Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer operating slowly, pop-up IE windows, virus scan software find

Started by boredcrow , Jan 29 2012 11:45 PM

  • This topic is locked This topic is locked

#16
CompCav
Posted 07 February 2012 - 05:04 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Just reboot the computer by powering it down. Try Ctrl-Alt-Del and go to task manager and shutdown.

If that does not work just hold down the power button and reboot.
  • 0

Advertisements

#17
boredcrow
Posted 07 February 2012 - 10:30 PM

boredcrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
Okay, I got home and restarted the computer. Mouse and keyboard still unfunctional. I'm now using mouse and keyboard borrowed from an old computer. Any suggestions how to fix this?

I'd like to know if I can get this straightened out easily - or should I proceed with the next step (TDSS killer?)
  • 0

#18
CompCav
Posted 07 February 2012 - 10:47 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Please go ahead and run TDSSKiller. This may find the rootkit and kill it. Then try your keyboard and mouse again to see if they are working.

CompCav
  • 0

#19
boredcrow
Posted 07 February 2012 - 10:52 PM

boredcrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
Will do, thanks.
I don't see where combofix put it's log... it's not on my desktop. And can I turn my antivirus back on now?
  • 0

#20
CompCav
Posted 07 February 2012 - 11:24 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
The ComboFix log should be in the root directory c:\combofix.txt

Please post it because I believe it took out the bad i8042prt.sys that is affecting your keyboard and mouse.

And yes turn your antivirus on now.
  • 0

#21
boredcrow
Posted 07 February 2012 - 11:26 PM

boredcrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
All right, fixes complete. Here are the logs, minus the ComboFix one which I haven't yet found. Mouse and keyboard still nonoperational. Computer otherwise seems fine.

First OTL:
All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
File C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\uwyo.edu\microlab\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
File C:\Users\Sabrina\AppData\Local\663815s6c502f177c640s6gwy0d0 not found.
File C:\ProgramData\663815s6c502f177c640s6gwy0d0 not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Sabrina\Desktop\cmd.bat deleted successfully.
C:\Users\Sabrina\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Sabrina
->Temp folder emptied: 51999 bytes
->Temporary Internet Files folder emptied: 2853608 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 11651094 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 1383 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 548757509 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3950019 bytes

Total Files Cleaned = 541.00 mb



OTL by OldTimer - Version 3.2.31.0 log created on 02062012_175721

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...




TDSS:
(found two items; one of the two did not have 'cure' as an option, so I left it as 'skip'.)


