052 1712 crcdisk ( UnsignedFile.Multi.Generic ) - warning
22:08:58.0052 1712 crcdisk - detected UnsignedFile.Multi.Generic (1)
22:08:58.0598 1712 DfsC (3725c43c9e90731eca651d506cc599a3) C:\Windows\system32\Drivers\dfsc.sys
22:08:58.0629 1712 DfsC ( UnsignedFile.Multi.Generic ) - warning
22:08:58.0629 1712 DfsC - detected UnsignedFile.Multi.Generic (1)
22:08:59.0097 1712 disk (2dc415fc05fb8a079f896cbbacb19324) C:\Windows\system32\drivers\disk.sys
22:08:59.0160 1712 disk ( UnsignedFile.Multi.Generic ) - warning
22:08:59.0160 1712 disk - detected UnsignedFile.Multi.Generic (1)
22:08:59.0752 1712 drmkaud (97dc2a789c1be458976507846a1a8ced) C:\Windows\system32\drivers\drmkaud.sys
22:08:59.0768 1712 drmkaud ( UnsignedFile.Multi.Generic ) - warning
22:08:59.0768 1712 drmkaud - detected UnsignedFile.Multi.Generic (1)
22:08:59.0925 1712 DXGKrnl (412964040ce920ff83aff6b5b551bf99) C:\Windows\System32\drivers\dxgkrnl.sys
22:09:00.0003 1712 DXGKrnl ( UnsignedFile.Multi.Generic ) - warning
22:09:00.0003 1712 DXGKrnl - detected UnsignedFile.Multi.Generic (1)
22:09:00.0190 1712 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
22:09:00.0206 1712 E1G60 ( UnsignedFile.Multi.Generic ) - warning
22:09:00.0206 1712 E1G60 - detected UnsignedFile.Multi.Generic (1)
22:09:00.0284 1712 Ecache (7343d950a34a95dcb7441642e3e6beef) C:\Windows\system32\drivers\ecache.sys
22:09:00.0299 1712 Ecache ( UnsignedFile.Multi.Generic ) - warning
22:09:00.0299 1712 Ecache - detected UnsignedFile.Multi.Generic (1)
22:09:00.0705 1712 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
22:09:00.0736 1712 elxstor ( UnsignedFile.Multi.Generic ) - warning
22:09:00.0736 1712 elxstor - detected UnsignedFile.Multi.Generic (1)
22:09:01.0096 1712 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys
22:09:01.0112 1712 enecir ( UnsignedFile.Multi.Generic ) - warning
22:09:01.0112 1712 enecir - detected UnsignedFile.Multi.Generic (1)
22:09:01.0346 1712 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
22:09:01.0486 1712 ErrDev ( UnsignedFile.Multi.Generic ) - warning
22:09:01.0486 1712 ErrDev - detected UnsignedFile.Multi.Generic (1)
22:09:02.0313 1712 exfat (2a546b9a84658b0554b1ec35cd9adaf5) C:\Windows\system32\drivers\exfat.sys
22:09:02.0313 1712 exfat ( UnsignedFile.Multi.Generic ) - warning
22:09:02.0313 1712 exfat - detected UnsignedFile.Multi.Generic (1)
22:09:03.0186 1712 fastfat (fe731d345ed9eeabbc72a59b35941834) C:\Windows\system32\drivers\fastfat.sys
22:09:03.0202 1712 fastfat ( UnsignedFile.Multi.Generic ) - warning
22:09:03.0202 1712 fastfat - detected UnsignedFile.Multi.Generic (1)
22:09:03.0670 1712 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
22:09:03.0842 1712 fdc ( UnsignedFile.Multi.Generic ) - warning
22:09:03.0842 1712 fdc - detected UnsignedFile.Multi.Generic (1)
22:09:04.0341 1712 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
22:09:04.0512 1712 FileInfo ( UnsignedFile.Multi.Generic ) - warning
22:09:04.0512 1712 FileInfo - detected UnsignedFile.Multi.Generic (1)
22:09:04.0887 1712 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
22:09:04.0980 1712 Filetrace ( UnsignedFile.Multi.Generic ) - warning
22:09:04.0980 1712 Filetrace - detected UnsignedFile.Multi.Generic (1)
22:09:05.0324 1712 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:09:05.0339 1712 flpydisk ( UnsignedFile.Multi.Generic ) - warning
22:09:05.0339 1712 flpydisk - detected UnsignedFile.Multi.Generic (1)
22:09:05.0495 1712 FltMgr (7dacf1a3a4219575070c6dc7c957428a) C:\Windows\system32\drivers\fltmgr.sys
22:09:05.0667 1712 FltMgr ( UnsignedFile.Multi.Generic ) - warning
22:09:05.0667 1712 FltMgr - detected UnsignedFile.Multi.Generic (1)
22:09:06.0026 1712 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
22:09:06.0041 1712 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
22:09:06.0041 1712 Fs_Rec - detected UnsignedFile.Multi.Generic (1)
22:09:06.0525 1712 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
22:09:06.0540 1712 gagp30kx ( UnsignedFile.Multi.Generic ) - warning
22:09:06.0540 1712 gagp30kx - detected UnsignedFile.Multi.Generic (1)
22:09:07.0149 1712 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:09:07.0164 1712 GEARAspiWDM ( UnsignedFile.Multi.Generic ) - warning
22:09:07.0164 1712 GEARAspiWDM - detected UnsignedFile.Multi.Generic (1)
22:09:07.0367 1712 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
22:09:07.0383 1712 HdAudAddService ( UnsignedFile.Multi.Generic ) - warning
22:09:07.0383 1712 HdAudAddService - detected UnsignedFile.Multi.Generic (1)
22:09:07.0414 1712 HDAudBus (0c0d0f8a3ff09ecc81963d09ec6a0a84) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:09:07.0414 1712 HDAudBus ( UnsignedFile.Multi.Generic ) - warning
22:09:07.0414 1712 HDAudBus - detected UnsignedFile.Multi.Generic (1)
22:09:07.0445 1712 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
22:09:07.0445 1712 HidBth ( UnsignedFile.Multi.Generic ) - warning
22:09:07.0445 1712 HidBth - detected UnsignedFile.Multi.Generic (1)
22:09:07.0492 1712 HidIr (1d4e03e5c5ba4c3679c38cb6b4c60d5f) C:\Windows\system32\DRIVERS\hidir.sys
22:09:07.0492 1712 HidIr ( UnsignedFile.Multi.Generic ) - warning
22:09:07.0492 1712 HidIr - detected UnsignedFile.Multi.Generic (1)
22:09:07.0710 1712 HidUsb (59a7b5e13356c20d67983868242167c5) C:\Windows\system32\DRIVERS\hidusb.sys
22:09:07.0726 1712 HidUsb ( UnsignedFile.Multi.Generic ) - warning
22:09:07.0726 1712 HidUsb - detected UnsignedFile.Multi.Generic (1)
22:09:08.0445 1712 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
22:09:08.0523 1712 HpCISSs ( UnsignedFile.Multi.Generic ) - warning
22:09:08.0523 1712 HpCISSs - detected UnsignedFile.Multi.Generic (1)
22:09:09.0006 1712 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
22:09:09.0006 1712 HpqKbFiltr ( UnsignedFile.Multi.Generic ) - warning
22:09:09.0006 1712 HpqKbFiltr - detected UnsignedFile.Multi.Generic (1)
22:09:10.0116 1712 HTTP (e690736da6c543f5d99c8fa27bea31db) C:\Windows\system32\drivers\HTTP.sys
22:09:10.0287 1712 HTTP ( UnsignedFile.Multi.Generic ) - warning
22:09:10.0287 1712 HTTP - detected UnsignedFile.Multi.Generic (1)
22:09:10.0631 1712 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
22:09:10.0631 1712 i2omp ( UnsignedFile.Multi.Generic ) - warning
22:09:10.0631 1712 i2omp - detected UnsignedFile.Multi.Generic (1)
22:09:11.0067 1712 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
22:09:11.0083 1712 i8042prt ( UnsignedFile.Multi.Generic ) - warning
22:09:11.0083 1712 i8042prt - detected UnsignedFile.Multi.Generic (1)
22:09:11.0598 1712 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
22:09:11.0629 1712 iaStorV ( UnsignedFile.Multi.Generic ) - warning
22:09:11.0629 1712 iaStorV - detected UnsignedFile.Multi.Generic (1)
22:09:12.0191 1712 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
22:09:12.0222 1712 iirsp ( UnsignedFile.Multi.Generic ) - warning
22:09:12.0222 1712 iirsp - detected UnsignedFile.Multi.Generic (1)
22:09:12.0971 1712 IntcAzAudAddService (f9c251a94f76231d9ee946401060eee1) C:\Windows\system32\drivers\RTKVHD64.sys
22:09:13.0298 1712 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - warning
22:09:13.0298 1712 IntcAzAudAddService - detected UnsignedFile.Multi.Generic (1)
22:09:13.0610 1712 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys
22:09:13.0719 1712 intelide ( UnsignedFile.Multi.Generic ) - warning
22:09:13.0719 1712 intelide - detected UnsignedFile.Multi.Generic (1)
22:09:14.0234 1712 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
22:09:14.0250 1712 intelppm ( UnsignedFile.Multi.Generic ) - warning
22:09:14.0250 1712 intelppm - detected UnsignedFile.Multi.Generic (1)
22:09:14.0733 1712 IpFilterDriver (99b821f5bebd6a3cc3fe564f802ae0fd) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:09:14.0733 1712 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
22:09:14.0749 1712 IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
22:09:15.0014 1712 IpInIp - ok
22:09:15.0638 1712 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
22:09:15.0732 1712 IPMIDRV ( UnsignedFile.Multi.Generic ) - warning
22:09:15.0732 1712 IPMIDRV - detected UnsignedFile.Multi.Generic (1)
22:09:16.0201 1712 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
22:09:16.0341 1712 IPNAT ( UnsignedFile.Multi.Generic ) - warning
22:09:16.0341 1712 IPNAT - detected UnsignedFile.Multi.Generic (1)
22:09:16.0716 1712 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
22:09:16.0825 1712 IRENUM ( UnsignedFile.Multi.Generic ) - warning
22:09:16.0825 1712 IRENUM - detected UnsignedFile.Multi.Generic (1)
22:09:17.0028 1712 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
22:09:17.0199 1712 isapnp ( UnsignedFile.Multi.Generic ) - warning
22:09:17.0199 1712 isapnp - detected UnsignedFile.Multi.Generic (1)
22:09:17.0745 1712 iScsiPrt (49e4ccbf74783fce5d2cc1ff6480e1f4) C:\Windows\system32\DRIVERS\msiscsi.sys
22:09:17.0761 1712 iScsiPrt ( UnsignedFile.Multi.Generic ) - warning
22:09:17.0761 1712 iScsiPrt - detected UnsignedFile.Multi.Generic (1)
22:09:18.0182 1712 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
22:09:18.0291 1712 iteatapi ( UnsignedFile.Multi.Generic ) - warning
22:09:18.0291 1712 iteatapi - detected UnsignedFile.Multi.Generic (1)
22:09:18.0868 1712 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
22:09:18.0900 1712 iteraid ( UnsignedFile.Multi.Generic ) - warning
22:09:18.0900 1712 iteraid - detected UnsignedFile.Multi.Generic (1)
22:09:19.0539 1712 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
22:09:19.0539 1712 kbdclass ( UnsignedFile.Multi.Generic ) - warning
22:09:19.0539 1712 kbdclass - detected UnsignedFile.Multi.Generic (1)
22:09:20.0148 1712 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
22:09:20.0148 1712 kbdhid ( UnsignedFile.Multi.Generic ) - warning
22:09:20.0148 1712 kbdhid - detected UnsignedFile.Multi.Generic (1)
22:09:20.0865 1712 KSecDD (ccdcce6224e1e207e953af826b98a9d9) C:\Windows\system32\Drivers\ksecdd.sys
22:09:20.0896 1712 KSecDD ( UnsignedFile.Multi.Generic ) - warning
22:09:20.0896 1712 KSecDD - detected UnsignedFile.Multi.Generic (1)
22:09:21.0196 1712 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
22:09:21.0433 1712 ksthunk ( UnsignedFile.Multi.Generic ) - warning
22:09:21.0433 1712 ksthunk - detected UnsignedFile.Multi.Generic (1)
22:09:22.0072 1712 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
22:09:22.0275 1712 lltdio ( UnsignedFile.Multi.Generic ) - warning
22:09:22.0275 1712 lltdio - detected UnsignedFile.Multi.Generic (1)
22:09:22.0743 1712 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
22:09:22.0743 1712 LSI_FC ( UnsignedFile.Multi.Generic ) - warning
22:09:22.0743 1712 LSI_FC - detected UnsignedFile.Multi.Generic (1)
22:09:23.0274 1712 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
22:09:23.0320 1712 LSI_SAS ( UnsignedFile.Multi.Generic ) - warning
22:09:23.0320 1712 LSI_SAS - detected UnsignedFile.Multi.Generic (1)
22:09:23.0601 1712 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
22:09:23.0601 1712 LSI_SCSI ( UnsignedFile.Multi.Generic ) - warning
22:09:23.0617 1712 LSI_SCSI - detected UnsignedFile.Multi.Generic (1)
22:09:24.0038 1712 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
22:09:24.0116 1712 luafv ( UnsignedFile.Multi.Generic ) - warning
22:09:24.0116 1712 luafv - detected UnsignedFile.Multi.Generic (1)
22:09:24.0646 1712 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
22:09:24.0724 1712 mcdbus ( UnsignedFile.Multi.Generic ) - warning
22:09:24.0724 1712 mcdbus - detected UnsignedFile.Multi.Generic (1)
22:09:25.0287 1712 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
22:09:25.0474 1712 megasas ( UnsignedFile.Multi.Generic ) - warning
22:09:25.0474 1712 megasas - detected UnsignedFile.Multi.Generic (1)
22:09:26.0067 1712 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
22:09:26.0145 1712 MegaSR ( UnsignedFile.Multi.Generic ) - warning
22:09:26.0145 1712 MegaSR - detected UnsignedFile.Multi.Generic (1)
22:09:26.0661 1712 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
22:09:26.0676 1712 Modem ( UnsignedFile.Multi.Generic ) - warning
22:09:26.0676 1712 Modem - detected UnsignedFile.Multi.Generic (1)
22:09:27.0285 1712 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
22:09:27.0285 1712 monitor ( UnsignedFile.Multi.Generic ) - warning
22:09:27.0285 1712 monitor - detected UnsignedFile.Multi.Generic (1)
22:09:27.0754 1712 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
22:09:27.0847 1712 mouclass ( UnsignedFile.Multi.Generic ) - warning
22:09:27.0847 1712 mouclass - detected UnsignedFile.Multi.Generic (1)
22:09:28.0097 1712 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
22:09:28.0097 1712 mouhid ( UnsignedFile.Multi.Generic ) - warning
22:09:28.0097 1712 mouhid - detected UnsignedFile.Multi.Generic (1)
22:09:28.0737 1712 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
22:09:28.0752 1712 MountMgr ( UnsignedFile.Multi.Generic ) - warning
22:09:28.0752 1712 MountMgr - detected UnsignedFile.Multi.Generic (1)
22:09:29.0267 1712 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
22:09:29.0470 1712 mpio ( UnsignedFile.Multi.Generic ) - warning
22:09:29.0470 1712 mpio - detected UnsignedFile.Multi.Generic (1)
22:09:29.0735 1712 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
22:09:29.0782 1712 mpsdrv ( UnsignedFile.Multi.Generic ) - warning
22:09:29.0782 1712 mpsdrv - detected UnsignedFile.Multi.Generic (1)
22:09:30.0125 1712 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
22:09:30.0203 1712 Mraid35x ( UnsignedFile.Multi.Generic ) - warning
22:09:30.0203 1712 Mraid35x - detected UnsignedFile.Multi.Generic (1)
22:09:30.0297 1712 MRxDAV (fe2706c15f8345c342820e4e4583fea0) C:\Windows\system32\drivers\mrxdav.sys
22:09:30.0312 1712 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
22:09:30.0312 1712 MRxDAV - detected UnsignedFile.Multi.Generic (1)
22:09:30.0390 1712 mrxsmb (b698eb9acc7ecd4927d99d268918f912) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:09:30.0562 1712 mrxsmb ( UnsignedFile.Multi.Generic ) - warning
22:09:30.0562 1712 mrxsmb - detected UnsignedFile.Multi.Generic (1)
22:09:30.0936 1712 mrxsmb10 (9a797e27fd28500ee13d43000c931435) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:09:30.0967 1712 mrxsmb10 ( UnsignedFile.Multi.Generic ) - warning
22:09:30.0967 1712 mrxsmb10 - detected UnsignedFile.Multi.Generic (1)
22:09:31.0716 1712 mrxsmb20 (f9425d610712533107a264e2d5b2154b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:09:31.0732 1712 mrxsmb20 ( UnsignedFile.Multi.Generic ) - warning
22:09:31.0732 1712 mrxsmb20 - detected UnsignedFile.Multi.Generic (1)
22:09:32.0215 1712 msahci (9ac2055e4f5d8eb3c2ba6bd17aaf7719) C:\Windows\system32\drivers\msahci.sys
22:09:32.0231 1712 msahci ( UnsignedFile.Multi.Generic ) - warning
22:09:32.0231 1712 msahci - detected UnsignedFile.Multi.Generic (1)
22:09:32.0808 1712 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
22:09:32.0824 1712 msdsm ( UnsignedFile.Multi.Generic ) - warning
22:09:32.0824 1712 msdsm - detected UnsignedFile.Multi.Generic (1)
22:09:33.0073 1712 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
22:09:33.0261 1712 Msfs ( UnsignedFile.Multi.Generic ) - warning
22:09:33.0261 1712 Msfs - detected UnsignedFile.Multi.Generic (1)
22:09:33.0713 1712 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
22:09:33.0807 1712 msisadrv ( UnsignedFile.Multi.Generic ) - warning
22:09:33.0807 1712 msisadrv - detected UnsignedFile.Multi.Generic (1)
22:09:34.0525 1712 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
22:09:34.0650 1712 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
22:09:34.0650 1712 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
22:09:34.0853 1712 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
22:09:34.0962 1712 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
22:09:34.0962 1712 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
22:09:35.0071 1712 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
22:09:35.0087 1712 MSPQM ( UnsignedFile.Multi.Generic ) - warning
22:09:35.0087 1712 MSPQM - detected UnsignedFile.Multi.Generic (1)
22:09:35.0118 1712 MsRPC (b8e32e6103fbba9fbb1d0c11ff0d13b5) C:\Windows\system32\drivers\MsRPC.sys
22:09:35.0149 1712 MsRPC ( UnsignedFile.Multi.Generic ) - warning
22:09:35.0149 1712 MsRPC - detected UnsignedFile.Multi.Generic (1)
22:09:35.0227 1712 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
22:09:35.0383 1712 mssmbios ( UnsignedFile.Multi.Generic ) - warning
22:09:35.0383 1712 mssmbios - detected UnsignedFile.Multi.Generic (1)
22:09:36.0180 1712 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
22:09:36.0195 1712 MSTEE ( UnsignedFile.Multi.Generic ) - warning
22:09:36.0195 1712 MSTEE - detected UnsignedFile.Multi.Generic (1)
22:09:36.0351 1712 Mup (ddf133501f68d6988a0f55dfa88637b4) C:\Windows\system32\Drivers\mup.sys
22:09:36.0367 1712 Mup ( UnsignedFile.Multi.Generic ) - warning
22:09:36.0367 1712 Mup - detected UnsignedFile.Multi.Generic (1)
22:09:36.0758 1712 NativeWifiP (73b99c98fa3a2ed1566e02d6fe1913a5) C:\Windows\system32\DRIVERS\nwifi.sys
22:09:36.0774 1712 NativeWifiP ( UnsignedFile.Multi.Generic ) - warning
22:09:36.0774 1712 NativeWifiP - detected UnsignedFile.Multi.Generic (1)
22:09:37.0477 1712 NDIS (2a2ee457af36c5c9a6808c768bd3a12b) C:\Windows\system32\drivers\ndis.sys
22:09:37.0523 1712 NDIS ( UnsignedFile.Multi.Generic ) - warning
22:09:37.0523 1712 NDIS - detected UnsignedFile.Multi.Generic (1)
22:09:38.0132 1712 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
22:09:38.0147 1712 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
22:09:38.0147 1712 NdisTapi - detected UnsignedFile.Multi.Generic (1)
22:09:38.0615 1712 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
22:09:38.0678 1712 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
22:09:38.0678 1712 Ndisuio - detected UnsignedFile.Multi.Generic (1)
22:09:39.0177 1712 NdisWan (52e3e8e35101399be9b2938c992aa087) C:\Windows\system32\DRIVERS\ndiswan.sys
22:09:39.0286 1712 NdisWan ( UnsignedFile.Multi.Generic ) - warning
22:09:39.0286 1712 NdisWan - detected UnsignedFile.Multi.Generic (1)
22:09:39.0910 1712 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
22:09:39.0926 1712 NDProxy ( UnsignedFile.Multi.Generic ) - warning
22:09:39.0926 1712 NDProxy - detected UnsignedFile.Multi.Generic (1)
22:09:40.0051 1712 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
22:09:40.0144 1712 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
22:09:40.0144 1712 NetBIOS - detected UnsignedFile.Multi.Generic (1)
22:09:40.0690 1712 netbt (7a29ca243a629230799754162d80120f) C:\Windows\system32\DRIVERS\netbt.sys
22:09:40.0831 1712 netbt ( UnsignedFile.Multi.Generic ) - warning
22:09:40.0831 1712 netbt - detected UnsignedFile.Multi.Generic (1)
22:09:42.0157 1712 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys
22:09:42.0484 1712 NETw3v64 ( UnsignedFile.Multi.Generic ) - warning
22:09:42.0484 1712 NETw3v64 - detected UnsignedFile.Multi.Generic (1)
22:09:43.0249 1712 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
22:09:43.0342 1712 nfrd960 ( UnsignedFile.Multi.Generic ) - warning
22:09:43.0342 1712 nfrd960 - detected UnsignedFile.Multi.Generic (1)
22:09:43.0763 1712 Npfs (b06154e2a2c91e9be5599fca53bc4cd0) C:\Windows\system32\drivers\Npfs.sys
22:09:43.0919 1712 Npfs ( UnsignedFile.Multi.Generic ) - warning
22:09:43.0919 1712 Npfs - detected UnsignedFile.Multi.Generic (1)
22:09:44.0387 1712 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
22:09:44.0403 1712 nsiproxy ( UnsignedFile.Multi.Generic ) - warning
22:09:44.0403 1712 nsiproxy - detected UnsignedFile.Multi.Generic (1)
22:09:45.0323 1712 Ntfs (fe86ba5ac3b50e2ca911e9c60c07b638) C:\Windows\system32\drivers\Ntfs.sys
22:09:45.0573 1712 Ntfs ( UnsignedFile.Multi.Generic ) - warning
22:09:45.0573 1712 Ntfs - detected UnsignedFile.Multi.Generic (1)
22:09:46.0010 1712 NtrigDigitizerUSBLowerFilter (1fff3262a4a62083278ac81961cb10e2) C:\Windows\system32\DRIVERS\NtrigDigitizerUSBLowerFilter.sys
22:09:46.0025 1712 NtrigDigitizerUSBLowerFilter ( UnsignedFile.Multi.Generic ) - warning
22:09:46.0025 1712 NtrigDigitizerUSBLowerFilter - detected UnsignedFile.Multi.Generic (1)
22:09:46.0213 1712 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
22:09:46.0228 1712 Null ( UnsignedFile.Multi.Generic ) - warning
22:09:46.0228 1712 Null - detected UnsignedFile.Multi.Generic (1)
22:09:46.0291 1712 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
22:09:46.0322 1712 nvraid ( UnsignedFile.Multi.Generic ) - warning
22:09:46.0322 1712 nvraid - detected UnsignedFile.Multi.Generic (1)
22:09:46.0369 1712 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
22:09:46.0384 1712 nvstor ( UnsignedFile.Multi.Generic ) - warning
22:09:46.0384 1712 nvstor - detected UnsignedFile.Multi.Generic (1)
22:09:46.0478 1712 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
22:09:46.0603 1712 nv_agp ( UnsignedFile.Multi.Generic ) - warning
22:09:46.0603 1712 nv_agp - detected UnsignedFile.Multi.Generic (1)
22:09:47.0008 1712 NwlnkFlt - ok
22:09:47.0633 1712 NwlnkFwd - ok
22:09:47.0961 1712 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
22:09:48.0070 1712 ohci1394 ( UnsignedFile.Multi.Generic ) - warning
22:09:48.0070 1712 ohci1394 - detected UnsignedFile.Multi.Generic (1)
22:09:48.0820 1712 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
22:09:48.0835 1712 Parport ( UnsignedFile.Multi.Generic ) - warning
22:09:48.0835 1712 Parport - detected UnsignedFile.Multi.Generic (1)
22:09:48.0976 1712 partmgr (5ab40c36894f4c06bdab0c9a2fba282d) C:\Windows\system32\drivers\partmgr.sys
22:09:48.0991 1712 partmgr ( UnsignedFile.Multi.Generic ) - warning
22:09:48.0991 1712 partmgr - detected UnsignedFile.Multi.Generic (1)
22:09:49.0475 1712 pci (2a5b2a51559066ea84742909b5b2cd69) C:\Windows\system32\drivers\pci.sys
22:09:49.0569 1712 pci ( UnsignedFile.Multi.Generic ) - warning
22:09:49.0569 1712 pci - detected UnsignedFile.Multi.Generic (1)
22:09:50.0147 1712 pciide (2c548d4e90bfc26fefdd5dbfc7a93e1e) C:\Windows\system32\drivers\pciide.sys
22:09:50.0162 1712 pciide ( UnsignedFile.Multi.Generic ) - warning
22:09:50.0162 1712 pciide - detected UnsignedFile.Multi.Generic (1)
22:09:50.0646 1712 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
22:09:50.0662 1712 pcmcia ( UnsignedFile.Multi.Generic ) - warning
22:09:50.0662 1712 pcmcia - detected UnsignedFile.Multi.Generic (1)
22:09:51.0644 1712 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
22:09:51.0691 1712 PEAUTH ( UnsignedFile.Multi.Generic ) - warning
22:09:51.0691 1712 PEAUTH - detected UnsignedFile.Multi.Generic (1)
22:09:52.0222 1712 PptpMiniport (f5739f2c6db2534c384ad5150808e8f5) C:\Windows\system32\DRIVERS\raspptp.sys
22:09:52.0393 1712 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
22:09:52.0393 1712 PptpMiniport - detected UnsignedFile.Multi.Generic (1)
22:09:53.0204 1712 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys
22:09:53.0298 1712 Processor ( UnsignedFile.Multi.Generic ) - warning
22:09:53.0298 1712 Processor - detected UnsignedFile.Multi.Generic (1)
22:09:53.0828 1712 PSched (0e0e205a296095fe4c631e6a4775ad6c) C:\Windows\system32\DRIVERS\pacer.sys
22:09:53.0844 1712 PSched ( UnsignedFile.Multi.Generic ) - warning
22:09:53.0844 1712 PSched - detected UnsignedFile.Multi.Generic (1)
22:09:54.0359 1712 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
22:09:54.0452 1712 ql2300 ( UnsignedFile.Multi.Generic ) - warning
22:09:54.0452 1712 ql2300 - detected UnsignedFile.Multi.Generic (1)
22:09:54.0858 1712 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
22:09:54.0936 1712 ql40xx ( UnsignedFile.Multi.Generic ) - warning
22:09:54.0936 1712 ql40xx - detected UnsignedFile.Multi.Generic (1)
22:09:55.0186 1712 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
22:09:55.0295 1712 QWAVEdrv ( UnsignedFile.Multi.Generic ) - warning
22:09:55.0295 1712 QWAVEdrv - detected UnsignedFile.Multi.Generic (1)
22:09:55.0544 1712 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
22:09:55.0638 1712 RasAcd ( UnsignedFile.Multi.Generic ) - warning
22:09:55.0638 1712 RasAcd - detected UnsignedFile.Multi.Generic (1)
22:09:55.0919 1712 Rasl2tp (3b9085f91ef00abd15a6f36570e90e12) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:09:56.0012 1712 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
22:09:56.0012 1712 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
22:09:56.0387 1712 RasPppoe (2ce1703c27196094fb6e4c6e439f2c21) C:\Windows\system32\DRIVERS\raspppoe.sys
22:09:56.0543 1712 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
22:09:56.0543 1712 RasPppoe - detected UnsignedFile.Multi.Generic (1)
22:09:57.0105 1712 RasSstp (fcd04fa67e8b40fa0ad361dd38593942) C:\Windows\system32\DRIVERS\rassstp.sys
22:09:57.0168 1712 RasSstp ( UnsignedFile.Multi.Generic ) - warning
22:09:57.0168 1712 RasSstp - detected UnsignedFile.Multi.Generic (1)
22:09:57.0792 1712 rdbss (33fa5b6136d92ee0f53f021c79091300) C:\Windows\system32\DRIVERS\rdbss.sys
22:09:57.0854 1712 rdbss ( UnsignedFile.Multi.Generic ) - warning
22:09:57.0854 1712 rdbss - detected UnsignedFile.Multi.Generic (1)
22:09:58.0213 1712 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:09:58.0229 1712 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
22:09:58.0229 1712 RDPCDD - detected UnsignedFile.Multi.Generic (1)
22:09:58.0760 1712 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
22:09:58.0791 1712 rdpdr ( UnsignedFile.Multi.Generic ) - warning
22:09:58.0791 1712 rdpdr - detected UnsignedFile.Multi.Generic (1)
22:09:59.0415 1712 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
22:09:59.0478 1712 RDPENCDD ( UnsignedFile.Multi.Generic ) - warning
22:09:59.0478 1712 RDPENCDD - detected UnsignedFile.Multi.Generic (1)
22:09:59.0727 1712 RDPWD (7747082f672aa2846235c9cea42e2e72) C:\Windows\system32\drivers\RDPWD.sys
22:09:59.0821 1712 RDPWD ( UnsignedFile.Multi.Generic ) - warning
22:09:59.0821 1712 RDPWD - detected UnsignedFile.Multi.Generic (1)
22:10:00.0616 1712 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
22:10:00.0632 1712 rspndr ( UnsignedFile.Multi.Generic ) - warning
22:10:00.0632 1712 rspndr - detected UnsignedFile.Multi.Generic (1)
22:10:00.0913 1712 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys
22:10:00.0991 1712 RTL8169 ( UnsignedFile.Multi.Generic ) - warning
22:10:00.0991 1712 RTL8169 - detected UnsignedFile.Multi.Generic (1)
22:10:01.0194 1712 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS
22:10:01.0287 1712 RTSTOR ( UnsignedFile.Multi.Generic ) - warning
22:10:01.0287 1712 RTSTOR - detected UnsignedFile.Multi.Generic (1)
22:10:01.0584 1712 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:10:01.0584 1712 SASDIFSV ( UnsignedFile.Multi.Generic ) - warning
22:10:01.0584 1712 SASDIFSV - detected UnsignedFile.Multi.Generic (1)
22:10:01.0802 1712 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:10:01.0802 1712 SASKUTIL ( UnsignedFile.Multi.Generic ) - warning
22:10:01.0802 1712 SASKUTIL - detected UnsignedFile.Multi.Generic (1)
22:10:02.0223 1712 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
22:10:02.0364 1712 sbp2port ( UnsignedFile.Multi.Generic ) - warning
22:10:02.0364 1712 sbp2port - detected UnsignedFile.Multi.Generic (1)
22:10:03.0066 1712 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
22:10:03.0222 1712 sdbus ( UnsignedFile.Multi.Generic ) - warning
22:10:03.0222 1712 sdbus - detected UnsignedFile.Multi.Generic (1)
22:10:03.0721 1712 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:10:03.0736 1712 secdrv ( UnsignedFile.Multi.Generic ) - warning
22:10:03.0736 1712 secdrv - detected UnsignedFile.Multi.Generic (1)
22:10:04.0158 1712 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
22:10:04.0158 1712 Serenum ( UnsignedFile.Multi.Generic ) - warning
22:10:04.0158 1712 Serenum - detected UnsignedFile.Multi.Generic (1)
22:10:04.0282 1712 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
22:10:04.0298 1712 Serial ( UnsignedFile.Multi.Generic ) - warning
22:10:04.0298 1712 Serial - detected UnsignedFile.Multi.Generic (1)
22:10:04.0345 1712 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
22:10:04.0392 1712 sermouse ( UnsignedFile.Multi.Generic ) - warning
22:10:04.0392 1712 sermouse - detected UnsignedFile.Multi.Generic (1)
22:10:04.0548 1712 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
22:10:04.0610 1712 sffdisk ( UnsignedFile.Multi.Generic ) - warning
22:10:04.0610 1712 sffdisk - detected UnsignedFile.Multi.Generic (1)
22:10:04.0688 1712 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
22:10:04.0704 1712 sffp_mmc ( UnsignedFile.Multi.Generic ) - warning
22:10:04.0704 1712 sffp_mmc - detected UnsignedFile.Multi.Generic (1)
22:10:04.0719 1712 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
22:10:04.0719 1712 sffp_sd ( UnsignedFile.Multi.Generic ) - warning
22:10:04.0719 1712 sffp_sd - detected UnsignedFile.Multi.Generic (1)
22:10:04.0750 1712 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
22:10:04.0750 1712 sfloppy ( UnsignedFile.Multi.Generic ) - warning
22:10:04.0750 1712 sfloppy - detected UnsignedFile.Multi.Generic (1)
22:10:04.0906 1712 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
22:10:05.0016 1712 SiSRaid2 ( UnsignedFile.Multi.Generic ) - warning
22:10:05.0016 1712 SiSRaid2 - detected UnsignedFile.Multi.Generic (1)
22:10:05.0640 1712 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
22:10:05.0640 1712 SiSRaid4 ( UnsignedFile.Multi.Generic ) - warning
22:10:05.0640 1712 SiSRaid4 - detected UnsignedFile.Multi.Generic (1)
22:10:05.0842 1712 Smb (41eb2e8e005feedcafce301983eff932) C:\Windows\system32\DRIVERS\smb.sys
22:10:06.0076 1712 Smb ( UnsignedFile.Multi.Generic ) - warning
22:10:06.0076 1712 Smb - detected UnsignedFile.Multi.Generic (1)
22:10:06.0622 1712 smserial (22631aaf0ac9e9881ce76beac27d8030) C:\Windows\system32\DRIVERS\smserial.sys
22:10:06.0763 1712 smserial ( UnsignedFile.Multi.Generic ) - warning
22:10:06.0763 1712 smserial - detected UnsignedFile.Multi.Generic (1)
22:10:07.0340 1712 spldr (f9cb0672162f7f04248e2b82c1ff4617) C:\Windows\system32\drivers\spldr.sys
22:10:07.0371 1712 spldr ( UnsignedFile.Multi.Generic ) - warning
22:10:07.0371 1712 spldr - detected UnsignedFile.Multi.Generic (1)
22:10:08.0120 1712 srv (a8abd7d0d907b45cf3831f4dd8644349) C:\Windows\system32\DRIVERS\srv.sys
22:10:08.0338 1712 srv ( UnsignedFile.Multi.Generic ) - warning
22:10:08.0338 1712 srv - detected UnsignedFile.Multi.Generic (1)
22:10:08.0978 1712 srv2 (6c72eea39e1c37b436a6d1532999f9ec) C:\Windows\system32\DRIVERS\srv2.sys
22:10:08.0994 1712 srv2 ( UnsignedFile.Multi.Generic ) - warning
22:10:08.0994 1712 srv2 - detected UnsignedFile.Multi.Generic (1)
22:10:09.0586 1712 srvnet (7f69bcf9e6fa3d93c82ee6b87812666d) C:\Windows\system32\DRIVERS\srvnet.sys
22:10:09.0696 1712 srvnet ( UnsignedFile.Multi.Generic ) - warning
22:10:09.0696 1712 srvnet - detected UnsignedFile.Multi.Generic (1)
22:10:10.0257 1712 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
22:10:10.0273 1712 swenum ( UnsignedFile.Multi.Generic ) - warning
22:10:10.0273 1712 swenum - detected UnsignedFile.Multi.Generic (1)
22:10:10.0647 1712 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
22:10:10.0663 1712 Symc8xx ( UnsignedFile.Multi.Generic ) - warning
22:10:10.0663 1712 Symc8xx - detected UnsignedFile.Multi.Generic (1)
22:10:11.0100 1712 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
22:10:11.0100 1712 Sym_hi ( UnsignedFile.Multi.Generic ) - warning
22:10:11.0100 1712 Sym_hi - detected UnsignedFile.Multi.Generic (1)
22:10:11.0474 1712 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
22:10:11.0490 1712 Sym_u3 ( UnsignedFile.Multi.Generic ) - warning
22:10:11.0490 1712 Sym_u3 - detected UnsignedFile.Multi.Generic (1)
22:10:11.0927 1712 SynTP (c851305e2bcfce8aaa53342f912ddd7f) C:\Windows\system32\DRIVERS\SynTP.sys
22:10:12.0068 1712 SynTP ( UnsignedFile.Multi.Generic ) - warning
22:10:12.0068 1712 SynTP - detected UnsignedFile.Multi.Generic (1)
22:10:13.0067 1712 Tcpip (7d86275fb640011b372fd566c0eafa8d) C:\Windows\system32\drivers\tcpip.sys
22:10:13.0192 1712 Tcpip ( UnsignedFile.Multi.Generic ) - warning
22:10:13.0192 1712 Tcpip - detected UnsignedFile.Multi.Generic (1)
22:10:13.0973 1712 Tcpip6 (7d86275fb640011b372fd566c0eafa8d) C:\Windows\system32\DRIVERS\tcpip.sys
22:10:14.0020 1712 Tcpip6 ( UnsignedFile.Multi.Generic ) - warning
22:10:14.0020 1712 Tcpip6 - detected UnsignedFile.Multi.Generic (1)
22:10:14.0550 1712 tcpipreg (c29d4b3b08ad0b7e8564814e4ff6a57b) C:\Windows\system32\drivers\tcpipreg.sys
22:10:14.0628 1712 tcpipreg ( UnsignedFile.Multi.Generic ) - warning
22:10:14.0628 1712 tcpipreg - detected UnsignedFile.Multi.Generic (1)
22:10:14.0706 1712 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
22:10:14.0784 1712 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
22:10:14.0784 1712 TDPIPE - detected UnsignedFile.Multi.Generic (1)
22:10:14.0800 1712 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
22:10:14.0815 1712 TDTCP ( UnsignedFile.Multi.Generic ) - warning
22:10:14.0815 1712 TDTCP - detected UnsignedFile.Multi.Generic (1)
22:10:14.0926 1712 tdx (8c39c72e0e853de04748c0337d9b9216) C:\Windows\system32\DRIVERS\tdx.sys
22:10:14.0926 1712 tdx ( UnsignedFile.Multi.Generic ) - warning
22:10:14.0926 1712 tdx - detected UnsignedFile.Multi.Generic (1)
22:10:14.0988 1712 TermDD (3f0ebf6ee609f2a276c0d5faf244ec90) C:\Windows\system32\DRIVERS\termdd.sys
22:10:15.0004 1712 TermDD ( UnsignedFile.Multi.Generic ) - warning
22:10:15.0004 1712 TermDD - detected UnsignedFile.Multi.Generic (1)
22:10:15.0175 1712 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:10:15.0191 1712 tssecsrv ( UnsignedFile.Multi.Generic ) - warning
22:10:15.0191 1712 tssecsrv - detected UnsignedFile.Multi.Generic (1)
22:10:15.0378 1712 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
22:10:15.0394 1712 tunmp ( UnsignedFile.Multi.Generic ) - warning
22:10:15.0394 1712 tunmp - detected UnsignedFile.Multi.Generic (1)
22:10:15.0487 1712 tunnel (2dc2c423572946e9a3131425bda73cb6) C:\Windows\system32\DRIVERS\tunnel.sys
22:10:15.0503 1712 tunnel ( UnsignedFile.Multi.Generic ) - warning
22:10:15.0503 1712 tunnel - detected UnsignedFile.Multi.Generic (1)
22:10:15.0643 1712 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
22:10:15.0721 1712 uagp35 ( UnsignedFile.Multi.Generic ) - warning
22:10:15.0721 1712 uagp35 - detected UnsignedFile.Multi.Generic (1)
22:10:15.0940 1712 udfs (eca6629e33f122afff18a2ab7c3eb033) C:\Windows\system32\DRIVERS\udfs.sys
22:10:16.0033 1712 udfs ( UnsignedFile.Multi.Generic ) - warning
22:10:16.0033 1712 udfs - detected UnsignedFile.Multi.Generic (1)
22:10:16.0470 1712 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
22:10:16.0548 1712 uliagpkx ( UnsignedFile.Multi.Generic ) - warning
22:10:16.0548 1712 uliagpkx - detected UnsignedFile.Multi.Generic (1)
22:10:16.0688 1712 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
22:10:16.0720 1712 uliahci ( UnsignedFile.Multi.Generic ) - warning
22:10:16.0720 1712 uliahci - detected UnsignedFile.Multi.Generic (1)
22:10:17.0281 1712 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
22:10:17.0297 1712 UlSata ( UnsignedFile.Multi.Generic ) - warning
22:10:17.0297 1712 UlSata - detected UnsignedFile.Multi.Generic (1)
22:10:17.0390 1712 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
22:10:17.0406 1712 ulsata2 ( UnsignedFile.Multi.Generic ) - warning
22:10:17.0406 1712 ulsata2 - detected UnsignedFile.Multi.Generic (1)
22:10:17.0858 1712 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
22:10:17.0858 1712 umbus ( UnsignedFile.Multi.Generic ) - warning
22:10:17.0858 1712 umbus - detected UnsignedFile.Multi.Generic (1)
22:10:18.0217 1712 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
22:10:18.0233 1712 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
22:10:18.0233 1712 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
22:10:18.0779 1712 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
22:10:18.0794 1712 usbccgp ( UnsignedFile.Multi.Generic ) - warning
22:10:18.0794 1712 usbccgp - detected UnsignedFile.Multi.Generic (1)
22:10:19.0434 1712 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
22:10:19.0434 1712 usbcir ( UnsignedFile.Multi.Generic ) - warning
22:10:19.0434 1712 usbcir - detected UnsignedFile.Multi.Generic (1)
22:10:19.0777 1712 usbehci (da6d8d8ed0a53c63ac6f4bd40fe83fbe) C:\Windows\system32\DRIVERS\usbehci.sys
22:10:19.0808 1712 usbehci ( UnsignedFile.Multi.Generic ) - warning
22:10:19.0808 1712 usbehci - detected UnsignedFile.Multi.Generic (1)
22:10:19.0840 1712 usbfilter (8fec71666aba7114f9cab9e56065ec80) C:\Windows\system32\DRIVERS\usbfilter.sys
22:10:19.0855 1712 usbfilter ( UnsignedFile.Multi.Generic ) - warning
22:10:19.0855 1712 usbfilter - detected UnsignedFile.Multi.Generic (1)
22:10:19.0902 1712 usbhub (99045369ae3216216573d0775fd7ed56) C:\Windows\system32\DRIVERS\usbhub.sys
22:10:19.0918 1712 usbhub ( UnsignedFile.Multi.Generic ) - warning
22:10:19.0918 1712 usbhub - detected UnsignedFile.Multi.Generic (1)
22:10:20.0058 1712 usbohci (540b622da0949695c40cdc9d5d497a8b) C:\Windows\system32\DRIVERS\usbohci.sys
22:10:20.0058 1712 usbohci ( UnsignedFile.Multi.Generic ) - warning
22:10:20.0074 1712 usbohci - detected UnsignedFile.Multi.Generic (1)
22:10:20.0308 1712 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
22:10:20.0323 1712 usbprint ( UnsignedFile.Multi.Generic ) - warning
22:10:20.0323 1712 usbprint - detected UnsignedFile.Multi.Generic (1)
22:10:20.0557 1712 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
22:10:20.0666 1712 usbscan ( UnsignedFile.Multi.Generic ) - warning
22:10:20.0666 1712 usbscan - detected UnsignedFile.Multi.Generic (1)
22:10:20.0838 1712 USBSTOR (586d9876a4945779c8eea926c0d16889) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:10:20.0978 1712 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
22:10:20.0978 1712 USBSTOR - detected UnsignedFile.Multi.Generic (1)
22:10:21.0618 1712 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
22:10:21.0634 1712 usbuhci ( UnsignedFile.Multi.Generic ) - warning
22:10:21.0634 1712 usbuhci - detected UnsignedFile.Multi.Generic (1)
22:10:22.0304 1712 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
22:10:22.0351 1712 usbvideo ( UnsignedFile.Multi.Generic ) - warning
22:10:22.0351 1712 usbvideo - detected UnsignedFile.Multi.Generic (1)
22:10:22.0570 1712 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
22:10:22.0585 1712 vga ( UnsignedFile.Multi.Generic ) - warning
22:10:22.0585 1712 vga - detected UnsignedFile.Multi.Generic (1)
22:10:23.0318 1712 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
22:10:23.0334 1712 VgaSave ( UnsignedFile.Multi.Generic ) - warning
22:10:23.0334 1712 VgaSave - detected UnsignedFile.Multi.Generic (1)
22:10:23.0755 1712 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys
22:10:23.0818 1712 viaide ( UnsignedFile.Multi.Generic ) - warning
22:10:23.0818 1712 viaide - detected UnsignedFile.Multi.Generic (1)
22:10:24.0270 1712 volmgr (793d9b32a1c462c91f6f70358283ac97) C:\Windows\system32\drivers\volmgr.sys
22:10:24.0286 1712 volmgr ( UnsignedFile.Multi.Generic ) - warning
22:10:24.0286 1712 volmgr - detected UnsignedFile.Multi.Generic (1)
22:10:24.0473 1712 volmgrx (5aa217da5dc4ff5b9ac9ab86563b3223) C:\Windows\system32\drivers\volmgrx.sys
22:10:24.0488 1712 volmgrx ( UnsignedFile.Multi.Generic ) - warning
22:10:24.0488 1712 volmgrx - detected UnsignedFile.Multi.Generic (1)
22:10:24.0956 1712 volsnap (de4307412d98050239026e56a7dff3c0) C:\Windows\system32\drivers\volsnap.sys
22:10:25.0003 1712 volsnap ( UnsignedFile.Multi.Generic ) - warning
22:10:25.0003 1712 volsnap - detected UnsignedFile.Multi.Generic (1)
22:10:25.0690 1712 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
22:10:25.0705 1712 vsmraid ( UnsignedFile.Multi.Generic ) - warning
22:10:25.0705 1712 vsmraid - detected UnsignedFile.Multi.Generic (1)
22:10:26.0204 1712 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
22:10:26.0236 1712 WacomPen ( UnsignedFile.Multi.Generic ) - warning
22:10:26.0236 1712 WacomPen - detected UnsignedFile.Multi.Generic (1)
22:10:26.0844 1712 Wanarp (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
22:10:26.0860 1712 Wanarp ( UnsignedFile.Multi.Generic ) - warning
22:10:26.0860 1712 Wanarp - detected UnsignedFile.Multi.Generic (1)
22:10:26.0875 1712 Wanarpv6 (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
22:10:26.0891 1712 Wanarpv6 ( UnsignedFile.Multi.Generic ) - warning
22:10:26.0891 1712 Wanarpv6 - detected UnsignedFile.Multi.Generic (1)
22:10:27.0437 1712 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
22:10:27.0452 1712 Wd ( UnsignedFile.Multi.Generic ) - warning
22:10:27.0452 1712 Wd - detected UnsignedFile.Multi.Generic (1)
22:10:28.0014 1712 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
22:10:28.0217 1712 Wdf01000 ( UnsignedFile.Multi.Generic ) - warning
22:10:28.0217 1712 Wdf01000 - detected UnsignedFile.Multi.Generic (1)
22:10:29.0075 1712 WinUsb (2215b7b794b3b7e5cc9fc423e985e2aa) C:\Windows\system32\DRIVERS\WinUSB.sys
22:10:29.0075 1712 WinUsb ( UnsignedFile.Multi.Generic ) - warning
22:10:29.0075 1712 WinUsb - detected UnsignedFile.Multi.Generic (1)
22:10:29.0605 1712 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:10:29.0621 1712 WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
22:10:29.0621 1712 WmiAcpi - detected UnsignedFile.Multi.Generic (1)
22:10:30.0182 1712 WpdUsb (6329d1990db931073b86ab5946d8e317) C:\Windows\system32\DRIVERS\wpdusb.sys
22:10:30.0198 1712 WpdUsb ( UnsignedFile.Multi.Generic ) - warning
22:10:30.0198 1712 WpdUsb - detected UnsignedFile.Multi.Generic (1)
22:10:30.0432 1712 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
22:10:30.0432 1712 ws2ifsl ( UnsignedFile.Multi.Generic ) - warning
22:10:30.0432 1712 ws2ifsl - detected UnsignedFile.Multi.Generic (1)
22:10:30.0666 1712 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:10:30.0713 1712 WUDFRd ( UnsignedFile.Multi.Generic ) - warning
22:10:30.0713 1712 WUDFRd - detected UnsignedFile.Multi.Generic (1)
22:10:30.0994 1712 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys
22:10:31.0009 1712 yukonx64 ( UnsignedFile.Multi.Generic ) - warning
22:10:31.0009 1712 yukonx64 - detected UnsignedFile.Multi.Generic (1)
22:10:31.0571 1712 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
22:10:31.0586 1712 {55662437-DA8C-40c0-AADA-2C816A897A49} ( UnsignedFile.Multi.Generic ) - warning
22:10:31.0586 1712 {55662437-DA8C-40c0-AADA-2C816A897A49} - detected UnsignedFile.Multi.Generic (1)
22:10:31.0664 1712 MBR (0x1B8) (5c86adec17b739c437e145e3b3fc2e6d) \Device\Harddisk0\DR0
22:10:32.0351 1712 \Device\Harddisk0\DR0 - ok
22:10:32.0429 1712 Boot (0x1200) (2c55c5f3b2745ef9bae27651863aba5d) \Device\Harddisk0\DR0\Partition0
22:10:32.0476 1712 \Device\Harddisk0\DR0\Partition0 - ok
22:10:32.0616 1712 Boot (0x1200) (8f294363e1826b38ee29968403f71392) \Device\Harddisk0\DR0\Partition1
22:10:32.0632 1712 \Device\Harddisk0\DR0\Partition1 - ok
22:10:32.0632 1712 ============================================================
22:10:32.0632 1712 Scan finished
22:10:32.0632 1712 ============================================================
22:10:32.0694 4132 Detected object count: 230
22:10:32.0694 4132 Actual detected object count: 230
22:10:46.0548 4132 ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0548 4132 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0548 4132 adp94xx ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0548 4132 adp94xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0548 4132 adpahci ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0548 4132 adpahci ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0563 4132 adpu160m ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0563 4132 adpu160m ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0579 4132 adpu320 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0579 4132 adpu320 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0579 4132 AFD ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0579 4132 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0579 4132 agp440 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0579 4132 agp440 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0595 4132 ahcix64s ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0595 4132 ahcix64s ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0595 4132 aic78xx ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0595 4132 aic78xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0595 4132 aliide ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0595 4132 aliide ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0610 4132 amdide ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0610 4132 amdide ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0610 4132 AmdK8 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0610 4132 AmdK8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0626 4132 arc ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0626 4132 arc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0626 4132 arcsas ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0626 4132 arcsas ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0626 4132 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0626 4132 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0641 4132 atapi ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0641 4132 atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0641 4132 atikmdag ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0641 4132 atikmdag ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0641 4132 AtiPcie ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0641 4132 AtiPcie ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0657 4132 ATSWPDRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0657 4132 ATSWPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0657 4132 BCM43XX ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0657 4132 BCM43XX ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0657 4132 blbdrive ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0657 4132 blbdrive ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0673 4132 bowser ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0673 4132 bowser ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0673 4132 BrFiltLo ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0673 4132 BrFiltLo ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0673 4132 BrFiltUp ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0673 4132 BrFiltUp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0688 4132 Brserid ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0688 4132 Brserid ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0688 4132 BrSerWdm ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0688 4132 BrSerWdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0704 4132 BrUsbMdm ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0704 4132 BrUsbMdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0704 4132 BrUsbSer ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0704 4132 BrUsbSer ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0704 4132 BTHMODEM ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0704 4132 BTHMODEM ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0719 4132 cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0719 4132 cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0719 4132 cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0719 4132 cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0719 4132 circlass ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0719 4132 circlass ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0735 4132 CLFS ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0735 4132 CLFS ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0735 4132 CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0735 4132 CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0735 4132 cmdide ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0735 4132 cmdide ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0751 4132 Compbatt ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0751 4132 Compbatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0751 4132 crcdisk ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0751 4132 crcdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0766 4132 DfsC ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0766 4132 DfsC ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0766 4132 disk ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0766 4132 disk ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0782 4132 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0782 4132 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0782 4132 DXGKrnl ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0782 4132 DXGKrnl ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0782 4132 E1G60 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0782 4132 E1G60 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0797 4132 Ecache ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0797 4132 Ecache ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0797 4132 elxstor ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0797 4132 elxstor ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0797 4132 enecir ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0797 4132 enecir ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0813 4132 ErrDev ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0813 4132 ErrDev ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0813 4132 exfat ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0813 4132 exfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0813 4132 fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0813 4132 fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0829 4132 fdc ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0829 4132 fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0829 4132 FileInfo ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0829 4132 FileInfo ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0844 4132 Filetrace ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0844 4132 Filetrace ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0844 4132 flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0844 4132 flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0844 4132 FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0844 4132 FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0860 4132 Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0860 4132 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0860 4132 gagp30kx ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0860 4132 gagp30kx ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0875 4132 GEARAspiWDM ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0875 4132 GEARAspiWDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0891 4132 HdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0891 4132 HdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0891 4132 HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0891 4132 HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0891 4132 HidBth ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0891 4132 HidBth ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0891 4132 HidIr ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0907 4132 HidIr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0907 4132 HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0907 4132 HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0907 4132 HpCISSs ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0907 4132 HpCISSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0907 4132 HpqKbFiltr ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0907 4132 HpqKbFiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0922 4132 HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0922 4132 HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0922 4132 i2omp ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0922 4132 i2omp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0922 4132 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0922 4132 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0922 4132 iaStorV ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0922 4132 iaStorV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0938 4132 iirsp ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0938 4132 iirsp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0938 4132 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0938 4132 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0953 4132 intelide ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0953 4132 intelide ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0953 4132 intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0953 4132 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0953 4132 IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0953 4132 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0969 4132 IPMIDRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0969 4132 IPMIDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0969 4132 IPNAT ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0969 4132 IPNAT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0969 4132 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0969 4132 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0985 4132 isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0985 4132 isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0985 4132 iScsiPrt ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:46.0985 4132 iScsiPrt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:46.0985 4132 iteatapi ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0000 4132 iteatapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0000 4132 iteraid ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0000 4132 iteraid ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0000 4132 kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0000 4132 kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0016 4132 kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0016 4132 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0016 4132 KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0016 4132 KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0031 4132 ksthunk ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0031 4132 ksthunk ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0031 4132 lltdio ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0031 4132 lltdio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0031 4132 LSI_FC ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0031 4132 LSI_FC ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0047 4132 LSI_SAS ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0047 4132 LSI_SAS ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0047 4132 LSI_SCSI ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0047 4132 LSI_SCSI ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0047 4132 luafv ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0063 4132 luafv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0063 4132 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0063 4132 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0063 4132 megasas ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0063 4132 megasas ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0063 4132 MegaSR ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0063 4132 MegaSR ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0078 4132 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0078 4132 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0078 4132 monitor ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0078 4132 monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0094 4132 mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0094 4132 mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0094 4132 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0094 4132 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0094 4132 MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0094 4132 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0109 4132 mpio ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0109 4132 mpio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0109 4132 mpsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0109 4132 mpsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0109 4132 Mraid35x ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0109 4132 Mraid35x ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0125 4132 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0125 4132 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0125 4132 mrxsmb ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0125 4132 mrxsmb ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0125 4132 mrxsmb10 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0125 4132 mrxsmb10 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0125 4132 mrxsmb20 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0125 4132 mrxsmb20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0141 4132 msahci ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0141 4132 msahci ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0141 4132 msdsm ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0141 4132 msdsm ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0156 4132 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0156 4132 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0156 4132 msisadrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0156 4132 msisadrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0172 4132 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0172 4132 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0172 4132 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0172 4132 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0172 4132 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0172 4132 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0172 4132 MsRPC ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0172 4132 MsRPC ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0187 4132 mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0187 4132 mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0187 4132 MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0187 4132 MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0203 4132 Mup ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0203 4132 Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0203 4132 NativeWifiP ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0203 4132 NativeWifiP ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0203 4132 NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0203 4132 NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0219 4132 NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0219 4132 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0219 4132 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0219 4132 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0219 4132 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0219 4132 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0234 4132 NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0234 4132 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0234 4132 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0234 4132 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0250 4132 netbt ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0250 4132 netbt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0250 4132 NETw3v64 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0250 4132 NETw3v64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0250 4132 nfrd960 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0250 4132 nfrd960 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0265 4132 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0265 4132 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0265 4132 nsiproxy ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0265 4132 nsiproxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0265 4132 Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0265 4132 Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0281 4132 NtrigDigitizerUSBLowerFilter ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0281 4132 NtrigDigitizerUSBLowerFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0281 4132 Null ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0281 4132 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0281 4132 nvraid ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0281 4132 nvraid ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0297 4132 nvstor ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0297 4132 nvstor ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0297 4132 nv_agp ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0297 4132 nv_agp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0297 4132 ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0297 4132 ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0297 4132 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0297 4132 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0298 4132 partmgr ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0298 4132 partmgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0298 4132 pci ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0298 4132 pci ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0329 4132 pciide ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0329 4132 pciide ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0329 4132 pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0329 4132 pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0329 4132 PEAUTH ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0329 4132 PEAUTH ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0344 4132 PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0344 4132 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0344 4132 Processor ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0344 4132 Processor ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0344 4132 PSched ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0344 4132 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0360 4132 ql2300 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0360 4132 ql2300 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0360 4132 ql40xx ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0360 4132 ql40xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0360 4132 QWAVEdrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0360 4132 QWAVEdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0376 4132 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0376 4132 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0376 4132 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0376 4132 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0376 4132 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0376 4132 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0391 4132 RasSstp ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0391 4132 RasSstp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0391 4132 rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0391 4132 rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0391 4132 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0391 4132 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0407 4132 rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0407 4132 rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0422 4132 RDPENCDD ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0422 4132 RDPENCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0422 4132 RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0422 4132 RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0438 4132 rspndr ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0438 4132 rspndr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0438 4132 RTL8169 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0438 4132 RTL8169 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0454 4132 RTSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0454 4132 RTSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0454 4132 SASDIFSV ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0454 4132 SASDIFSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0454 4132 SASKUTIL ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0454 4132 SASKUTIL ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0454 4132 sbp2port ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0454 4132 sbp2port ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0469 4132 sdbus ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0469 4132 sdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0469 4132 secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0469 4132 secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0485 4132 Serenum ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0485 4132 Serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0485 4132 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0485 4132 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0485 4132 sermouse ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0485 4132 sermouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0500 4132 sffdisk ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0500 4132 sffdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0500 4132 sffp_mmc ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0500 4132 sffp_mmc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0516 4132 sffp_sd ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0516 4132 sffp_sd ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0516 4132 sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0516 4132 sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0516 4132 SiSRaid2 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0516 4132 SiSRaid2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0516 4132 SiSRaid4 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0516 4132 SiSRaid4 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0532 4132 Smb ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0532 4132 Smb ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0532 4132 smserial ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0532 4132 smserial ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0532 4132 spldr ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0532 4132 spldr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0532 4132 srv ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0532 4132 srv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0547 4132 srv2 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0547 4132 srv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0547 4132 srvnet ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0547 4132 srvnet ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0563 4132 swenum ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0563 4132 swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0563 4132 Symc8xx ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0563 4132 Symc8xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0563 4132 Sym_hi ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0563 4132 Sym_hi ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0563 4132 Sym_u3 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0563 4132 Sym_u3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0578 4132 SynTP ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0578 4132 SynTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0578 4132 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0578 4132 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0578 4132 Tcpip6 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0578 4132 Tcpip6 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0594 4132 tcpipreg ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0594 4132 tcpipreg ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0594 4132 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0594 4132 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0594 4132 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0594 4132 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0594 4132 tdx ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0594 4132 tdx ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0610 4132 TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0610 4132 TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0610 4132 tssecsrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0610 4132 tssecsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0610 4132 tunmp ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0610 4132 tunmp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0625 4132 tunnel ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0625 4132 tunnel ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0625 4132 uagp35 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0625 4132 uagp35 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0625 4132 udfs ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0625 4132 udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0641 4132 uliagpkx ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0641 4132 uliagpkx ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0641 4132 uliahci ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0641 4132 uliahci ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0656 4132 UlSata ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0656 4132 UlSata ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0656 4132 ulsata2 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0656 4132 ulsata2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0656 4132 umbus ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0656 4132 umbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0656 4132 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0656 4132 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0672 4132 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0672 4132 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0672 4132 usbcir ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0672 4132 usbcir ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0688 4132 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0688 4132 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0688 4132 usbfilter ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0688 4132 usbfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0688 4132 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0688 4132 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0703 4132 usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0703 4132 usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0703 4132 usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0703 4132 usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0703 4132 usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0703 4132 usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0719 4132 USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0719 4132 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0719 4132 usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0719 4132 usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0719 4132 usbvideo ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0719 4132 usbvideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0719 4132 vga ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0719 4132 vga ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0734 4132 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0734 4132 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0734 4132 viaide ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0734 4132 viaide ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0750 4132 volmgr ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0750 4132 volmgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0750 4132 volmgrx ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0750 4132 volmgrx ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0750 4132 volsnap ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0750 4132 volsnap ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0766 4132 vsmraid ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0766 4132 vsmraid ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0766 4132 WacomPen ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0766 4132 WacomPen ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0781 4132 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0781 4132 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0781 4132 Wanarpv6 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0781 4132 Wanarpv6 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0797 4132 Wd ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0797 4132 Wd ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0797 4132 Wdf01000 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0797 4132 Wdf01000 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0797 4132 WinUsb ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0797 4132 WinUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0812 4132 WmiAcpi ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0812 4132 WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0812 4132 WpdUsb ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0812 4132 WpdUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0828 4132 ws2ifsl ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0828 4132 ws2ifsl ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0828 4132 WUDFRd ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0828 4132 WUDFRd ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0828 4132 yukonx64 ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0828 4132 yukonx64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:10:47.0844 4132 {55662437-DA8C-40c0-AADA-2C816A897A49} ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:47.0844 4132 {55662437-DA8C-40c0-AADA-2C816A897A49} ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#8
SweetTech
Posted 10 October 2011 - 02:17 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

The results of that scan are pretty interesting.

Please run the following utility:


Scanning with MalwareBytes' Anti-Malware

Please download Malwarebytes' Anti-Malware (v1.51.0.1200) and save it to your desktop.
Download Link 1
Download Link 2Malwarebytes' may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes' when done.
Note: If Malwarebytes' encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes' from removing all the malware.
  • 0

#9
Arwen3000
Posted 10 October 2011 - 02:49 PM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi! Here are the logs from MalwareBytes, and I meant to mention, earlier, that when I turned on my computer earlier to run ComboFix, Windows Firewall was off and it gave an error when I tried to turn it back on. But, I just checked, after restarting it now, and it is back on. So I guess that means something is working? :)

Thanks!


*****

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7918

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

10/10/2011 10:36:04 PM
mbam-log-2011-10-10 (22-36-04).txt

Scan type: Quick scan
Objects scanned: 180992
Time elapsed: 4 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\users\dawn\local settings\application data\temp\arqx12.ini (Malware.Trace) -> Quarantined and deleted successfully.
c:\users\dawn\local settings\temp\_check32.bat (Malware.Trace) -> Quarantined and deleted successfully.
c:\users\dawn\local settings\temp\qvodsetupplu27.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\users\dawn\local settings\application data\temp\mc32.exe (Trojan.Banker) -> Quarantined and deleted successfully.
c:\users\dawn\local settings\application data\temp\system\audiodgi.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\users\dawn\local settings\application data\temp\system\wmpmetwk.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\users\dawn\local settings\application data\temp\system\audidgi.exe (Trojan.Agent) -> Quarantined and deleted successfully.
  • 0

#10
SweetTech
Posted 10 October 2011 - 02:57 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Yes, we are making some great progress.

Please run the following 2 scans:


ESET Online Scanner
I'd like us to scan your machine with ESET Online Scan

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.


  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • When the Computer scan settings display shows, click the Advanced option, the place a check next to the following (if it is not already checked):
    • Enable Anti-Stealth technology
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NEXT:


Security Check
Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

  • 0

Advertisements

#11
Arwen3000
Posted 10 October 2011 - 07:12 PM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi! I've been running the ESET scan for the past couple of hours, and it seems to be stuck at 42% of step 3 out of 4. It does say it found 11 infected files. I'm not sure if it's really stuck, though, or if this is just a very, very slow process. Would you recommend stopping the scan and starting over, or should I just wait it out?

Thanks!
  • 0

#12
SweetTech
Posted 11 October 2011 - 10:54 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

What's the ESET Scan currently doing? Is it still stuck at 42% ?
  • 0

#13
Arwen3000
Posted 11 October 2011 - 10:56 AM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
The scan was still stuck when I went to bed last night, so I turned it off and restarted it this morning. Now it is stuck at 42% again. It was running quite quickly before that, but now it's been stuck for almost two hours. Sad face!
  • 0

#14
SweetTech
Posted 11 October 2011 - 11:33 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Do you have any idea what it's freezing on?
  • 0

#15
Arwen3000
Posted 11 October 2011 - 11:41 AM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
It was frozen on the target Adobe CS3 Photoshop, which is a programme I deleted a while ago, but I just checked now and it says it's working on Microsoft Office 2007, and it appears to be moving again! Success!! It was stuck for a really long time though (it's been running for a total of 4 1/2 hours at this point), and it still says 42% but I think things are moving along.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP