[Steven Gottlieb]

Hi,
I am running windowa xp using microsoft security essentials. MSE came up with 3 trojans-TrojanDownloader:win32/Unruy.H, TrojanDownloader:win32/Seveto.A and Trojan:Win32/Sirefef.AC-time and time again. MSE would remove them(mse confirmed this)and minutes later the 3 trojan would return. I ran TDSSiller which found some threats which it removed and then mse never found those trojans again. Unfortunately my internet no longer works. The network connection continuously says acquiring network connection. Windows Firewall/Internet Connection Sharing (in Services)will not start, giving the following error message--Could not start the Windows Firewall/Internet Connection Sharing (ICS) service on Local Computer. Error 10050: A socket operation encountered a dead network.
My OTL reports are below
Any help would be greatly appreciated.
Thank you,
Steven
OTL logfile created on: 3/2/2012 10:38:49 AM - Run 1
OTL by OldTimer - Version 3.2.34.0 Folder = C:\Documents and Settings\Math On DVDs\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 70.77% Memory free
3.60 Gb Paging File | 3.26 Gb Available in Paging File | 90.71% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 59.25 Gb Free Space | 46.29% Space Free | Partition Type: NTFS

Computer Name: MATHONDVDS | User Name: Math On DVDs | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Math On DVDs\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\dgdersvc.exe (Devguru Co., Ltd.)
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
PRC - C:\Program Files\Zoom\Zoom Phone Adaptor\ZoomAgent.exe ()
PRC - C:\Program Files\Zoom\Zoom Phone Adaptor\VServ.exe ()
PRC - C:\Program Files\Zoom\Zoom Phone Adaptor\ZoomMonitor.exe ()
PRC - C:\Program Files\Super_DVD_Creator_9.5\NMSAccessU.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\SMART Board Software\SMARTBoardService.exe (SMART Technologies Inc.)
PRC - C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
PRC - C:\USBStorage\USBDetector.exe (ali)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
MOD - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
MOD - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll ()
MOD - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll ()
MOD - C:\Program Files\Zoom\Zoom Phone Adaptor\ZoomAgent.exe ()
MOD - C:\Program Files\Zoom\Zoom Phone Adaptor\CMApi.dll ()
MOD - C:\Program Files\Zoom\Zoom Phone Adaptor\VServD.dll ()
MOD - C:\Program Files\Zoom\Zoom Phone Adaptor\VServ.exe ()
MOD - C:\Program Files\Zoom\Zoom Phone Adaptor\ZoomMonitor.exe ()
MOD - C:\Program Files\Super_DVD_Creator_9.5\NMSAccessU.exe ()
MOD - C:\WINDOWS\system32\slvipgx.dll ()
MOD - C:\WINDOWS\system32\BiImg.dll ()


========== Win32 Services (SafeList) ==========

SRV - (UxTuneUp) -- File not found
SRV - (SMART Display Controller) -- File not found
SRV - (HidServ) -- File not found
SRV - (SMART Mirror Driver Monitor Service) -- C:\Documents and Settings\Math On DVDs\Application Data\SMART Technologies\Bridgit\4.2.146.0\monitorservice.exe (SMART Technologies ULC.)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (FlipShare Service) -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe ()
SRV - (FlipShareServer) -- C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe ()
SRV - (dgdersvc) -- C:\WINDOWS\system32\dgdersvc.exe (Devguru Co., Ltd.)
SRV - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (VService) -- C:\Program Files\Zoom\Zoom Phone Adaptor\VServ.exe ()
SRV - (NMSAccessU) -- C:\Program Files\Super_DVD_Creator_9.5\NMSAccessU.exe ()
SRV - (SMART Board Service) -- C:\Program Files\SMART Board Software\SMARTBoardService.exe (SMART Technologies Inc.)


========== Driver Services (SafeList) ==========

DRV - (MpKsl1fe3911c) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EF8A1C0A-B97A-4E77-9AC8-CC8749832F60}\MpKsl1fe3911c.sys (Microsoft Corporation)
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (smrtdrv) -- C:\WINDOWS\system32\drivers\smrtdrv.sys (SMART Technologies Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (HidBoard) -- C:\WINDOWS\system32\drivers\HidBoard.sys (SMART Technologies Inc.)
DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (nvgts) -- C:\WINDOWS\System32\DRIVERS\nvgts.sys (NVIDIA Corporation)
DRV - (RsFx0150) -- C:\WINDOWS\system32\drivers\RsFx0150.sys (Microsoft Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (glancedrv) -- C:\WINDOWS\system32\drivers\glancedrv.sys (Glance Networks, Inc)
DRV - (scusbvip) -- C:\WINDOWS\system32\drivers\scusbvip.sys ( )
DRV - (TLRecAgent) -- C:\WINDOWS\system32\DRIVERS\TLRecAgent.sys ( )
DRV - (SLVAD_simple) -- C:\WINDOWS\system32\drivers\slvad.sys ( )
DRV - (PAC207) -- C:\WINDOWS\system32\drivers\PFC027.SYS (PixArt Imaging Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-re...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mathondvds.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.mathondvds.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babyl...000f80f410b5e1e
IE - HKCU\..\SearchScopes\{5E3D42C8-E275-5615-687D-817FDC698D60}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\..\SearchScopes\{6C59297E-BFFE-4E6A-0BF5-4187155432D8}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/14 23:13:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011/10/24 16:44:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011/11/16 10:55:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/17 22:34:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/14 23:13:58 | 000,000,000 | ---D | M]

[2012/02/05 22:13:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Math On DVDs\Application Data\Mozilla\Extensions
[2011/12/20 10:10:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Math On DVDs\Application Data\Mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a}
[2012/02/23 12:59:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Math On DVDs\Application Data\Mozilla\Firefox\Profiles\mxttmc59.default\extensions
[2011/11/26 14:13:34 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Math On DVDs\Application Data\Mozilla\Firefox\Profiles\mxttmc59.default\extensions\[email protected]
[2012/02/05 22:13:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/21 11:22:19 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/02/17 22:34:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/02/17 22:34:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/01 11:02:15 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2011/12/12 18:43:30 | 000,002,336 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/10/01 11:02:15 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2011/10/01 11:02:15 | 000,001,131 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2011/10/01 11:02:15 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2012/01/18 14:49:54 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2011/11/10 08:58:46 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2011/10/01 11:02:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2011/10/01 11:02:15 | 000,001,096 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2012/03/02 10:23:04 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (CIEDownload Object) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Board Software\NotebookPlugin.dll (SMART Technologies Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install File not found
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [USBDetector] C:\USBStorage\USBDetector.exe (ali)
O4 - HKLM..\Run: [ZoomMonitor.exe] C:\Program Files\Zoom\Zoom Phone Adaptor\ZoomMonitor.exe ()
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IBP] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.69.188.185 207.69.188.186 207.69.188.187
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{231F8E8E-67D4-4EBC-AB76-7E4C860417E1}: DhcpNameServer = 207.69.188.185 207.69.188.186 207.69.188.187
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\AutorunsDisabled: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop Components:1 () - http://www.mathtutor...airbraiding.htm
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/09/14 15:20:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/02 10:37:01 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Math On DVDs\Desktop\OTL.exe
[2012/03/02 10:16:37 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Math On DVDs\Desktop\WinsockxpFix.exe
[2012/03/02 00:13:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2012/03/01 15:53:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2012/03/01 10:30:06 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/02/29 23:35:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Flip Video
[2012/02/29 23:31:57 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/02/29 23:29:23 | 002,063,920 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Math On DVDs\Desktop\TDSSKiller.exe
[2012/02/29 15:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Math On DVDs\Desktop\I Love Lucy S2 D3
[2012/02/29 14:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Math On DVDs\Desktop\Adventures of Superman S1 D5
[2012/02/29 13:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Math On DVDs\Desktop\Adventures of Superman S1 D4
[2012/02/29 00:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/02/29 00:55:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/02/28 23:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony
[2012/02/28 23:54:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Math On DVDs\Application Data\Publish Providers
[2012/02/28 23:52:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Math On DVDs\Local Settings\Application Data\Sony
[2012/02/28 23:51:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sony
[2012/02/28 23:51:31 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2012/02/28 23:49:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Math On DVDs\Application Data\Sony
[2012/02/28 22:39:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Math On DVDs\My Documents\SMART Notebook
[2012/02/28 20:45:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SMART Board Software
[2012/02/28 20:32:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\SMART Technologies
[2012/02/28 20:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\SMART Technologies
[2012/02/28 19:08:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Math On DVDs\Desktop\Adventures of Superman S1 D1
[2012/02/28 11:07:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Math On DVDs\PrivacIE
[2012/02/28 00:36:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Math On DVDs\Recent
[2012/02/27 03:25:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Math On DVDs\IETldCache
[2012/02/27 03:08:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012/02/27 03:07:38 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012/02/27 03:05:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/02/23 14:15:28 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2012/02/23 11:00:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Math On DVDs\Application Data\EurekaLog
[2012/02/23 10:57:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Math On DVDs\Application Data\Softplicity
[2012/02/23 10:57:23 | 000,000,000 | ---D | C] -- C:\Program Files\TotalMovieConverter
[2012/02/23 09:41:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Math On DVDs\Desktop\West_DISC
[2012/02/15 19:16:34 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Shrink 2
[2012/02/15 12:09:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVD Shrink 2
[2012/02/10 13:46:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Math On DVDs\Desktop\Group Theory
[2012/02/10 13:45:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Math On DVDs\Desktop\Math Tricks
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/02 10:41:05 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/03/02 10:36:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/02 10:36:00 | 1878,380,544 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/02 10:26:55 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Math On DVDs\Desktop\OTL.exe
[2012/03/02 10:23:04 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/03/02 10:16:28 | 000,000,297 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Desktop\Shortcut to FreeAgent GoFlex Drive (E).lnk
[2012/03/02 10:13:50 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Math On DVDs\Desktop\WinsockxpFix.exe
[2012/03/02 01:56:12 | 000,000,571 | ---- | M] () -- C:\WINDOWS\Jelly.ini
[2012/03/01 22:08:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/01 15:34:04 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2012/03/01 10:30:06 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/02/29 22:02:38 | 000,000,297 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Desktop\Shortcut to FreeAgent GoFlex Drive (H).lnk
[2012/02/29 21:51:39 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/29 21:30:55 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\System32\dds_trash_log.cmd
[2012/02/29 14:06:36 | 002,063,920 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Math On DVDs\Desktop\TDSSKiller.exe
[2012/02/29 00:45:17 | 000,282,128 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/28 23:51:53 | 000,000,847 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Sound Forge Pro 10.0.lnk
[2012/02/28 21:49:33 | 000,118,784 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/28 20:45:32 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\My Documents\SMART Board Tools.lnk
[2012/02/28 20:45:32 | 000,001,782 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\My Documents\Notebook Software.lnk
[2012/02/28 13:02:13 | 000,002,449 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Desktop\Microsoft FrontPage.lnk
[2012/02/28 11:26:40 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/02/28 00:32:27 | 000,441,096 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2012/02/27 03:25:49 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/24 22:49:45 | 000,073,442 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Desktop\20120225_bt_questions.pdf
[2012/02/23 16:58:45 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Desktop\FileZilla.lnk
[2012/02/22 22:16:02 | 086,431,896 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Desktop\WEST 1-25.wmv
[2012/02/22 22:04:42 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Desktop\Movica.lnk
[2012/02/22 22:03:18 | 027,146,430 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Desktop\WEST 26-37.wmv
[2012/02/22 21:53:59 | 042,449,294 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Desktop\WEST 38-50.wmv
[2012/02/15 19:16:35 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Desktop\DVD Shrink 3.2.lnk
[2012/02/15 15:27:42 | 000,563,080 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/15 15:27:42 | 000,111,054 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/15 12:50:07 | 014,593,954 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Desktop\Mathemagics How to Look Like a Genius Without Really Trying-Mantesh.pdf
[2012/02/07 22:18:58 | 000,488,553 | ---- | M] () -- C:\Documents and Settings\Math On DVDs\Desktop\ExamP_Sample_Solutions_2011.pdf
[2012/02/05 21:03:50 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/02/05 20:55:18 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/02 00:23:14 | 1878,380,544 | -HS- | C] () -- C:\hiberfil.sys
[2012/03/01 22:54:31 | 000,000,171 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\Desktop\Winsock.reg
[2012/02/29 19:26:03 | 000,000,297 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\Desktop\Shortcut to FreeAgent GoFlex Drive (E).lnk
[2012/02/29 00:23:25 | 000,000,000 | -HS- | C] () -- C:\WINDOWS\System32\dds_trash_log.cmd
[2012/02/28 23:51:53 | 000,000,847 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Sound Forge Pro 10.0.lnk
[2012/02/28 20:45:32 | 000,001,817 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\My Documents\SMART Board Tools.lnk
[2012/02/28 20:45:32 | 000,001,782 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\My Documents\Notebook Software.lnk
[2012/02/24 22:49:43 | 000,073,442 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\Desktop\20120225_bt_questions.pdf
[2012/02/23 16:58:45 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\Desktop\FileZilla.lnk
[2012/02/22 22:09:19 | 086,431,896 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\Desktop\WEST 1-25.wmv
[2012/02/22 22:03:16 | 027,146,430 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\Desktop\WEST 26-37.wmv
[2012/02/22 21:59:50 | 042,449,294 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\Desktop\WEST 38-50.wmv
[2012/02/17 13:59:52 | 000,000,297 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\Desktop\Shortcut to FreeAgent GoFlex Drive (H).lnk
[2012/02/15 12:51:00 | 014,593,954 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\Desktop\Mathemagics How to Look Like a Genius Without Really Trying-Mantesh.pdf
[2012/02/15 09:29:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/15 09:29:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/07 22:18:56 | 000,488,553 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\Desktop\ExamP_Sample_Solutions_2011.pdf
[2012/02/05 21:03:49 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/12/20 12:46:44 | 000,279,902 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/12/20 12:46:44 | 000,279,750 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-484763869-1078145449-839522115-1003-0.dat
[2011/12/19 13:27:34 | 000,000,571 | ---- | C] () -- C:\WINDOWS\Jelly.ini
[2011/12/02 13:08:19 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2011/11/13 21:29:33 | 000,816,648 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/11/13 16:06:49 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011/11/13 13:22:09 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\Application Data\$_hpcst$.hpc
[2011/11/04 19:37:21 | 000,000,408 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2011/10/31 17:51:54 | 000,244,240 | R--- | C] () -- C:\WINDOWS\System32\slvipgx.dll
[2011/10/31 17:51:54 | 000,150,032 | R--- | C] () -- C:\WINDOWS\System32\slvipco.dll
[2011/10/31 17:51:54 | 000,084,912 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\slvad.sys
[2011/10/31 17:51:50 | 000,609,936 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\scusbvip.sys
[2011/10/31 17:51:50 | 000,036,976 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\TLRecAgent.sys
[2011/10/31 17:48:21 | 000,000,070 | ---- | C] () -- C:\WINDOWS\slsetup.ini
[2011/10/07 10:48:26 | 000,000,040 | ---- | C] () -- C:\WINDOWS\nero.INI
[2011/09/29 10:41:20 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/09/20 22:50:42 | 000,118,784 | ---- | C] () -- C:\Documents and Settings\Math On DVDs\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/19 14:19:29 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2011/09/19 08:37:57 | 000,000,061 | ---- | C] () -- C:\WINDOWS\NeroAPI.INI
[2011/09/18 09:59:50 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/09/18 09:59:50 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/09/18 09:59:50 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/09/18 09:59:42 | 002,128,778 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011/09/15 16:05:21 | 000,000,069 | ---- | C] () -- C:\WINDOWS\bi_group.ini
[2011/09/15 08:57:22 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/09/15 08:01:16 | 000,000,385 | ---- | C] () -- C:\WINDOWS\hpwmdl27.dat.temp
[2011/09/14 23:28:18 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/14 23:09:16 | 000,171,266 | ---- | C] () -- C:\WINDOWS\hpwins27.dat
[2011/09/14 23:09:15 | 000,000,385 | ---- | C] () -- C:\WINDOWS\hpwmdl27.dat
[2011/09/14 23:03:37 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/09/14 21:31:31 | 000,010,084 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011/09/14 15:21:55 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/09/14 15:19:02 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/09/14 11:12:53 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/09/14 11:12:12 | 000,282,128 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/06/07 11:13:38 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/06/07 11:13:38 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/06/07 11:13:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/06/07 11:13:38 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll

========== LOP Check ==========

[2011/12/12 18:43:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2012/01/18 15:00:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2012/02/28 20:27:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2011/10/23 15:26:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flip Video
[2011/09/18 16:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/11/29 09:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/09/17 13:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/11/13 16:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/02/28 20:37:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SMART Technologies
[2011/09/22 20:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SMART Technologies Inc
[2012/02/28 23:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2011/09/19 22:04:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011/09/17 13:32:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2011/12/02 13:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/09/19 13:05:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/12/12 18:43:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\Babylon
[2012/02/23 11:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\EurekaLog
[2012/02/28 00:37:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\FileZilla
[2011/10/23 15:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\Flip Video
[2011/09/19 12:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\GetRightToGo
[2012/02/28 15:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\IBP
[2012/02/18 20:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\Mumble
[2011/11/15 11:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\Musicmatch
[2012/02/28 23:54:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\Publish Providers
[2011/11/13 16:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\Samsung
[2012/01/21 13:19:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\searchquband
[2011/09/15 13:57:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\SMART Technologies
[2011/09/20 09:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\SMART Technologies Inc
[2012/02/23 10:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\Softplicity
[2012/02/28 23:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\Sony
[2011/12/17 13:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\TeamViewer
[2011/09/19 13:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\TuneUp Software
[2011/09/18 23:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Math On DVDs\Application Data\WinPatrol
[2012/03/02 10:41:05 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2012/01/19 10:39:54 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\stampShakeIcon.job

========== Purity Check ==========



< End of report >





OTL Extras logfile created on: 3/2/2012 10:38:50 AM - Run 1
OTL by OldTimer - Version 3.2.34.0 Folder = C:\Documents and Settings\Math On DVDs\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 70.77% Memory free
3.60 Gb Paging File | 3.26 Gb Available in Paging File | 90.71% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 59.25 Gb Free Space | 46.29% Space Free | Partition Type: NTFS

Computer Name: MATHONDVDS | User Name: Math On DVDs | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"12001:UDP" = 12001:UDP:*:Enabled:SMART WebServer Handshake Multicast Port
"24726:TCP" = 24726:TCP:*:Enabled:FlipShareServer
"24727:TCP" = 24727:TCP:*:Enabled:FlipShareServer

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App -- (Microsoft Corporation)
"C:\Documents and Settings\Math On DVDs\Local Settings\Temp\G2_626\g2viewer.exe" = C:\Documents and Settings\Math On DVDs\Local Settings\Temp\G2_626\g2viewer.exe:*:Enabled:GoToMyPC Viewer
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Documents and Settings\Math On DVDs\Desktop\New Folder\TeamViewer.exe" = C:\Documents and Settings\Math On DVDs\Desktop\New Folder\TeamViewer.exe:*:Enabled:TeamViewer
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\FrostWire 5\FrostWire.exe" = C:\Program Files\FrostWire 5\FrostWire.exe:*:Enabled:FrostWire
"C:\Program Files\SMART Technologies\Education Software\VantageService.exe" = C:\Program Files\SMART Technologies\Education Software\VantageService.exe:*:Enabled:SMART Vantage Service


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00120409-78E1-11D2-B60F-006097C998E7}" = Microsoft FrontPage 2000 SR-1
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A7AB28D-E7DE-458A-9243-663DADDEE290}" = Zoom Phone Adaptor
"{0A7AB28D-E7DE-458A-9243-663DADDEE290}SL" = Zoom Phone Adaptor
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{148D9D03-5D23-4D4F-B5D0-BA6030C45DCF}" = Adobe Flash Player 10 ActiveX
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1E76EB6E-E390-11DF-95DB-005056C00008}" = MSVCRT Redists
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.2.3456
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java™ 6 Update 29
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EB6F78A-66E3-434f-BD0E-76C7D078DB5E}" = 4500G510af_Software_Min
"{420DFB63-8AE7-F7D6-E4B4-AB6D140221F4}" = FlipShare
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}" = Microsoft SQL Server VSS Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AB6A079-178B-4144-B21F-4D1AE71666A2}" = Microsoft SQL Server 2008 R2 Native Client
"{4BF501B5-A37F-467F-8C91-303884F64D9A}" = PC CIF Camer@
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 Database Engine Services
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}" = Microsoft SQL Server 2008 R2 Setup (English)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B9F50F9-BA6F-47c5-990B-76A74A1C68B0}" = 4500G510af
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9660B18F-EC12-11DF-B006-0013D3D69929}" = Sound Forge Pro 10.0
"{96D33319-C14C-3070-A464-CE8416E46487}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A41A96D2-A069-4678-BDAF-2AACED576ABD}" = SMART Essentials for Educators
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.94
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 Database Engine Services
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B72EB184-2A42-4B3C-8F8F-D7EF163829B4}" = SMART Board Software
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C175D5B0-ED04-42C9-B23F-D8BD406173E7}" = 4500_G510af_Help
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C98517B6-DCE9-49B7-B19E-E384178D3986}" = HP Officejet 4500 G510a-f
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CA}" = WinZip 16.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DC35AABA-EA0A-41C1-8462-F60A201DFF9B}" = Noise Reduction Plug-in 2.0i
"{DEC0260E-680A-4E50-AE95-F2F75D95D442}" = Movica
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E6BB1D67-CE52-47F7-B06A-0BC9810F499A}" = Microsoft adCenter Desktop
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CCleaner" = CCleaner
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.5.3
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"IBP11_is1" = IBP 11.9.1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{4BF501B5-A37F-467F-8C91-303884F64D9A}" = PC CIF Camer@
"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"JellyFish Light 3.5" = JellyFish Light 3.5
"jZip" = jZip
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Mozilla Firefox 10.0.2 (x86 en-US)" = Mozilla Firefox 10.0.2 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MWSnap 3" = MWSnap 3
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Stamp" = Stamp ID3 Tag Editor
"Super DVD Creator_is1" = Super DVD Creator 9.5
"TeamViewer 7" = TeamViewer 7
"VLC media player" = VLC media player 1.1.11
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/1/2012 4:53:29 PM | Computer Name = MATHONDVDS | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4
3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 3/1/2012 10:09:19 PM | Computer Name = MATHONDVDS | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/1/2012 10:18:19 PM | Computer Name = MATHONDVDS | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4
3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 3/1/2012 10:21:14 PM | Computer Name = MATHONDVDS | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/1/2012 10:27:40 PM | Computer Name = MATHONDVDS | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/1/2012 10:37:54 PM | Computer Name = MATHONDVDS | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/1/2012 10:46:53 PM | Computer Name = MATHONDVDS | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4
3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 3/1/2012 11:56:24 PM | Computer Name = MATHONDVDS | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/2/2012 12:01:12 AM | Computer Name = MATHONDVDS | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/2/2012 12:06:22 AM | Computer Name = MATHONDVDS | Source = JavaQuickStarterService | ID = 1
Description =

[ System Events ]
Error - 3/1/2012 10:27:46 PM | Computer Name = MATHONDVDS | Source = Service Control Manager | ID = 7003
Description = The DHCP Client service depends on the following nonexistent service:
Afd

Error - 3/1/2012 10:27:46 PM | Computer Name = MATHONDVDS | Source = Service Control Manager | ID = 7003
Description = The TCP/IP NetBIOS Helper service depends on the following nonexistent
service: Afd

Error - 3/1/2012 10:27:46 PM | Computer Name = MATHONDVDS | Source = Service Control Manager | ID = 7024
Description = The Background Intelligent Transfer Service service terminated with
service-specific error 2147952450 (0x80072742).

Error - 3/1/2012 10:27:46 PM | Computer Name = MATHONDVDS | Source = Service Control Manager | ID = 7000
Description = The LogMeIn Kernel Information Provider service failed to start due
to the following error: %%3

Error - 3/1/2012 10:27:46 PM | Computer Name = MATHONDVDS | Source = Service Control Manager | ID = 7023
Description = The IPSEC Services service terminated with the following error: %%10050

Error - 3/1/2012 10:27:46 PM | Computer Name = MATHONDVDS | Source = Service Control Manager | ID = 7000
Description = The SMART Display Controller service failed to start due to the following
error: %%2

Error - 3/1/2012 10:27:46 PM | Computer Name = MATHONDVDS | Source = Service Control Manager | ID = 7023
Description = The Automatic Updates service terminated with the following error:
%%2147952450

Error - 3/1/2012 10:27:46 PM | Computer Name = MATHONDVDS | Source = Service Control Manager | ID = 7023
Description = The Windows Firewall/Internet Connection Sharing (ICS) service terminated
with the following error: %%10050

Error - 3/1/2012 10:27:48 PM | Computer Name = MATHONDVDS | Source = Service Control Manager | ID = 7024
Description = The Background Intelligent Transfer Service service terminated with
service-specific error 2147952450 (0x80072742).

Error - 3/1/2012 10:27:48 PM | Computer Name = MATHONDVDS | Source = Service Control Manager | ID = 7003
Description = The Network Location Awareness (NLA) service depends on the following
nonexistent service: Afd


< End of report >

[Advertisements]

Download and Save the attached afd.zip file. Right click on it and Extract All. This will create a folder called afd. Inside the folder will be two files. afd.reg and legacy_afd.reg.

Right click on afd.reg and select MERGE. Allow it to merge into the registry. Report any errors you get.

Right click on legacy_afd.reg and select MERGE. Allow it to merge into the registry. Report any errors you get.

Reboot

Can you get on line now?

If not:

Start, Run, cmd, OK

Type with an enter after each line.

sc  query  afd

sc  query  netbt

sc  query  tcpip

(I use two spaces in the code box so you will be sure to see where 1 space goes.)

Each one should say something like this:


SERVICE_NAME: afd
TYPE : 1 KERNEL_DRIVER
STATE : 4 RUNNING <===============================================DOES THIS SAY RUNNING?
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

Ron

[RKinner]

Download and Save the attached afd.zip file. Right click on it and Extract All. This will create a folder called afd. Inside the folder will be two files. afd.reg and legacy_afd.reg.

Right click on afd.reg and select MERGE. Allow it to merge into the registry. Report any errors you get.

Right click on legacy_afd.reg and select MERGE. Allow it to merge into the registry. Report any errors you get.

Reboot

Can you get on line now?

If not:

Start, Run, cmd, OK

Type with an enter after each line.

sc  query  afd

sc  query  netbt

sc  query  tcpip

(I use two spaces in the code box so you will be sure to see where 1 space goes.)

Each one should say something like this:


SERVICE_NAME: afd
TYPE : 1 KERNEL_DRIVER
STATE : 4 RUNNING <===============================================DOES THIS SAY RUNNING?
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

Ron

[Steven Gottlieb]

Ron,
Here are the results you requested.
afd--no errors

Legacy_afd--got this error message-Cannot import C:\Documents and Settings\Math on DVDs\Desktop\Legacy_afd.reg: Not all data was successfully written to the registry. Some keys are open by the system or other processes.


sc query afd---stopped

sc query netbt----running

sc query tcpip----running

I suspect you can already tell, but my internet is still not working.
Thank you,
Steven

[RKinner]

You are going to have to take ownership of the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root key.

Start, Run, regedit, OK

Locate HKEY_LOCAL_MACHINE

and click on the + in front of it.

Now find SYSTEM

and click on its +

Now find CurrentControlSet

and click on its +

Now find Enum

and click on its +

Now find Root and just click on it.

Right click on Root and select Permissions.

Click Advanced, and then click the Owner tab.

Under Change owner to,
Select Administrators then click OK.

You should be back at the Permissions page. Click on Administrators then verify that Full Control is checked in the Allow column at the bottom.

Close regedit.

Right click on legacy_ipsec.reg and Merge. Does it work this time?

[Steven Gottlieb]

OK, I did as you advised and it worked fine. But still no internet service.
Thank you,
Steven

[RKinner]

What do you get when you do:

sc  query  afd

net  start  afd

[Steven Gottlieb]

Here is what I got--
sc query afd......stopped
net start afd.....system error 2 has occurred. the system cannot find the file specified.
I do want to mention to you that when I ran these tests the ethernet cable is NOT connected to the computer, except when I am checking for internet service, as I am useing the ethernet cable on the another computer to communicate with you.
Thank you very much,
Steven

[RKinner]

the system cannot find the file specified.

We probably need to replace the afd.sys file. Let's look and see if the file is where it is supposed to be:

Start, Run, cmd, OK then type:

dir  \windows\system32\drivers\afd.sys

Does it find the file?
if not:

cd  \

(Prompt should change to show you are in C:\ )

dir  /a  /s  afd.sys

(This will take a few minutes to complete. Does it find the file anywhere? If it finds one then copy it to c:\windows\system32\drivers\afd.sys

If not, download the attached afd.zip file and save it then right click and Extract All then find afd.sys and copy it to c:\windows\system32\drivers\afd.sys

Connect up your cable and see if it works now. If not what does

net  start  afd

say? )

[Steven Gottlieb]

Morning,
I tried to do what you asked but am not sure that happened. I typed this into run exactly as you gave me--- cd \windows\system32\afd.sys---and got the message `windows cannot find 'cd'....' Thinking that I was to type in c or d, I tried c which is my local drive and got the same error. Then I typed in `cd \dir /a /s afd.sys and got the same message, using cd and c. Then I went to c:\windows\system32 and created a folder named afd and put the afd.sys file in it. I connected my cable and no internet after reboot. I then removed the afd folder from system32 and am waiting for further instructions.
Thank you,
Steven

[RKinner]

Sorry. Had some typos in the instructions. Have done an edit to fix. See if it makes more sense now.

afd.sys should go in c:\windows\system32\drivers\

[Steven Gottlieb]

Hi,
I placed the file in the folder and checked to make sure it is there. sc query afd is now running. No internet.

[RKinner]

Next thing we need to have work is dhcp so do

net  start  dhcp

If it says it started then do

ipconfig  /release

ipconfig  /renew

If you get an error with dhcp tell me what it says.

[Steven Gottlieb]

I first did what you wrote in the run menu-no internet. Then I tried it in the command prompt and now I have a computer that goes online! How much is your fee?
Thank you,
Steven

[RKinner]

Good. Let's see if your system is now clean.

ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

Ron

[Steven Gottlieb]

Still online.
Here are the reports you requested.
ComboFix 12-03-04.02 - Math On DVDs 03/05/2012 20:46:14.1.2 - x86
Running from: c:\documents and settings\Math On DVDs\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Math On DVDs\Application Data\EurekaLog
c:\documents and settings\Math On DVDs\Application Data\EurekaLog\EurekaLog.ini
c:\documents and settings\Math On DVDs\Application Data\Mozilla\Firefox\Profiles\mxttmc59.default\searchplugins\bing-zugo.xml
c:\documents and settings\Math On DVDs\WINDOWS
c:\progra~1\COMMON~1\{525D3~1
c:\progra~1\COMMON~1\{525D3~1\slscp.log
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\autorun.inf
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\Ivr.scp
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\readme.txt
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\scusbvip.cat
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\scusbvip.inf
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\scusbvip.sys
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\Setup.exe
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\Setup.MSI
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\Setup.scp
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\SLExtBU\ivr.scp
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\SLExtBU\Setup.scp
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\slvad.cat
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\slvad.inf
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\slvad.sys
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\slvipco.dll
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\slvipgx.dll
c:\progra~1\COMMON~1\{525D3~1\SLZOOM\TLRecAgent.sys
c:\windows\$NtUninstallKB64312$
c:\windows\$NtUninstallKB64312$\3853983375\@
c:\windows\$NtUninstallKB64312$\3853983375\cfg.ini
c:\windows\$NtUninstallKB64312$\3853983375\Desktop.ini
c:\windows\$NtUninstallKB64312$\3853983375\L\akygdmgo
c:\windows\$NtUninstallKB64312$\3853983375\oemid
c:\windows\$NtUninstallKB64312$\3853983375\U\00000001.@
c:\windows\$NtUninstallKB64312$\3853983375\U\00000002.@
c:\windows\$NtUninstallKB64312$\3853983375\U\00000004.@
c:\windows\$NtUninstallKB64312$\3853983375\U\80000000.@
c:\windows\$NtUninstallKB64312$\3853983375\U\80000004.@
c:\windows\$NtUninstallKB64312$\3853983375\U\80000032.@
c:\windows\$NtUninstallKB64312$\3853983375\version
c:\windows\$NtUninstallKB64312$\4002687576
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\system32
c:\windows\system32\system32\3DAudio.ax
c:\windows\system32\system32\avrt.dll
c:\windows\system32\system32\cis-2.4.dll
c:\windows\system32\system32\issacapi_bs-2.3.dll
c:\windows\system32\system32\issacapi_pe-2.3.dll
c:\windows\system32\system32\issacapi_se-2.3.dll
c:\windows\system32\system32\MACXMLProto.dll
c:\windows\system32\system32\MaDRM.dll
c:\windows\system32\system32\MaJGUILib.dll
c:\windows\system32\system32\MAMACExtract.dll
c:\windows\system32\system32\MASetupCleaner.exe
c:\windows\system32\system32\MaXMLProto.dll
c:\windows\system32\system32\mfplat.dll
c:\windows\system32\system32\MK_Lyric.dll
c:\windows\system32\system32\MSCLib.dll
c:\windows\system32\system32\MSFLib.dll
c:\windows\system32\system32\MSLUR71.dll
c:\windows\system32\system32\msvcp60.dll
c:\windows\system32\system32\MTTELECHIP.dll
c:\windows\system32\system32\MTXSYNCICON.dll
c:\windows\system32\system32\muzaf1.dll
c:\windows\system32\system32\muzapp.dll
c:\windows\system32\system32\muzapp.exe
c:\windows\system32\system32\muzdecode.ax
c:\windows\system32\system32\muzeffect.ax
c:\windows\system32\system32\muzmp4sp.ax
c:\windows\system32\system32\muzmpgsp.ax
c:\windows\system32\system32\muzoggsp.ax
c:\windows\system32\system32\muzwmts.dll
c:\windows\system32\system32\psapi.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-02-06 to 2012-03-06 )))))))))))))))))))))))))))))))
.
.
2012-03-05 21:13 . 2012-03-05 21:13 -------- d-----w- c:\program files\PowerQuest
2012-03-05 21:01 . 2012-03-05 21:08 -------- d-----w- c:\documents and settings\Math On DVDs\.frostwire5
2012-03-05 21:00 . 2012-03-05 21:01 -------- d-----w- c:\program files\FrostWire 5
2012-03-05 17:42 . 2012-03-05 17:42 -------- d-----w- C:\TDSSKiller_Quarantine
2012-03-02 23:40 . 2012-03-02 23:40 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EF8A1C0A-B97A-4E77-9AC8-CC8749832F60}\MpKsl3ea4f866.sys
2012-03-02 17:13 . 2012-03-02 17:13 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\PCHealth
2012-03-02 15:45 . 2012-03-02 15:45 -------- d-----w- c:\documents and settings\Math On DVDs\Application Data\Leadertech
2012-03-01 20:53 . 2012-03-01 20:53 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2012-03-01 04:35 . 2012-03-01 04:35 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Flip Video
2012-02-29 22:11 . 2012-03-01 00:07 -------- d-----w- c:\documents and settings\Administrator
2012-02-29 19:03 . 2012-02-08 06:03 6552120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EF8A1C0A-B97A-4E77-9AC8-CC8749832F60}\mpengine.dll
2012-02-29 05:48 . 2012-02-29 05:48 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2012-02-29 05:23 . 2012-03-01 02:30 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-02-29 04:55 . 2012-02-29 04:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony
2012-02-29 04:54 . 2012-02-29 04:54 -------- d-----w- c:\documents and settings\Math On DVDs\Application Data\Publish Providers
2012-02-29 04:52 . 2012-02-29 04:52 -------- d-----w- c:\documents and settings\Math On DVDs\Local Settings\Application Data\Sony
2012-02-29 04:51 . 2012-02-29 04:52 -------- d-----w- c:\program files\Sony
2012-02-29 04:49 . 2012-02-29 04:54 -------- d-----w- c:\documents and settings\Math On DVDs\Application Data\Sony
2012-02-29 01:45 . 2003-02-15 00:14 110592 ----a-w- c:\windows\system32\tsccvid.dll
2012-02-29 01:32 . 2012-02-29 01:32 -------- d-----w- c:\documents and settings\LocalService\Application Data\SMART Technologies
2012-02-29 01:32 . 2012-02-29 01:32 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\SMART Technologies
2012-02-29 01:32 . 2012-02-29 01:32 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2012-02-28 16:07 . 2012-02-28 16:07 -------- d-sh--w- c:\documents and settings\Math On DVDs\PrivacIE
2012-02-27 08:25 . 2012-02-27 08:25 -------- d-sh--w- c:\documents and settings\Math On DVDs\IETldCache
2012-02-27 08:08 . 2011-08-16 10:45 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll
2012-02-27 08:07 . 2011-12-17 19:46 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2012-02-27 08:07 . 2011-12-17 19:46 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2012-02-27 08:07 . 2011-12-17 19:46 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2012-02-27 08:05 . 2012-02-27 08:07 -------- dc-h--w- c:\windows\ie8
2012-02-23 19:15 . 2012-02-23 19:15 -------- d-----w- c:\program files\FileZilla FTP Client
2012-02-23 15:57 . 2012-02-23 15:57 -------- d-----w- c:\documents and settings\Math On DVDs\Application Data\Softplicity
2012-02-23 15:57 . 2012-02-23 16:19 -------- d-----w- c:\program files\TotalMovieConverter
2012-02-16 00:16 . 2012-02-16 00:16 -------- d-----w- c:\program files\DVD Shrink 2
2012-02-15 14:29 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-15 14:29 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-08 06:03 . 2011-10-04 02:56 6552120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-01-31 12:44 . 2011-09-15 05:22 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-12 16:53 . 2001-08-23 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-17 19:46 . 2001-08-23 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:46 . 2001-08-23 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-12-17 19:46 . 2001-08-23 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:22 . 2011-09-15 03:03 385024 ------w- c:\windows\system32\html.iec
2011-12-10 20:24 . 2011-09-15 03:28 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-18 03:34 . 2011-09-15 02:36 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2001-08-23 . A64013E98426E1877CB653685C5C0009 . 86656 . . [5.1.2600.0] . . c:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
.
[7] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[7] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[7] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[7] 2001-08-23 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[7] 2001-08-23 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[7] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[7] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[7] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
.
[7] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[7] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[7] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
.
[7] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[7] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[7] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
.
[7] 2001-08-23 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[7] 2001-08-23 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2509553$\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
[7] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[7] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[7] 2004-08-04 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
.
[7] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[7] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[7] 2004-08-04 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
.
[7] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[7] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[7] 2004-08-04 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll
.
[7] 2008-04-14 09:41 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[7] 2008-04-14 09:41 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[7] 2004-08-04 04:56 . 6728270CB7DBB776ED086F5AC4C82310 . 792064 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[7] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[7] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[7] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[7] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
.
[7] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[7] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[7] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[7] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[7] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[7] 2004-08-04 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
.
[7] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[7] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[7] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[7] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[7] 2004-08-04 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
.
[7] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[7] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[7] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[7] 2004-08-04 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
.
[7] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[7] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[7] 2004-08-04 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
.
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[7] 2008-04-14 . ED7262E52C31CF1625B65039102BC16C . 111104 . . [5.4.3790.5512] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[7] 2004-08-04 . 4126D27CECE4471E00E425411F7306B5 . 111104 . . [5.4.3790.2180] . . c:\windows\$NtServicePackUninstall$\wuauclt.exe
.
[7] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[7] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[7] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[7] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[7] 2004-08-04 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[7] 2004-08-04 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[7] 2001-08-23 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[7] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[7] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[7] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
.
[7] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[7] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[7] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[7] 2008-04-14 09:41 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[7] 2008-04-14 09:41 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[7] 2004-08-04 04:56 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll
.
[7] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[7] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[7] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[7] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[7] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[7] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[7] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[7] 2004-08-04 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
.
[7] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[7] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[7] 2004-08-04 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
.
[7] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[7] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[7] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[7] 2011-12-19 . A8CECD5EA322B9858EB576F508AD73A5 . 3616768 . . [7.00.6000.17108] . . c:\windows\ie8\mshtml.dll
[7] 2011-12-19 . F17C9AC0B9D7BC8F6D407BB62C33FF7E . 3618816 . . [7.00.6000.21310] . . c:\windows\$hf_mig$\KB2647516-IE7\SP3QFE\mshtml.dll
[7] 2011-12-17 . A9259CD226283CD4F798C00909754A94 . 5979136 . . [8.00.6001.19190] . . c:\windows\SoftwareDistribution\Download\c1d540600ba9c34c5b3244c020eee491\SP3GDR\mshtml.dll
[7] 2011-12-17 . A9259CD226283CD4F798C00909754A94 . 5979136 . . [8.00.6001.19190] . . c:\windows\system32\mshtml.dll
[7] 2011-12-17 . A9259CD226283CD4F798C00909754A94 . 5979136 . . [8.00.6001.19190] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2011-12-17 . 49B88A833ECA99EFBFFC5AAE5CC998ED . 5980160 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll
[7] 2011-12-17 . 49B88A833ECA99EFBFFC5AAE5CC998ED . 5980160 . . [8.00.6001.23286] . . c:\windows\SoftwareDistribution\Download\c1d540600ba9c34c5b3244c020eee491\SP3QFE\mshtml.dll
[7] 2011-11-04 . DD8D655E1881B70A5259A23A6018A6C2 . 5978112 . . [8.00.6001.19170] . . c:\windows\ie8updates\KB2647516-IE8\mshtml.dll
[7] 2011-11-04 . DD8D655E1881B70A5259A23A6018A6C2 . 5978112 . . [8.00.6001.19170] . . c:\windows\SoftwareDistribution\Download\a6632ea9734d3683d8cc4b4a30215873\SP3GDR\mshtml.dll
[7] 2011-11-04 . 699421E2E1313C18671A703953CAE14B . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
[7] 2011-11-04 . 699421E2E1313C18671A703953CAE14B . 5978624 . . [8.00.6001.23266] . . c:\windows\SoftwareDistribution\Download\a6632ea9734d3683d8cc4b4a30215873\SP3QFE\mshtml.dll
[7] 2011-11-04 . 70C74E4D6EA0BEAABE3FD4857863BA31 . 3616256 . . [7.00.6000.17107] . . c:\windows\ie7updates\KB2647516-IE7\mshtml.dll
[7] 2011-11-04 . CC858D8DA261A8ACFBE1A69E90E85DF7 . 3618304 . . [7.00.6000.21309] . . c:\windows\$hf_mig$\KB2618444-IE7\SP3QFE\mshtml.dll
[7] 2011-09-05 . 56A67300C652CDF66E575B707F8B9397 . 3615744 . . [7.00.6000.17104] . . c:\windows\ie7updates\KB2618444-IE7\mshtml.dll
[7] 2011-08-18 . 06B74A61A6D689DB2F8D2DA56194EDCF . 3617792 . . [7.00.6000.21306] . . c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\mshtml.dll
[7] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
[7] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3GDR\mshtml.dll
[7] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[7] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3QFE\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[7] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[7] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB2586448-IE7\mshtml.dll
[7] 2004-08-04 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\mshtml.dll
[7] 2004-08-04 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll
.
[7] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[7] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[7] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[7] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[7] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[7] 2001-08-23 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
.
[7] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[7] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[7] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[7] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[7] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[7] 2004-08-04 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
.
[7] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[7] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[7] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
.
[7] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[7] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[7] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[7] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[7] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[7] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[7] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[7] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[7] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[7] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[7] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[7] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[7] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[7] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[7] 2004-08-04 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
.
[7] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[7] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[7] 2004-08-04 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
.
[7] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[7] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[7] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[7] 2011-12-19 . 3C28461660BAB5449F267D5E9C4E13CF . 832512 . . [7.00.6000.17108] . . c:\windows\ie8\wininet.dll
[7] 2011-12-19 . 79F234876B53CFE10BFC4A40681399C9 . 841216 . . [7.00.6000.21310] . . c:\windows\$hf_mig$\KB2647516-IE7\SP3QFE\wininet.dll
[7] 2011-12-17 . F362D50FBDC6E34918DF41BDE1770E5C . 916992 . . [8.00.6001.19190] . . c:\windows\SoftwareDistribution\Download\c1d540600ba9c34c5b3244c020eee491\SP3GDR\wininet.dll
[7] 2011-12-17 . F362D50FBDC6E34918DF41BDE1770E5C . 916992 . . [8.00.6001.19190] . . c:\windows\system32\wininet.dll
[7] 2011-12-17 . F362D50FBDC6E34918DF41BDE1770E5C . 916992 . . [8.00.6001.19190] . . c:\windows\system32\dllcache\wininet.dll
[7] 2011-12-17 . 84A48E9818E8440DDBFD8EEC37C8A937 . 919552 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll
[7] 2011-12-17 . 84A48E9818E8440DDBFD8EEC37C8A937 . 919552 . . [8.00.6001.23286] . . c:\windows\SoftwareDistribution\Download\c1d540600ba9c34c5b3244c020eee491\SP3QFE\wininet.dll
[7] 2011-11-04 . 552263502EA8C24D301A0C43FF90B3ED . 916992 . . [8.00.6001.19165] . . c:\windows\ie8updates\KB2647516-IE8\wininet.dll
[7] 2011-11-04 . 552263502EA8C24D301A0C43FF90B3ED . 916992 . . [8.00.6001.19165] . . c:\windows\SoftwareDistribution\Download\a6632ea9734d3683d8cc4b4a30215873\SP3GDR\wininet.dll
[7] 2011-11-04 . 4E4716CAF514717814D07113AD0425B6 . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
[7] 2011-11-04 . 4E4716CAF514717814D07113AD0425B6 . 919552 . . [8.00.6001.23261] . . c:\windows\SoftwareDistribution\Download\a6632ea9734d3683d8cc4b4a30215873\SP3QFE\wininet.dll
[7] 2011-10-31 . 5762E2F5C7B081F4251F92A5DF99FCCC . 832512 . . [7.00.6000.17106] . . c:\windows\ie7updates\KB2647516-IE7\wininet.dll
[7] 2011-10-31 . 4A23B5E3B92F5C54D3A04EA86FF9DC00 . 841216 . . [7.00.6000.21308] . . c:\windows\$hf_mig$\KB2618444-IE7\SP3QFE\wininet.dll
[7] 2011-08-17 . 3688E2BBE543CC753809E462C3553188 . 832512 . . [7.00.6000.17103] . . c:\windows\ie7updates\KB2618444-IE7\wininet.dll
[7] 2011-08-17 . 6E388A1A8AA9EF62E6252530549940C1 . 841216 . . [7.00.6000.21306] . . c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\wininet.dll
[7] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll
[7] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3GDR\wininet.dll
[7] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[7] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3QFE\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[7] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[7] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB2586448-IE7\wininet.dll
[7] 2004-08-04 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\wininet.dll
[7] 2004-08-04 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\ie7\wininet.dll
.
[7] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[7] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[7] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[7] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[7] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[7] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[7] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[7] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[7] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[7] 2004-08-04 . 783AFC80383C176B22DBF8333343992D . 146432 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[7] 2011-11-01 . 6BAD1BED9872E62049E487FB91AE2F3A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll
[7] 2011-11-01 . 6BAD1BED9872E62049E487FB91AE2F3A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll
[7] 2011-11-01 . 7D9DDE1AB4B00DDB173F5A16E9206517 . 1289216 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[7] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll
[7] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[7] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[7] 2004-08-04 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ole32.dll
.
[7] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[7] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[7] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[7] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[7] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[7] 2004-08-04 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll
.
[7] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[7] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[7] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
[7] 2004-08-04 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll
.
[7] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[7] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[7] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[7] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[7] 2009-07-27 . 888CD7B39C37E13A2419BECFAAF0A28C . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[7] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
[7] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[7] 2004-08-04 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
.
[7] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[7] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[7] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[7] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[7] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[7] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[7] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[7] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[7] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[7] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[7] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[7] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[7] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[7] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[7] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[7] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[7] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[7] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[7] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[7] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[7] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[7] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[7] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[7] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
.
[7] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[7] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[7] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[7] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[7] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[7] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[7] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[7] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[7] 2004-08-04 . 765B30C776A1780B46B479FE614F707C . 344064 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[7] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[7] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[7] 2004-08-04 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
.
[7] 2001-08-23 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[7] 2008-04-14 02:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[7] 2008-04-14 02:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[7] 2008-04-14 02:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[7] 2004-08-04 02:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys
.
[7] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[7] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[7] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys
.
[7] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[7] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[7] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[7] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[7] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[7] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[7] 2008-04-14 09:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[7] 2008-04-14 09:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2001-08-23 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
.
[7] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[7] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[7] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
.
[7] 2008-04-14 09:42 . C7E39EA41233E9F5B86C8DA3A9F1E4A8 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[7] 2006-10-19 01:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[7] 2006-10-19 01:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[7] 2004-08-04 04:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\$NtServicePackUninstall$\mspmsnsv.dll
[7] 2004-08-04 04:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll
.
[7] 2011-10-25 . DB19FFF0C805664CB95062C027B11FE9 . 2069376 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
[7] 2011-10-25 . CE1A2FEDBD001ECDC5AD1975AFAD040A . 2069376 . . [5.1.2600.6165] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2011-10-25 . CE1A2FEDBD001ECDC5AD1975AFAD040A . 2069376 . . [5.1.2600.6165] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2011-10-25 . 36CAC3C8C4C10F4E21BFEABBFE7ACFFC . 2027008 . . [5.1.2600.6165] . . c:\windows\system32\ntkrnlpa.exe
[7] 2010-12-09 . F67CD97282E0ABFAF91A9A1359B16F2D . 2069376 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 9ED77E2307F6EC6F174C063C15AA3B8C . 2027008 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
[7] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2008-04-14 . 7F653A89F6E89E3AE0D49830EECE35D4 . 2023936 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[7] 2008-04-14 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[7] 2004-08-04 . FB142B7007CA2EEA76966C6C5CC12150 . 2015232 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
.
[7] 2008-04-14 09:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[7] 2008-04-14 09:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[7] 2004-08-04 04:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
.
[7] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[7] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[7] 2004-08-04 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
[7] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[7] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[7] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
.
[7] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[7] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[7] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[7] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[7] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[7] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
.
[7] 2008-04-14 09:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[7] 2008-04-14 09:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[7] 2004-08-04 04:56 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[7] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[7] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[7] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[7] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[7] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[7] 2004-08-04 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
[7] 2011-12-16 . 1C206B8FEEC6882B7F7F479E95D2BDD9 . 634680 . . [7.00.6000.17108] . . c:\windows\ie8\iexplore.exe
[7] 2011-12-16 . DB9D9A73FACB0B11992201D670D73E16 . 634680 . . [7.00.6000.21310] . . c:\windows\$hf_mig$\KB2647516-IE7\SP3QFE\iexplore.exe
[7] 2011-10-31 . 2E34CF22B5862AB02786F0819B9FD819 . 634504 . . [7.00.6000.17106] . . c:\windows\ie7updates\KB2647516-IE7\iexplore.exe
[7] 2011-10-31 . 1C5DA2D9EA2A59D0D5C116FA3A5A21AA . 634504 . . [7.00.6000.21308] . . c:\windows\$hf_mig$\KB2618444-IE7\SP3QFE\iexplore.exe
[7] 2011-08-17 . 6A1D755C68C10863C598C78A597FA7C3 . 634632 . . [7.00.6000.17103] . . c:\windows\ie7updates\KB2618444-IE7\iexplore.exe
[7] 2011-08-17 . CB0AFAF9E5C5FE70EC7087E71275DD33 . 634632 . . [7.00.6000.21306] . . c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\iexplore.exe
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
[7] 2008-04-14 . 55794B97A7FAABD2910873C85274F409 . 93184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\iexplore.exe
[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . c:\windows\ie7updates\KB2586448-IE7\iexplore.exe
[7] 2004-08-04 . E7484514C0464642BE7B4DC2689354C8 . 93184 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\iexplore.exe
[7] 2004-08-04 . E7484514C0464642BE7B4DC2689354C8 . 93184 . . [6.00.2900.2180] . . c:\windows\ie7\iexplore.exe
.
.
[7] 2011-10-25 . 3B663B9B193D7E1DE39A466020F1FD91 . 2148864 . . [5.1.2600.6165] . . c:\windows\system32\ntoskrnl.exe
[7] 2011-10-25 . F512C662874D7545E5BD8005E6800A44 . 2192768 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
[7] 2011-10-25 . 892CDDFF7EF96951B9B0B50974070E47 . 2192768 . . [5.1.2600.6165] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2011-10-25 . 892CDDFF7EF96951B9B0B50974070E47 . 2192768 . . [5.1.2600.6165] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2010-12-09 . A531BBD3DE13121C1380ED7DC99082DB . 2192768 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . 60E16152D847D7A7B7D3DA4C4B8E2120 . 2148864 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
[7] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2008-04-14 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[7] 2008-04-14 . 40F8880122A030A7E9E1FEDEA833B33D . 2145280 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[7] 2004-08-04 . 626309040459C3915997EF98EC1C8D40 . 2148352 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
.
[7] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[7] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[7] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[7] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[7] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[7] 2004-08-04 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[7] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[7] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[7] 2004-08-04 . D9F6C4F6B1E188ADAFC42B561D9BC2E6 . 333312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
.
[7] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[7] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[7] 2004-08-04 . 3B4702155BB2AE9DC00C06A68834BDFA . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[7] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[7] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[7] 2004-08-04 . 4CAEC028C1E21C75E17877D4522D3DB4 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoomMonitor.exe"="c:\program files\Zoom\Zoom Phone Adaptor\ZoomMonitor.exe" [2008-10-23 801304]
"USBDetector"="c:\usbstorage\USBDetector.exe" [2003-04-01 53248]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"RTHDCPL"="RTHDCPL.EXE" [2011-08-17 20064872]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-08-03 13892200]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AutorunsDisabled]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2011-09-26 23:15 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SMART Board Tools.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\SMART Board Tools.lnk
backup=c:\windows\pss\SMART Board Tools.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Math On DVDs^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Math On DVDs\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Math On DVDs^Start Menu^Programs^Startup^Seagate Product Registration.lnk]
path=c:\documents and settings\Math On DVDs\Start Menu\Programs\Startup\Seagate Product Registration.lnk
backup=c:\windows\pss\Seagate Product Registration.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2010-10-08 11:26 3366200 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2006-05-14 21:12 155648 ----a-r- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 20:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-04-20 15:57 2423752 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UPHClean"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" -hide -runkey
"SMART Mirror Driver Monitor Service"="c:\documents and settings\Math On DVDs\Application Data\SMART Technologies\Bridgit\4.2.146.0\monitorservice.exe"
"NvMediaCenter"=RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /installquiet
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"c:\\Program Files\\FrostWire 5\\FrostWire.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12001:UDP"= 12001:UDP:SMART WebServer Handshake Multicast Port
"24726:TCP"= 24726:TCP:FlipShareServer
"24727:TCP"= 24727:TCP:FlipShareServer
.
R0 TLRecAgent;TLRecAgent;c:\windows\system32\drivers\TLRecAgent.sys [10/31/2011 5:51 PM 36976]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 1:25 PM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 1:41 PM 67656]
R2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [9/13/2010 5:31 AM 95568]
R2 FlipShareServer;FlipShare Server;c:\program files\Flip Video\FlipShareServer\FlipShareServer.exe [12/15/2010 12:22 PM 1085440]
R2 MSSQL$ADCENTERDESKTOP;SQL Server (ADCENTERDESKTOP);c:\program files\Microsoft SQL Server\MSSQL10_50.ADCENTERDESKTOP\MSSQL\Binn\sqlservr.exe [4/3/2010 1:56 PM 42884448]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [9/18/2011 10:00 AM 2255464]
R2 VService;VService;c:\program files\Zoom\Zoom Phone Adaptor\VServ.exe [10/23/2008 9:58 AM 104984]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [9/13/2010 5:31 AM 18120]
R3 scusbvip;VL1800 USB Driver;c:\windows\system32\drivers\scusbvip.sys [10/31/2011 5:51 PM 609936]
R3 SLVAD_simple;Zoom Virtual Audio Device;c:\windows\system32\drivers\slvad.sys [10/31/2011 5:51 PM 84912]
R3 smrtdrv;SMART Technologies Inc. Mirror Driver;c:\windows\system32\drivers\smrtdrv.sys [9/15/2011 2:00 PM 8432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S2 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [4/3/2010 1:56 PM 44896]
S2 SMART Display Controller;SMART Display Controller;c:\program files\SMART Technologies\Education Software\UCService.exe --> c:\program files\SMART Technologies\Education Software\UCService.exe [?]
S2 SMART Mirror Driver Monitor Service;SMART Mirror Driver Monitor Service;c:\documents and settings\Math On DVDs\Application Data\SMART Technologies\Bridgit\4.2.146.0\monitorservice.exe [9/15/2011 2:00 PM 224624]
S2 SQLAgent$ADCENTERDESKTOP;SQL Server Agent (ADCENTERDESKTOP);c:\program files\Microsoft SQL Server\MSSQL10_50.ADCENTERDESKTOP\MSSQL\Binn\SQLAGENT.EXE [4/3/2010 1:56 PM 367456]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9/20/2011 10:58 AM 1691480]
S3 glancedrv;glancedrv;c:\windows\system32\drivers\glancedrv.sys [11/26/2011 2:35 PM 34080]
S3 HidBoard;SMART Board Hidmini Driver;c:\windows\system32\drivers\HidBoard.sys [1/25/2011 5:13 PM 19696]
S3 PAC207;PC Camer@;c:\windows\system32\drivers\PFC027.SYS [4/12/2007 3:50 PM 507264]
S3 STI2303X;SMART Board cable;c:\windows\system32\Drivers\STI2303X.sys --> c:\windows\system32\Drivers\STI2303X.sys [?]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;\??\c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys --> c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]
S4 RsFx0150;RsFx0150 Driver;c:\windows\system32\drivers\RsFx0150.sys [4/3/2010 11:02 AM 240608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-06 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 19:39]
.
2012-01-19 c:\windows\Tasks\stampShakeIcon.job
- c:\program files\NCH Software\Stamp\stamp.exe [2012-01-19 15:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.mathondvds.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 207.69.188.185 207.69.188.186 207.69.188.187
FF - ProfilePath - c:\documents and settings\Math On DVDs\Application Data\Mozilla\Firefox\Profiles\mxttmc59.default\
FF - prefs.js: browser.search.selectedEngine - eBay
FF - prefs.js: browser.startup.homepage - hxxp://www.mathondvds.com/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=102&sr=0&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.BabylonToolbar_i.id - 4c71f074000000000000f80f410b5e1e
FF - user.js: extensions.BabylonToolbar_i.hardId - 4c71f074000000000000f80f410b5e1e
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15320
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1718:43
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=18474
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.ovrDmn - isearch.babylon.com
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
HKCU-Run-IBP - (no file)
HKLM-Run-nwiz - nwiz.exe
Notify-!SASWinLogon - (no file)
SafeBoot-09803623.sys
SafeBoot-15006098.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-05 20:56
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-484763869-1078145449-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3BD812E3-EBBA-851A-0313-069F8C08A264}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"gadldkddocnndl"=hex:61,63,65,66,67,6d,62,6a,61,66,6b,64,66,6e,6f,6f,6e,66,6f,
6c,6f,63,65,6c,65,62,6b,62,6b,6e,6c,69,65,65,63,6b,64,63,6a,68,6e,69,6d,6b,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(488)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'lsass.exe'(544)
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(3760)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\netdde.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
c:\program files\Super_DVD_Creator_9.5\NMSAccessU.exe
c:\windows\system32\nvsvc32.exe
c:\program files\SMART Board Software\SMARTBoardService.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\program files\Zoom\Zoom Phone Adaptor\ZoomAgent.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2012-03-05 21:00:57 - machine was rebooted
ComboFix-quarantined-files.txt 2012-03-06 02:00
.
Pre-Run: 357,555,159,040 bytes free
Post-Run: 357,529,665,536 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - F84F992DCD6B52B9B124219FB3D8855B






21:04:57.0640 2236 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
21:04:57.0640 2236 ============================================================
21:04:57.0640 2236 Current date / time: 2012/03/05 21:04:57.0640
21:04:57.0640 2236 SystemInfo:
21:04:57.0640 2236
21:04:57.0640 2236 OS Version: 5.1.2600 ServicePack: 3.0
21:04:57.0640 2236 Product type: Workstation
21:04:57.0640 2236 ComputerName: MATHONDVDS
21:04:57.0640 2236 UserName: Math On DVDs
21:04:57.0640 2236 Windows directory: C:\WINDOWS
21:04:57.0640 2236 System windows directory: C:\WINDOWS
21:04:57.0640 2236 Processor architecture: Intel x86
21:04:57.0640 2236 Number of processors: 2
21:04:57.0640 2236 Page size: 0x1000
21:04:57.0640 2236 Boot type: Normal boot
21:04:57.0640 2236 ============================================================
21:04:58.0921 2236 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
21:04:58.0937 2236 \Device\Harddisk0\DR0:
21:04:58.0937 2236 MBR used
21:04:58.0937 2236 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
21:04:58.0968 2236 Initialize success
21:04:58.0968 2236 ============================================================
21:05:12.0109 2096 ============================================================
21:05:12.0109 2096 Scan started
21:05:12.0109 2096 Mode: Manual;
21:05:12.0109 2096 ============================================================
21:05:12.0296 2096 Abiosdsk - ok
21:05:12.0296 2096 abp480n5 - ok
21:05:12.0343 2096 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:05:12.0343 2096 ACPI - ok
21:05:12.0375 2096 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:05:12.0375 2096 ACPIEC - ok
21:05:12.0375 2096 adpu160m - ok
21:05:12.0421 2096 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:05:12.0421 2096 aec - ok
21:05:12.0453 2096 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:05:12.0453 2096 AFD - ok
21:05:12.0453 2096 Aha154x - ok
21:05:12.0468 2096 aic78u2 - ok
21:05:12.0468 2096 aic78xx - ok
21:05:12.0484 2096 AliIde - ok
21:05:12.0531 2096 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
21:05:12.0562 2096 Ambfilt - ok
21:05:12.0562 2096 amsint - ok
21:05:12.0578 2096 asc - ok
21:05:12.0578 2096 asc3350p - ok
21:05:12.0593 2096 asc3550 - ok
21:05:12.0640 2096 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:05:12.0640 2096 AsyncMac - ok
21:05:12.0656 2096 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:05:12.0656 2096 atapi - ok
21:05:12.0656 2096 Atdisk - ok
21:05:12.0687 2096 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:05:12.0687 2096 Atmarpc - ok
21:05:12.0718 2096 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:05:12.0718 2096 audstub - ok
21:05:12.0718 2096 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:05:12.0718 2096 Beep - ok
21:05:12.0734 2096 catchme - ok
21:05:12.0750 2096 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:05:12.0750 2096 cbidf2k - ok
21:05:12.0781 2096 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:05:12.0781 2096 CCDECODE - ok
21:05:12.0781 2096 cd20xrnt - ok
21:05:12.0796 2096 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:05:12.0796 2096 Cdaudio - ok
21:05:12.0796 2096 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:05:12.0796 2096 Cdfs - ok
21:05:12.0828 2096 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:05:12.0828 2096 Cdrom - ok
21:05:12.0828 2096 Changer - ok
21:05:12.0843 2096 CmdIde - ok
21:05:12.0859 2096 Cpqarray - ok
21:05:12.0875 2096 dac2w2k - ok
21:05:12.0875 2096 dac960nt - ok
21:05:12.0921 2096 dgderdrv (3be1651c63954067940e7f473498ad70) C:\WINDOWS\system32\drivers\dgderdrv.sys
21:05:12.0921 2096 dgderdrv - ok
21:05:12.0937 2096 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:05:12.0937 2096 Disk - ok
21:05:12.0968 2096 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:05:12.0984 2096 dmboot - ok
21:05:12.0984 2096 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:05:13.0000 2096 dmio - ok
21:05:13.0000 2096 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:05:13.0000 2096 dmload - ok
21:05:13.0031 2096 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:05:13.0031 2096 DMusic - ok
21:05:13.0046 2096 dpti2o - ok
21:05:13.0062 2096 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:05:13.0062 2096 drmkaud - ok
21:05:13.0125 2096 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:05:13.0125 2096 Fastfat - ok
21:05:13.0140 2096 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
21:05:13.0156 2096 Fdc - ok
21:05:13.0156 2096 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:05:13.0156 2096 Fips - ok
21:05:13.0171 2096 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:05:13.0171 2096 Flpydisk - ok
21:05:13.0203 2096 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:05:13.0203 2096 FltMgr - ok
21:05:13.0218 2096 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:05:13.0218 2096 Fs_Rec - ok
21:05:13.0234 2096 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:05:13.0234 2096 Ftdisk - ok
21:05:13.0265 2096 glancedrv (1e6c235714a42b2edc0cfa93d0ea66d3) C:\WINDOWS\system32\DRIVERS\glancedrv.sys
21:05:13.0265 2096 glancedrv - ok
21:05:13.0281 2096 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:05:13.0296 2096 Gpc - ok
21:05:13.0312 2096 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:05:13.0312 2096 HDAudBus - ok
21:05:13.0343 2096 HidBoard (08a9bf42cde7cf93ed2f97c94d5bbf74) C:\WINDOWS\system32\DRIVERS\HidBoard.sys
21:05:13.0343 2096 HidBoard - ok
21:05:13.0359 2096 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:05:13.0359 2096 HidUsb - ok
21:05:13.0375 2096 hpn - ok
21:05:13.0375 2096 hpt3xx - ok
21:05:13.0406 2096 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:05:13.0421 2096 HPZid412 - ok
21:05:13.0453 2096 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:05:13.0453 2096 HPZipr12 - ok
21:05:13.0484 2096 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:05:13.0500 2096 HPZius12 - ok
21:05:13.0531 2096 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:05:13.0531 2096 HTTP - ok
21:05:13.0546 2096 i2omgmt - ok
21:05:13.0546 2096 i2omp - ok
21:05:13.0562 2096 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:05:13.0562 2096 i8042prt - ok
21:05:13.0578 2096 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:05:13.0578 2096 Imapi - ok
21:05:13.0578 2096 ini910u - ok
21:05:13.0718 2096 IntcAzAudAddService (85ab23f3e4ba6696fae8beb9d434edd6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:05:13.0750 2096 IntcAzAudAddService - ok
21:05:13.0765 2096 IntelIde - ok
21:05:13.0781 2096 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:05:13.0781 2096 ip6fw - ok
21:05:13.0812 2096 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:05:13.0812 2096 IpFilterDriver - ok
21:05:13.0828 2096 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:05:13.0828 2096 IpInIp - ok
21:05:13.0828 2096 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:05:13.0843 2096 IpNat - ok
21:05:13.0859 2096 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:05:13.0859 2096 IPSec - ok
21:05:13.0890 2096 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:05:13.0890 2096 IRENUM - ok
21:05:13.0906 2096 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:05:13.0906 2096 isapnp - ok
21:05:13.0921 2096 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:05:13.0921 2096 Kbdclass - ok
21:05:13.0953 2096 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:05:13.0953 2096 kmixer - ok
21:05:13.0984 2096 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:05:13.0984 2096 KSecDD - ok
21:05:14.0000 2096 lbrtfdc - ok
21:05:14.0062 2096 LMIInfo - ok
21:05:14.0109 2096 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
21:05:14.0109 2096 lmimirr - ok
21:05:14.0109 2096 LMIRfsClientNP - ok
21:05:14.0125 2096 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
21:05:14.0125 2096 LMIRfsDriver - ok
21:05:14.0171 2096 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:05:14.0171 2096 mnmdd - ok
21:05:14.0203 2096 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:05:14.0203 2096 Modem - ok
21:05:14.0265 2096 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
21:05:14.0281 2096 Monfilt - ok
21:05:14.0296 2096 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:05:14.0296 2096 Mouclass - ok
21:05:14.0343 2096 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:05:14.0343 2096 mouhid - ok
21:05:14.0359 2096 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:05:14.0359 2096 MountMgr - ok
21:05:14.0375 2096 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
21:05:14.0375 2096 MpFilter - ok
21:05:14.0390 2096 mraid35x - ok
21:05:14.0406 2096 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:05:14.0406 2096 MRxDAV - ok
21:05:14.0437 2096 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:05:14.0437 2096 MRxSmb - ok
21:05:14.0453 2096 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:05:14.0453 2096 Msfs - ok
21:05:14.0484 2096 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:05:14.0484 2096 MSKSSRV - ok
21:05:14.0515 2096 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:05:14.0515 2096 MSPCLOCK - ok
21:05:14.0531 2096 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:05:14.0531 2096 MSPQM - ok
21:05:14.0562 2096 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:05:14.0562 2096 mssmbios - ok
21:05:14.0578 2096 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:05:14.0593 2096 MSTEE - ok
21:05:14.0609 2096 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:05:14.0609 2096 Mup - ok
21:05:14.0625 2096 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:05:14.0625 2096 NABTSFEC - ok
21:05:14.0640 2096 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:05:14.0640 2096 NDIS - ok
21:05:14.0656 2096 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:05:14.0656 2096 NdisIP - ok
21:05:14.0703 2096 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:05:14.0703 2096 NdisTapi - ok
21:05:14.0718 2096 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:05:14.0718 2096 Ndisuio - ok
21:05:14.0718 2096 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:05:14.0718 2096 NdisWan - ok
21:05:14.0765 2096 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:05:14.0765 2096 NDProxy - ok
21:05:14.0765 2096 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:05:14.0765 2096 NetBIOS - ok
21:05:14.0796 2096 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:05:14.0796 2096 NetBT - ok
21:05:14.0812 2096 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:05:14.0812 2096 Npfs - ok
21:05:14.0843 2096 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:05:14.0843 2096 Ntfs - ok
21:05:14.0859 2096 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:05:14.0859 2096 Null - ok
21:05:15.0078 2096 nv (6733e80a193fc36f41c24142b0c45c0e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:05:15.0250 2096 nv - ok
21:05:15.0281 2096 NVENETFD (c61927d27b75ed56723f2508f1a6b1be) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
21:05:15.0281 2096 NVENETFD - ok
21:05:15.0296 2096 nvgts (52dce3b30c9d61c8e20fe3c6da4bdfb7) C:\WINDOWS\system32\DRIVERS\nvgts.sys
21:05:15.0296 2096 nvgts - ok
21:05:15.0312 2096 nvnetbus (c529b614ef88be0f62b886c67b516550) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
21:05:15.0312 2096 nvnetbus - ok
21:05:15.0343 2096 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:05:15.0359 2096 NwlnkFlt - ok
21:05:15.0359 2096 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:05:15.0359 2096 NwlnkFwd - ok
21:05:15.0406 2096 PAC207 (b2a32103ea3c18f3347bdfb2f3599cb9) C:\WINDOWS\system32\DRIVERS\PFC027.SYS
21:05:15.0421 2096 PAC207 - ok
21:05:15.0453 2096 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
21:05:15.0453 2096 Parport - ok
21:05:15.0468 2096 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:05:15.0468 2096 PartMgr - ok
21:05:15.0484 2096 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:05:15.0484 2096 ParVdm - ok
21:05:15.0500 2096 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:05:15.0500 2096 PCI - ok
21:05:15.0500 2096 PCIDump - ok
21:05:15.0515 2096 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:05:15.0515 2096 PCIIde - ok
21:05:15.0546 2096 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:05:15.0546 2096 Pcmcia - ok
21:05:15.0546 2096 PDCOMP - ok
21:05:15.0562 2096 PDFRAME - ok
21:05:15.0562 2096 PDRELI - ok
21:05:15.0578 2096 PDRFRAME - ok
21:05:15.0578 2096 perc2 - ok
21:05:15.0593 2096 perc2hib - ok
21:05:15.0625 2096 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:05:15.0625 2096 PptpMiniport - ok
21:05:15.0656 2096 PQNTDrv (4228630829c0e521c43d882a00533374) C:\WINDOWS\system32\drivers\PQNTDrv.sys
21:05:15.0656 2096 PQNTDrv - ok
21:05:15.0671 2096 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
21:05:15.0671 2096 Processor - ok
21:05:15.0687 2096 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:05:15.0687 2096 PSched - ok
21:05:15.0703 2096 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:05:15.0703 2096 Ptilink - ok
21:05:15.0703 2096 ql1080 - ok
21:05:15.0718 2096 Ql10wnt - ok
21:05:15.0718 2096 ql12160 - ok
21:05:15.0734 2096 ql1240 - ok
21:05:15.0750 2096 ql1280 - ok
21:05:15.0750 2096 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:05:15.0750 2096 RasAcd - ok
21:05:15.0765 2096 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:05:15.0765 2096 Rasl2tp - ok
21:05:15.0781 2096 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:05:15.0781 2096 RasPppoe - ok
21:05:15.0781 2096 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:05:15.0781 2096 Raspti - ok
21:05:15.0796 2096 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:05:15.0812 2096 Rdbss - ok
21:05:15.0812 2096 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:05:15.0812 2096 RDPCDD - ok
21:05:15.0828 2096 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:05:15.0828 2096 rdpdr - ok
21:05:15.0875 2096 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:05:15.0875 2096 RDPWD - ok
21:05:15.0875 2096 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:05:15.0890 2096 redbook - ok
21:05:15.0921 2096 RsFx0150 (a95840a95a9ff74b0009e5d848cddb39) C:\WINDOWS\system32\DRIVERS\RsFx0150.sys
21:05:15.0937 2096 RsFx0150 - ok
21:05:16.0015 2096 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:05:16.0015 2096 SASDIFSV - ok
21:05:16.0015 2096 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:05:16.0015 2096 SASKUTIL - ok
21:05:16.0093 2096 scusbvip (647d94c44678325864cb627e322975e0) C:\WINDOWS\system32\DRIVERS\scusbvip.sys
21:05:16.0093 2096 scusbvip - ok
21:05:16.0125 2096 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:05:16.0125 2096 Secdrv - ok
21:05:16.0156 2096 Ser2pl (b4664c1ee39a5b7fc112f4077f8d21a5) C:\WINDOWS\system32\DRIVERS\ser2pl.sys
21:05:16.0156 2096 Ser2pl - ok
21:05:16.0171 2096 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:05:16.0171 2096 Serenum - ok
21:05:16.0187 2096 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
21:05:16.0187 2096 Serial - ok
21:05:16.0203 2096 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:05:16.0203 2096 Sfloppy - ok
21:05:16.0218 2096 Simbad - ok
21:05:16.0265 2096 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:05:16.0265 2096 SLIP - ok
21:05:16.0281 2096 SLVAD_simple (9b82c5f69f793d5fdf317ddb557ae3ad) C:\WINDOWS\system32\drivers\slvad.sys
21:05:16.0281 2096 SLVAD_simple - ok
21:05:16.0328 2096 smrtdrv (cb7bab80c88b15f33848b5f60dcd885a) C:\WINDOWS\system32\DRIVERS\smrtdrv.sys
21:05:16.0328 2096 smrtdrv - ok
21:05:16.0328 2096 Sparrow - ok
21:05:16.0375 2096 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:05:16.0375 2096 splitter - ok
21:05:16.0421 2096 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:05:16.0421 2096 sr - ok
21:05:16.0484 2096 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:05:16.0484 2096 Srv - ok
21:05:16.0500 2096 STI2303X - ok
21:05:16.0531 2096 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:05:16.0531 2096 streamip - ok
21:05:16.0531 2096 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:05:16.0531 2096 swenum - ok
21:05:16.0562 2096 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:05:16.0562 2096 swmidi - ok
21:05:16.0578 2096 symc810 - ok
21:05:16.0578 2096 symc8xx - ok
21:05:16.0593 2096 sym_hi - ok
21:05:16.0593 2096 sym_u3 - ok
21:05:16.0609 2096 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:05:16.0609 2096 sysaudio - ok
21:05:16.0656 2096 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:05:16.0656 2096 Tcpip - ok
21:05:16.0687 2096 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:05:16.0687 2096 TDPIPE - ok
21:05:16.0703 2096 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:05:16.0703 2096 TDTCP - ok
21:05:16.0703 2096 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:05:16.0703 2096 TermDD - ok
21:05:16.0734 2096 TLRecAgent (2a45e38095e00483350a37e5d43e0e05) C:\WINDOWS\system32\DRIVERS\TLRecAgent.sys
21:05:16.0734 2096 TLRecAgent - ok
21:05:16.0750 2096 TosIde - ok
21:05:16.0781 2096 TuneUpUtilitiesDrv - ok
21:05:16.0812 2096 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:05:16.0812 2096 Udfs - ok
21:05:16.0812 2096 ultra - ok
21:05:16.0843 2096 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:05:16.0843 2096 Update - ok
21:05:16.0875 2096 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:05:16.0875 2096 usbccgp - ok
21:05:16.0890 2096 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:05:16.0890 2096 usbehci - ok
21:05:16.0906 2096 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:05:16.0906 2096 usbhub - ok
21:05:16.0921 2096 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:05:16.0921 2096 usbohci - ok
21:05:16.0937 2096 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:05:16.0937 2096 usbprint - ok
21:05:16.0953 2096 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:05:16.0953 2096 usbscan - ok
21:05:16.0968 2096 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:05:16.0968 2096 usbstor - ok
21:05:16.0984 2096 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:05:16.0984 2096 VgaSave - ok
21:05:16.0984 2096 ViaIde - ok
21:05:17.0000 2096 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:05:17.0000 2096 VolSnap - ok
21:05:17.0015 2096 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:05:17.0015 2096 Wanarp - ok
21:05:17.0031 2096 WDICA - ok
21:05:17.0062 2096 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:05:17.0062 2096 wdmaud - ok
21:05:17.0093 2096 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:05:17.0093 2096 WmiAcpi - ok
21:05:17.0140 2096 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:05:17.0140 2096 WS2IFSL - ok
21:05:17.0171 2096 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:05:17.0171 2096 WSTCODEC - ok
21:05:17.0218 2096 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
21:05:17.0359 2096 \Device\Harddisk0\DR0 - ok
21:05:17.0359 2096 Boot (0x1200) (caa1ce2d7bc91a8eeab41bb3e43bb9a3) \Device\Harddisk0\DR0\Partition0
21:05:17.0359 2096 \Device\Harddisk0\DR0\Partition0 - ok
21:05:17.0359 2096 ============================================================
21:05:17.0359 2096 Scan finished
21:05:17.0359 2096 ============================================================
21:05:17.0375 2636 Detected object count: 0
21:05:17.0375 2636 Actual detected object count: 0
21:08:56.0046 0624 ============================================================
21:08:56.0046 0624 Scan started
21:08:56.0046 0624 Mode: Manual;
21:08:56.0046 0624 ============================================================
21:08:56.0468 0624 Abiosdsk - ok
21:08:56.0468 0624 abp480n5 - ok
21:08:56.0515 0624 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:08:56.0515 0624 ACPI - ok
21:08:56.0562 0624 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:08:56.0562 0624 ACPIEC - ok
21:08:56.0562 0624 adpu160m - ok
21:08:56.0593 0624 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:08:56.0593 0624 aec - ok
21:08:56.0640 0624 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:08:56.0640 0624 AFD - ok
21:08:56.0640 0624 Aha154x - ok
21:08:56.0656 0624 aic78u2 - ok
21:08:56.0656 0624 aic78xx - ok
21:08:56.0671 0624 AliIde - ok
21:08:56.0718 0624 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
21:08:56.0734 0624 Ambfilt - ok
21:08:56.0734 0624 amsint - ok
21:08:56.0750 0624 asc - ok
21:08:56.0765 0624 asc3350p - ok
21:08:56.0765 0624 asc3550 - ok
21:08:56.0812 0624 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:08:56.0812 0624 AsyncMac - ok
21:08:56.0828 0624 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:08:56.0828 0624 atapi - ok
21:08:56.0843 0624 Atdisk - ok
21:08:56.0859 0624 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:08:56.0859 0624 Atmarpc - ok
21:08:56.0890 0624 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:08:56.0890 0624 audstub - ok
21:08:56.0906 0624 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:08:56.0906 0624 Beep - ok
21:08:56.0906 0624 catchme - ok
21:08:56.0937 0624 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:08:56.0937 0624 cbidf2k - ok
21:08:56.0953 0624 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:08:56.0953 0624 CCDECODE - ok
21:08:56.0968 0624 cd20xrnt - ok
21:08:56.0968 0624 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:08:56.0968 0624 Cdaudio - ok
21:08:57.0000 0624 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:08:57.0000 0624 Cdfs - ok
21:08:57.0015 0624 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:08:57.0015 0624 Cdrom - ok
21:08:57.0015 0624 Changer - ok
21:08:57.0031 0624 CmdIde - ok
21:08:57.0046 0624 Cpqarray - ok
21:08:57.0062 0624 dac2w2k - ok
21:08:57.0062 0624 dac960nt - ok
21:08:57.0109 0624 dgderdrv (3be1651c63954067940e7f473498ad70) C:\WINDOWS\system32\drivers\dgderdrv.sys
21:08:57.0109 0624 dgderdrv - ok
21:08:57.0125 0624 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:08:57.0125 0624 Disk - ok
21:08:57.0156 0624 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:08:57.0171 0624 dmboot - ok
21:08:57.0171 0624 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:08:57.0171 0624 dmio - ok
21:08:57.0187 0624 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:08:57.0187 0624 dmload - ok
21:08:57.0218 0624 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:08:57.0218 0624 DMusic - ok
21:08:57.0234 0624 dpti2o - ok
21:08:57.0234 0624 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:08:57.0234 0624 drmkaud - ok
21:08:57.0265 0624 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:08:57.0265 0624 Fastfat - ok
21:08:57.0296 0624 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
21:08:57.0296 0624 Fdc - ok
21:08:57.0312 0624 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:08:57.0312 0624 Fips - ok
21:08:57.0312 0624 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:08:57.0312 0624 Flpydisk - ok
21:08:57.0359 0624 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:08:57.0359 0624 FltMgr - ok
21:08:57.0359 0624 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:08:57.0359 0624 Fs_Rec - ok
21:08:57.0375 0624 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:08:57.0375 0624 Ftdisk - ok
21:08:57.0406 0624 glancedrv (1e6c235714a42b2edc0cfa93d0ea66d3) C:\WINDOWS\system32\DRIVERS\glancedrv.sys
21:08:57.0406 0624 glancedrv - ok
21:08:57.0421 0624 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:08:57.0437 0624 Gpc - ok
21:08:57.0453 0624 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:08:57.0453 0624 HDAudBus - ok
21:08:57.0484 0624 HidBoard (08a9bf42cde7cf93ed2f97c94d5bbf74) C:\WINDOWS\system32\DRIVERS\HidBoard.sys
21:08:57.0484 0624 HidBoard - ok
21:08:57.0500 0624 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:08:57.0500 0624 HidUsb - ok
21:08:57.0515 0624 hpn - ok
21:08:57.0515 0624 hpt3xx - ok
21:08:57.0546 0624 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:08:57.0546 0624 HPZid412 - ok
21:08:57.0593 0624 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:08:57.0593 0624 HPZipr12 - ok
21:08:57.0609 0624 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:08:57.0609 0624 HPZius12 - ok
21:08:57.0640 0624 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:08:57.0656 0624 HTTP - ok
21:08:57.0656 0624 i2omgmt - ok
21:08:57.0656 0624 i2omp - ok
21:08:57.0703 0624 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:08:57.0703 0624 i8042prt - ok
21:08:57.0718 0624 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:08:57.0718 0624 Imapi - ok
21:08:57.0718 0624 ini910u - ok
21:08:57.0859 0624 IntcAzAudAddService (85ab23f3e4ba6696fae8beb9d434edd6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:08:57.0890 0624 IntcAzAudAddService - ok
21:08:57.0906 0624 IntelIde - ok
21:08:57.0921 0624 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:08:57.0921 0624 ip6fw - ok
21:08:57.0953 0624 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:08:57.0953 0624 IpFilterDriver - ok
21:08:57.0968 0624 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:08:57.0968 0624 IpInIp - ok
21:08:57.0984 0624 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:08:57.0984 0624 IpNat - ok
21:08:58.0015 0624 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:08:58.0015 0624 IPSec - ok
21:08:58.0031 0624 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:08:58.0031 0624 IRENUM - ok
21:08:58.0046 0624 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:08:58.0046 0624 isapnp - ok
21:08:58.0093 0624 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:08:58.0093 0624 Kbdclass - ok
21:08:58.0125 0624 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:08:58.0125 0624 kmixer - ok
21:08:58.0156 0624 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:08:58.0156 0624 KSecDD - ok
21:08:58.0171 0624 lbrtfdc - ok
21:08:58.0234 0624 LMIInfo - ok
21:08:58.0265 0624 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
21:08:58.0265 0624 lmimirr - ok
21:08:58.0281 0624 LMIRfsClientNP - ok
21:08:58.0281 0624 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
21:08:58.0281 0624 LMIRfsDriver - ok
21:08:58.0328 0624 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:08:58.0328 0624 mnmdd - ok
21:08:58.0359 0624 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:08:58.0359 0624 Modem - ok
21:08:58.0421 0624 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
21:08:58.0437 0624 Monfilt - ok
21:08:58.0453 0624 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:08:58.0453 0624 Mouclass - ok
21:08:58.0500 0624 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:08:58.0500 0624 mouhid - ok
21:08:58.0515 0624 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:08:58.0515 0624 MountMgr - ok
21:08:58.0515 0624 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
21:08:58.0531 0624 MpFilter - ok
21:08:58.0531 0624 mraid35x - ok
21:08:58.0562 0624 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:08:58.0562 0624 MRxDAV - ok
21:08:58.0578 0624 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:08:58.0578 0624 MRxSmb - ok
21:08:58.0593 0624 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:08:58.0593 0624 Msfs - ok
21:08:58.0640 0624 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:08:58.0640 0624 MSKSSRV - ok
21:08:58.0656 0624 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:08:58.0656 0624 MSPCLOCK - ok
21:08:58.0656 0624 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:08:58.0656 0624 MSPQM - ok
21:08:58.0687 0624 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:08:58.0687 0624 mssmbios - ok
21:08:58.0718 0624 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:08:58.0718 0624 MSTEE - ok
21:08:58.0750 0624 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:08:58.0750 0624 Mup - ok
21:08:58.0765 0624 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:08:58.0765 0624 NABTSFEC - ok
21:08:58.0796 0624 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:08:58.0796 0624 NDIS - ok
21:08:58.0812 0624 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:08:58.0812 0624 NdisIP - ok
21:08:58.0843 0624 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:08:58.0843 0624 NdisTapi - ok
21:08:58.0859 0624 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:08:58.0859 0624 Ndisuio - ok
21:08:58.0875 0624 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:08:58.0875 0624 NdisWan - ok
21:08:58.0906 0624 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:08:58.0906 0624 NDProxy - ok
21:08:58.0921 0624 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:08:58.0921 0624 NetBIOS - ok
21:08:58.0937 0624 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:08:58.0937 0624 NetBT - ok
21:08:58.0968 0624 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:08:58.0968 0624 Npfs - ok
21:08:58.0984 0624 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:08:58.0984 0624 Ntfs - ok
21:08:59.0000 0624 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:08:59.0000 0624 Null - ok
21:08:59.0218 0624 nv (6733e80a193fc36f41c24142b0c45c0e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:08:59.0296 0624 nv - ok
21:08:59.0328 0624 NVENETFD (c61927d27b75ed56723f2508f1a6b1be) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
21:08:59.0328 0624 NVENETFD - ok
21:08:59.0343 0624 nvgts (52dce3b30c9d61c8e20fe3c6da4bdfb7) C:\WINDOWS\system32\DRIVERS\nvgts.sys
21:08:59.0343 0624 nvgts - ok
21:08:59.0359 0624 nvnetbus (c529b614ef88be0f62b886c67b516550) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
21:08:59.0359 0624 nvnetbus - ok
21:08:59.0406 0624 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:08:59.0406 0624 NwlnkFlt - ok
21:08:59.0406 0624 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:08:59.0406 0624 NwlnkFwd - ok
21:08:59.0453 0624 PAC207 (b2a32103ea3c18f3347bdfb2f3599cb9) C:\WINDOWS\system32\DRIVERS\PFC027.SYS
21:08:59.0453 0624 PAC207 - ok
21:08:59.0500 0624 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
21:08:59.0500 0624 Parport - ok
21:08:59.0515 0624 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:08:59.0515 0624 PartMgr - ok
21:08:59.0531 0624 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:08:59.0531 0624 ParVdm - ok
21:08:59.0531 0624 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:08:59.0546 0624 PCI - ok
21:08:59.0546 0624 PCIDump - ok
21:08:59.0562 0624 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:08:59.0562 0624 PCIIde - ok
21:08:59.0578 0624 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:08:59.0578 0624 Pcmcia - ok
21:08:59.0593 0624 PDCOMP - ok
21:08:59.0593 0624 PDFRAME - ok
21:08:59.0609 0624 PDRELI - ok
21:08:59.0625 0624 PDRFRAME - ok
21:08:59.0625 0624 perc2 - ok
21:08:59.0640 0624 perc2hib - ok
21:08:59.0671 0624 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:08:59.0671 0624 PptpMiniport - ok
21:08:59.0703 0624 PQNTDrv (4228630829c0e521c43d882a00533374) C:\WINDOWS\system32\drivers\PQNTDrv.sys
21:08:59.0703 0624 PQNTDrv - ok
21:08:59.0718 0624 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
21:08:59.0718 0624 Processor - ok
21:08:59.0718 0624 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:08:59.0734 0624 PSched - ok
21:08:59.0734 0624 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:08:59.0734 0624 Ptilink - ok
21:08:59.0750 0624 ql1080 - ok
21:08:59.0750 0624 Ql10wnt - ok
21:08:59.0750 0624 ql12160 - ok
21:08:59.0765 0624 ql1240 - ok
21:08:59.0765 0624 ql1280 - ok
21:08:59.0796 0624 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:08:59.0796 0624 RasAcd - ok
21:08:59.0812 0624 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:08:59.0812 0624 Rasl2tp - ok
21:08:59.0812 0624 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:08:59.0812 0624 RasPppoe - ok
21:08:59.0828 0624 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:08:59.0828 0624 Raspti - ok
21:08:59.0843 0624 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:08:59.0843 0624 Rdbss - ok
21:08:59.0859 0624 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:08:59.0859 0624 RDPCDD - ok
21:08:59.0859 0624 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:08:59.0859 0624 rdpdr - ok
21:08:59.0906 0624 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:08:59.0906 0624 RDPWD - ok
21:08:59.0921 0624 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:08:59.0937 0624 redbook - ok
21:08:59.0984 0624 RsFx0150 (a95840a95a9ff74b0009e5d848cddb39) C:\WINDOWS\system32\DRIVERS\RsFx0150.sys
21:08:59.0984 0624 RsFx0150 - ok
21:09:00.0046 0624 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:09:00.0046 0624 SASDIFSV - ok
21:09:00.0046 0624 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:09:00.0046 0624 SASKUTIL - ok
21:09:00.0125 0624 scusbvip (647d94c44678325864cb627e322975e0) C:\WINDOWS\system32\DRIVERS\scusbvip.sys
21:09:00.0140 0624 scusbvip - ok
21:09:00.0156 0624 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:09:00.0156 0624 Secdrv - ok
21:09:00.0218 0624 Ser2pl (b4664c1ee39a5b7fc112f4077f8d21a5) C:\WINDOWS\system32\DRIVERS\ser2pl.sys
21:09:00.0218 0624 Ser2pl - ok
21:09:00.0328 0624 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:09:00.0328 0624 Serenum - ok
21:09:00.0406 0624 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
21:09:00.0406 0624 Serial - ok
21:09:00.0437 0624 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:09:00.0437 0624 Sfloppy - ok
21:09:00.0437 0624 Simbad - ok
21:09:00.0468 0624 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:09:00.0468 0624 SLIP - ok
21:09:00.0484 0624 SLVAD_simple (9b82c5f69f793d5fdf317ddb557ae3ad) C:\WINDOWS\system32\drivers\slvad.sys
21:09:00.0484 0624 SLVAD_simple - ok
21:09:00.0531 0624 smrtdrv (cb7bab80c88b15f33848b5f60dcd885a) C:\WINDOWS\system32\DRIVERS\smrtdrv.sys
21:09:00.0531 0624 smrtdrv - ok
21:09:00.0546 0624 Sparrow - ok
21:09:00.0578 0624 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:09:00.0578 0624 splitter - ok
21:09:00.0625 0624 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:09:00.0625 0624 sr - ok
21:09:00.0656 0624 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:09:00.0656 0624 Srv - ok
21:09:00.0671 0624 STI2303X - ok
21:09:00.0703 0624 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:09:00.0703 0624 streamip - ok
21:09:00.0703 0624 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:09:00.0703 0624 swenum - ok
21:09:00.0734 0624 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:09:00.0734 0624 swmidi - ok
21:09:00.0750 0624 symc810 - ok
21:09:00.0750 0624 symc8xx - ok
21:09:00.0765 0624 sym_hi - ok
21:09:00.0765 0624 sym_u3 - ok
21:09:00.0781 0624 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:09:00.0781 0624 sysaudio - ok
21:09:00.0828 0624 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:09:00.0828 0624 Tcpip - ok
21:09:00.0843 0624 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:09:00.0843 0624 TDPIPE - ok
21:09:00.0859 0624 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:09:00.0859 0624 TDTCP - ok
21:09:00.0890 0624 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:09:00.0890 0624 TermDD - ok
21:09:00.0937 0624 TLRecAgent (2a45e38095e00483350a37e5d43e0e05) C:\WINDOWS\system32\DRIVERS\TLRecAgent.sys
21:09:00.0937 0624 TLRecAgent - ok
21:09:00.0937 0624 TosIde - ok
21:09:00.0968 0624 TuneUpUtilitiesDrv - ok
21:09:00.0984 0624 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:09:00.0984 0624 Udfs - ok
21:09:01.0000 0624 ultra - ok
21:09:01.0015 0624 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:09:01.0015 0624 Update - ok
21:09:01.0046 0624 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:09:01.0046 0624 usbccgp - ok
21:09:01.0062 0624 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:09:01.0062 0624 usbehci - ok
21:09:01.0078 0624 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:09:01.0078 0624 usbhub - ok
21:09:01.0078 0624 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:09:01.0078 0624 usbohci - ok
21:09:01.0109 0624 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:09:01.0109 0624 usbprint - ok
21:09:01.0109 0624 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:09:01.0109 0624 usbscan - ok
21:09:01.0125 0624 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:09:01.0125 0624 usbstor - ok
21:09:01.0140 0624 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:09:01.0140 0624 VgaSave - ok
21:09:01.0156 0624 ViaIde - ok
21:09:01.0156 0624 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:09:01.0156 0624 VolSnap - ok
21:09:01.0187 0624 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:09:01.0187 0624 Wanarp - ok
21:09:01.0187 0624 WDICA - ok
21:09:01.0234 0624 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:09:01.0234 0624 wdmaud - ok
21:09:01.0265 0624 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:09:01.0265 0624 WmiAcpi - ok
21:09:01.0296 0624 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:09:01.0296 0624 WS2IFSL - ok
21:09:01.0328 0624 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:09:01.0328 0624 WSTCODEC - ok
21:09:01.0359 0624 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
21:09:01.0500 0624 \Device\Harddisk0\DR0 - ok
21:09:01.0500 0624 Boot (0x1200) (caa1ce2d7bc91a8eeab41bb3e43bb9a3) \Device\Harddisk0\DR0\Partition0
21:09:01.0500 0624 \Device\Harddisk0\DR0\Partition0 - ok
21:09:01.0500 0624 ============================================================
21:09:01.0500 0624 Scan finished
21:09:01.0500 0624 ============================================================
21:09:01.0515 3064 Detected object count: 0
21:09:01.0515 3064 Actual detected object count: 0





21:13:43.0703 3260 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
21:13:43.0703 3260 ============================================================
21:13:43.0703 3260 Current date / time: 2012/03/05 21:13:43.0703
21:13:43.0703 3260 SystemInfo:
21:13:43.0703 3260
21:13:43.0703 3260 OS Version: 5.1.2600 ServicePack: 3.0
21:13:43.0703 3260 Product type: Workstation
21:13:43.0703 3260 ComputerName: MATHONDVDS
21:13:43.0703 3260 UserName: Math On DVDs
21:13:43.0703 3260 Windows directory: C:\WINDOWS
21:13:43.0703 3260 System windows directory: C:\WINDOWS
21:13:43.0703 3260 Processor architecture: Intel x86
21:13:43.0703 3260 Number of processors: 2
21:13:43.0703 3260 Page size: 0x1000
21:13:43.0703 3260 Boot type: Normal boot
21:13:43.0703 3260 ============================================================
21:13:45.0156 3260 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
21:13:45.0171 3260 \Device\Harddisk0\DR0:
21:13:45.0171 3260 MBR used
21:13:45.0171 3260 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
21:13:45.0203 3260 Initialize success
21:13:45.0203 3260 ============================================================
21:13:51.0296 2688 ============================================================
21:13:51.0296 2688 Scan started
21:13:51.0296 2688 Mode: Manual; SigCheck; TDLFS;
21:13:51.0296 2688 ============================================================
21:13:51.0515 2688 Abiosdsk - ok
21:13:51.0531 2688 abp480n5 - ok
21:13:51.0578 2688 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:13:51.0781 2688 ACPI - ok
21:13:51.0812 2688 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:13:51.0906 2688 ACPIEC - ok
21:13:51.0921 2688 adpu160m - ok
21:13:51.0953 2688 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:13:52.0031 2688 aec - ok
21:13:52.0078 2688 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:13:52.0093 2688 AFD - ok
21:13:52.0093 2688 Aha154x - ok
21:13:52.0109 2688 aic78u2 - ok
21:13:52.0109 2688 aic78xx - ok
21:13:52.0125 2688 AliIde - ok
21:13:52.0187 2688 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
21:13:52.0234 2688 Ambfilt - ok
21:13:52.0250 2688 amsint - ok
21:13:52.0250 2688 asc - ok
21:13:52.0265 2688 asc3350p - ok
21:13:52.0265 2688 asc3550 - ok
21:13:52.0312 2688 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:13:52.0390 2688 AsyncMac - ok
21:13:52.0406 2688 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:13:52.0515 2688 atapi - ok
21:13:52.0531 2688 Atdisk - ok
21:13:52.0546 2688 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:13:52.0640 2688 Atmarpc - ok
21:13:52.0671 2688 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:13:52.0796 2688 audstub - ok
21:13:52.0828 2688 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:13:52.0937 2688 Beep - ok
21:13:52.0937 2688 catchme - ok
21:13:52.0968 2688 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:13:53.0062 2688 cbidf2k - ok
21:13:53.0093 2688 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:13:53.0171 2688 CCDECODE - ok
21:13:53.0171 2688 cd20xrnt - ok
21:13:53.0203 2688 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:13:53.0312 2688 Cdaudio - ok
21:13:53.0343 2688 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:13:53.0421 2688 Cdfs - ok
21:13:53.0437 2688 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:13:53.0546 2688 Cdrom - ok
21:13:53.0546 2688 Changer - ok
21:13:53.0562 2688 CmdIde - ok
21:13:53.0578 2688 Cpqarray - ok
21:13:53.0593 2688 dac2w2k - ok
21:13:53.0593 2688 dac960nt - ok
21:13:53.0640 2688 dgderdrv (3be1651c63954067940e7f473498ad70) C:\WINDOWS\system32\drivers\dgderdrv.sys
21:13:53.0640 2688 dgderdrv - ok
21:13:53.0656 2688 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:13:53.0750 2688 Disk - ok
21:13:53.0781 2688 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:13:53.0921 2688 dmboot - ok
21:13:53.0921 2688 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:13:54.0015 2688 dmio - ok
21:13:54.0031 2688 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:13:54.0140 2688 dmload - ok
21:13:54.0171 2688 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:13:54.0265 2688 DMusic - ok
21:13:54.0265 2688 dpti2o - ok
21:13:54.0296 2688 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:13:54.0375 2688 drmkaud - ok
21:13:54.0421 2688 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:13:54.0531 2688 Fastfat - ok
21:13:54.0546 2688 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
21:13:54.0640 2688 Fdc - ok
21:13:54.0656 2688 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:13:54.0765 2688 Fips - ok
21:13:54.0765 2688 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:13:54.0859 2688 Flpydisk - ok
21:13:54.0890 2688 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:13:54.0984 2688 FltMgr - ok
21:13:55.0015 2688 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:13:55.0109 2688 Fs_Rec - ok
21:13:55.0125 2688 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:13:55.0234 2688 Ftdisk - ok
21:13:55.0265 2688 glancedrv (1e6c235714a42b2edc0cfa93d0ea66d3) C:\WINDOWS\system32\DRIVERS\glancedrv.sys
21:13:55.0281 2688 glancedrv - ok
21:13:55.0296 2688 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:13:55.0390 2688 Gpc - ok
21:13:55.0421 2688 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:13:55.0515 2688 HDAudBus - ok
21:13:55.0546 2688 HidBoard (08a9bf42cde7cf93ed2f97c94d5bbf74) C:\WINDOWS\system32\DRIVERS\HidBoard.sys
21:13:55.0562 2688 HidBoard - ok
21:13:55.0578 2688 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:13:55.0656 2688 HidUsb - ok
21:13:55.0671 2688 hpn - ok
21:13:55.0671 2688 hpt3xx - ok
21:13:55.0703 2688 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:13:55.0734 2688 HPZid412 - ok
21:13:55.0765 2688 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:13:55.0796 2688 HPZipr12 - ok
21:13:55.0796 2688 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:13:55.0828 2688 HPZius12 - ok
21:13:55.0875 2688 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:13:55.0875 2688 HTTP - ok
21:13:55.0890 2688 i2omgmt - ok
21:13:55.0890 2688 i2omp - ok
21:13:55.0937 2688 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:13:56.0031 2688 i8042prt - ok
21:13:56.0046 2688 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:13:56.0140 2688 Imapi - ok
21:13:56.0156 2688 ini910u - ok
21:13:56.0281 2688 IntcAzAudAddService (85ab23f3e4ba6696fae8beb9d434edd6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:13:56.0468 2688 IntcAzAudAddService - ok
21:13:56.0468 2688 IntelIde - ok
21:13:56.0500 2688 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:13:56.0593 2688 ip6fw - ok
21:13:56.0640 2688 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:13:56.0734 2688 IpFilterDriver - ok
21:13:56.0765 2688 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:13:56.0859 2688 IpInIp - ok
21:13:56.0859 2688 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:13:56.0953 2688 IpNat - ok
21:13:56.0984 2688 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:13:57.0062 2688 IPSec - ok
21:13:57.0078 2688 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:13:57.0171 2688 IRENUM - ok
21:13:57.0203 2688 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:13:57.0296 2688 isapnp - ok
21:13:57.0328 2688 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:13:57.0406 2688 Kbdclass - ok
21:13:57.0437 2688 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:13:57.0531 2688 kmixer - ok
21:13:57.0562 2688 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:13:57.0593 2688 KSecDD - ok
21:13:57.0593 2688 lbrtfdc - ok
21:13:57.0656 2688 LMIInfo - ok
21:13:57.0703 2688 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
21:13:57.0718 2688 lmimirr - ok
21:13:57.0718 2688 LMIRfsClientNP - ok
21:13:57.0734 2688 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
21:13:57.0734 2688 LMIRfsDriver - ok
21:13:57.0781 2688 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:13:57.0890 2688 mnmdd - ok
21:13:57.0921 2688 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:13:58.0000 2688 Modem - ok
21:13:58.0062 2688 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
21:13:58.0109 2688 Monfilt - ok
21:13:58.0140 2688 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:13:58.0234 2688 Mouclass - ok
21:13:58.0265 2688 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:13:58.0375 2688 mouhid - ok
21:13:58.0406 2688 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:13:58.0500 2688 MountMgr - ok
21:13:58.0515 2688 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
21:13:58.0531 2688 MpFilter - ok
21:13:58.0531 2688 mraid35x - ok
21:13:58.0546 2688 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:13:58.0640 2688 MRxDAV - ok
21:13:58.0687 2688 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:13:58.0718 2688 MRxSmb - ok
21:13:58.0734 2688 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:13:58.0812 2688 Msfs - ok
21:13:58.0859 2688 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:13:58.0953 2688 MSKSSRV - ok
21:13:58.0968 2688 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:13:59.0078 2688 MSPCLOCK - ok
21:13:59.0078 2688 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:13:59.0171 2688 MSPQM - ok
21:13:59.0203 2688 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:13:59.0296 2688 mssmbios - ok
21:13:59.0312 2688 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:13:59.0406 2688 MSTEE - ok
21:13:59.0437 2688 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:13:59.0453 2688 Mup - ok
21:13:59.0468 2688 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:13:59.0578 2688 NABTSFEC - ok
21:13:59.0625 2688 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:13:59.0718 2688 NDIS - ok
21:13:59.0734 2688 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:13:59.0828 2688 NdisIP - ok
21:13:59.0859 2688 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:13:59.0890 2688 NdisTapi - ok
21:13:59.0906 2688 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:14:00.0000 2688 Ndisuio - ok
21:14:00.0000 2688 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:14:00.0093 2688 NdisWan - ok
21:14:00.0125 2688 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:14:00.0140 2688 NDProxy - ok
21:14:00.0156 2688 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:14:00.0250 2688 NetBIOS - ok
21:14:00.0265 2688 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:14:00.0375 2688 NetBT - ok
21:14:00.0406 2688 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:14:00.0484 2688 Npfs - ok
21:14:00.0500 2688 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:14:00.0593 2688 Ntfs - ok
21:14:00.0625 2688 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:14:00.0718 2688 Null - ok
21:14:00.0937 2688 nv (6733e80a193fc36f41c24142b0c45c0e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:14:01.0203 2688 nv - ok
21:14:01.0234 2688 NVENETFD (c61927d27b75ed56723f2508f1a6b1be) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
21:14:01.0250 2688 NVENETFD - ok
21:14:01.0265 2688 nvgts (52dce3b30c9d61c8e20fe3c6da4bdfb7) C:\WINDOWS\system32\DRIVERS\nvgts.sys
21:14:01.0281 2688 nvgts - ok
21:14:01.0296 2688 nvnetbus (c529b614ef88be0f62b886c67b516550) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
21:14:01.0312 2688 nvnetbus - ok
21:14:01.0359 2688 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:14:01.0468 2688 NwlnkFlt - ok
21:14:01.0484 2688 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:14:01.0578 2688 NwlnkFwd - ok
21:14:01.0625 2688 PAC207 (b2a32103ea3c18f3347bdfb2f3599cb9) C:\WINDOWS\system32\DRIVERS\PFC027.SYS
21:14:01.0656 2688 PAC207 - ok
21:14:01.0703 2688 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
21:14:01.0796 2688 Parport - ok
21:14:01.0812 2688 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:14:01.0906 2688 PartMgr - ok
21:14:01.0921 2688 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:14:02.0031 2688 ParVdm - ok
21:14:02.0031 2688 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:14:02.0125 2688 PCI - ok
21:14:02.0125 2688 PCIDump - ok
21:14:02.0140 2688 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:14:02.0250 2688 PCIIde - ok
21:14:02.0265 2688 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:14:02.0343 2688 Pcmcia - ok
21:14:02.0359 2688 PDCOMP - ok
21:14:02.0359 2688 PDFRAME - ok
21:14:02.0375 2688 PDRELI - ok
21:14:02.0375 2688 PDRFRAME - ok
21:14:02.0390 2688 perc2 - ok
21:14:02.0390 2688 perc2hib - ok
21:14:02.0437 2688 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:14:02.0515 2688 PptpMiniport - ok
21:14:02.0546 2688 PQNTDrv (4228630829c0e521c43d882a00533374) C:\WINDOWS\system32\drivers\PQNTDrv.sys
21:14:02.0562 2688 PQNTDrv ( UnsignedFile.Multi.Generic ) - warning
21:14:02.0562 2688 PQNTDrv - detected UnsignedFile.Multi.Generic (1)
21:14:02.0578 2688 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
21:14:02.0671 2688 Processor - ok
21:14:02.0687 2688 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:14:02.0765 2688 PSched - ok
21:14:02.0781 2688 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:14:02.0875 2688 Ptilink - ok
21:14:02.0875 2688 ql1080 - ok
21:14:02.0890 2688 Ql10wnt - ok
21:14:02.0890 2688 ql12160 - ok
21:14:02.0906 2688 ql1240 - ok
21:14:02.0906 2688 ql1280 - ok
21:14:02.0921 2688 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:14:03.0031 2688 RasAcd - ok
21:14:03.0046 2688 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:14:03.0125 2688 Rasl2tp - ok
21:14:03.0125 2688 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:14:03.0234 2688 RasPppoe - ok
21:14:03.0234 2688 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:14:03.0343 2688 Raspti - ok
21:14:03.0375 2688 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:14:03.0453 2688 Rdbss - ok
21:14:03.0484 2688 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:14:03.0593 2688 RDPCDD - ok
21:14:03.0609 2688 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:14:03.0687 2688 rdpdr - ok
21:14:03.0734 2688 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:14:03.0750 2688 RDPWD - ok
21:14:03.0765 2688 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:14:03.0859 2688 redbook - ok
21:14:03.0906 2688 RsFx0150 (a95840a95a9ff74b0009e5d848cddb39) C:\WINDOWS\system32\DRIVERS\RsFx0150.sys
21:14:03.0921 2688 RsFx0150 - ok
21:14:03.0984 2688 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:14:03.0984 2688 SASDIFSV - ok
21:14:04.0000 2688 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:14:04.0000 2688 SASKUTIL - ok
21:14:04.0046 2688 scusbvip (647d94c44678325864cb627e322975e0) C:\WINDOWS\system32\DRIVERS\scusbvip.sys
21:14:04.0078 2688 scusbvip - ok
21:14:04.0109 2688 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:14:04.0187 2688 Secdrv - ok
21:14:04.0234 2688 Ser2pl (b4664c1ee39a5b7fc112f4077f8d21a5) C:\WINDOWS\system32\DRIVERS\ser2pl.sys
21:14:04.0250 2688 Ser2pl - ok
21:14:04.0250 2688 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:14:04.0343 2688 Serenum - ok
21:14:04.0359 2688 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
21:14:04.0453 2688 Serial - ok
21:14:04.0468 2688 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:14:04.0562 2688 Sfloppy - ok
21:14:04.0578 2688 Simbad - ok
21:14:04.0625 2688 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:14:04.0718 2688 SLIP - ok
21:14:04.0750 2688 SLVAD_simple (9b82c5f69f793d5fdf317ddb557ae3ad) C:\WINDOWS\system32\drivers\slvad.sys
21:14:04.0750 2688 SLVAD_simple - ok
21:14:04.0796 2688 smrtdrv (cb7bab80c88b15f33848b5f60dcd885a) C:\WINDOWS\system32\DRIVERS\smrtdrv.sys
21:14:04.0796 2688 smrtdrv - ok
21:14:04.0812 2688 Sparrow - ok
21:14:04.0843 2688 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:14:04.0953 2688 splitter - ok
21:14:04.0984 2688 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:14:05.0078 2688 sr - ok
21:14:05.0093 2688 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:14:05.0109 2688 Srv - ok
21:14:05.0125 2688 STI2303X - ok
21:14:05.0156 2688 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:14:05.0234 2688 streamip - ok
21:14:05.0265 2688 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:14:05.0359 2688 swenum - ok
21:14:05.0375 2688 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:14:05.0468 2688 swmidi - ok
21:14:05.0484 2688 symc810 - ok
21:14:05.0484 2688 symc8xx - ok
21:14:05.0500 2688 sym_hi - ok
21:14:05.0500 2688 sym_u3 - ok
21:14:05.0515 2688 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:14:05.0593 2688 sysaudio - ok
21:14:05.0640 2688 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:14:05.0656 2688 Tcpip - ok
21:14:05.0687 2688 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:14:05.0781 2688 TDPIPE - ok
21:14:05.0796 2688 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:14:05.0890 2688 TDTCP - ok
21:14:05.0906 2688 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:14:05.0984 2688 TermDD - ok
21:14:06.0031 2688 TLRecAgent (2a45e38095e00483350a37e5d43e0e05) C:\WINDOWS\system32\DRIVERS\TLRecAgent.sys
21:14:06.0031 2688 TLRecAgent - ok
21:14:06.0046 2688 TosIde - ok
21:14:06.0062 2688 TuneUpUtilitiesDrv - ok
21:14:06.0078 2688 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:14:06.0187 2688 Udfs - ok
21:14:06.0187 2688 ultra - ok
21:14:06.0218 2688 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:14:06.0312 2688 Update - ok
21:14:06.0359 2688 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:14:06.0437 2688 usbccgp - ok
21:14:06.0453 2688 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:14:06.0531 2688 usbehci - ok
21:14:06.0531 2688 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:14:06.0625 2688 usbhub - ok
21:14:06.0656 2688 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:14:06.0750 2688 usbohci - ok
21:14:06.0781 2688 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:14:06.0875 2688 usbprint - ok
21:14:06.0906 2688 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:14:07.0000 2688 usbscan - ok
21:14:07.0015 2688 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:14:07.0093 2688 usbstor - ok
21:14:07.0109 2688 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:14:07.0203 2688 VgaSave - ok
21:14:07.0203 2688 ViaIde - ok
21:14:07.0218 2688 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:14:07.0312 2688 VolSnap - ok
21:14:07.0343 2688 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:14:07.0421 2688 Wanarp - ok
21:14:07.0421 2688 WDICA - ok
21:14:07.0468 2688 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:14:07.0562 2688 wdmaud - ok
21:14:07.0609 2688 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:14:07.0687 2688 WmiAcpi - ok
21:14:07.0718 2688 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:14:07.0828 2688 WS2IFSL - ok
21:14:07.0859 2688 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:14:07.0953 2688 WSTCODEC - ok
21:14:07.0968 2688 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
21:14:08.0218 2688 \Device\Harddisk0\DR0 - ok
21:14:08.0218 2688 Boot (0x1200) (caa1ce2d7bc91a8eeab41bb3e43bb9a3) \Device\Harddisk0\DR0\Partition0
21:14:08.0218 2688 \Device\Harddisk0\DR0\Partition0 - ok
21:14:08.0218 2688 ============================================================
21:14:08.0218 2688 Scan finished
21:14:08.0218 2688 ============================================================
21:14:08.0328 3052 Detected object count: 1
21:14:08.0328 3052 Actual detected object count: 1
21:14:12.0859 3052 PQNTDrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:14:12.0859 3052 PQNTDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip






FIX BUTTON WAS NOT ENABLED


aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-05 21:26:54
-----------------------------
21:26:54.125 OS Version: Windows 5.1.2600 Service Pack 3
21:26:54.125 Number of processors: 2 586 0x603
21:26:54.125 ComputerName: MATHONDVDS UserName:
21:26:55.593 Initialize success
21:27:28.859 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\nvgts1Port2Path0Target0Lun0
21:27:28.859 Disk 0 Vendor: ST350041 CC44 Size: 476940MB BusType: 3
21:27:28.859 Device \Driver\nvgts -> DriverStartIo SCSIPORT.SYS b7eca40e
21:27:28.890 Disk 0 MBR read successfully
21:27:28.890 Disk 0 MBR scan
21:27:28.890 Disk 0 Windows XP default MBR code
21:27:28.890 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
21:27:28.890 Disk 0 scanning sectors +976752000
21:27:28.968 Disk 0 scanning C:\WINDOWS\system32\drivers
21:27:34.812 Service scanning
21:27:42.468 Modules scanning
21:27:44.906 Scan finished successfully
21:29:22.578 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Math On DVDs\Desktop\MBR.dat"
21:29:22.578 The log file has been saved successfully to "C:\Documents and Settings\Math On DVDs\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-05 21:26:54
-----------------------------
21:26:54.125 OS Version: Windows 5.1.2600 Service Pack 3
21:26:54.125 Number of processors: 2 586 0x603
21:26:54.125 ComputerName: MATHONDVDS UserName:
21:26:55.593 Initialize success
21:27:28.859 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\nvgts1Port2Path0Target0Lun0
21:27:28.859 Disk 0 Vendor: ST350041 CC44 Size: 476940MB BusType: 3
21:27:28.859 Device \Driver\nvgts -> DriverStartIo SCSIPORT.SYS b7eca40e
21:27:28.890 Disk 0 MBR read successfully
21:27:28.890 Disk 0 MBR scan
21:27:28.890 Disk 0 Windows XP default MBR code
21:27:28.890 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
21:27:28.890 Disk 0 scanning sectors +976752000
21:27:28.968 Disk 0 scanning C:\WINDOWS\system32\drivers
21:27:34.812 Service scanning
21:27:42.468 Modules scanning
21:27:44.906 Scan finished successfully
21:29:22.578 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Math On DVDs\Desktop\MBR.dat"
21:29:22.578 The log file has been saved successfully to "C:\Documents and Settings\Math On DVDs\Desktop\aswMBR.txt"
21:30:48.593 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Math On DVDs\Desktop\MBR.dat"
21:30:48.593 The log file has been saved successfully to "C:\Documents and Settings\Math On DVDs\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-05 21:26:54
-----------------------------
21:26:54.125 OS Version: Windows 5.1.2600 Service Pack 3
21:26:54.125 Number of processors: 2 586 0x603
21:26:54.125 ComputerName: MATHONDVDS UserName:
21:26:55.593 Initialize success
21:27:28.859 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\nvgts1Port2Path0Target0Lun0
21:27:28.859 Disk 0 Vendor: ST350041 CC44 Size: 476940MB BusType: 3
21:27:28.859 Device \Driver\nvgts -> DriverStartIo SCSIPORT.SYS b7eca40e
21:27:28.890 Disk 0 MBR read successfully
21:27:28.890 Disk 0 MBR scan
21:27:28.890 Disk 0 Windows XP default MBR code
21:27:28.890 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
21:27:28.890 Disk 0 scanning sectors +976752000
21:27:28.968 Disk 0 scanning C:\WINDOWS\system32\drivers
21:27:34.812 Service scanning
21:27:42.468 Modules scanning
21:27:44.906 Scan finished successfully
21:29:22.578 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Math On DVDs\Desktop\MBR.dat"
21:29:22.578 The log file has been saved successfully to "C:\Documents and Settings\Math On DVDs\Desktop\aswMBR.txt"
21:30:48.593 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Math On DVDs\Desktop\MBR.dat"
21:30:48.593 The log file has been saved successfully to "C:\Documents and Settings\Math On DVDs\Desktop\aswMBR.txt"
21:31:07.796 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Math On DVDs\Desktop\MBR.dat"
21:31:07.796 The log file has been saved successfully to "C:\Documents and Settings\Math On DVDs\Desktop\aswMBR.txt"



Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.06.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Math On DVDs :: MATHONDVDS [administrator]

3/5/2012 9:53:46 PM
mbam-log-2012-03-05 (21-53-46).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 278862
Time elapsed: 29 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)