20:57:00.0540 4916 TDSS rootkit removing tool 2.7.10.0 Feb 7 2012 15:14:46
20:57:00.0915 4916 ============================================================
20:57:00.0915 4916 Current date / time: 2012/02/07 20:57:00.0915
20:57:00.0915 4916 SystemInfo:
20:57:00.0915 4916
20:57:00.0915 4916 OS Version: 6.0.6002 ServicePack: 2.0
20:57:00.0915 4916 Product type: Workstation
20:57:00.0915 4916 ComputerName: CODII
20:57:00.0915 4916 UserName: Sabrina
20:57:00.0915 4916 Windows directory: C:\Windows
20:57:00.0915 4916 System windows directory: C:\Windows
20:57:00.0915 4916 Processor architecture: Intel x86
20:57:00.0915 4916 Number of processors: 2
20:57:00.0915 4916 Page size: 0x1000
20:57:00.0915 4916 Boot type: Normal boot
20:57:00.0915 4916 ============================================================
20:57:01.0320 4916 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:57:01.0320 4916 \Device\Harddisk0\DR0:
20:57:01.0320 4916 MBR used
20:57:01.0320 4916 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2F800, BlocksNum 0x1400000
20:57:01.0320 4916 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x142F800, BlocksNum 0x23AFE7F8
20:57:01.0461 4916 Initialize success
20:57:01.0461 4916 ============================================================
20:57:19.0884 1396 ============================================================
20:57:19.0884 1396 Scan started
20:57:19.0884 1396 Mode: Manual; SigCheck; TDLFS;
20:57:19.0884 1396 ============================================================
20:57:20.0929 1396 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:57:21.0023 1396 ACPI - ok
20:57:21.0179 1396 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
20:57:21.0195 1396 adp94xx - ok
20:57:21.0273 1396 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
20:57:21.0288 1396 adpahci - ok
20:57:21.0319 1396 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
20:57:21.0335 1396 adpu160m - ok
20:57:21.0366 1396 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
20:57:21.0366 1396 adpu320 - ok
20:57:21.0507 1396 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:57:21.0538 1396 AFD - ok
20:57:21.0631 1396 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
20:57:21.0631 1396 agp440 - ok
20:57:21.0678 1396 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:57:21.0678 1396 aic78xx - ok
20:57:21.0725 1396 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
20:57:21.0725 1396 aliide - ok
20:57:21.0756 1396 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
20:57:21.0772 1396 amdagp - ok
20:57:21.0787 1396 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
20:57:21.0803 1396 amdide - ok
20:57:21.0819 1396 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
20:57:21.0865 1396 AmdK7 - ok
20:57:21.0897 1396 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
20:57:21.0928 1396 AmdK8 - ok
20:57:21.0990 1396 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\Windows\system32\DRIVERS\Apfiltr.sys
20:57:22.0037 1396 ApfiltrService - ok
20:57:22.0162 1396 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
20:57:22.0177 1396 arc - ok
20:57:22.0224 1396 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
20:57:22.0224 1396 arcsas - ok
20:57:22.0380 1396 ASPI (e54e27976e2c5a6465d44c10b1d87ac0) C:\Windows\System32\DRIVERS\ASPI32.sys
20:57:22.0396 1396 ASPI ( UnsignedFile.Multi.Generic ) - warning
20:57:22.0396 1396 ASPI - detected UnsignedFile.Multi.Generic (1)
20:57:22.0474 1396 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:57:22.0521 1396 AsyncMac - ok
20:57:22.0614 1396 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:57:22.0630 1396 atapi - ok
20:57:22.0692 1396 b57nd60x (32795e299c3aba589a5e04c83d531cdf) C:\Windows\system32\DRIVERS\b57nd60x.sys
20:57:22.0723 1396 b57nd60x - ok
20:57:22.0864 1396 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:57:22.0895 1396 Beep - ok
20:57:22.0989 1396 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
20:57:23.0020 1396 blbdrive - ok
20:57:23.0129 1396 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:57:23.0160 1396 bowser - ok
20:57:23.0207 1396 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:57:23.0238 1396 BrFiltLo - ok
20:57:23.0254 1396 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:57:23.0285 1396 BrFiltUp - ok
20:57:23.0316 1396 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:57:23.0363 1396 Brserid - ok
20:57:23.0394 1396 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:57:23.0457 1396 BrSerWdm - ok
20:57:23.0472 1396 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:57:23.0535 1396 BrUsbMdm - ok
20:57:23.0566 1396 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:57:23.0613 1396 BrUsbSer - ok
20:57:23.0691 1396 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
20:57:23.0706 1396 BthEnum - ok
20:57:23.0737 1396 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:57:23.0784 1396 BTHMODEM - ok
20:57:23.0847 1396 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
20:57:23.0878 1396 BthPan - ok
20:57:23.0940 1396 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
20:57:24.0034 1396 BTHPORT - ok
20:57:24.0112 1396 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
20:57:24.0143 1396 BTHUSB - ok
20:57:24.0205 1396 btwaudio (4a28e7bd365377d0512b7ef8c7596d2c) C:\Windows\system32\drivers\btwaudio.sys
20:57:24.0237 1396 btwaudio - ok
20:57:24.0252 1396 btwavdt (5ffde57253d665067b0886612817eb11) C:\Windows\system32\drivers\btwavdt.sys
20:57:24.0268 1396 btwavdt - ok
20:57:24.0283 1396 btwrchid (ab07dc8b05c31a4f95fc73019be9db15) C:\Windows\system32\DRIVERS\btwrchid.sys
20:57:24.0299 1396 btwrchid - ok
20:57:24.0408 1396 catchme - ok
20:57:24.0517 1396 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:57:24.0564 1396 cdfs - ok
20:57:24.0642 1396 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:57:24.0673 1396 cdrom - ok
20:57:24.0705 1396 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
20:57:24.0751 1396 circlass - ok
20:57:24.0985 1396 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:57:24.0985 1396 CLFS - ok
20:57:25.0126 1396 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:57:25.0157 1396 CmBatt - ok
20:57:25.0219 1396 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
20:57:25.0235 1396 cmdide - ok
20:57:25.0266 1396 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:57:25.0282 1396 Compbatt - ok
20:57:25.0282 1396 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
20:57:25.0297 1396 crcdisk - ok
20:57:25.0329 1396 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
20:57:25.0360 1396 Crusoe - ok
20:57:25.0469 1396 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
20:57:25.0485 1396 CSC - ok
20:57:25.0547 1396 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:57:25.0563 1396 DfsC - ok
20:57:25.0672 1396 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:57:25.0687 1396 disk - ok
20:57:25.0750 1396 DisplayLinkUsbPort (adccc97ad9af22d019428b6773f23150) C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.6.31854.0.sys
20:57:25.0812 1396 DisplayLinkUsbPort - ok
20:57:25.0875 1396 dlkmd (b19e212ef403999dadd5f337746dd21d) C:\Windows\system32\drivers\dlkmd.sys
20:57:25.0875 1396 dlkmd - ok
20:57:25.0906 1396 dlkmdldr (4b9c06a5a539a46aaaface8bdb65218c) C:\Windows\system32\drivers\dlkmdldr.sys
20:57:25.0921 1396 dlkmdldr - ok
20:57:25.0999 1396 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
20:57:26.0046 1396 Dot4 - ok
20:57:26.0109 1396 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:57:26.0155 1396 Dot4Print - ok
20:57:26.0202 1396 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
20:57:26.0249 1396 dot4usb - ok
20:57:26.0327 1396 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:57:26.0358 1396 drmkaud - ok
20:57:26.0452 1396 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:57:26.0483 1396 DXGKrnl - ok
20:57:26.0545 1396 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
20:57:26.0577 1396 e1express - ok
20:57:26.0686 1396 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:57:26.0717 1396 E1G60 - ok
20:57:26.0779 1396 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:57:26.0795 1396 Ecache - ok
20:57:26.0842 1396 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
20:57:26.0857 1396 elxstor - ok
20:57:26.0889 1396 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
20:57:26.0920 1396 ErrDev - ok
20:57:26.0998 1396 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:57:27.0045 1396 exfat - ok
20:57:27.0076 1396 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:57:27.0123 1396 fastfat - ok
20:57:27.0169 1396 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
20:57:27.0201 1396 fdc - ok
20:57:27.0263 1396 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:57:27.0263 1396 FileInfo - ok
20:57:27.0294 1396 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:57:27.0325 1396 Filetrace - ok
20:57:27.0357 1396 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
20:57:27.0403 1396 flpydisk - ok
20:57:27.0466 1396 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:57:27.0481 1396 FltMgr - ok
20:57:27.0513 1396 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:57:27.0559 1396 Fs_Rec - ok
20:57:27.0591 1396 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
20:57:27.0591 1396 gagp30kx - ok
20:57:27.0653 1396 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
20:57:27.0653 1396 GEARAspiWDM - ok
20:57:27.0762 1396 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:57:27.0856 1396 HDAudBus - ok
20:57:27.0903 1396 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:57:27.0934 1396 HidBth - ok
20:57:27.0949 1396 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:57:27.0996 1396 HidIr - ok
20:57:28.0059 1396 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:57:28.0074 1396 HidUsb - ok
20:57:28.0105 1396 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
20:57:28.0121 1396 HpCISSs - ok
20:57:28.0230 1396 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:57:28.0308 1396 HSF_DPV - ok
20:57:28.0339 1396 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:57:28.0355 1396 HSXHWAZL - ok
20:57:28.0417 1396 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:57:28.0449 1396 HTTP - ok
20:57:28.0480 1396 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
20:57:28.0495 1396 i2omp - ok
20:57:28.0527 1396 i8042prt (04bb6ea06e3301940d545a396e627180) C:\Windows\system32\DRIVERS\i8042prt.sys
20:57:28.0527 1396 i8042prt ( Virus.Win32.ZAccess.k ) - infected
20:57:28.0527 1396 i8042prt - detected Virus.Win32.ZAccess.k (0)
20:57:28.0573 1396 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\drivers\iastor.sys
20:57:28.0589 1396 iaStor - ok
20:57:28.0589 1396 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
20:57:28.0605 1396 iaStorV - ok
20:57:28.0698 1396 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
20:57:28.0854 1396 igfx - ok
20:57:28.0885 1396 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:57:28.0901 1396 iirsp - ok
20:57:28.0963 1396 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
20:57:28.0963 1396 intelide - ok
20:57:28.0995 1396 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:57:29.0041 1396 intelppm - ok
20:57:29.0104 1396 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:57:29.0151 1396 IpFilterDriver - ok
20:57:29.0166 1396 IpInIp - ok
20:57:29.0182 1396 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
20:57:29.0229 1396 IPMIDRV - ok
20:57:29.0244 1396 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:57:29.0291 1396 IPNAT - ok
20:57:29.0307 1396 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:57:29.0353 1396 IRENUM - ok
20:57:29.0369 1396 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
20:57:29.0385 1396 isapnp - ok
20:57:29.0431 1396 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:57:29.0447 1396 iScsiPrt - ok
20:57:29.0463 1396 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:57:29.0463 1396 iteatapi - ok
20:57:29.0509 1396 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:57:29.0509 1396 iteraid - ok
20:57:29.0541 1396 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:57:29.0541 1396 kbdclass - ok
20:57:29.0603 1396 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:57:29.0619 1396 kbdhid - ok
20:57:29.0697 1396 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
20:57:29.0712 1396 KSecDD - ok
20:57:29.0743 1396 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:57:29.0790 1396 lltdio - ok
20:57:29.0821 1396 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
20:57:29.0837 1396 LSI_FC - ok
20:57:29.0868 1396 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
20:57:29.0868 1396 LSI_SAS - ok
20:57:29.0915 1396 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
20:57:29.0931 1396 LSI_SCSI - ok
20:57:29.0946 1396 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:57:29.0993 1396 luafv - ok
20:57:30.0040 1396 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
20:57:30.0055 1396 MBAMProtector - ok
20:57:30.0102 1396 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:57:30.0133 1396 mdmxsdk - ok
20:57:30.0180 1396 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
20:57:30.0180 1396 megasas - ok
20:57:30.0243 1396 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
20:57:30.0258 1396 MegaSR - ok
20:57:30.0305 1396 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:57:30.0336 1396 Modem - ok
20:57:30.0383 1396 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:57:30.0430 1396 monitor - ok
20:57:30.0461 1396 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:57:30.0477 1396 mouclass - ok
20:57:30.0492 1396 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:57:30.0508 1396 mouhid - ok
20:57:30.0523 1396 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:57:30.0539 1396 MountMgr - ok
20:57:30.0601 1396 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
20:57:30.0617 1396 MpFilter - ok
20:57:30.0664 1396 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
20:57:30.0664 1396 mpio - ok
20:57:30.0789 1396 MpKsl1f1a8ee8 - ok
20:57:30.0820 1396 MpKsl29173830 - ok
20:57:30.0820 1396 MpKsl297d5a8a - ok
20:57:30.0820 1396 MpKsl4e696fac - ok
20:57:30.0835 1396 MpKsl6975c053 - ok
20:57:30.0835 1396 MpKsl88183a8c - ok
20:57:30.0835 1396 MpKsl99a59fd0 - ok
20:57:30.0851 1396 MpKslad85b740 - ok
20:57:30.0867 1396 MpKslad97efe1 - ok
20:57:30.0882 1396 MpKslb77275ff - ok
20:57:30.0882 1396 MpKsld2b4984a - ok
20:57:30.0882 1396 MpKslf315d957 - ok
20:57:30.0898 1396 MpKslf6736eda - ok
20:57:30.0960 1396 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
20:57:30.0976 1396 MpNWMon - ok
20:57:30.0991 1396 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:57:31.0054 1396 mpsdrv - ok
20:57:31.0085 1396 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:57:31.0101 1396 Mraid35x - ok
20:57:31.0116 1396 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:57:31.0147 1396 MRxDAV - ok
20:57:31.0194 1396 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:57:31.0225 1396 mrxsmb - ok
20:57:31.0272 1396 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:57:31.0303 1396 mrxsmb10 - ok
20:57:31.0335 1396 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:57:31.0381 1396 mrxsmb20 - ok
20:57:31.0428 1396 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
20:57:31.0428 1396 msahci - ok
20:57:31.0475 1396 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
20:57:31.0491 1396 msdsm - ok
20:57:31.0537 1396 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:57:31.0584 1396 Msfs - ok
20:57:31.0647 1396 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:57:31.0662 1396 msisadrv - ok
20:57:31.0725 1396 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:57:31.0771 1396 MSKSSRV - ok
20:57:31.0818 1396 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:57:31.0865 1396 MSPCLOCK - ok
20:57:31.0881 1396 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:57:31.0912 1396 MSPQM - ok
20:57:31.0974 1396 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:57:31.0990 1396 MsRPC - ok
20:57:32.0005 1396 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:57:32.0021 1396 mssmbios - ok
20:57:32.0052 1396 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:57:32.0083 1396 MSTEE - ok
20:57:32.0099 1396 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:57:32.0115 1396 Mup - ok
20:57:32.0177 1396 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:57:32.0208 1396 NativeWifiP - ok
20:57:32.0271 1396 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:57:32.0317 1396 NDIS - ok
20:57:32.0349 1396 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:57:32.0380 1396 NdisTapi - ok
20:57:32.0411 1396 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:57:32.0458 1396 Ndisuio - ok
20:57:32.0505 1396 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:57:32.0536 1396 NdisWan - ok
20:57:32.0567 1396 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:57:32.0598 1396 NDProxy - ok
20:57:32.0645 1396 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:57:32.0676 1396 NetBIOS - ok
20:57:32.0723 1396 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:57:32.0754 1396 netbt - ok
20:57:32.0895 1396 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
20:57:33.0082 1396 NETw4v32 - ok
20:57:33.0300 1396 NETwLv32 (d4ef7a9767c05905500ec312cb29ef46) C:\Windows\system32\DRIVERS\NETwLv32.sys
20:57:33.0628 1396 NETwLv32 - ok
20:57:33.0659 1396 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:57:33.0675 1396 nfrd960 - ok
20:57:33.0753 1396 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:57:33.0753 1396 NisDrv - ok
20:57:33.0799 1396 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:57:33.0831 1396 Npfs - ok
20:57:33.0877 1396 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:57:33.0909 1396 nsiproxy - ok
20:57:33.0971 1396 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:57:34.0049 1396 Ntfs - ok
20:57:34.0065 1396 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:57:34.0111 1396 ntrigdigi - ok
20:57:34.0127 1396 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:57:34.0158 1396 Null - ok
20:57:34.0189 1396 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
20:57:34.0189 1396 nvraid - ok
20:57:34.0221 1396 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
20:57:34.0221 1396 nvstor - ok
20:57:34.0252 1396 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
20:57:34.0267 1396 nv_agp - ok
20:57:34.0283 1396 NwlnkFlt - ok
20:57:34.0283 1396 NwlnkFwd - ok
20:57:34.0377 1396 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
20:57:34.0408 1396 ohci1394 - ok
20:57:34.0486 1396 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:57:34.0548 1396 Parport - ok
20:57:34.0595 1396 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
20:57:34.0595 1396 partmgr - ok
20:57:34.0626 1396 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:57:34.0689 1396 Parvdm - ok
20:57:34.0767 1396 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:57:34.0767 1396 pci - ok
20:57:34.0845 1396 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
20:57:34.0845 1396 pciide - ok
20:57:34.0907 1396 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:57:34.0907 1396 pcmcia - ok
20:57:34.0969 1396 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:57:35.0094 1396 PEAUTH - ok
20:57:35.0172 1396 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:57:35.0188 1396 PptpMiniport - ok
20:57:35.0219 1396 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
20:57:35.0250 1396 Processor - ok
20:57:35.0313 1396 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:57:35.0344 1396 PSched - ok
20:57:35.0469 1396 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
20:57:35.0484 1396 PxHelp20 - ok
20:57:35.0578 1396 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
20:57:35.0671 1396 ql2300 - ok
20:57:35.0687 1396 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:57:35.0703 1396 ql40xx - ok
20:57:35.0734 1396 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:57:35.0781 1396 QWAVEdrv - ok
20:57:35.0874 1396 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
20:57:35.0999 1396 R300 - ok
20:57:36.0030 1396 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:57:36.0077 1396 RasAcd - ok
20:57:36.0108 1396 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:57:36.0139 1396 Rasl2tp - ok
20:57:36.0186 1396 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:57:36.0233 1396 RasPppoe - ok
20:57:36.0280 1396 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:57:36.0280 1396 RasSstp - ok
20:57:36.0420 1396 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:57:36.0467 1396 rdbss - ok
20:57:36.0545 1396 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:57:36.0561 1396 RDPCDD - ok
20:57:36.0639 1396 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
20:57:36.0685 1396 rdpdr - ok
20:57:36.0701 1396 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:57:36.0732 1396 RDPENCDD - ok
20:57:36.0795 1396 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
20:57:36.0810 1396 RDPWD - ok
20:57:36.0888 1396 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
20:57:36.0919 1396 RFCOMM - ok
20:57:36.0951 1396 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
20:57:36.0966 1396 rimmptsk - ok
20:57:36.0997 1396 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
20:57:37.0029 1396 rimsptsk - ok
20:57:37.0044 1396 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
20:57:37.0060 1396 rismxdp - ok
20:57:37.0107 1396 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:57:37.0122 1396 rspndr - ok
20:57:37.0153 1396 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:57:37.0169 1396 sbp2port - ok
20:57:37.0216 1396 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
20:57:37.0247 1396 sdbus - ok
20:57:37.0263 1396 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:57:37.0309 1396 secdrv - ok
20:57:37.0341 1396 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:57:37.0372 1396 Serenum - ok
20:57:37.0403 1396 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:57:37.0465 1396 Serial - ok
20:57:37.0481 1396 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:57:37.0512 1396 sermouse - ok
20:57:37.0543 1396 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
20:57:37.0559 1396 sffdisk - ok
20:57:37.0590 1396 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
20:57:37.0621 1396 sffp_mmc - ok
20:57:37.0653 1396 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
20:57:37.0684 1396 sffp_sd - ok
20:57:37.0699 1396 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:57:37.0731 1396 sfloppy - ok
20:57:37.0777 1396 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
20:57:37.0793 1396 sisagp - ok
20:57:37.0809 1396 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
20:57:37.0824 1396 SiSRaid2 - ok
20:57:37.0840 1396 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
20:57:37.0855 1396 SiSRaid4 - ok
20:57:37.0902 1396 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:57:37.0918 1396 Smb - ok
20:57:37.0949 1396 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:57:37.0965 1396 spldr - ok
20:57:38.0058 1396 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:57:38.0089 1396 srv - ok
20:57:38.0121 1396 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:57:38.0152 1396 srv2 - ok
20:57:38.0183 1396 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:57:38.0214 1396 srvnet - ok
20:57:38.0277 1396 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
20:57:38.0308 1396 STHDA - ok
20:57:38.0370 1396 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
20:57:38.0401 1396 StillCam - ok
20:57:38.0433 1396 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:57:38.0433 1396 swenum - ok
20:57:38.0464 1396 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:57:38.0479 1396 Symc8xx - ok
20:57:38.0511 1396 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:57:38.0511 1396 Sym_hi - ok
20:57:38.0542 1396 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:57:38.0542 1396 Sym_u3 - ok
20:57:38.0667 1396 Tcpip (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\drivers\tcpip.sys
20:57:38.0776 1396 Tcpip - ok
20:57:38.0838 1396 Tcpip6 (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\DRIVERS\tcpip.sys
20:57:38.0901 1396 Tcpip6 - ok
20:57:38.0947 1396 tcpipreg (36606b165d04a397bdf613096986d85d) C:\Windows\system32\drivers\tcpipreg.sys
20:57:38.0963 1396 tcpipreg - ok
20:57:38.0979 1396 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:57:39.0025 1396 TDPIPE - ok
20:57:39.0057 1396 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:57:39.0072 1396 TDTCP - ok
20:57:39.0119 1396 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:57:39.0150 1396 tdx - ok
20:57:39.0197 1396 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:57:39.0213 1396 TermDD - ok
20:57:39.0244 1396 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:57:39.0291 1396 tssecsrv - ok
20:57:39.0322 1396 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:57:39.0353 1396 tunmp - ok
20:57:39.0415 1396 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:57:39.0431 1396 tunnel - ok
20:57:39.0462 1396 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
20:57:39.0478 1396 uagp35 - ok
20:57:39.0525 1396 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:57:39.0556 1396 udfs - ok
20:57:39.0587 1396 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
20:57:39.0603 1396 uliagpkx - ok
20:57:39.0634 1396 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
20:57:39.0649 1396 uliahci - ok
20:57:39.0665 1396 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:57:39.0681 1396 UlSata - ok
20:57:39.0712 1396 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:57:39.0712 1396 ulsata2 - ok
20:57:39.0743 1396 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:57:39.0790 1396 umbus - ok
20:57:39.0837 1396 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
20:57:39.0883 1396 USBAAPL - ok
20:57:39.0946 1396 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
20:57:39.0961 1396 usbaudio - ok
20:57:40.0008 1396 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:57:40.0024 1396 usbccgp - ok
20:57:40.0055 1396 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:57:40.0086 1396 usbcir - ok
20:57:40.0133 1396 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:57:40.0164 1396 usbehci - ok
20:57:40.0227 1396 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:57:40.0273 1396 usbhub - ok
20:57:40.0305 1396 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
20:57:40.0336 1396 usbohci - ok
20:57:40.0398 1396 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:57:40.0445 1396 usbprint - ok
20:57:40.0523 1396 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:57:40.0554 1396 usbscan - ok
20:57:40.0617 1396 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:57:40.0648 1396 USBSTOR - ok
20:57:40.0679 1396 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
20:57:40.0710 1396 usbuhci - ok
20:57:40.0741 1396 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
20:57:40.0757 1396 vga - ok
20:57:40.0788 1396 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:57:40.0819 1396 VgaSave - ok
20:57:40.0851 1396 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
20:57:40.0851 1396 viaagp - ok
20:57:40.0882 1396 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
20:57:40.0897 1396 ViaC7 - ok
20:57:40.0929 1396 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
20:57:40.0944 1396 viaide - ok
20:57:40.0944 1396 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:57:40.0960 1396 volmgr - ok
20:57:41.0007 1396 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:57:41.0022 1396 volmgrx - ok
20:57:41.0085 1396 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:57:41.0100 1396 volsnap - ok
20:57:41.0131 1396 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
20:57:41.0131 1396 vsmraid - ok
20:57:41.0163 1396 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:57:41.0209 1396 WacomPen - ok
20:57:41.0225 1396 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:57:41.0256 1396 Wanarp - ok
20:57:41.0256 1396 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:57:41.0272 1396 Wanarpv6 - ok
20:57:41.0319 1396 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
20:57:41.0319 1396 Wd - ok
20:57:41.0365 1396 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:57:41.0381 1396 Wdf01000 - ok
20:57:41.0475 1396 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
20:57:41.0490 1396 WimFltr - ok
20:57:41.0537 1396 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:57:41.0599 1396 winachsf - ok
20:57:41.0662 1396 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:57:41.0677 1396 WmiAcpi - ok
20:57:41.0724 1396 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:57:41.0740 1396 ws2ifsl - ok
20:57:41.0833 1396 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
20:57:41.0849 1396 WSDPrintDevice - ok
20:57:41.0896 1396 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:57:41.0927 1396 WUDFRd - ok
20:57:41.0958 1396 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
20:57:41.0989 1396 XAudio - ok
20:57:42.0036 1396 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:57:42.0192 1396 \Device\Harddisk0\DR0 - ok
20:57:42.0208 1396 Boot (0x1200) (4617723ff8a272f626a14b3bfeb623da) \Device\Harddisk0\DR0\Partition0
20:57:42.0208 1396 \Device\Harddisk0\DR0\Partition0 - ok
20:57:42.0223 1396 Boot (0x1200) (eafe597acfc21bd173b76a926b50be2b) \Device\Harddisk0\DR0\Partition1
20:57:42.0223 1396 \Device\Harddisk0\DR0\Partition1 - ok
20:57:42.0223 1396 ============================================================
20:57:42.0223 1396 Scan finished
20:57:42.0223 1396 ============================================================
20:57:42.0223 4304 Detected object count: 2
20:57:42.0223 4304 Actual detected object count: 2
20:58:16.0840 4304 ASPI ( UnsignedFile.Multi.Generic ) - skipped by user
20:58:16.0840 4304 ASPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:58:16.0965 4304 C:\Windows\system32\DRIVERS\i8042prt.sys - copied to quarantine
20:58:16.0965 4304 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers\i8042prt.sys) error 1813
20:58:22.0877 4304 Backup copy not found, trying to cure infected file..
20:58:22.0877 4304 C:\Windows\system32\DRIVERS\i8042prt.sys - Cure failed (FFFFFFFF)
20:58:22.0877 4304 C:\Windows\system32\DRIVERS\i8042prt.sys - processing error
20:58:26.0013 4304 i8042prt ( Virus.Win32.ZAccess.k ) - User select action: Cure
20:58:41.0176 5668 ============================================================
20:58:41.0176 5668 Scan started
20:58:41.0176 5668 Mode: Manual; SigCheck; TDLFS;
20:58:41.0176 5668 ============================================================
20:58:41.0410 5668 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:58:41.0441 5668 ACPI - ok
20:58:41.0519 5668 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
20:58:41.0535 5668 adp94xx - ok
20:58:41.0581 5668 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
20:58:41.0581 5668 adpahci - ok
20:58:41.0628 5668 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
20:58:41.0628 5668 adpu160m - ok
20:58:41.0675 5668 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
20:58:41.0675 5668 adpu320 - ok
20:58:41.0737 5668 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:58:41.0753 5668 AFD - ok
20:58:41.0784 5668 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
20:58:41.0784 5668 agp440 - ok
20:58:41.0815 5668 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:58:41.0815 5668 aic78xx - ok
20:58:41.0862 5668 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
20:58:41.0862 5668 aliide - ok
20:58:41.0909 5668 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
20:58:41.0925 5668 amdagp - ok
20:58:41.0940 5668 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
20:58:41.0940 5668 amdide - ok
20:58:41.0987 5668 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
20:58:42.0003 5668 AmdK7 - ok
20:58:42.0065 5668 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
20:58:42.0081 5668 AmdK8 - ok
20:58:42.0127 5668 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\Windows\system32\DRIVERS\Apfiltr.sys
20:58:42.0127 5668 ApfiltrService - ok
20:58:42.0159 5668 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
20:58:42.0174 5668 arc - ok
20:58:42.0205 5668 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
20:58:42.0205 5668 arcsas - ok
20:58:42.0299 5668 ASPI (e54e27976e2c5a6465d44c10b1d87ac0) C:\Windows\System32\DRIVERS\ASPI32.sys
20:58:42.0299 5668 ASPI ( UnsignedFile.Multi.Generic ) - warning
20:58:42.0299 5668 ASPI - detected UnsignedFile.Multi.Generic (1)
20:58:42.0315 5668 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:58:42.0346 5668 AsyncMac - ok
20:58:42.0393 5668 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:58:42.0408 5668 atapi - ok
20:58:42.0455 5668 b57nd60x (32795e299c3aba589a5e04c83d531cdf) C:\Windows\system32\DRIVERS\b57nd60x.sys
20:58:42.0471 5668 b57nd60x - ok
20:58:42.0486 5668 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:58:42.0502 5668 Beep - ok
20:58:42.0533 5668 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
20:58:42.0549 5668 blbdrive - ok
20:58:42.0611 5668 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:58:42.0627 5668 bowser - ok
20:58:42.0642 5668 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:58:42.0658 5668 BrFiltLo - ok
20:58:42.0689 5668 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:58:42.0705 5668 BrFiltUp - ok
20:58:42.0736 5668 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:58:42.0783 5668 Brserid - ok
20:58:42.0798 5668 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:58:42.0829 5668 BrSerWdm - ok
20:58:42.0861 5668 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:58:42.0892 5668 BrUsbMdm - ok
20:58:42.0907 5668 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:58:42.0939 5668 BrUsbSer - ok
20:58:43.0001 5668 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
20:58:43.0017 5668 BthEnum - ok
20:58:43.0032 5668 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:58:43.0063 5668 BTHMODEM - ok
20:58:43.0110 5668 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
20:58:43.0126 5668 BthPan - ok
20:58:43.0188 5668 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
20:58:43.0204 5668 BTHPORT - ok
20:58:43.0251 5668 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
20:58:43.0266 5668 BTHUSB - ok
20:58:43.0297 5668 btwaudio (4a28e7bd365377d0512b7ef8c7596d2c) C:\Windows\system32\drivers\btwaudio.sys
20:58:43.0297 5668 btwaudio - ok
20:58:43.0313 5668 btwavdt (5ffde57253d665067b0886612817eb11) C:\Windows\system32\drivers\btwavdt.sys
20:58:43.0313 5668 btwavdt - ok
20:58:43.0344 5668 btwrchid (ab07dc8b05c31a4f95fc73019be9db15) C:\Windows\system32\DRIVERS\btwrchid.sys
20:58:43.0344 5668 btwrchid - ok
20:58:43.0438 5668 catchme - ok
20:58:43.0485 5668 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:58:43.0500 5668 cdfs - ok
20:58:43.0563 5668 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:58:43.0578 5668 cdrom - ok
20:58:43.0609 5668 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
20:58:43.0625 5668 circlass - ok
20:58:43.0672 5668 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:58:43.0687 5668 CLFS - ok
20:58:43.0719 5668 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:58:43.0750 5668 CmBatt - ok
20:58:43.0765 5668 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
20:58:43.0765 5668 cmdide - ok
20:58:43.0781 5668 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:58:43.0797 5668 Compbatt - ok
20:58:43.0797 5668 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
20:58:43.0812 5668 crcdisk - ok
20:58:43.0828 5668 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
20:58:43.0859 5668 Crusoe - ok
20:58:43.0890 5668 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
20:58:43.0906 5668 CSC - ok
20:58:43.0968 5668 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:58:43.0968 5668 DfsC - ok
20:58:44.0046 5668 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:58:44.0046 5668 disk - ok
20:58:44.0109 5668 DisplayLinkUsbPort (adccc97ad9af22d019428b6773f23150) C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.6.31854.0.sys
20:58:44.0124 5668 DisplayLinkUsbPort - ok
20:58:44.0187 5668 dlkmd (b19e212ef403999dadd5f337746dd21d) C:\Windows\system32\drivers\dlkmd.sys
20:58:44.0202 5668 dlkmd - ok
20:58:44.0218 5668 dlkmdldr (4b9c06a5a539a46aaaface8bdb65218c) C:\Windows\system32\drivers\dlkmdldr.sys
20:58:44.0218 5668 dlkmdldr - ok
20:58:44.0265 5668 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
20:58:44.0296 5668 Dot4 - ok
20:58:44.0343 5668 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:58:44.0358 5668 Dot4Print - ok
20:58:44.0405 5668 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
20:58:44.0421 5668 dot4usb - ok
20:58:44.0467 5668 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:58:44.0483 5668 drmkaud - ok
20:58:44.0561 5668 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:58:44.0592 5668 DXGKrnl - ok
20:58:44.0639 5668 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
20:58:44.0670 5668 e1express - ok
20:58:44.0686 5668 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:58:44.0717 5668 E1G60 - ok
20:58:44.0748 5668 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:58:44.0764 5668 Ecache - ok
20:58:44.0795 5668 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
20:58:44.0811 5668 elxstor - ok
20:58:44.0857 5668 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
20:58:44.0873 5668 ErrDev - ok
20:58:44.0920 5668 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:58:44.0935 5668 exfat - ok
20:58:44.0982 5668 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:58:45.0013 5668 fastfat - ok
20:58:45.0029 5668 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
20:58:45.0060 5668 fdc - ok
20:58:45.0091 5668 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:58:45.0107 5668 FileInfo - ok
20:58:45.0123 5668 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:58:45.0154 5668 Filetrace - ok
20:58:45.0169 5668 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
20:58:45.0185 5668 flpydisk - ok
20:58:45.0232 5668 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:58:45.0247 5668 FltMgr - ok
20:58:45.0263 5668 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:58:45.0294 5668 Fs_Rec - ok
20:58:45.0310 5668 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
20:58:45.0325 5668 gagp30kx - ok
20:58:45.0341 5668 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
20:58:45.0341 5668 GEARAspiWDM - ok
20:58:45.0419 5668 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:58:45.0450 5668 HDAudBus - ok
20:58:45.0481 5668 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:58:45.0513 5668 HidBth - ok
20:58:45.0544 5668 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:58:45.0575 5668 HidIr - ok
20:58:45.0606 5668 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:58:45.0622 5668 HidUsb - ok
20:58:45.0653 5668 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
20:58:45.0669 5668 HpCISSs - ok
20:58:45.0731 5668 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:58:45.0778 5668 HSF_DPV - ok
20:58:45.0793 5668 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:58:45.0809 5668 HSXHWAZL - ok
20:58:45.0887 5668 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:58:45.0918 5668 HTTP - ok
20:58:45.0949 5668 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
20:58:45.0949 5668 i2omp - ok
20:58:45.0981 5668 i8042prt (04bb6ea06e3301940d545a396e627180) C:\Windows\system32\DRIVERS\i8042prt.sys
20:58:45.0981 5668 i8042prt ( Virus.Win32.ZAccess.k ) - infected
20:58:45.0981 5668 i8042prt - detected Virus.Win32.ZAccess.k (0)
20:58:46.0027 5668 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\drivers\iastor.sys
20:58:46.0027 5668 iaStor - ok
20:58:46.0043 5668 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
20:58:46.0059 5668 iaStorV - ok
20:58:46.0121 5668 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
20:58:46.0199 5668 igfx - ok
20:58:46.0230 5668 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:58:46.0230 5668 iirsp - ok
20:58:46.0261 5668 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
20:58:46.0277 5668 intelide - ok
20:58:46.0293 5668 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:58:46.0324 5668 intelppm - ok
20:58:46.0339 5668 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:58:46.0371 5668 IpFilterDriver - ok
20:58:46.0371 5668 IpInIp - ok
20:58:46.0386 5668 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
20:58:46.0417 5668 IPMIDRV - ok
20:58:46.0449 5668 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:58:46.0480 5668 IPNAT - ok
20:58:46.0511 5668 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:58:46.0542 5668 IRENUM - ok
20:58:46.0573 5668 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
20:58:46.0573 5668 isapnp - ok
20:58:46.0651 5668 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:58:46.0651 5668 iScsiPrt - ok
20:58:46.0683 5668 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:58:46.0683 5668 iteatapi - ok
20:58:46.0698 5668 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:58:46.0714 5668 iteraid - ok
20:58:46.0729 5668 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:58:46.0729 5668 kbdclass - ok
20:58:46.0792 5668 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:58:46.0807 5668 kbdhid - ok
20:58:46.0885 5668 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
20:58:46.0901 5668 KSecDD - ok
20:58:46.0932 5668 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:58:46.0948 5668 lltdio - ok
20:58:46.0995 5668 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
20:58:47.0010 5668 LSI_FC - ok
20:58:47.0041 5668 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
20:58:47.0041 5668 LSI_SAS - ok
20:58:47.0073 5668 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
20:58:47.0088 5668 LSI_SCSI - ok
20:58:47.0119 5668 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:58:47.0135 5668 luafv - ok
20:58:47.0182 5668 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
20:58:47.0197 5668 MBAMProtector - ok
20:58:47.0229 5668 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:58:47.0244 5668 mdmxsdk - ok
20:58:47.0260 5668 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
20:58:47.0275 5668 megasas - ok
20:58:47.0307 5668 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
20:58:47.0322 5668 MegaSR - ok
20:58:47.0385 5668 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:58:47.0416 5668 Modem - ok
20:58:47.0431 5668 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:58:47.0463 5668 monitor - ok
20:58:47.0478 5668 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:58:47.0494 5668 mouclass - ok
20:58:47.0509 5668 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:58:47.0525 5668 mouhid - ok
20:58:47.0541 5668 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:58:47.0556 5668 MountMgr - ok
20:58:47.0619 5668 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
20:58:47.0619 5668 MpFilter - ok
20:58:47.0650 5668 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
20:58:47.0665 5668 mpio - ok
20:58:47.0775 5668 MpKsl1f1a8ee8 - ok
20:58:47.0775 5668 MpKsl29173830 - ok
20:58:47.0775 5668 MpKsl297d5a8a - ok
20:58:47.0790 5668 MpKsl4e696fac - ok
20:58:47.0790 5668 MpKsl6975c053 - ok
20:58:47.0790 5668 MpKsl88183a8c - ok
20:58:47.0806 5668 MpKsl99a59fd0 - ok
20:58:47.0806 5668 MpKslad85b740 - ok
20:58:47.0806 5668 MpKslad97efe1 - ok
20:58:47.0821 5668 MpKslb77275ff - ok
20:58:47.0821 5668 MpKsld2b4984a - ok
20:58:47.0837 5668 MpKslf315d957 - ok
20:58:47.0837 5668 MpKslf6736eda - ok
20:58:47.0868 5668 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
20:58:47.0884 5668 MpNWMon - ok
20:58:47.0899 5668 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:58:47.0915 5668 mpsdrv - ok
20:58:47.0946 5668 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:58:47.0946 5668 Mraid35x - ok
20:58:47.0977 5668 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:58:47.0993 5668 MRxDAV - ok
20:58:48.0040 5668 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:58:48.0055 5668 mrxsmb - ok
20:58:48.0118 5668 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:58:48.0133 5668 mrxsmb10 - ok
20:58:48.0149 5668 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:58:48.0165 5668 mrxsmb20 - ok
20:58:48.0180 5668 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
20:58:48.0196 5668 msahci - ok
20:58:48.0227 5668 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
20:58:48.0227 5668 msdsm - ok
20:58:48.0274 5668 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:58:48.0289 5668 Msfs - ok
20:58:48.0321 5668 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:58:48.0321 5668 msisadrv - ok
20:58:48.0352 5668 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:58:48.0367 5668 MSKSSRV - ok
20:58:48.0383 5668 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:58:48.0399 5668 MSPCLOCK - ok
20:58:48.0414 5668 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:58:48.0445 5668 MSPQM - ok
20:58:48.0492 5668 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:58:48.0508 5668 MsRPC - ok
20:58:48.0539 5668 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:58:48.0539 5668 mssmbios - ok
20:58:48.0570 5668 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:58:48.0586 5668 MSTEE - ok
20:58:48.0617 5668 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:58:48.0617 5668 Mup - ok
20:58:48.0679 5668 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:58:48.0695 5668 NativeWifiP - ok
20:58:48.0742 5668 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:58:48.0757 5668 NDIS - ok
20:58:48.0804 5668 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:58:48.0820 5668 NdisTapi - ok
20:58:48.0835 5668 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:58:48.0867 5668 Ndisuio - ok
20:58:48.0882 5668 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:58:48.0898 5668 NdisWan - ok
20:58:48.0913 5668 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:58:48.0929 5668 NDProxy - ok
20:58:48.0960 5668 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:58:48.0976 5668 NetBIOS - ok
20:58:49.0023 5668 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:58:49.0038 5668 netbt - ok
20:58:49.0163 5668 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
20:58:49.0257 5668 NETw4v32 - ok
20:58:49.0444 5668 NETwLv32 (d4ef7a9767c05905500ec312cb29ef46) C:\Windows\system32\DRIVERS\NETwLv32.sys
20:58:49.0678 5668 NETwLv32 - ok
20:58:49.0709 5668 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:58:49.0709 5668 nfrd960 - ok
20:58:49.0771 5668 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:58:49.0787 5668 NisDrv - ok
20:58:49.0818 5668 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:58:49.0834 5668 Npfs - ok
20:58:49.0865 5668 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:58:49.0881 5668 nsiproxy - ok
20:58:49.0959 5668 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:58:50.0005 5668 Ntfs - ok
20:58:50.0037 5668 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:58:50.0068 5668 ntrigdigi - ok
20:58:50.0083 5668 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:58:50.0099 5668 Null - ok
20:58:50.0130 5668 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
20:58:50.0146 5668 nvraid - ok
20:58:50.0161 5668 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
20:58:50.0177 5668 nvstor - ok
20:58:50.0208 5668 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
20:58:50.0224 5668 nv_agp - ok
20:58:50.0224 5668 NwlnkFlt - ok
20:58:50.0239 5668 NwlnkFwd - ok
20:58:50.0302 5668 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
20:58:50.0317 5668 ohci1394 - ok
20:58:50.0349 5668 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:58:50.0380 5668 Parport - ok
20:58:50.0427 5668 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
20:58:50.0442 5668 partmgr - ok
20:58:50.0458 5668 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:58:50.0489 5668 Parvdm - ok
20:58:50.0551 5668 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:58:50.0567 5668 pci - ok
20:58:50.0583 5668 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
20:58:50.0583 5668 pciide - ok
20:58:50.0629 5668 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:58:50.0629 5668 pcmcia - ok
20:58:50.0676 5668 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:58:50.0739 5668 PEAUTH - ok
20:58:50.0801 5668 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:58:50.0817 5668 PptpMiniport - ok
20:58:50.0848 5668 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
20:58:50.0863 5668 Processor - ok
20:58:50.0910 5668 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:58:50.0926 5668 PSched - ok
20:58:50.0973 5668 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
20:58:50.0973 5668 PxHelp20 - ok
20:58:51.0019 5668 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
20:58:51.0066 5668 ql2300 - ok
20:58:51.0097 5668 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:58:51.0113 5668 ql40xx - ok
20:58:51.0144 5668 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:58:51.0144 5668 QWAVEdrv - ok
20:58:51.0222 5668 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
20:58:51.0331 5668 R300 - ok
20:58:51.0363 5668 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:58:51.0378 5668 RasAcd - ok
20:58:51.0409 5668 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:58:51.0441 5668 Rasl2tp - ok
20:58:51.0487 5668 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:58:51.0503 5668 RasPppoe - ok
20:58:51.0550 5668 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:58:51.0565 5668 RasSstp - ok
20:58:51.0612 5668 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:58:51.0628 5668 rdbss - ok
20:58:51.0643 5668 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:58:51.0675 5668 RDPCDD - ok
20:58:51.0737 5668 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
20:58:51.0753 5668 rdpdr - ok
20:58:51.0768 5668 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:58:51.0784 5668 RDPENCDD - ok
20:58:51.0815 5668 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
20:58:51.0846 5668 RDPWD - ok
20:58:51.0909 5668 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
20:58:51.0940 5668 RFCOMM - ok
20:58:51.0971 5668 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
20:58:51.0987 5668 rimmptsk - ok
20:58:52.0002 5668 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
20:58:52.0002 5668 rimsptsk - ok
20:58:52.0018 5668 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
20:58:52.0033 5668 rismxdp - ok
20:58:52.0049 5668 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:58:52.0080 5668 rspndr - ok
20:58:52.0111 5668 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:58:52.0111 5668 sbp2port - ok
20:58:52.0143 5668 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
20:58:52.0174 5668 sdbus - ok
20:58:52.0189 5668 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:58:52.0236 5668 secdrv - ok
20:58:52.0267 5668 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:58:52.0299 5668 Serenum - ok
20:58:52.0330 5668 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:58:52.0361 5668 Serial - ok
20:58:52.0392 5668 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:58:52.0408 5668 sermouse - ok
20:58:52.0439 5668 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
20:58:52.0455 5668 sffdisk - ok
20:58:52.0486 5668 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
20:58:52.0501 5668 sffp_mmc - ok
20:58:52.0533 5668 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
20:58:52.0548 5668 sffp_sd - ok
20:58:52.0579 5668 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:58:52.0611 5668 sfloppy - ok
20:58:52.0642 5668 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
20:58:52.0657 5668 sisagp - ok
20:58:52.0689 5668 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
20:58:52.0689 5668 SiSRaid2 - ok
20:58:52.0720 5668 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
20:58:52.0720 5668 SiSRaid4 - ok
20:58:52.0782 5668 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:58:52.0798 5668 Smb - ok
20:58:52.0829 5668 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:58:52.0845 5668 spldr - ok
20:58:52.0907 5668 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:58:52.0923 5668 srv - ok
20:58:52.0954 5668 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:58:52.0969 5668 srv2 - ok
20:58:53.0016 5668 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:58:53.0032 5668 srvnet - ok
20:58:53.0079 5668 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
20:58:53.0110 5668 STHDA - ok
20:58:53.0172 5668 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
20:58:53.0188 5668 StillCam - ok
20:58:53.0235 5668 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:58:53.0235 5668 swenum - ok
20:58:53.0266 5668 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:58:53.0281 5668 Symc8xx - ok
20:58:53.0313 5668 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:58:53.0313 5668 Sym_hi - ok
20:58:53.0344 5668 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:58:53.0359 5668 Sym_u3 - ok
20:58:53.0437 5668 Tcpip (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\drivers\tcpip.sys
20:58:53.0484 5668 Tcpip - ok
20:58:53.0531 5668 Tcpip6 (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\DRIVERS\tcpip.sys
20:58:53.0578 5668 Tcpip6 - ok
20:58:53.0625 5668 tcpipreg (36606b165d04a397bdf613096986d85d) C:\Windows\system32\drivers\tcpipreg.sys
20:58:53.0640 5668 tcpipreg - ok
20:58:53.0671 5668 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:58:53.0687 5668 TDPIPE - ok
20:58:53.0703 5668 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:58:53.0718 5668 TDTCP - ok
20:58:53.0781 5668 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:58:53.0796 5668 tdx - ok
20:58:53.0843 5668 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:58:53.0859 5668 TermDD - ok
20:58:53.0890 5668 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:58:53.0905 5668 tssecsrv - ok
20:58:53.0937 5668 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:58:53.0937 5668 tunmp - ok
20:58:53.0999 5668 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:58:54.0015 5668 tunnel - ok
20:58:54.0046 5668 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
20:58:54.0061 5668 uagp35 - ok
20:58:54.0108 5668 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:58:54.0124 5668 udfs - ok
20:58:54.0155 5668 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
20:58:54.0171 5668 uliagpkx - ok
20:58:54.0202 5668 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
20:58:54.0217 5668 uliahci - ok
20:58:54.0233 5668 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:58:54.0249 5668 UlSata - ok
20:58:54.0280 5668 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:58:54.0280 5668 ulsata2 - ok
20:58:54.0311 5668 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:58:54.0342 5668 umbus - ok
20:58:54.0389 5668 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
20:58:54.0389 5668 USBAAPL - ok
20:58:54.0436 5668 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
20:58:54.0451 5668 usbaudio - ok
20:58:54.0467 5668 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:58:54.0498 5668 usbccgp - ok
20:58:54.0514 5668 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:58:54.0561 5668 usbcir - ok
20:58:54.0607 5668 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:58:54.0623 5668 usbehci - ok
20:58:54.0685 5668 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:58:54.0701 5668 usbhub - ok
20:58:54.0732 5668 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
20:58:54.0763 5668 usbohci - ok
20:58:54.0826 5668 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:58:54.0857 5668 usbprint - ok
20:58:54.0919 5668 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:58:54.0935 5668 usbscan - ok
20:58:54.0951 5668 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:58:54.0982 5668 USBSTOR - ok
20:58:54.0997 5668 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
20:58:55.0013 5668 usbuhci - ok
20:58:55.0029 5668 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
20:58:55.0044 5668 vga - ok
20:58:55.0075 5668 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:58:55.0091 5668 VgaSave - ok
20:58:55.0122 5668 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
20:58:55.0138 5668 viaagp - ok
20:58:55.0153 5668 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
20:58:55.0185 5668 ViaC7 - ok
20:58:55.0216 5668 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
20:58:55.0216 5668 viaide - ok
20:58:55.0231 5668 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:58:55.0247 5668 volmgr - ok
20:58:55.0309 5668 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:58:55.0309 5668 volmgrx - ok
20:58:55.0372 5668 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:58:55.0387 5668 volsnap - ok
20:58:55.0419 5668 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
20:58:55.0434 5668 vsmraid - ok
20:58:55.0465 5668 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:58:55.0497 5668 WacomPen - ok
20:58:55.0512 5668 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:58:55.0543 5668 Wanarp - ok
20:58:55.0543 5668 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:58:55.0559 5668 Wanarpv6 - ok
20:58:55.0606 5668 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
20:58:55.0621 5668 Wd - ok
20:58:55.0653 5668 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:58:55.0668 5668 Wdf01000 - ok
20:58:55.0746 5668 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
20:58:55.0746 5668 WimFltr - ok
20:58:55.0809 5668 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:58:55.0855 5668 winachsf - ok
20:58:55.0902 5668 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:58:55.0918 5668 WmiAcpi - ok
20:58:55.0965 5668 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:58:55.0980 5668 ws2ifsl - ok
20:58:56.0074 5668 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
20:58:56.0089 5668 WSDPrintDevice - ok
20:58:56.0121 5668 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:58:56.0136 5668 WUDFRd - ok
20:58:56.0167 5668 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
20:58:56.0183 5668 XAudio - ok
20:58:56.0199 5668 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:58:56.0355 5668 \Device\Harddisk0\DR0 - ok
20:58:56.0386 5668 Boot (0x1200) (4617723ff8a272f626a14b3bfeb623da) \Device\Harddisk0\DR0\Partition0
20:58:56.0386 5668 \Device\Harddisk0\DR0\Partition0 - ok
20:58:56.0386 5668 Boot (0x1200) (eafe597acfc21bd173b76a926b50be2b) \Device\Harddisk0\DR0\Partition1
20:58:56.0386 5668 \Device\Harddisk0\DR0\Partition1 - ok
20:58:56.0386 5668 ============================================================
20:58:56.0386 5668 Scan finished
20:58:56.0386 5668 ============================================================
20:58:56.0401 5464 Detected object count: 2
20:58:56.0401 5464 Actual detected object count: 2
20:59:06.0604 5464 ASPI ( UnsignedFile.Multi.Generic ) - skipped by user
20:59:06.0604 5464 ASPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:59:06.0651 5464 C:\Windows\system32\DRIVERS\i8042prt.sys - copied to quarantine
20:59:06.0651 5464 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers\i8042prt.sys) error 1813
20:59:06.0760 5464 Backup copy not found, trying to cure infected file..
20:59:06.0760 5464 C:\Windows\system32\DRIVERS\i8042prt.sys - Cure failed (FFFFFFFF)
20:59:06.0760 5464 C:\Windows\system32\DRIVERS\i8042prt.sys - processing error
20:59:09.0833 5464 i8042prt ( Virus.Win32.ZAccess.k ) - User select action: Cure
20:59:21.0689 4892 Deinitialize success




OTL log the second:
OTL logfile created on: 2/7/2012 9:02:38 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Sabrina\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.49 Gb Total Physical Memory | 2.31 Gb Available Physical Memory | 66.18% Memory free
7.18 Gb Paging File | 6.10 Gb Available in Paging File | 85.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.50 Gb Total Space | 14.63 Gb Free Space | 5.12% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 3.37 Gb Free Space | 33.66% Space Free | Partition Type: NTFS

Computer Name: CODII | User Name: Sabrina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/01 17:25:01 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Users\Sabrina\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
PRC - [2012/01/29 18:04:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sabrina\Desktop\OTL.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/06 09:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 07:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 07:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 09:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/04/10 12:06:42 | 000,951,656 | ---- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
PRC - [2011/04/10 12:06:40 | 000,730,472 | ---- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
PRC - [2011/04/10 12:06:38 | 005,240,168 | ---- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
PRC - [2011/02/25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/12 14:32:06 | 000,866,576 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2011/01/12 14:13:16 | 000,481,552 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/04/28 13:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/01/11 15:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/01/01 20:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2008/01/01 20:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/09/05 10:45:12 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6a38f370d4e68b65106d1065d0b77067\PresentationFramework.Aero.ni.dll
MOD - [2011/09/05 10:42:00 | 014,328,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\180849cb54aab0bc77a229c41f967c90\PresentationFramework.ni.dll
MOD - [2011/09/05 09:53:15 | 012,216,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\cbe5fbb2e20534d89c0588cc05418840\PresentationCore.ni.dll
MOD - [2011/09/05 09:53:03 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9afe86eee3ddf79c5f6cf5d85873c464\WindowsBase.ni.dll
MOD - [2011/09/05 09:52:54 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll
MOD - [2011/09/05 09:52:47 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll
MOD - [2011/09/05 09:52:42 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4c3cda96b8f12220da20f2f8d1b9439c\System.Xml.ni.dll
MOD - [2011/09/05 09:52:38 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29c6ef7f07d89496c72a1bbf718aed5d\System.Configuration.ni.dll
MOD - [2011/09/05 09:31:54 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\5f0189c3cfa13a549dea4f897b980b9f\System.Core.ni.dll
MOD - [2011/09/05 09:31:51 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll
MOD - [2011/09/05 09:31:46 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll
MOD - [2011/08/18 07:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2006/12/10 21:51:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2006/12/10 21:51:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2004/12/26 19:34:38 | 000,121,344 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/18 07:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/04/10 12:06:38 | 005,240,168 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV - [2011/02/28 17:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/12 14:32:06 | 000,866,576 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2011/01/12 14:13:16 | 000,481,552 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2008/08/17 18:10:16 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/04/28 13:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/20 18:24:10 | 000,005,632 | ---- | M] (Oak Technology Inc.) [Auto | Running] -- C:\Windows\System32\pdlndlpb.dll -- (AdobeActiveFileMonitor6.0)
SRV - [2008/01/11 15:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/01/01 20:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2008/01/01 20:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2011/04/10 19:08:50 | 000,021,888 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DisplayLinkUsbPort_5.6.31854.0.sys -- (DisplayLinkUsbPort)
DRV - [2011/04/10 12:07:03 | 000,182,896 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\dlkmd.sys -- (dlkmd)
DRV - [2011/04/10 12:07:03 | 000,014,448 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV - [2010/10/07 03:11:38 | 006,639,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwLv32.sys -- (NETwLv32) Intel®
DRV - [2008/01/20 18:23:50 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2008/01/20 18:23:46 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2008/01/20 18:23:44 | 000,054,784 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/01 20:37:18 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/26 07:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/09/24 01:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/11/26 23:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/26 23:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/26 23:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/01 23:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/01 18:50:00 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/08/04 16:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2002/07/17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4058585062-3446566008-1817747084-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=3080818
IE - HKU\S-1-5-21-4058585062-3446566008-1817747084-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-4058585062-3446566008-1817747084-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
IE - HKU\S-1-5-21-4058585062-3446566008-1817747084-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Sabrina\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Sabrina\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sabrina\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sabrina\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/02/07 22:06:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Sabrina\AppData\Roaming\Move Networks [2010/04/14 19:00:59 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sabrina\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sabrina\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sabrina\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Sabrina\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Sabrina\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/02/06 17:57:25 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.4.24.0.cab (SysInfo Class)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://email.fws.go...1cfwo/dwa7W.cab (Domino Web Access 7 Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....NPUplden-us.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ACF8B08F-5510-409F-A0B1-B2CC970A94BA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B61998AE-C695-40B6-8691-119BA2F56533}: DhcpNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{795b1fda-8990-11de-85a5-001fe2dbedde}\Shell\AutoRun\command - "" = F:\StartPortableApps.exe
O33 - MountPoints2\{851e9210-251a-11de-8a22-001fe2dbedde}\Shell\AutoRun\command - "" = WDSetup.exe
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\WD_Windows_Tools\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk /p \??\C:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: AdobeActiveFileMonitor6.0 - C:\Windows\System32\pdlndlpb.dll (Oak Technology Inc.)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found
MsConfig - StartUpReg: Apoint - hkey= - key= - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: DellSupportCenter - hkey= - key= - File not found
MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
MsConfig - StartUpReg: HotKeysCmds - hkey= - key= - File not found
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
MsConfig - StartUpReg: IgfxTray - hkey= - key= - File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: Microsoft Default Manager - hkey= - key= - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: MSC - hkey= - key= - c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
MsConfig - StartUpReg: PCMService - hkey= - key= - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
MsConfig - StartUpReg: Persistence - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SigmatelSysTrayApp - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - State: "startup" - 1

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/02/07 20:58:16 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/02/06 19:35:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/06 19:35:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/06 19:35:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/06 19:35:42 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/02/06 19:35:41 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/02/06 19:03:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/06 18:58:46 | 004,397,604 | R--- | C] (Swearware) -- C:\Users\Sabrina\Desktop\ComboFix.exe
[2012/02/05 19:58:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/01 17:03:20 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Users\Sabrina\Desktop\aswMBR.exe
[2012/01/29 18:02:12 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Sabrina\Desktop\OTL.exe
[2012/01/25 18:13:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/01/25 17:39:17 | 000,000,000 | -HSD | C] -- C:\found.001
[2008/04/30 13:08:58 | 000,008,192 | ---- | C] ( ) -- C:\Windows\System32\cshost.dll

========== Files - Modified Within 30 Days ==========

[2012/02/07 20:50:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/07 20:37:02 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/02/07 20:30:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4058585062-3446566008-1817747084-1003UA.job
[2012/02/07 20:20:09 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/07 20:20:05 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/07 20:19:46 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/07 20:19:24 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4058585062-3446566008-1817747084-1003Core.job
[2012/02/07 20:19:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/07 20:19:02 | 3747,655,680 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/07 07:33:39 | 286,396,939 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/06 21:55:28 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/02/06 19:25:29 | 002,623,283 | ---- | M] () -- C:\Users\Sabrina\Desktop\Note for Suzanne.jpg
[2012/02/06 19:02:50 | 004,397,604 | R--- | M] (Swearware) -- C:\Users\Sabrina\Desktop\ComboFix.exe
[2012/02/06 18:50:18 | 000,000,000 | -HS- | M] () -- C:\Windows\System32\dds_trash_log.cmd
[2012/02/06 17:57:25 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/02/05 21:57:35 | 000,654,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/05 21:57:35 | 000,123,628 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/03 22:14:52 | 000,001,356 | ---- | M] () -- C:\Users\Sabrina\AppData\Local\d3d9caps.dat
[2012/02/02 20:33:12 | 000,037,649 | ---- | M] () -- C:\Users\Sabrina\Documents\ShaneGreene-the barking keyhole.rtf
[2012/02/01 18:37:01 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012/02/01 17:39:07 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/02/01 17:03:29 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Users\Sabrina\Desktop\aswMBR.exe
[2012/01/29 18:04:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sabrina\Desktop\OTL.exe
[2012/01/24 19:20:08 | 000,007,669 | ---- | M] () -- C:\Users\Sabrina\Documents\TonyRogers-Stanley, The Visigoth King-stanley%2c_the_visigoth_king.submission.rtf
[2012/01/21 11:15:06 | 000,148,420 | ---- | M] () -- C:\Windows\hpoins19.dat

========== Files Created - No Company Name ==========

[2012/02/06 19:35:50 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/06 19:35:50 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/06 19:35:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/06 19:35:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/06 19:35:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/06 19:25:26 | 002,623,283 | ---- | C] () -- C:\Users\Sabrina\Desktop\Note for Suzanne.jpg
[2012/02/05 12:18:36 | 000,000,000 | -HS- | C] () -- C:\Windows\System32\dds_trash_log.cmd
[2012/02/02 20:33:11 | 000,037,649 | ---- | C] () -- C:\Users\Sabrina\Documents\ShaneGreene-the barking keyhole.rtf
[2012/02/01 17:07:42 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012/01/25 18:13:54 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/25 18:13:51 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/01/24 19:20:07 | 000,007,669 | ---- | C] () -- C:\Users\Sabrina\Documents\TonyRogers-Stanley, The Visigoth King-stanley%2c_the_visigoth_king.submission.rtf
[2012/01/21 11:09:53 | 000,148,926 | ---- | C] () -- C:\Windows\hpoins19.dat.temp
[2012/01/21 11:09:53 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2011/11/06 13:40:52 | 000,148,420 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011/11/06 13:40:30 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2011/10/10 19:47:00 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dlumd9.dll
[2011/10/10 19:47:00 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dlumd11.dll
[2011/10/10 19:47:00 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dlumd10.dll
[2011/07/15 23:36:50 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/07/15 23:36:50 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/03/29 17:00:55 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2010/12/04 19:44:08 | 000,000,281 | ---- | C] () -- C:\Windows\EReg072.dat
[2009/09/10 16:53:56 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/10 16:53:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/10 16:53:45 | 000,643,072 | ---- | C] () -- C:\Windows\System32\autochk.exe
[2009/09/10 16:53:05 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/01/23 12:20:02 | 000,003,120 | ---- | C] () -- C:\Windows\JEQDOI.ini
[2009/01/23 12:19:04 | 000,015,840 | ---- | C] () -- C:\Windows\System32\Machnm1.exe
[2009/01/23 12:18:47 | 001,798,144 | ---- | C] () -- C:\Windows\System32\LTMM_N.dll
[2008/12/19 14:03:16 | 001,683,456 | ---- | C] () -- C:\Windows\System32\LTCLR13n.dll
[2008/12/19 14:03:16 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2008/12/19 14:03:16 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2008/09/17 07:14:59 | 000,001,356 | ---- | C] () -- C:\Users\Sabrina\AppData\Local\d3d9caps.dat
[2008/08/29 18:21:54 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2008/08/29 18:21:54 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2008/08/29 18:21:54 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2008/08/29 18:21:54 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2008/08/29 18:21:54 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2008/08/29 18:21:54 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2008/08/29 18:21:54 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2008/08/29 18:21:54 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2008/08/29 18:21:54 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2008/08/29 18:21:54 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2008/08/29 18:21:54 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2008/08/29 18:21:54 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2008/08/29 18:21:54 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2008/08/29 18:21:54 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2008/08/29 18:21:54 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2008/08/29 18:21:54 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2008/08/29 18:21:54 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2008/08/29 18:21:54 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2008/08/29 18:21:54 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008/08/28 11:06:11 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/08/28 10:58:48 | 000,001,844 | ---- | C] () -- C:\Users\Sabrina\AppData\Roaming\install.dat
[2008/08/28 10:36:00 | 000,100,352 | ---- | C] () -- C:\Users\Sabrina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/17 20:32:07 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/08/17 20:32:07 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/08/17 20:32:07 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/08/17 20:32:07 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/08/17 20:32:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/08/17 12:38:23 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/03/04 17:52:34 | 000,286,720 | ---- | C] () -- C:\Windows\System32\libcurl.dll
[2008/02/03 14:44:44 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/01/20 18:23:44 | 000,054,784 | ---- | C] () -- C:\Windows\System32\drivers\i8042prt.sys
[2007/05/17 12:58:10 | 000,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll
[2006/11/03 14:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 04:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 04:47:43 | 000,371,864 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 02:33:01 | 000,654,246 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 02:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 02:33:01 | 000,123,628 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 02:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 02:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 02:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 00:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 00:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/01 23:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/01 23:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/11/14 09:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2012/01/13 18:11:13 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\.BitTornado
[2008/08/30 09:13:50 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\Absolute
[2011/04/25 19:45:44 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\acccore
[2010/03/06 14:45:38 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\Facebook
[2009/09/29 17:20:55 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\NCH Swift Sound
[2008/08/29 18:25:38 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\Panasonic
[2011/05/08 20:39:07 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\PCDr
[2012/02/01 18:37:01 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012/02/01 17:39:07 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/02/06 21:55:28 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/07 20:37:02 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2008/10/28 22:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/28 22:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 19:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 18:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 18:24:50 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/01/20 18:24:10 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 18:24:10 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 18:25:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 18:25:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/04/10 22:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/10 22:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 18:25:17 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: firefox.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: firefox.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/07/23 01:26:52 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/07/23 01:26:52 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/07/23 01:26:52 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/07/23 03:02:27 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: iexplore.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2008/11/20 20:03:28 | 003,581,736 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2008/11/20 20:03:28 | 003,581,736 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2008/11/20 20:03:28 | 003,581,736 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2008/11/20 20:03:28 | 003,581,736 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: firefox.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: firefox.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/07/23 01:26:52 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/07/23 01:26:52 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/07/23 01:26:52 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/07/23 03:02:27 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: iexplore.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2008/11/20 20:03:28 | 003,581,736 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2008/11/20 20:03:28 | 003,581,736 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2008/11/20 20:03:28 | 003,581,736 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2008/11/20 20:03:28 | 003,581,736 | ---- | M] (Apple Inc.)

< C:\Windows\assembly\tmp\U\*.* /s >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Application Data] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Cookies] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Local Settings] -> Error: Cannot create file handle -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:753F86A9

< End of report >
  • 0

#22
boredcrow
Posted 07 February 2012 - 11:32 PM

boredcrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
Argh... still not seeing the combofix.txt file in C:/ or elsewhere. I did a search in my start menu with no result.
  • 0

#23
CompCav
Posted 07 February 2012 - 11:32 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
OK please re run TDSSKiller we need to make sure it got the zero access rootkit.

Then the OTL file indicates that ComboFix did not complete so let me look at the rerun of TDSSKiller and if it is clean, we will need to run ComboFix again. Please delete the copy you have on your desktop and download a fresh copy and disable your antivirus again and run it.

The bad i8042prt.sys file is the culprit in making your mouse and keyboard not work. So we will put a clean one in it's place.
  • 0

#24
boredcrow
Posted 07 February 2012 - 11:41 PM

boredcrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
Here's the rerun of TDSS. Once again, it found two infections, the more severe of which 'cure' was already selected for, and the 'moderate' risk one still did not have the option of 'cure'

Thank you for your quick replies tonight!!!

21:37:30.0424 5144 TDSS rootkit removing tool 2.7.10.0 Feb 7 2012 15:14:46
21:37:30.0799 5144 ============================================================
21:37:30.0799 5144 Current date / time: 2012/02/07 21:37:30.0799
21:37:30.0799 5144 SystemInfo:
21:37:30.0799 5144
21:37:30.0799 5144 OS Version: 6.0.6002 ServicePack: 2.0
21:37:30.0799 5144 Product type: Workstation
21:37:30.0799 5144 ComputerName: CODII
21:37:30.0799 5144 UserName: Sabrina
21:37:30.0799 5144 Windows directory: C:\Windows
21:37:30.0799 5144 System windows directory: C:\Windows
21:37:30.0799 5144 Processor architecture: Intel x86
21:37:30.0799 5144 Number of processors: 2
21:37:30.0799 5144 Page size: 0x1000
21:37:30.0799 5144 Boot type: Normal boot
21:37:30.0799 5144 ============================================================
21:37:31.0704 5144 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:37:31.0719 5144 \Device\Harddisk0\DR0:
21:37:31.0719 5144 MBR used
21:37:31.0719 5144 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2F800, BlocksNum 0x1400000
21:37:31.0719 5144 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x142F800, BlocksNum 0x23AFE7F8
21:37:31.0875 5144 Initialize success
21:37:31.0875 5144 ============================================================
21:37:39.0769 5248 ============================================================
21:37:39.0769 5248 Scan started
21:37:39.0769 5248 Mode: Manual; SigCheck; TDLFS;
21:37:39.0769 5248 ============================================================
21:37:41.0251 5248 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
21:37:41.0360 5248 ACPI - ok
21:37:41.0500 5248 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
21:37:41.0532 5248 adp94xx - ok
21:37:41.0625 5248 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
21:37:41.0656 5248 adpahci - ok
21:37:41.0719 5248 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
21:37:41.0750 5248 adpu160m - ok
21:37:41.0766 5248 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
21:37:41.0797 5248 adpu320 - ok
21:37:41.0937 5248 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
21:37:41.0984 5248 AFD - ok
21:37:42.0031 5248 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
21:37:42.0062 5248 agp440 - ok
21:37:42.0093 5248 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:37:42.0124 5248 aic78xx - ok
21:37:42.0156 5248 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
21:37:42.0171 5248 aliide - ok
21:37:42.0187 5248 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
21:37:42.0218 5248 amdagp - ok
21:37:42.0249 5248 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
21:37:42.0265 5248 amdide - ok
21:37:42.0296 5248 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
21:37:42.0358 5248 AmdK7 - ok
21:37:42.0374 5248 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
21:37:42.0436 5248 AmdK8 - ok
21:37:42.0499 5248 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\Windows\system32\DRIVERS\Apfiltr.sys
21:37:42.0530 5248 ApfiltrService - ok
21:37:42.0592 5248 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
21:37:42.0624 5248 arc - ok
21:37:42.0655 5248 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
21:37:42.0686 5248 arcsas - ok
21:37:42.0795 5248 ASPI (e54e27976e2c5a6465d44c10b1d87ac0) C:\Windows\System32\DRIVERS\ASPI32.sys
21:37:42.0811 5248 ASPI ( UnsignedFile.Multi.Generic ) - warning
21:37:42.0811 5248 ASPI - detected UnsignedFile.Multi.Generic (1)
21:37:42.0873 5248 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:37:42.0936 5248 AsyncMac - ok
21:37:42.0998 5248 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
21:37:43.0014 5248 atapi - ok
21:37:43.0076 5248 b57nd60x (32795e299c3aba589a5e04c83d531cdf) C:\Windows\system32\DRIVERS\b57nd60x.sys
21:37:43.0170 5248 b57nd60x - ok
21:37:43.0294 5248 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:37:43.0404 5248 Beep - ok
21:37:43.0482 5248 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
21:37:43.0575 5248 blbdrive - ok
21:37:43.0622 5248 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
21:37:43.0716 5248 bowser - ok
21:37:43.0747 5248 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:37:43.0809 5248 BrFiltLo - ok
21:37:43.0840 5248 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:37:43.0856 5248 BrFiltUp - ok
21:37:43.0903 5248 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:37:43.0996 5248 Brserid - ok
21:37:44.0059 5248 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:37:44.0137 5248 BrSerWdm - ok
21:37:44.0168 5248 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:37:44.0230 5248 BrUsbMdm - ok
21:37:44.0262 5248 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:37:44.0324 5248 BrUsbSer - ok
21:37:44.0433 5248 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
21:37:44.0480 5248 BthEnum - ok
21:37:44.0542 5248 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:37:44.0620 5248 BTHMODEM - ok
21:37:44.0667 5248 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
21:37:44.0714 5248 BthPan - ok
21:37:44.0761 5248 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
21:37:44.0839 5248 BTHPORT - ok
21:37:44.0932 5248 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
21:37:44.0979 5248 BTHUSB - ok
21:37:45.0010 5248 btwaudio (4a28e7bd365377d0512b7ef8c7596d2c) C:\Windows\system32\drivers\btwaudio.sys
21:37:45.0073 5248 btwaudio - ok
21:37:45.0073 5248 btwavdt (5ffde57253d665067b0886612817eb11) C:\Windows\system32\drivers\btwavdt.sys
21:37:45.0120 5248 btwavdt - ok
21:37:45.0135 5248 btwrchid (ab07dc8b05c31a4f95fc73019be9db15) C:\Windows\system32\DRIVERS\btwrchid.sys
21:37:45.0198 5248 btwrchid - ok
21:37:45.0291 5248 catchme - ok
21:37:45.0354 5248 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:37:45.0432 5248 cdfs - ok
21:37:45.0525 5248 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
21:37:45.0588 5248 cdrom - ok
21:37:45.0634 5248 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
21:37:45.0681 5248 circlass - ok
21:37:45.0962 5248 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
21:37:45.0993 5248 CLFS - ok
21:37:46.0087 5248 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
21:37:46.0134 5248 CmBatt - ok
21:37:46.0149 5248 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
21:37:46.0165 5248 cmdide - ok
21:37:46.0196 5248 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
21:37:46.0212 5248 Compbatt - ok
21:37:46.0212 5248 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
21:37:46.0258 5248 crcdisk - ok
21:37:46.0274 5248 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
21:37:46.0336 5248 Crusoe - ok
21:37:46.0414 5248 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
21:37:46.0461 5248 CSC - ok
21:37:46.0508 5248 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
21:37:46.0570 5248 DfsC - ok
21:37:46.0664 5248 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
21:37:46.0695 5248 disk - ok
21:37:46.0758 5248 DisplayLinkUsbPort (adccc97ad9af22d019428b6773f23150) C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.6.31854.0.sys
21:37:46.0804 5248 DisplayLinkUsbPort - ok
21:37:46.0867 5248 dlkmd (b19e212ef403999dadd5f337746dd21d) C:\Windows\system32\drivers\dlkmd.sys
21:37:46.0914 5248 dlkmd - ok
21:37:46.0945 5248 dlkmdldr (4b9c06a5a539a46aaaface8bdb65218c) C:\Windows\system32\drivers\dlkmdldr.sys
21:37:46.0960 5248 dlkmdldr - ok
21:37:47.0038 5248 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
21:37:47.0085 5248 Dot4 - ok
21:37:47.0148 5248 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:37:47.0194 5248 Dot4Print - ok
21:37:47.0241 5248 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
21:37:47.0288 5248 dot4usb - ok
21:37:47.0319 5248 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:37:47.0350 5248 drmkaud - ok
21:37:47.0428 5248 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
21:37:47.0475 5248 DXGKrnl - ok
21:37:47.0522 5248 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
21:37:47.0647 5248 e1express - ok
21:37:47.0678 5248 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:37:47.0756 5248 E1G60 - ok
21:37:47.0818 5248 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
21:37:47.0850 5248 Ecache - ok
21:37:47.0896 5248 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
21:37:47.0928 5248 elxstor - ok
21:37:47.0959 5248 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
21:37:47.0990 5248 ErrDev - ok
21:37:48.0052 5248 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
21:37:48.0115 5248 exfat - ok
21:37:48.0162 5248 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
21:37:48.0193 5248 fastfat - ok
21:37:48.0224 5248 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
21:37:48.0271 5248 fdc - ok
21:37:48.0318 5248 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:37:48.0349 5248 FileInfo - ok
21:37:48.0364 5248 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:37:48.0411 5248 Filetrace - ok
21:37:48.0442 5248 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:37:48.0489 5248 flpydisk - ok
21:37:48.0552 5248 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
21:37:48.0583 5248 FltMgr - ok
21:37:48.0630 5248 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
21:37:48.0661 5248 Fs_Rec - ok
21:37:48.0692 5248 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
21:37:48.0723 5248 gagp30kx - ok
21:37:48.0770 5248 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
21:37:48.0801 5248 GEARAspiWDM - ok
21:37:48.0910 5248 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:37:49.0035 5248 HDAudBus - ok
21:37:49.0082 5248 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:37:49.0144 5248 HidBth - ok
21:37:49.0160 5248 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
21:37:49.0222 5248 HidIr - ok
21:37:49.0285 5248 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
21:37:49.0332 5248 HidUsb - ok
21:37:49.0378 5248 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
21:37:49.0394 5248 HpCISSs - ok
21:37:49.0488 5248 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys
21:37:49.0612 5248 HSF_DPV - ok
21:37:49.0644 5248 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
21:37:49.0706 5248 HSXHWAZL - ok
21:37:49.0784 5248 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
21:37:49.0940 5248 HTTP - ok
21:37:49.0987 5248 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
21:37:50.0002 5248 i2omp - ok
21:37:50.0065 5248 i8042prt (04bb6ea06e3301940d545a396e627180) C:\Windows\system32\DRIVERS\i8042prt.sys
21:37:51.0157 5248 i8042prt ( Virus.Win32.ZAccess.k ) - infected
21:37:51.0157 5248 i8042prt - detected Virus.Win32.ZAccess.k (0)
21:37:51.0235 5248 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\drivers\iastor.sys
21:37:51.0250 5248 iaStor - ok
21:37:51.0266 5248 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
21:37:51.0297 5248 iaStorV - ok
21:37:51.0375 5248 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
21:37:51.0594 5248 igfx - ok
21:37:51.0640 5248 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:37:51.0656 5248 iirsp - ok
21:37:51.0718 5248 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
21:37:51.0734 5248 intelide - ok
21:37:51.0765 5248 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
21:37:51.0812 5248 intelppm - ok
21:37:51.0859 5248 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:37:51.0921 5248 IpFilterDriver - ok
21:37:51.0937 5248 IpInIp - ok
21:37:51.0952 5248 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
21:37:52.0030 5248 IPMIDRV - ok
21:37:52.0062 5248 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:37:52.0108 5248 IPNAT - ok
21:37:52.0140 5248 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:37:52.0171 5248 IRENUM - ok
21:37:52.0202 5248 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
21:37:52.0233 5248 isapnp - ok
21:37:52.0280 5248 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
21:37:52.0311 5248 iScsiPrt - ok
21:37:52.0342 5248 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:37:52.0358 5248 iteatapi - ok
21:37:52.0389 5248 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:37:52.0405 5248 iteraid - ok
21:37:52.0436 5248 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:37:52.0467 5248 kbdclass - ok
21:37:52.0530 5248 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
21:37:52.0561 5248 kbdhid - ok
21:37:52.0654 5248 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
21:37:52.0686 5248 KSecDD - ok
21:37:52.0717 5248 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:37:52.0779 5248 lltdio - ok
21:37:52.0810 5248 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
21:37:52.0842 5248 LSI_FC - ok
21:37:52.0873 5248 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
21:37:52.0904 5248 LSI_SAS - ok
21:37:52.0951 5248 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
21:37:52.0982 5248 LSI_SCSI - ok
21:37:53.0013 5248 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:37:53.0091 5248 luafv - ok
21:37:53.0138 5248 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
21:37:53.0169 5248 MBAMProtector - ok
21:37:53.0216 5248 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:37:53.0247 5248 mdmxsdk - ok
21:37:53.0263 5248 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
21:37:53.0294 5248 megasas - ok
21:37:53.0341 5248 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
21:37:53.0388 5248 MegaSR - ok
21:37:53.0419 5248 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:37:53.0466 5248 Modem - ok
21:37:53.0481 5248 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:37:53.0544 5248 monitor - ok
21:37:53.0559 5248 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:37:53.0606 5248 mouclass - ok
21:37:53.0622 5248 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:37:53.0684 5248 mouhid - ok
21:37:53.0700 5248 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:37:53.0731 5248 MountMgr - ok
21:37:53.0809 5248 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
21:37:53.0871 5248 MpFilter - ok
21:37:53.0902 5248 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
21:37:53.0949 5248 mpio - ok
21:37:54.0058 5248 MpKsl1f1a8ee8 - ok
21:37:54.0074 5248 MpKsl29173830 - ok
21:37:54.0090 5248 MpKsl297d5a8a - ok
21:37:54.0090 5248 MpKsl4e696fac - ok
21:37:54.0105 5248 MpKsl6975c053 - ok
21:37:54.0105 5248 MpKsl88183a8c - ok
21:37:54.0105 5248 MpKsl99a59fd0 - ok
21:37:54.0121 5248 MpKslad85b740 - ok
21:37:54.0136 5248 MpKslad97efe1 - ok
21:37:54.0152 5248 MpKslb77275ff - ok
21:37:54.0152 5248 MpKsld2b4984a - ok
21:37:54.0152 5248 MpKslf315d957 - ok
21:37:54.0168 5248 MpKslf6736eda - ok
21:37:54.0277 5248 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
21:37:54.0292 5248 MpNWMon - ok
21:37:54.0339 5248 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:37:54.0370 5248 mpsdrv - ok
21:37:54.0402 5248 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:37:54.0417 5248 Mraid35x - ok
21:37:54.0448 5248 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
21:37:54.0495 5248 MRxDAV - ok
21:37:54.0558 5248 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:37:54.0604 5248 mrxsmb - ok
21:37:54.0682 5248 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:37:54.0729 5248 mrxsmb10 - ok
21:37:54.0760 5248 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:37:54.0823 5248 mrxsmb20 - ok
21:37:54.0870 5248 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
21:37:54.0885 5248 msahci - ok
21:37:54.0932 5248 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
21:37:54.0948 5248 msdsm - ok
21:37:54.0979 5248 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:37:55.0026 5248 Msfs - ok
21:37:55.0072 5248 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:37:55.0088 5248 msisadrv - ok
21:37:55.0119 5248 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:37:55.0150 5248 MSKSSRV - ok
21:37:55.0166 5248 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:37:55.0197 5248 MSPCLOCK - ok
21:37:55.0213 5248 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:37:55.0244 5248 MSPQM - ok
21:37:55.0306 5248 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
21:37:55.0353 5248 MsRPC - ok
21:37:55.0369 5248 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:37:55.0400 5248 mssmbios - ok
21:37:55.0431 5248 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:37:55.0462 5248 MSTEE - ok
21:37:55.0478 5248 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
21:37:55.0509 5248 Mup - ok
21:37:55.0572 5248 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
21:37:55.0634 5248 NativeWifiP - ok
21:37:55.0681 5248 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
21:37:55.0728 5248 NDIS - ok
21:37:55.0743 5248 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:37:55.0790 5248 NdisTapi - ok
21:37:55.0806 5248 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:37:55.0852 5248 Ndisuio - ok
21:37:55.0899 5248 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:37:55.0946 5248 NdisWan - ok
21:37:55.0962 5248 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:37:56.0024 5248 NDProxy - ok
21:37:56.0055 5248 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:37:56.0102 5248 NetBIOS - ok
21:37:56.0164 5248 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
21:37:56.0242 5248 netbt - ok
21:37:56.0398 5248 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
21:37:56.0601 5248 NETw4v32 - ok
21:37:56.0804 5248 NETwLv32 (d4ef7a9767c05905500ec312cb29ef46) C:\Windows\system32\DRIVERS\NETwLv32.sys
21:37:57.0069 5248 NETwLv32 - ok
21:37:57.0132 5248 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:37:57.0147 5248 nfrd960 - ok
21:37:57.0241 5248 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:37:57.0272 5248 NisDrv - ok
21:37:57.0303 5248 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
21:37:57.0350 5248 Npfs - ok
21:37:57.0366 5248 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:37:57.0412 5248 nsiproxy - ok
21:37:57.0490 5248 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
21:37:57.0662 5248 Ntfs - ok
21:37:57.0756 5248 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:37:57.0834 5248 ntrigdigi - ok
21:37:57.0834 5248 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:37:57.0865 5248 Null - ok
21:37:57.0896 5248 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
21:37:57.0927 5248 nvraid - ok
21:37:57.0958 5248 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
21:37:57.0974 5248 nvstor - ok
21:37:58.0005 5248 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
21:37:58.0021 5248 nv_agp - ok
21:37:58.0036 5248 NwlnkFlt - ok
21:37:58.0052 5248 NwlnkFwd - ok
21:37:58.0130 5248 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
21:37:58.0177 5248 ohci1394 - ok
21:37:58.0224 5248 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:37:58.0317 5248 Parport - ok
21:37:58.0364 5248 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
21:37:58.0395 5248 partmgr - ok
21:37:58.0426 5248 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:37:58.0473 5248 Parvdm - ok
21:37:58.0536 5248 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
21:37:58.0567 5248 pci - ok
21:37:58.0582 5248 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
21:37:58.0598 5248 pciide - ok
21:37:58.0629 5248 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:37:58.0645 5248 pcmcia - ok
21:37:58.0692 5248 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:37:58.0848 5248 PEAUTH - ok
21:37:58.0926 5248 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:37:59.0004 5248 PptpMiniport - ok
21:37:59.0019 5248 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
21:37:59.0082 5248 Processor - ok
21:37:59.0144 5248 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
21:37:59.0206 5248 PSched - ok
21:37:59.0253 5248 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
21:37:59.0269 5248 PxHelp20 - ok
21:37:59.0331 5248 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
21:37:59.0425 5248 ql2300 - ok
21:37:59.0456 5248 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:37:59.0487 5248 ql40xx - ok
21:37:59.0518 5248 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:37:59.0565 5248 QWAVEdrv - ok
21:37:59.0643 5248 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
21:37:59.0862 5248 R300 - ok
21:37:59.0877 5248 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:37:59.0924 5248 RasAcd - ok
21:38:00.0002 5248 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:38:00.0064 5248 Rasl2tp - ok
21:38:00.0111 5248 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
21:38:00.0158 5248 RasPppoe - ok
21:38:00.0189 5248 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
21:38:00.0267 5248 RasSstp - ok
21:38:00.0314 5248 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
21:38:00.0392 5248 rdbss - ok
21:38:00.0408 5248 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:38:00.0439 5248 RDPCDD - ok
21:38:00.0517 5248 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
21:38:00.0610 5248 rdpdr - ok
21:38:00.0610 5248 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:38:00.0642 5248 RDPENCDD - ok
21:38:00.0688 5248 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
21:38:00.0782 5248 RDPWD - ok
21:38:00.0876 5248 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
21:38:00.0922 5248 RFCOMM - ok
21:38:00.0954 5248 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
21:38:01.0000 5248 rimmptsk - ok
21:38:01.0032 5248 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
21:38:01.0094 5248 rimsptsk - ok
21:38:01.0110 5248 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
21:38:01.0156 5248 rismxdp - ok
21:38:01.0203 5248 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:38:01.0266 5248 rspndr - ok
21:38:01.0297 5248 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:38:01.0344 5248 sbp2port - ok
21:38:01.0406 5248 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
21:38:01.0453 5248 sdbus - ok
21:38:01.0468 5248 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:38:01.0531 5248 secdrv - ok
21:38:01.0562 5248 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
21:38:01.0624 5248 Serenum - ok
21:38:01.0640 5248 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
21:38:01.0702 5248 Serial - ok
21:38:01.0734 5248 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:38:01.0765 5248 sermouse - ok
21:38:01.0796 5248 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
21:38:01.0843 5248 sffdisk - ok
21:38:01.0858 5248 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
21:38:01.0890 5248 sffp_mmc - ok
21:38:01.0905 5248 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
21:38:01.0952 5248 sffp_sd - ok
21:38:01.0983 5248 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
21:38:02.0030 5248 sfloppy - ok
21:38:02.0061 5248 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
21:38:02.0092 5248 sisagp - ok
21:38:02.0124 5248 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
21:38:02.0139 5248 SiSRaid2 - ok
21:38:02.0170 5248 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
21:38:02.0202 5248 SiSRaid4 - ok
21:38:02.0264 5248 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
21:38:02.0342 5248 Smb - ok
21:38:02.0358 5248 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:38:02.0389 5248 spldr - ok
21:38:02.0467 5248 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
21:38:02.0545 5248 srv - ok
21:38:02.0576 5248 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
21:38:02.0623 5248 srv2 - ok
21:38:02.0670 5248 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
21:38:02.0716 5248 srvnet - ok
21:38:02.0794 5248 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
21:38:02.0857 5248 STHDA - ok
21:38:02.0919 5248 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
21:38:02.0966 5248 StillCam - ok
21:38:03.0013 5248 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:38:03.0028 5248 swenum - ok
21:38:03.0060 5248 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:38:03.0091 5248 Symc8xx - ok
21:38:03.0122 5248 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:38:03.0138 5248 Sym_hi - ok
21:38:03.0169 5248 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:38:03.0184 5248 Sym_u3 - ok
21:38:03.0294 5248 Tcpip (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\drivers\tcpip.sys
21:38:03.0403 5248 Tcpip - ok
21:38:03.0418 5248 Tcpip6 (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\DRIVERS\tcpip.sys
21:38:03.0496 5248 Tcpip6 - ok
21:38:03.0606 5248 tcpipreg (36606b165d04a397bdf613096986d85d) C:\Windows\system32\drivers\tcpipreg.sys
21:38:03.0699 5248 tcpipreg - ok
21:38:03.0730 5248 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:38:03.0777 5248 TDPIPE - ok
21:38:03.0793 5248 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:38:03.0840 5248 TDTCP - ok
21:38:03.0886 5248 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
21:38:03.0964 5248 tdx - ok
21:38:04.0027 5248 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
21:38:04.0058 5248 TermDD - ok
21:38:04.0089 5248 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:38:04.0152 5248 tssecsrv - ok
21:38:04.0167 5248 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:38:04.0214 5248 tunmp - ok
21:38:04.0276 5248 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
21:38:04.0323 5248 tunnel - ok
21:38:04.0339 5248 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
21:38:04.0370 5248 uagp35 - ok
21:38:04.0417 5248 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
21:38:04.0479 5248 udfs - ok
21:38:04.0510 5248 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
21:38:04.0542 5248 uliagpkx - ok
21:38:04.0573 5248 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
21:38:04.0635 5248 uliahci - ok
21:38:04.0666 5248 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:38:04.0682 5248 UlSata - ok
21:38:04.0713 5248 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:38:04.0729 5248 ulsata2 - ok
21:38:04.0760 5248 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:38:04.0807 5248 umbus - ok
21:38:04.0869 5248 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
21:38:04.0963 5248 USBAAPL - ok
21:38:05.0025 5248 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
21:38:05.0088 5248 usbaudio - ok
21:38:05.0119 5248 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
21:38:05.0197 5248 usbccgp - ok
21:38:05.0244 5248 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
21:38:05.0322 5248 usbcir - ok
21:38:05.0415 5248 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
21:38:05.0478 5248 usbehci - ok
21:38:05.0540 5248 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
21:38:05.0587 5248 usbhub - ok
21:38:05.0618 5248 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
21:38:05.0665 5248 usbohci - ok
21:38:05.0743 5248 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
21:38:05.0790 5248 usbprint - ok
21:38:05.0868 5248 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
21:38:05.0914 5248 usbscan - ok
21:38:05.0946 5248 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:38:06.0008 5248 USBSTOR - ok
21:38:06.0039 5248 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
21:38:06.0086 5248 usbuhci - ok
21:38:06.0133 5248 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
21:38:06.0180 5248 vga - ok
21:38:06.0195 5248 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:38:06.0242 5248 VgaSave - ok
21:38:06.0289 5248 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
21:38:06.0304 5248 viaagp - ok
21:38:06.0336 5248 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
21:38:06.0382 5248 ViaC7 - ok
21:38:06.0414 5248 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
21:38:06.0429 5248 viaide - ok
21:38:06.0445 5248 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:38:06.0460 5248 volmgr - ok
21:38:06.0507 5248 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
21:38:06.0538 5248 volmgrx - ok
21:38:06.0616 5248 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
21:38:06.0632 5248 volsnap - ok
21:38:06.0679 5248 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
21:38:06.0710 5248 vsmraid - ok
21:38:06.0741 5248 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:38:06.0804 5248 WacomPen - ok
21:38:06.0819 5248 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:38:06.0897 5248 Wanarp - ok
21:38:06.0897 5248 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:38:06.0944 5248 Wanarpv6 - ok
21:38:06.0975 5248 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
21:38:06.0991 5248 Wd - ok
21:38:07.0038 5248 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
21:38:07.0069 5248 Wdf01000 - ok
21:38:07.0147 5248 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
21:38:07.0194 5248 WimFltr - ok
21:38:07.0240 5248 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
21:38:07.0350 5248 winachsf - ok
21:38:07.0396 5248 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:38:07.0428 5248 WmiAcpi - ok
21:38:07.0459 5248 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:38:07.0506 5248 ws2ifsl - ok
21:38:07.0584 5248 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
21:38:07.0630 5248 WSDPrintDevice - ok
21:38:07.0677 5248 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:38:07.0771 5248 WUDFRd - ok
21:38:07.0802 5248 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
21:38:07.0818 5248 XAudio - ok
21:38:07.0864 5248 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:38:08.0005 5248 \Device\Harddisk0\DR0 - ok
21:38:08.0052 5248 Boot (0x1200) (4617723ff8a272f626a14b3bfeb623da) \Device\Harddisk0\DR0\Partition0
21:38:08.0052 5248 \Device\Harddisk0\DR0\Partition0 - ok
21:38:08.0052 5248 Boot (0x1200) (eafe597acfc21bd173b76a926b50be2b) \Device\Harddisk0\DR0\Partition1
21:38:08.0052 5248 \Device\Harddisk0\DR0\Partition1 - ok
21:38:08.0052 5248 ============================================================
21:38:08.0052 5248 Scan finished
21:38:08.0052 5248 ============================================================
21:38:08.0067 2708 Detected object count: 2
21:38:08.0067 2708 Actual detected object count: 2
21:38:19.0268 2708 ASPI ( UnsignedFile.Multi.Generic ) - skipped by user
21:38:19.0268 2708 ASPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:38:19.0330 2708 C:\Windows\system32\DRIVERS\i8042prt.sys - copied to quarantine
21:38:20.0422 2708 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers\i8042prt.sys) error 1813
21:38:21.0015 2708 Backup copy not found, trying to cure infected file..
21:38:21.0015 2708 C:\Windows\system32\DRIVERS\i8042prt.sys - Cure failed (FFFFFFFF)
21:38:21.0015 2708 C:\Windows\system32\DRIVERS\i8042prt.sys - processing error
21:38:24.0837 2708 i8042prt ( Virus.Win32.ZAccess.k ) - User select action: Cure
  • 0

#25
CompCav
Posted 08 February 2012 - 12:03 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
HOLD OFF on ComboFix for a minute and run these two quick scans and post for me.

Step 1.


  • Double click on the Posted Image icon to run it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top, make sure Standard output is selected.
  • Select Scan all users
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scans/Fixes box copy and paste this in:

    netsvcs
    msconfig
    %SYSTEMDRIVE%\*.exe
    /md5start
    i8042prt.*
    /md5stop
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
  • Click the QuickScan button. Do not change any settings unless otherwise told to do so. The scan won't take long.

  • When the scan completes, it will open OTL.Txt in Notepad window on the task bar.
  • Please copy (Edit->Select All, Edit->Copy) the content of this file and post it with your next reply.



Step 2.

Then we need to see if the registry entry for this key is correct.

Please hit Windows Key + R to open a run dialog box.

Copy and paste the line in this code box into it and click OK

regedit /e C:\regi8042.txt "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt"

The file regi8042.txt will be located in C:\

Please post the contents of this file in your next reply.


Step 3.

Please post:

OTL.txt
regi8042.txt

Any changes in computer performance or issues?
  • 0

Advertisements

#26
boredcrow
Posted 08 February 2012 - 12:22 AM

boredcrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
Done!

OTL logfile created on: 2/7/2012 10:07:30 PM - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Sabrina\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.49 Gb Total Physical Memory | 2.06 Gb Available Physical Memory | 59.15% Memory free
7.18 Gb Paging File | 5.94 Gb Available in Paging File | 82.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.50 Gb Total Space | 12.93 Gb Free Space | 4.53% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 3.37 Gb Free Space | 33.66% Space Free | Partition Type: NTFS

Computer Name: CODII | User Name: Sabrina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/29 18:04:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sabrina\Desktop\OTL.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/06 09:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 07:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 07:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 09:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/04/10 12:06:42 | 000,951,656 | ---- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
PRC - [2011/04/10 12:06:40 | 000,730,472 | ---- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
PRC - [2011/04/10 12:06:38 | 005,240,168 | ---- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
PRC - [2011/02/25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/12 14:32:06 | 000,866,576 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2011/01/12 14:13:16 | 000,481,552 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/04/28 13:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/01/11 15:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/01/01 20:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2008/01/01 20:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/09/05 10:45:12 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6a38f370d4e68b65106d1065d0b77067\PresentationFramework.Aero.ni.dll
MOD - [2011/09/05 10:42:00 | 014,328,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\180849cb54aab0bc77a229c41f967c90\PresentationFramework.ni.dll
MOD - [2011/09/05 09:53:15 | 012,216,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\cbe5fbb2e20534d89c0588cc05418840\PresentationCore.ni.dll
MOD - [2011/09/05 09:53:03 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9afe86eee3ddf79c5f6cf5d85873c464\WindowsBase.ni.dll
MOD - [2011/09/05 09:52:54 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll
MOD - [2011/09/05 09:52:47 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll
MOD - [2011/09/05 09:52:42 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4c3cda96b8f12220da20f2f8d1b9439c\System.Xml.ni.dll
MOD - [2011/09/05 09:52:38 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29c6ef7f07d89496c72a1bbf718aed5d\System.Configuration.ni.dll
MOD - [2011/09/05 09:31:54 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\5f0189c3cfa13a549dea4f897b980b9f\System.Core.ni.dll
MOD - [2011/09/05 09:31:51 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll
MOD - [2011/09/05 09:31:46 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll
MOD - [2011/08/18 07:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2006/12/10 21:51:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2006/12/10 21:51:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2004/12/26 19:34:38 | 000,121,344 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/18 07:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/04/10 12:06:38 | 005,240,168 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV - [2011/02/28 17:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/12 14:32:06 | 000,866,576 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2011/01/12 14:13:16 | 000,481,552 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2008/08/17 18:10:16 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/04/28 13:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/20 18:24:10 | 000,005,632 | ---- | M] (Oak Technology Inc.) [Auto | Running] -- C:\Windows\System32\pdlndlpb.dll -- (AdobeActiveFileMonitor6.0)
SRV - [2008/01/11 15:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/01/01 20:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2008/01/01 20:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2011/04/10 19:08:50 | 000,021,888 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DisplayLinkUsbPort_5.6.31854.0.sys -- (DisplayLinkUsbPort)
DRV - [2011/04/10 12:07:03 | 000,182,896 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\dlkmd.sys -- (dlkmd)
DRV - [2011/04/10 12:07:03 | 000,014,448 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV - [2010/10/07 03:11:38 | 006,639,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwLv32.sys -- (NETwLv32) Intel®
DRV - [2008/01/20 18:23:50 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2008/01/20 18:23:46 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2008/01/20 18:23:44 | 000,054,784 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/01 20:37:18 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/26 07:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/09/24 01:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/11/26 23:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/26 23:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/26 23:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/01 23:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/01 18:50:00 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/08/04 16:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2002/07/17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4058585062-3446566008-1817747084-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=3080818
IE - HKU\S-1-5-21-4058585062-3446566008-1817747084-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-4058585062-3446566008-1817747084-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
IE - HKU\S-1-5-21-4058585062-3446566008-1817747084-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Sabrina\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Sabrina\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sabrina\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sabrina\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/02/07 22:06:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Sabrina\AppData\Roaming\Move Networks [2010/04/14 19:00:59 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sabrina\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sabrina\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sabrina\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Sabrina\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Sabrina\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/02/06 17:57:25 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.4.24.0.cab (SysInfo Class)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://email.fws.go...1cfwo/dwa7W.cab (Domino Web Access 7 Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....NPUplden-us.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ACF8B08F-5510-409F-A0B1-B2CC970A94BA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B61998AE-C695-40B6-8691-119BA2F56533}: DhcpNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{795b1fda-8990-11de-85a5-001fe2dbedde}\Shell\AutoRun\command - "" = F:\StartPortableApps.exe
O33 - MountPoints2\{851e9210-251a-11de-8a22-001fe2dbedde}\Shell\AutoRun\command - "" = WDSetup.exe
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\WD_Windows_Tools\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk /p \??\C:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: AdobeActiveFileMonitor6.0 - C:\Windows\System32\pdlndlpb.dll (Oak Technology Inc.)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found
MsConfig - StartUpReg: Apoint - hkey= - key= - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: DellSupportCenter - hkey= - key= - File not found
MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
MsConfig - StartUpReg: HotKeysCmds - hkey= - key= - File not found
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
MsConfig - StartUpReg: IgfxTray - hkey= - key= - File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: Microsoft Default Manager - hkey= - key= - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: MSC - hkey= - key= - c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
MsConfig - StartUpReg: PCMService - hkey= - key= - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
MsConfig - StartUpReg: Persistence - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SigmatelSysTrayApp - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - State: "startup" - 1

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/02/07 21:33:13 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/02/07 20:58:16 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/02/06 19:35:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/06 19:35:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/06 19:35:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/06 19:35:42 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/02/06 19:03:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/05 19:58:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/01 17:03:20 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Users\Sabrina\Desktop\aswMBR.exe
[2012/01/29 18:02:12 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Sabrina\Desktop\OTL.exe
[2012/01/25 18:13:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/01/25 17:39:17 | 000,000,000 | -HSD | C] -- C:\found.001
[2008/04/30 13:08:58 | 000,008,192 | ---- | C] ( ) -- C:\Windows\System32\cshost.dll

========== Files - Modified Within 30 Days ==========

[2012/02/07 21:50:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/07 21:30:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4058585062-3446566008-1817747084-1003UA.job
[2012/02/07 20:37:02 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/02/07 20:20:09 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/07 20:20:05 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/07 20:19:46 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/07 20:19:24 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4058585062-3446566008-1817747084-1003Core.job
[2012/02/07 20:19:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/07 20:19:02 | 3747,655,680 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/07 07:33:39 | 286,396,939 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/06 21:55:28 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/02/06 19:25:29 | 002,623,283 | ---- | M] () -- C:\Users\Sabrina\Desktop\Note for Suzanne.jpg
[2012/02/06 18:50:18 | 000,000,000 | -HS- | M] () -- C:\Windows\System32\dds_trash_log.cmd
[2012/02/06 17:57:25 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/02/05 21:57:35 | 000,654,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/05 21:57:35 | 000,123,628 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/03 22:14:52 | 000,001,356 | ---- | M] () -- C:\Users\Sabrina\AppData\Local\d3d9caps.dat
[2012/02/02 20:33:12 | 000,037,649 | ---- | M] () -- C:\Users\Sabrina\Documents\ShaneGreene-the barking keyhole.rtf
[2012/02/01 18:37:01 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012/02/01 17:39:07 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/02/01 17:03:29 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Users\Sabrina\Desktop\aswMBR.exe
[2012/01/29 18:04:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sabrina\Desktop\OTL.exe
[2012/01/24 19:20:08 | 000,007,669 | ---- | M] () -- C:\Users\Sabrina\Documents\TonyRogers-Stanley, The Visigoth King-stanley%2c_the_visigoth_king.submission.rtf
[2012/01/21 11:15:06 | 000,148,420 | ---- | M] () -- C:\Windows\hpoins19.dat

========== Files Created - No Company Name ==========

[2012/02/06 19:35:50 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/06 19:35:50 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/06 19:35:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/06 19:35:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/06 19:35:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/06 19:25:26 | 002,623,283 | ---- | C] () -- C:\Users\Sabrina\Desktop\Note for Suzanne.jpg
[2012/02/05 12:18:36 | 000,000,000 | -HS- | C] () -- C:\Windows\System32\dds_trash_log.cmd
[2012/02/02 20:33:11 | 000,037,649 | ---- | C] () -- C:\Users\Sabrina\Documents\ShaneGreene-the barking keyhole.rtf
[2012/02/01 17:07:42 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012/01/25 18:13:54 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/25 18:13:51 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/01/24 19:20:07 | 000,007,669 | ---- | C] () -- C:\Users\Sabrina\Documents\TonyRogers-Stanley, The Visigoth King-stanley%2c_the_visigoth_king.submission.rtf
[2012/01/21 11:09:53 | 000,148,926 | ---- | C] () -- C:\Windows\hpoins19.dat.temp
[2012/01/21 11:09:53 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2011/11/06 13:40:52 | 000,148,420 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011/11/06 13:40:30 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2011/10/10 19:47:00 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dlumd9.dll
[2011/10/10 19:47:00 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dlumd11.dll
[2011/10/10 19:47:00 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dlumd10.dll
[2011/07/15 23:36:50 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/07/15 23:36:50 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/03/29 17:00:55 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2010/12/04 19:44:08 | 000,000,281 | ---- | C] () -- C:\Windows\EReg072.dat
[2009/09/10 16:53:56 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/10 16:53:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/10 16:53:45 | 000,643,072 | ---- | C] () -- C:\Windows\System32\autochk.exe
[2009/09/10 16:53:05 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/01/23 12:20:02 | 000,003,120 | ---- | C] () -- C:\Windows\JEQDOI.ini
[2009/01/23 12:19:04 | 000,015,840 | ---- | C] () -- C:\Windows\System32\Machnm1.exe
[2009/01/23 12:18:47 | 001,798,144 | ---- | C] () -- C:\Windows\System32\LTMM_N.dll
[2008/12/19 14:03:16 | 001,683,456 | ---- | C] () -- C:\Windows\System32\LTCLR13n.dll
[2008/12/19 14:03:16 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2008/12/19 14:03:16 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2008/09/17 07:14:59 | 000,001,356 | ---- | C] () -- C:\Users\Sabrina\AppData\Local\d3d9caps.dat
[2008/08/29 18:21:54 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2008/08/29 18:21:54 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2008/08/29 18:21:54 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2008/08/29 18:21:54 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2008/08/29 18:21:54 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2008/08/29 18:21:54 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2008/08/29 18:21:54 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2008/08/29 18:21:54 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2008/08/29 18:21:54 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2008/08/29 18:21:54 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2008/08/29 18:21:54 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2008/08/29 18:21:54 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2008/08/29 18:21:54 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2008/08/29 18:21:54 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2008/08/29 18:21:54 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2008/08/29 18:21:54 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2008/08/29 18:21:54 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2008/08/29 18:21:54 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2008/08/29 18:21:54 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008/08/28 11:06:11 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/08/28 10:58:48 | 000,001,844 | ---- | C] () -- C:\Users\Sabrina\AppData\Roaming\install.dat
[2008/08/28 10:36:00 | 000,100,352 | ---- | C] () -- C:\Users\Sabrina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/17 20:32:07 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/08/17 20:32:07 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/08/17 20:32:07 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/08/17 20:32:07 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/08/17 20:32:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/08/17 12:38:23 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/03/04 17:52:34 | 000,286,720 | ---- | C] () -- C:\Windows\System32\libcurl.dll
[2008/02/03 14:44:44 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/01/20 18:23:44 | 000,054,784 | ---- | C] () -- C:\Windows\System32\drivers\i8042prt.sys
[2007/05/17 12:58:10 | 000,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll
[2006/11/03 14:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 04:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 04:47:43 | 000,371,864 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 02:33:01 | 000,654,246 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 02:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 02:33:01 | 000,123,628 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 02:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 02:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 02:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 00:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 00:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/01 23:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/01 23:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/11/14 09:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2012/01/13 18:11:13 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\.BitTornado
[2008/08/30 09:13:50 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\Absolute
[2011/04/25 19:45:44 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\acccore
[2010/03/06 14:45:38 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\Facebook
[2009/09/29 17:20:55 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\NCH Swift Sound
[2008/08/29 18:25:38 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\Panasonic
[2011/05/08 20:39:07 | 000,000,000 | ---D | M] -- C:\Users\Sabrina\AppData\Roaming\PCDr
[2012/02/01 18:37:01 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012/02/01 17:39:07 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/02/06 21:55:28 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/07 20:37:02 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: I8042PRT.SYS >
[2008/01/20 18:23:44 | 000,054,784 | ---- | M] () MD5=04BB6EA06E3301940D545A396E627180 -- C:\Windows\System32\drivers\i8042prt.sys
[2006/11/02 00:51:13 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1060F1377F395A242E27719440ECE602 -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\i8042prt.sys
[2006/11/02 00:51:13 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1060F1377F395A242E27719440ECE602 -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_3dfa3917\i8042prt.sys
[2008/01/20 18:10:16 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1C9EE072BAA3ABB460B91D7EE9152660 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\i8042prt.sys
[2008/01/20 18:10:16 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1C9EE072BAA3ABB460B91D7EE9152660 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\i8042prt.sys
[2008/01/20 18:23:48 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\i8042prt.sys
[2008/01/20 18:23:48 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\i8042prt.sys
[2008/01/20 18:23:44 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_8b7c4328\i8042prt.sys
[2008/01/20 18:23:48 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\i8042prt.sys
[2008/01/20 18:23:48 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\i8042prt.sys
[2008/01/20 18:23:44 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\i8042prt.sys
[2008/01/20 18:10:15 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=BEA9838CD25D36BEBA3F94386A761D60 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\i8042prt.sys
[2008/01/20 18:10:16 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=BEA9838CD25D36BEBA3F94386A761D60 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\i8042prt.sys

< MD5 for: I8042PRT.SYS.MUI >
[2008/01/20 18:10:21 | 000,009,216 | ---- | M] (Microsoft Corporation) MD5=023C991316F2359610CA0A240B3E8938 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_he-il_13d23b9761d205a5\i8042prt.sys.mui
[2008/01/20 18:10:21 | 000,009,216 | ---- | M] (Microsoft Corporation) MD5=023C991316F2359610CA0A240B3E8938 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_he-il_b6991ef18b8b8765\i8042prt.sys.mui
[2008/01/20 18:10:23 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=053F6637A9A388302E2CBE00243CE8FF -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_ja-jp_5b9bddb42c758726\i8042prt.sys.mui
[2008/01/20 18:10:23 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=053F6637A9A388302E2CBE00243CE8FF -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_ja-jp_fe62c10e562f08e6\i8042prt.sys.mui
[2008/01/20 18:10:17 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=080F803F41BD1422E02B713A34C96C50 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_ar-sa_98901d92c36772d0\i8042prt.sys.mui
[2008/01/20 18:10:17 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=080F803F41BD1422E02B713A34C96C50 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_ar-sa_3b5700eced20f490\i8042prt.sys.mui
[2008/01/20 18:10:18 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=0CBEB6ED2BC2853E653EB5A327040C7A -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_en-us_2ccb957d6f2f87c6\i8042prt.sys.mui
[2008/01/20 18:10:18 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=0CBEB6ED2BC2853E653EB5A327040C7A -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_en-us_cf9278d798e90986\i8042prt.sys.mui
[2008/01/20 18:10:22 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=0FAAC29DAF62909F4BA8C9B864801B51 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_hu-hu_1723143d5fc2d3d3\i8042prt.sys.mui
[2008/01/20 18:10:22 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=0FAAC29DAF62909F4BA8C9B864801B51 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_hu-hu_b9e9f797897c5593\i8042prt.sys.mui
[2008/01/20 18:10:17 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=191B20DCEFEDE2AB68F867D77EC9C748 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_ar-sa_982bf1fdaa2cfde6\i8042prt.sys.mui
[2008/01/20 18:10:17 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=191B20DCEFEDE2AB68F867D77EC9C748 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_ar-sa_3af2d557d3e67fa6\i8042prt.sys.mui
[2008/01/20 18:10:26 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=21C4228B3A5B0F3A089A9E444B2195A1 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_pt-pt_2f499b6ddb52f541\i8042prt.sys.mui
[2008/01/20 18:10:26 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=21C4228B3A5B0F3A089A9E444B2195A1 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_pt-pt_d2107ec8050c7701\i8042prt.sys.mui
[2008/01/20 18:10:22 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=2228C6ADF669A8B0CAAE95C6D32E8B76 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_it-it_b9765ea7395a754b\i8042prt.sys.mui
[2008/01/20 18:10:22 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=2228C6ADF669A8B0CAAE95C6D32E8B76 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_it-it_5c3d42016313f70b\i8042prt.sys.mui
[2008/01/20 18:10:25 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=29D01C5164F531BA4D0228CD551D579C -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_pl-pl_2c780cf2f694666b\i8042prt.sys.mui
[2008/01/20 18:10:25 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=29D01C5164F531BA4D0228CD551D579C -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_pl-pl_cf3ef04d204de82b\i8042prt.sys.mui
[2008/01/20 18:10:25 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=2B1D43FC28335198882DE27560AF5470 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_nl-nl_e5d786dbf83783cd\i8042prt.sys.mui
[2008/01/20 18:10:24 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=2B1D43FC28335198882DE27560AF5470 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_nl-nl_889e6a3621f1058d\i8042prt.sys.mui
[2008/01/20 18:10:19 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=2B7583A7B2C228E4704DCE3481311D85 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_da-dk_86af2a487e7b2767\i8042prt.sys.mui
[2008/01/20 18:10:19 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=2B7583A7B2C228E4704DCE3481311D85 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_da-dk_29760da2a834a927\i8042prt.sys.mui
[2008/01/20 18:10:22 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=2E288DCD3F4A495A8621F6571BB65B3D -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_hu-hu_16bee8a846885ee9\i8042prt.sys.mui
[2008/01/20 18:10:22 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=2E288DCD3F4A495A8621F6571BB65B3D -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_hu-hu_b985cc027041e0a9\i8042prt.sys.mui
[2008/01/20 18:10:24 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=35C5EE0B916C758A43D627A40002EEC8 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_nb-no_e7fc67331045eee2\i8042prt.sys.mui
[2008/01/20 18:10:23 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=35C5EE0B916C758A43D627A40002EEC8 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_nb-no_8ac34a8d39ff70a2\i8042prt.sys.mui
[2008/01/20 18:10:27 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=375E4CCDED372D44AE2DE8981DAFA6FC -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_tr-tr_bb590d82bf5404a3\i8042prt.sys.mui
[2008/01/20 18:10:27 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=375E4CCDED372D44AE2DE8981DAFA6FC -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_tr-tr_5e1ff0dce90d8663\i8042prt.sys.mui
[2008/01/20 18:10:21 | 000,009,216 | ---- | M] (Microsoft Corporation) MD5=383D35A3C1112A6EC4EEC50653F1F6C0 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_he-il_136e1002489790bb\i8042prt.sys.mui
[2008/01/20 18:10:21 | 000,009,216 | ---- | M] (Microsoft Corporation) MD5=383D35A3C1112A6EC4EEC50653F1F6C0 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_he-il_b634f35c7251127b\i8042prt.sys.mui
[2008/01/20 18:10:20 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=3B9152F1F8B2126C238387DCE8B5A2FE -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_es-es_2cfb1df68890ee55\i8042prt.sys.mui
[2008/01/20 18:10:20 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=3B9152F1F8B2126C238387DCE8B5A2FE -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_es-es_cfc20150b24a7015\i8042prt.sys.mui
[2008/01/20 18:10:19 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=3CBC71BB2A530438759B71E7C1E28764 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_de-de_83dabf8480517c01\i8042prt.sys.mui
[2008/01/20 18:10:19 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=3CBC71BB2A530438759B71E7C1E28764 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_de-de_26a1a2deaa0afdc1\i8042prt.sys.mui
[2008/01/20 18:10:19 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=481263A7F80F7EC411D4EC4D3A597F84 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_de-de_843eeb19998bf0eb\i8042prt.sys.mui
[2008/01/20 18:10:19 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=481263A7F80F7EC411D4EC4D3A597F84 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_de-de_2705ce73c34572ab\i8042prt.sys.mui
[2008/01/20 18:10:20 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=5E50F37C7E6EE2A28196DF0EC100BB59 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_el-gr_2c70ed176f66e48f\i8042prt.sys.mui
[2008/01/20 18:10:19 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=5E50F37C7E6EE2A28196DF0EC100BB59 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_el-gr_cf37d0719920664f\i8042prt.sys.mui
[2008/01/20 18:10:27 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=5F3D403DCAAAA8C3065ABEF2C0467FF1 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_sv-se_124bc33bd09802b2\i8042prt.sys.mui
[2008/01/20 18:10:27 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=5F3D403DCAAAA8C3065ABEF2C0467FF1 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_sv-se_b512a695fa518472\i8042prt.sys.mui
[2008/01/20 18:10:24 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=6360AA8A63903E3372346CE31342E6C7 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_nb-no_e7983b9df70b79f8\i8042prt.sys.mui
[2008/01/20 18:10:24 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=6360AA8A63903E3372346CE31342E6C7 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_nb-no_8a5f1ef820c4fbb8\i8042prt.sys.mui
[2008/01/20 18:10:25 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=6EFF552A81F1C5ABF7078931515C5642 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_nl-nl_e63bb2711171f8b7\i8042prt.sys.mui
[2008/01/20 18:10:24 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=6EFF552A81F1C5ABF7078931515C5642 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_nl-nl_890295cb3b2b7a77\i8042prt.sys.mui
[2008/01/20 18:10:20 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=7297B400A9CE2D32F139D1C5A19273A1 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_el-gr_2cd518ac88a15979\i8042prt.sys.mui
[2008/01/20 18:10:19 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=7297B400A9CE2D32F139D1C5A19273A1 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_el-gr_cf9bfc06b25adb39\i8042prt.sys.mui
[2008/01/20 18:10:18 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=7411FF31D42A6D6AEBD257DBA319FC9A -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_en-us_2d2fc1128869fcb0\i8042prt.sys.mui
[2008/01/20 18:10:18 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=7411FF31D42A6D6AEBD257DBA319FC9A -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_en-us_cff6a46cb2237e70\i8042prt.sys.mui
[2008/01/20 18:10:26 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=7D689C679F098D4377BCD860BFD8FAE3 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_ru-ru_7650d8c6d96ef857\i8042prt.sys.mui
[2008/01/20 18:10:26 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=7D689C679F098D4377BCD860BFD8FAE3 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_ru-ru_1917bc2103287a17\i8042prt.sys.mui
[2008/01/20 18:10:26 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=83264FF38E84FC7992549662AB27F223 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_pt-pt_2fadc702f48d6a2b\i8042prt.sys.mui
[2008/01/20 18:10:26 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=83264FF38E84FC7992549662AB27F223 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_pt-pt_d274aa5d1e46ebeb\i8042prt.sys.mui
[2008/01/20 18:10:28 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=86A301A67623A03475A1BF131848F89E -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_zh-tw_90b268d66cfcb332\i8042prt.sys.mui
[2008/01/20 18:10:28 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=86A301A67623A03475A1BF131848F89E -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_zh-tw_33794c3096b634f2\i8042prt.sys.mui
[2008/01/20 18:10:23 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=86B4D44AE64FE8BA19167289A92F6BB7 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_ja-jp_5c00094945affc10\i8042prt.sys.mui
[2008/01/20 18:10:22 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=86B4D44AE64FE8BA19167289A92F6BB7 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_ja-jp_fec6eca36f697dd0\i8042prt.sys.mui
[2008/01/20 18:10:18 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=8B6508B7D322CFDCDAA5C725D0DF1599 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_cs-cz_e9754a2188352b68\i8042prt.sys.mui
[2008/01/20 18:10:18 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=8B6508B7D322CFDCDAA5C725D0DF1599 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_cs-cz_8c3c2d7bb1eead28\i8042prt.sys.mui
[2008/01/20 18:10:26 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=8D8E16D947F900C8443A52DD84404F6A -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_pt-br_2e67cc01dbe38565\i8042prt.sys.mui
[2008/01/20 18:10:25 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=8D8E16D947F900C8443A52DD84404F6A -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_pt-br_d12eaf5c059d0725\i8042prt.sys.mui
[2008/01/20 18:10:26 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=8DAE99A5FA01304D7096DE081A53A4B3 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_ru-ru_75ecad31c034836d\i8042prt.sys.mui
[2008/01/20 18:10:26 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=8DAE99A5FA01304D7096DE081A53A4B3 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_ru-ru_18b3908be9ee052d\i8042prt.sys.mui
[2008/01/20 18:10:28 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8F9792EDF7179430E2129CBB0C6E977B -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_zh-cn_8c51ffeb565161d8\i8042prt.sys.mui
[2008/01/20 18:10:28 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8F9792EDF7179430E2129CBB0C6E977B -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_zh-cn_2f18e345800ae398\i8042prt.sys.mui
[2008/01/20 18:10:21 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=98FC6934AAC75A13DEABF8778F4E4884 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_fi-fi_cbb1f70e64706b95\i8042prt.sys.mui
[2008/01/20 18:10:20 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=98FC6934AAC75A13DEABF8778F4E4884 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_fi-fi_6e78da688e29ed55\i8042prt.sys.mui
[2008/01/20 18:10:28 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=9F1E2FD8DB7A3BC83B463DD822B8A9D7 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_tr-tr_baf4e1eda6198fb9\i8042prt.sys.mui
[2008/01/20 18:10:27 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=9F1E2FD8DB7A3BC83B463DD822B8A9D7 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_tr-tr_5dbbc547cfd31179\i8042prt.sys.mui
[2008/01/20 18:10:22 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=A458F016A1F406D20BA13DF6D8392524 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_it-it_b9da8a3c5294ea35\i8042prt.sys.mui
[2008/01/20 18:10:22 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=A458F016A1F406D20BA13DF6D8392524 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_it-it_5ca16d967c4e6bf5\i8042prt.sys.mui
[2008/01/20 18:10:23 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=B29FBD2AC04CC88A0ACD070E10740E68 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_ko-kr_ff69e5fe3820c326\i8042prt.sys.mui
[2008/01/20 18:10:23 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=B29FBD2AC04CC88A0ACD070E10740E68 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_ko-kr_a230c95861da44e6\i8042prt.sys.mui
[2006/11/02 04:41:23 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=B3899D4652B5C8C1C7B1597296020B0C -- C:\Windows\System32\drivers\en-US\i8042prt.sys.mui
[2006/11/02 04:41:20 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=B3899D4652B5C8C1C7B1597296020B0C -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_2c720f8d6f7323d4\i8042prt.sys.mui
[2006/11/02 04:41:20 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=B3899D4652B5C8C1C7B1597296020B0C -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6001.18000_en-us_2ea8d1896c5e34a8\i8042prt.sys.mui
[2006/11/02 04:41:23 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=B3899D4652B5C8C1C7B1597296020B0C -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_cf38f2e7992ca594\i8042prt.sys.mui
[2006/11/02 04:41:23 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=B3899D4652B5C8C1C7B1597296020B0C -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6001.18000_en-us_d16fb4e39617b668\i8042prt.sys.mui
[2008/01/20 18:10:25 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=CA0A96F108EF66057536B723699B734D -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_pl-pl_2c13e15ddd59f181\i8042prt.sys.mui
[2008/01/20 18:10:25 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=CA0A96F108EF66057536B723699B734D -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_pl-pl_cedac4b807137341\i8042prt.sys.mui
[2008/01/20 18:10:26 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=CF254F21B8D6F1D0CB2EBF2366FAD4D0 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_pt-br_2ecbf796f51dfa4f\i8042prt.sys.mui
[2008/01/20 18:10:25 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=CF254F21B8D6F1D0CB2EBF2366FAD4D0 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_pt-br_d192daf11ed77c0f\i8042prt.sys.mui
[2008/01/20 18:10:23 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=D6056F66414076AC8ED94D0ECC82F97D -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_ko-kr_ff05ba691ee64e3c\i8042prt.sys.mui
[2008/01/20 18:10:23 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=D6056F66414076AC8ED94D0ECC82F97D -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_ko-kr_a1cc9dc3489fcffc\i8042prt.sys.mui
[2008/01/20 18:10:19 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=D98EE0784820D17A0C5A6890B6C73012 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_da-dk_871355dd97b59c51\i8042prt.sys.mui
[2008/01/20 18:10:18 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=D98EE0784820D17A0C5A6890B6C73012 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_da-dk_29da3937c16f1e11\i8042prt.sys.mui
[2008/01/20 18:10:21 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=DC01685438158853298BA007D8C9076D -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_fr-fr_cfb293f57b6304b7\i8042prt.sys.mui
[2008/01/20 18:10:21 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=DC01685438158853298BA007D8C9076D -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_fr-fr_7279774fa51c8677\i8042prt.sys.mui
[2008/01/20 18:10:28 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=E5146714318E9DDD2CCB1E8C2366EBA4 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_zh-tw_904e3d4153c23e48\i8042prt.sys.mui
[2008/01/20 18:10:28 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=E5146714318E9DDD2CCB1E8C2366EBA4 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_zh-tw_3315209b7d7bc008\i8042prt.sys.mui
[2008/01/20 18:10:18 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=E8E3DA5BB29B6BFDFE9E3E893CA0DA92 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_cs-cz_e9d975b6a16fa052\i8042prt.sys.mui
[2008/01/20 18:10:18 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=E8E3DA5BB29B6BFDFE9E3E893CA0DA92 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_cs-cz_8ca05910cb292212\i8042prt.sys.mui
[2008/01/20 18:10:28 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=EE1459677C21B872A606F5813137B7FE -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_zh-cn_8cb62b806f8bd6c2\i8042prt.sys.mui
[2008/01/20 18:10:28 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=EE1459677C21B872A606F5813137B7FE -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_zh-cn_2f7d0eda99455882\i8042prt.sys.mui
[2008/01/20 18:10:21 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=EF6CB7EABEDB2870BFF09F1FD052EAAE -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_fr-fr_cf4e686062288fcd\i8042prt.sys.mui
[2008/01/20 18:10:21 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=EF6CB7EABEDB2870BFF09F1FD052EAAE -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_fr-fr_72154bba8be2118d\i8042prt.sys.mui
[2008/01/20 18:10:27 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=EF9DFCAA07E3A5C48DF654A7C764AF59 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_sv-se_11e797a6b75d8dc8\i8042prt.sys.mui
[2008/01/20 18:10:27 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=EF9DFCAA07E3A5C48DF654A7C764AF59 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_sv-se_b4ae7b00e1170f88\i8042prt.sys.mui
[2008/01/20 18:10:21 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=F4CCC47BBACB988BA667469BEEB56922 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.20734_fi-fi_cc1622a37daae07f\i8042prt.sys.mui
[2008/01/20 18:10:20 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=F4CCC47BBACB988BA667469BEEB56922 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.20734_fi-fi_6edd05fda764623f\i8042prt.sys.mui
[2008/01/20 18:10:20 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=F5BA63589948AEAA6C12773C1B79ED00 -- C:\Windows\winsxs\x86_keyboard.inf.resources_31bf3856ad364e35_6.0.6000.16609_es-es_2c96f2616f56796b\i8042prt.sys.mui
[2008/01/20 18:10:20 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=F5BA63589948AEAA6C12773C1B79ED00 -- C:\Windows\winsxs\x86_msmouse.inf.resources_31bf3856ad364e35_6.0.6000.16609_es-es_cf5dd5bb990ffb2b\i8042prt.sys.mui

< %systemroot%\*. /mp /s >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\History] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Application Data] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Cookies] -> Error: Cannot create file handle -> Unknown point type
[C:\Windows\System32\config\systemprofile\Local Settings] -> Error: Cannot create file handle -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:753F86A9

< End of report >




Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt]
"DisplayName"="i8042 Keyboard and PS/2 Mouse Port Driver"
"Group"="Keyboard Port"
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,69,00,38,00,30,00,34,00,32,00,70,\
00,72,00,74,00,2e,00,73,00,79,00,73,00,00,00
"ErrorControl"=dword:00000001
"Start"=dword:00000001
"Type"=dword:00000001
"Tag"=dword:00000005

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters]
"PollingIterations"=dword:00002ee0
"PollingIterationsMaximum"=dword:00002ee0
"ResendIterations"=dword:00000003
"LayerDriver JPN"="kbd101.dll"
"LayerDriver KOR"="kbd101a.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Enum]
"0"="ACPI\\PNP0F13\\4&101f2619&0"
"Count"=dword:00000002
"NextInstance"=dword:00000002
"1"="ACPI\\PNP0303\\4&101f2619&0"
  • 0

#27
CompCav
Posted 08 February 2012 - 12:55 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
OK the registry key looks fine so we just need to replace the file but we need ComboFix to kill the bad one that holds the rootkit infection so that we can replace it.




Since Combofix did not finish running we need to remove Norton before running it again.

First

Delete the copy of ComboFix that you have on your desktop. Then download a fresh copy from the link in Post #8 and Step 2.


Next uninstall Norton

Norton uninstall process:
Download and save the Norton removal tool
Norton removal_Tool.exe on your desktop.

Uninstall Symantec (save the product license key in case you decide to reinstall it:http://us.norton.com/support/kb/web_view.jsp?wv_type=public_web&docurl=20080710133834EN&ln=en_US)

Run the Norton removal tool it will require a reboot.


Finally Run ComboFix using instructions from Post #8


When ComboFix finishes post the log.

Edited by CompCav, 08 February 2012 - 06:46 AM.

  • 0

#28
CompCav
Posted 08 February 2012 - 01:01 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
After you post ComboFix.txt you can reinstall Norton.
  • 0

#29
CompCav
Posted 08 February 2012 - 01:03 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
I have a Dr's appointment tomorrow and so I must go to bed now. I will be back on tomorrow morning.

CompCav
  • 0

#30
boredcrow
Posted 08 February 2012 - 01:12 AM

boredcrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
For when you return tomorrow - the link to the Norton uninstall didn't work.

Thanks again for your help.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP