ComboFix Deletions:
ComboFix 12-03-11.01 - dell 1/2012 Sun 18:24:13.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.4056.2184 [GMT -4:00]
Running from: c:\users\dell\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
Error: Cfiles.dat
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Daniel\AppData\Local\TempDIR
c:\users\Daniel\Documents\~WRL0001.tmp
c:\users\Daniel\Documents\~WRL0002.tmp
c:\users\Daniel\Documents\~WRL0004.tmp
c:\users\Daniel\Documents\~WRL0005.tmp
c:\users\Daniel\Documents\~WRL0007.tmp
c:\users\Daniel\Documents\~WRL0082.tmp
c:\users\Daniel\Documents\~WRL0123.tmp
c:\users\Daniel\Documents\~WRL0126.tmp
c:\users\Daniel\Documents\~WRL0127.tmp
c:\users\Daniel\Documents\~WRL0151.tmp
c:\users\Daniel\Documents\~WRL0158.tmp
c:\users\Daniel\Documents\~WRL0163.tmp
c:\users\Daniel\Documents\~WRL0169.tmp
c:\users\Daniel\Documents\~WRL0170.tmp
c:\users\Daniel\Documents\~WRL0184.tmp
c:\users\Daniel\Documents\~WRL0237.tmp
c:\users\Daniel\Documents\~WRL0261.tmp
c:\users\Daniel\Documents\~WRL0264.tmp
c:\users\Daniel\Documents\~WRL0269.tmp
c:\users\Daniel\Documents\~WRL0318.tmp
c:\users\Daniel\Documents\~WRL0331.tmp
c:\users\Daniel\Documents\~WRL0350.tmp
c:\users\Daniel\Documents\~WRL0351.tmp
c:\users\Daniel\Documents\~WRL0370.tmp
c:\users\Daniel\Documents\~WRL0402.tmp
c:\users\Daniel\Documents\~WRL0418.tmp
c:\users\Daniel\Documents\~WRL0431.tmp
c:\users\Daniel\Documents\~WRL0483.tmp
c:\users\Daniel\Documents\~WRL0484.tmp
c:\users\Daniel\Documents\~WRL0495.tmp
c:\users\Daniel\Documents\~WRL0501.tmp
c:\users\Daniel\Documents\~WRL0519.tmp
c:\users\Daniel\Documents\~WRL0536.tmp
c:\users\Daniel\Documents\~WRL0539.tmp
c:\users\Daniel\Documents\~WRL0541.tmp
c:\users\Daniel\Documents\~WRL0546.tmp
c:\users\Daniel\Documents\~WRL0550.tmp
c:\users\Daniel\Documents\~WRL0552.tmp
c:\users\Daniel\Documents\~WRL0553.tmp
c:\users\Daniel\Documents\~WRL0555.tmp
c:\users\Daniel\Documents\~WRL0557.tmp
c:\users\Daniel\Documents\~WRL0564.tmp
c:\users\Daniel\Documents\~WRL0593.tmp
c:\users\Daniel\Documents\~WRL0598.tmp
c:\users\Daniel\Documents\~WRL0599.tmp
c:\users\Daniel\Documents\~WRL0612.tmp
c:\users\Daniel\Documents\~WRL0630.tmp
c:\users\Daniel\Documents\~WRL0669.tmp
c:\users\Daniel\Documents\~WRL0672.tmp
c:\users\Daniel\Documents\~WRL0674.tmp
c:\users\Daniel\Documents\~WRL0680.tmp
c:\users\Daniel\Documents\~WRL0691.tmp
c:\users\Daniel\Documents\~WRL0697.tmp
c:\users\Daniel\Documents\~WRL0725.tmp
c:\users\Daniel\Documents\~WRL0739.tmp
c:\users\Daniel\Documents\~WRL0744.tmp
c:\users\Daniel\Documents\~WRL0752.tmp
c:\users\Daniel\Documents\~WRL0818.tmp
c:\users\Daniel\Documents\~WRL0828.tmp
c:\users\Daniel\Documents\~WRL0830.tmp
c:\users\Daniel\Documents\~WRL0843.tmp
c:\users\Daniel\Documents\~WRL0854.tmp
c:\users\Daniel\Documents\~WRL0866.tmp
c:\users\Daniel\Documents\~WRL0867.tmp
c:\users\Daniel\Documents\~WRL0873.tmp
c:\users\Daniel\Documents\~WRL0879.tmp
c:\users\Daniel\Documents\~WRL0927.tmp
c:\users\Daniel\Documents\~WRL0937.tmp
c:\users\Daniel\Documents\~WRL0944.tmp
c:\users\Daniel\Documents\~WRL0945.tmp
c:\users\Daniel\Documents\~WRL0984.tmp
c:\users\Daniel\Documents\~WRL0988.tmp
c:\users\Daniel\Documents\~WRL0997.tmp
c:\users\Daniel\Documents\~WRL1055.tmp
c:\users\Daniel\Documents\~WRL1065.tmp
c:\users\Daniel\Documents\~WRL1094.tmp
c:\users\Daniel\Documents\~WRL1108.tmp
c:\users\Daniel\Documents\~WRL1114.tmp
c:\users\Daniel\Documents\~WRL1124.tmp
c:\users\Daniel\Documents\~WRL1125.tmp
c:\users\Daniel\Documents\~WRL1134.tmp
c:\users\Daniel\Documents\~WRL1143.tmp
c:\users\Daniel\Documents\~WRL1155.tmp
c:\users\Daniel\Documents\~WRL1168.tmp
c:\users\Daniel\Documents\~WRL1182.tmp
c:\users\Daniel\Documents\~WRL1210.tmp
c:\users\Daniel\Documents\~WRL1211.tmp
c:\users\Daniel\Documents\~WRL1214.tmp
c:\users\Daniel\Documents\~WRL1230.tmp
c:\users\Daniel\Documents\~WRL1235.tmp
c:\users\Daniel\Documents\~WRL1239.tmp
c:\users\Daniel\Documents\~WRL1242.tmp
c:\users\Daniel\Documents\~WRL1261.tmp
c:\users\Daniel\Documents\~WRL1268.tmp
c:\users\Daniel\Documents\~WRL1272.tmp
c:\users\Daniel\Documents\~WRL1314.tmp
c:\users\Daniel\Documents\~WRL1316.tmp
c:\users\Daniel\Documents\~WRL1324.tmp
c:\users\Daniel\Documents\~WRL1331.tmp
c:\users\Daniel\Documents\~WRL1336.tmp
c:\users\Daniel\Documents\~WRL1375.tmp
c:\users\Daniel\Documents\~WRL1376.tmp
c:\users\Daniel\Documents\~WRL1382.tmp
c:\users\Daniel\Documents\~WRL1413.tmp
c:\users\Daniel\Documents\~WRL1414.tmp
c:\users\Daniel\Documents\~WRL1425.tmp
c:\users\Daniel\Documents\~WRL1449.tmp
c:\users\Daniel\Documents\~WRL1481.tmp
c:\users\Daniel\Documents\~WRL1495.tmp
c:\users\Daniel\Documents\~WRL1500.tmp
c:\users\Daniel\Documents\~WRL1514.tmp
c:\users\Daniel\Documents\~WRL1515.tmp
c:\users\Daniel\Documents\~WRL1516.tmp
c:\users\Daniel\Documents\~WRL1552.tmp
c:\users\Daniel\Documents\~WRL1554.tmp
c:\users\Daniel\Documents\~WRL1560.tmp
c:\users\Daniel\Documents\~WRL1583.tmp
c:\users\Daniel\Documents\~WRL1612.tmp
c:\users\Daniel\Documents\~WRL1632.tmp
c:\users\Daniel\Documents\~WRL1633.tmp
c:\users\Daniel\Documents\~WRL1635.tmp
c:\users\Daniel\Documents\~WRL1648.tmp
c:\users\Daniel\Documents\~WRL1665.tmp
c:\users\Daniel\Documents\~WRL1683.tmp
c:\users\Daniel\Documents\~WRL1689.tmp
c:\users\Daniel\Documents\~WRL1692.tmp
c:\users\Daniel\Documents\~WRL1697.tmp
c:\users\Daniel\Documents\~WRL1703.tmp
c:\users\Daniel\Documents\~WRL1728.tmp
c:\users\Daniel\Documents\~WRL1738.tmp
c:\users\Daniel\Documents\~WRL1752.tmp
c:\users\Daniel\Documents\~WRL1753.tmp
c:\users\Daniel\Documents\~WRL1760.tmp
c:\users\Daniel\Documents\~WRL1771.tmp
c:\users\Daniel\Documents\~WRL1815.tmp
c:\users\Daniel\Documents\~WRL1817.tmp
c:\users\Daniel\Documents\~WRL1818.tmp
c:\users\Daniel\Documents\~WRL1829.tmp
c:\users\Daniel\Documents\~WRL1837.tmp
c:\users\Daniel\Documents\~WRL1848.tmp
c:\users\Daniel\Documents\~WRL1856.tmp
c:\users\Daniel\Documents\~WRL1903.tmp
c:\users\Daniel\Documents\~WRL1920.tmp
c:\users\Daniel\Documents\~WRL1931.tmp
c:\users\Daniel\Documents\~WRL1954.tmp
c:\users\Daniel\Documents\~WRL1956.tmp
c:\users\Daniel\Documents\~WRL1958.tmp
c:\users\Daniel\Documents\~WRL1977.tmp
c:\users\Daniel\Documents\~WRL1978.tmp
c:\users\Daniel\Documents\~WRL1982.tmp
c:\users\Daniel\Documents\~WRL1984.tmp
c:\users\Daniel\Documents\~WRL2000.tmp
c:\users\Daniel\Documents\~WRL2001.tmp
c:\users\Daniel\Documents\~WRL2044.tmp
c:\users\Daniel\Documents\~WRL2070.tmp
c:\users\Daniel\Documents\~WRL2077.tmp
c:\users\Daniel\Documents\~WRL2101.tmp
c:\users\Daniel\Documents\~WRL2108.tmp
c:\users\Daniel\Documents\~WRL2110.tmp
c:\users\Daniel\Documents\~WRL2143.tmp
c:\users\Daniel\Documents\~WRL2153.tmp
c:\users\Daniel\Documents\~WRL2164.tmp
c:\users\Daniel\Documents\~WRL2175.tmp
c:\users\Daniel\Documents\~WRL2180.tmp
c:\users\Daniel\Documents\~WRL2183.tmp
c:\users\Daniel\Documents\~WRL2208.tmp
c:\users\Daniel\Documents\~WRL2209.tmp
c:\users\Daniel\Documents\~WRL2210.tmp
c:\users\Daniel\Documents\~WRL2219.tmp
c:\users\Daniel\Documents\~WRL2224.tmp
c:\users\Daniel\Documents\~WRL2243.tmp
c:\users\Daniel\Documents\~WRL2252.tmp
c:\users\Daniel\Documents\~WRL2275.tmp
c:\users\Daniel\Documents\~WRL2282.tmp
c:\users\Daniel\Documents\~WRL2284.tmp
c:\users\Daniel\Documents\~WRL2291.tmp
c:\users\Daniel\Documents\~WRL2303.tmp
c:\users\Daniel\Documents\~WRL2307.tmp
c:\users\Daniel\Documents\~WRL2326.tmp
c:\users\Daniel\Documents\~WRL2331.tmp
c:\users\Daniel\Documents\~WRL2356.tmp
c:\users\Daniel\Documents\~WRL2358.tmp
c:\users\Daniel\Documents\~WRL2366.tmp
c:\users\Daniel\Documents\~WRL2387.tmp
c:\users\Daniel\Documents\~WRL2388.tmp
c:\users\Daniel\Documents\~WRL2430.tmp
c:\users\Daniel\Documents\~WRL2435.tmp
c:\users\Daniel\Documents\~WRL2470.tmp
c:\users\Daniel\Documents\~WRL2486.tmp
c:\users\Daniel\Documents\~WRL2504.tmp
c:\users\Daniel\Documents\~WRL2509.tmp
c:\users\Daniel\Documents\~WRL2517.tmp
c:\users\Daniel\Documents\~WRL2550.tmp
c:\users\Daniel\Documents\~WRL2557.tmp
c:\users\Daniel\Documents\~WRL2563.tmp
c:\users\Daniel\Documents\~WRL2568.tmp
c:\users\Daniel\Documents\~WRL2591.tmp
c:\users\Daniel\Documents\~WRL2597.tmp
c:\users\Daniel\Documents\~WRL2610.tmp
c:\users\Daniel\Documents\~WRL2611.tmp
c:\users\Daniel\Documents\~WRL2615.tmp
c:\users\Daniel\Documents\~WRL2662.tmp
c:\users\Daniel\Documents\~WRL2666.tmp
c:\users\Daniel\Documents\~WRL2668.tmp
c:\users\Daniel\Documents\~WRL2721.tmp
c:\users\Daniel\Documents\~WRL2724.tmp
c:\users\Daniel\Documents\~WRL2726.tmp
c:\users\Daniel\Documents\~WRL2760.tmp
c:\users\Daniel\Documents\~WRL2798.tmp
c:\users\Daniel\Documents\~WRL2854.tmp
c:\users\Daniel\Documents\~WRL2863.tmp
c:\users\Daniel\Documents\~WRL2872.tmp
c:\users\Daniel\Documents\~WRL2880.tmp
c:\users\Daniel\Documents\~WRL2881.tmp
c:\users\Daniel\Documents\~WRL2909.tmp
c:\users\Daniel\Documents\~WRL2924.tmp
c:\users\Daniel\Documents\~WRL2944.tmp
c:\users\Daniel\Documents\~WRL2951.tmp
c:\users\Daniel\Documents\~WRL2956.tmp
c:\users\Daniel\Documents\~WRL2977.tmp
c:\users\Daniel\Documents\~WRL2997.tmp
c:\users\Daniel\Documents\~WRL3008.tmp
c:\users\Daniel\Documents\~WRL3011.tmp
c:\users\Daniel\Documents\~WRL3021.tmp
c:\users\Daniel\Documents\~WRL3039.tmp
c:\users\Daniel\Documents\~WRL3040.tmp
c:\users\Daniel\Documents\~WRL3059.tmp
c:\users\Daniel\Documents\~WRL3065.tmp
c:\users\Daniel\Documents\~WRL3066.tmp
c:\users\Daniel\Documents\~WRL3070.tmp
c:\users\Daniel\Documents\~WRL3080.tmp
c:\users\Daniel\Documents\~WRL3085.tmp
c:\users\Daniel\Documents\~WRL3114.tmp
c:\users\Daniel\Documents\~WRL3118.tmp
c:\users\Daniel\Documents\~WRL3143.tmp
c:\users\Daniel\Documents\~WRL3152.tmp
c:\users\Daniel\Documents\~WRL3153.tmp
c:\users\Daniel\Documents\~WRL3199.tmp
c:\users\Daniel\Documents\~WRL3206.tmp
c:\users\Daniel\Documents\~WRL3207.tmp
c:\users\Daniel\Documents\~WRL3211.tmp
c:\users\Daniel\Documents\~WRL3258.tmp
c:\users\Daniel\Documents\~WRL3278.tmp
c:\users\Daniel\Documents\~WRL3279.tmp
c:\users\Daniel\Documents\~WRL3281.tmp
c:\users\Daniel\Documents\~WRL3337.tmp
c:\users\Daniel\Documents\~WRL3340.tmp
c:\users\Daniel\Documents\~WRL3359.tmp
c:\users\Daniel\Documents\~WRL3365.tmp
c:\users\Daniel\Documents\~WRL3389.tmp
c:\users\Daniel\Documents\~WRL3390.tmp
c:\users\Daniel\Documents\~WRL3409.tmp
c:\users\Daniel\Documents\~WRL3453.tmp
c:\users\Daniel\Documents\~WRL3455.tmp
c:\users\Daniel\Documents\~WRL3459.tmp
c:\users\Daniel\Documents\~WRL3469.tmp
c:\users\Daniel\Documents\~WRL3481.tmp
c:\users\Daniel\Documents\~WRL3491.tmp
c:\users\Daniel\Documents\~WRL3509.tmp
c:\users\Daniel\Documents\~WRL3525.tmp
c:\users\Daniel\Documents\~WRL3527.tmp
c:\users\Daniel\Documents\~WRL3539.tmp
c:\users\Daniel\Documents\~WRL3555.tmp
c:\users\Daniel\Documents\~WRL3559.tmp
c:\users\Daniel\Documents\~WRL3562.tmp
c:\users\Daniel\Documents\~WRL3567.tmp
c:\users\Daniel\Documents\~WRL3588.tmp
c:\users\Daniel\Documents\~WRL3595.tmp
c:\users\Daniel\Documents\~WRL3627.tmp
c:\users\Daniel\Documents\~WRL3628.tmp
c:\users\Daniel\Documents\~WRL3631.tmp
c:\users\Daniel\Documents\~WRL3639.tmp
c:\users\Daniel\Documents\~WRL3644.tmp
c:\users\Daniel\Documents\~WRL3658.tmp
c:\users\Daniel\Documents\~WRL3684.tmp
c:\users\Daniel\Documents\~WRL3698.tmp
c:\users\Daniel\Documents\~WRL3709.tmp
c:\users\Daniel\Documents\~WRL3733.tmp
c:\users\Daniel\Documents\~WRL3758.tmp
c:\users\Daniel\Documents\~WRL3768.tmp
c:\users\Daniel\Documents\~WRL3771.tmp
c:\users\Daniel\Documents\~WRL3793.tmp
c:\users\Daniel\Documents\~WRL3818.tmp
c:\users\Daniel\Documents\~WRL3819.tmp
c:\users\Daniel\Documents\~WRL3825.tmp
c:\users\Daniel\Documents\~WRL3839.tmp
c:\users\Daniel\Documents\~WRL3867.tmp
c:\users\Daniel\Documents\~WRL3876.tmp
c:\users\Daniel\Documents\~WRL3909.tmp
c:\users\Daniel\Documents\~WRL3938.tmp
c:\users\Daniel\Documents\~WRL3946.tmp
c:\users\Daniel\Documents\~WRL3948.tmp
c:\users\Daniel\Documents\~WRL3957.tmp
c:\users\Daniel\Documents\~WRL3958.tmp
c:\users\Daniel\Documents\~WRL3971.tmp
c:\users\Daniel\Documents\~WRL4009.tmp
c:\users\Daniel\Documents\~WRL4010.tmp
c:\users\Daniel\Documents\~WRL4019.tmp
c:\users\Daniel\Documents\~WRL4022.tmp
c:\users\Daniel\Documents\~WRL4054.tmp
c:\users\Daniel\Documents\~WRL4058.tmp
c:\users\Daniel\Documents\~WRL4090.tmp
c:\users\Daniel\Documents\~WRL4091.tmp
c:\users\Public\t.c
c:\users\Public\t.exe
c:\users\Public\t.o
c:\users\Public\t.s
c:\windows\SysWow64\k_KBD0.dll
c:\windows\SysWow64\k_KBD1.dll
c:\windows\SysWow64\KBD1.dll
.
----- File Replicators -----
.
c:\program files (x86)\Git\libexec\git-core\git-add.exe
c:\program files (x86)\Git\libexec\git-core\git-annotate.exe
c:\program files (x86)\Git\libexec\git-core\git-apply.exe
c:\program files (x86)\Git\libexec\git-core\git-archive.exe
c:\program files (x86)\Git\libexec\git-core\git-bisect--helper.exe
c:\program files (x86)\Git\libexec\git-core\git-blame.exe
c:\program files (x86)\Git\libexec\git-core\git-branch.exe
c:\program files (x86)\Git\libexec\git-core\git-bundle.exe
c:\program files (x86)\Git\libexec\git-core\git-cat-file.exe
c:\program files (x86)\Git\libexec\git-core\git-check-attr.exe
c:\program files (x86)\Git\libexec\git-core\git-check-ref-format.exe
c:\program files (x86)\Git\libexec\git-core\git-checkout-index.exe
c:\program files (x86)\Git\libexec\git-core\git-checkout.exe
c:\program files (x86)\Git\libexec\git-core\git-cherry-pick.exe
c:\program files (x86)\Git\libexec\git-core\git-cherry.exe
c:\program files (x86)\Git\libexec\git-core\git-clean.exe
c:\program files (x86)\Git\libexec\git-core\git-clone.exe
c:\program files (x86)\Git\libexec\git-core\git-commit-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-commit.exe
c:\program files (x86)\Git\libexec\git-core\git-config.exe
c:\program files (x86)\Git\libexec\git-core\git-count-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-describe.exe
c:\program files (x86)\Git\libexec\git-core\git-diff-files.exe
c:\program files (x86)\Git\libexec\git-core\git-diff-index.exe
c:\program files (x86)\Git\libexec\git-core\git-diff-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-diff.exe
c:\program files (x86)\Git\libexec\git-core\git-fast-export.exe
c:\program files (x86)\Git\libexec\git-core\git-fetch-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-fetch.exe
c:\program files (x86)\Git\libexec\git-core\git-fmt-merge-msg.exe
c:\program files (x86)\Git\libexec\git-core\git-for-each-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-format-patch.exe
c:\program files (x86)\Git\libexec\git-core\git-fsck-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-fsck.exe
c:\program files (x86)\Git\libexec\git-core\git-gc.exe
c:\program files (x86)\Git\libexec\git-core\git-get-tar-commit-id.exe
c:\program files (x86)\Git\libexec\git-core\git-grep.exe
c:\program files (x86)\Git\libexec\git-core\git-hash-object.exe
c:\program files (x86)\Git\libexec\git-core\git-help.exe
c:\program files (x86)\Git\libexec\git-core\git-index-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-init-db.exe
c:\program files (x86)\Git\libexec\git-core\git-init.exe
c:\program files (x86)\Git\libexec\git-core\git-log.exe
c:\program files (x86)\Git\libexec\git-core\git-ls-files.exe
c:\program files (x86)\Git\libexec\git-core\git-ls-remote.exe
c:\program files (x86)\Git\libexec\git-core\git-ls-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-mailinfo.exe
c:\program files (x86)\Git\libexec\git-core\git-mailsplit.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-base.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-file.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-index.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-ours.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-recursive.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-subtree.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-merge.exe
c:\program files (x86)\Git\libexec\git-core\git-mktag.exe
c:\program files (x86)\Git\libexec\git-core\git-mktree.exe
c:\program files (x86)\Git\libexec\git-core\git-mv.exe
c:\program files (x86)\Git\libexec\git-core\git-name-rev.exe
c:\program files (x86)\Git\libexec\git-core\git-notes.exe
c:\program files (x86)\Git\libexec\git-core\git-pack-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-pack-redundant.exe
c:\program files (x86)\Git\libexec\git-core\git-pack-refs.exe
c:\program files (x86)\Git\libexec\git-core\git-patch-id.exe
c:\program files (x86)\Git\libexec\git-core\git-peek-remote.exe
c:\program files (x86)\Git\libexec\git-core\git-prune-packed.exe
c:\program files (x86)\Git\libexec\git-core\git-prune.exe
c:\program files (x86)\Git\libexec\git-core\git-push.exe
c:\program files (x86)\Git\libexec\git-core\git-read-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-receive-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-reflog.exe
c:\program files (x86)\Git\libexec\git-core\git-remote-ext.exe
c:\program files (x86)\Git\libexec\git-core\git-remote-fd.exe
c:\program files (x86)\Git\libexec\git-core\git-remote.exe
c:\program files (x86)\Git\libexec\git-core\git-replace.exe
c:\program files (x86)\Git\libexec\git-core\git-repo-config.exe
c:\program files (x86)\Git\libexec\git-core\git-rerere.exe
c:\program files (x86)\Git\libexec\git-core\git-reset.exe
c:\program files (x86)\Git\libexec\git-core\git-rev-list.exe
c:\program files (x86)\Git\libexec\git-core\git-rev-parse.exe
c:\program files (x86)\Git\libexec\git-core\git-revert.exe
c:\program files (x86)\Git\libexec\git-core\git-rm.exe
c:\program files (x86)\Git\libexec\git-core\git-send-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-shortlog.exe
c:\program files (x86)\Git\libexec\git-core\git-show-branch.exe
c:\program files (x86)\Git\libexec\git-core\git-show-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-show.exe
c:\program files (x86)\Git\libexec\git-core\git-stage.exe
c:\program files (x86)\Git\libexec\git-core\git-status.exe
c:\program files (x86)\Git\libexec\git-core\git-stripspace.exe
c:\program files (x86)\Git\libexec\git-core\git-symbolic-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-tag.exe
c:\program files (x86)\Git\libexec\git-core\git-tar-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-unpack-file.exe
c:\program files (x86)\Git\libexec\git-core\git-unpack-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-update-index.exe
c:\program files (x86)\Git\libexec\git-core\git-update-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-update-server-info.exe
c:\program files (x86)\Git\libexec\git-core\git-upload-archive.exe
c:\program files (x86)\Git\libexec\git-core\git-var.exe
c:\program files (x86)\Git\libexec\git-core\git-verify-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-verify-tag.exe
c:\program files (x86)\Git\libexec\git-core\git-whatchanged.exe
c:\program files (x86)\Git\libexec\git-core\git-write-tree.exe
c:\programdata\Adobe\Reader\9.4\ARM\Daniel\14105\AcrobatUpdater.exe
c:\programdata\Adobe\Reader\9.4\ARM\Daniel\14105\AdobeARMHelper.exe
c:\programdata\Adobe\Reader\9.4\ARM\Daniel\14105\ReaderUpdater.exe
c:\programdata\Adobe\Reader\9.4\ARM\Daniel\25741\AcrobatUpdater.exe
c:\programdata\Adobe\Reader\9.4\ARM\Daniel\25741\AdobeARMHelper.exe
c:\programdata\Adobe\Reader\9.4\ARM\Daniel\25741\ReaderUpdater.exe
c:\programdata\Adobe\Reader\9.4\ARM\Daniel\26816\AcrobatUpdater.exe
c:\programdata\Adobe\Reader\9.4\ARM\Daniel\26816\AdobeARMHelper.exe
c:\programdata\Adobe\Reader\9.4\ARM\Daniel\26816\ReaderUpdater.exe
c:\programdata\Adobe\Reader\9.4\ARM\Daniel\4643\AcrobatUpdater.exe
c:\programdata\Adobe\Reader\9.4\ARM\Daniel\4643\AdobeARMHelper.exe
c:\programdata\Adobe\Reader\9.4\ARM\Daniel\4643\ReaderUpdater.exe
c:\programdata\Adobe\Reader\9.4\ARM\dell\12843\AcrobatUpdater.exe
c:\programdata\Adobe\Reader\9.4\ARM\dell\12843\AdobeARMHelper.exe
c:\programdata\Adobe\Reader\9.4\ARM\dell\12843\ReaderUpdater.exe
c:\programdata\Adobe\Reader\9.4\ARM\dell\202\AcrobatUpdater.exe
c:\programdata\Adobe\Reader\9.4\ARM\dell\202\AdobeARMHelper.exe
c:\programdata\Adobe\Reader\9.4\ARM\dell\202\ReaderUpdater.exe
c:\programdata\Adobe\Reader\9.4\ARM\dell\20708\AcrobatUpdater.exe
c:\programdata\Adobe\Reader\9.4\ARM\dell\20708\AdobeARMHelper.exe
c:\programdata\Adobe\Reader\9.4\ARM\dell\20708\ReaderUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\Daniel\14105\AcrobatUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\Daniel\14105\AdobeARMHelper.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\Daniel\14105\ReaderUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\Daniel\25741\AcrobatUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\Daniel\25741\AdobeARMHelper.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\Daniel\25741\ReaderUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\Daniel\26816\AcrobatUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\Daniel\26816\AdobeARMHelper.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\Daniel\26816\ReaderUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\Daniel\4643\AcrobatUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\Daniel\4643\AdobeARMHelper.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\Daniel\4643\ReaderUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\dell\12843\AcrobatUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\dell\12843\AdobeARMHelper.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\dell\12843\ReaderUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\dell\202\AcrobatUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\dell\202\AdobeARMHelper.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\dell\202\ReaderUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\dell\20708\AcrobatUpdater.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\dell\20708\AdobeARMHelper.exe
c:\users\All Users\Adobe\Reader\9.4\ARM\dell\20708\ReaderUpdater.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-02-11 to 2012-03-11 )))))))))))))))))))))))))))))))
.
.
2012-03-11 22:34 . 2012-03-11 22:34 -------- d-----w- c:\users\work\AppData\Local\temp
2012-03-11 21:53 . 2012-03-11 21:53 -------- d-----w- C:\_OTL
2012-03-11 20:24 . 2012-03-11 20:54 -------- d-----w- c:\programdata\HitmanPro
2012-03-11 19:22 . 2012-02-09 17:17 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F27B7C9D-7BF4-4E79-B221-73E831E688F4}\gapaengine.dll
2012-03-11 19:21 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A6362543-3BC4-470D-8772-36889ADAFCA9}\mpengine.dll
2012-03-11 19:21 . 2012-03-11 19:21 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-03-11 19:18 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2012-03-11 19:17 . 2012-03-11 19:21 -------- d-----w- c:\program files\Microsoft Security Client
2012-03-11 16:05 . 2012-03-11 18:55 -------- d-----w- c:\users\dell\AppData\Roaming\SSH
2012-03-10 17:52 . 2012-03-10 17:52 -------- d-----w- c:\users\dell\AppData\Roaming\LolClient
2012-03-10 02:33 . 2012-03-10 15:27 -------- d-----w- C:\League Of Legends
2012-03-10 02:32 . 2012-03-10 15:52 -------- d-----w- c:\users\dell\AppData\Local\PMB Files
2012-03-10 01:44 . 2012-03-10 01:44 -------- d-----w- c:\windows\Sun
2012-03-09 17:13 . 2012-03-09 17:16 -------- d-----w- c:\users\dell\AppData\Roaming\BitTorrent
2012-03-09 17:10 . 2012-03-09 17:10 -------- d-----w- c:\users\dell\AppData\Roaming\Media Player Classic
2012-03-09 16:29 . 2012-03-09 16:29 -------- d-----w- c:\users\dell\AppData\Roaming\Malwarebytes
2012-02-27 23:43 . 2012-02-27 23:43 -------- d-----w- c:\users\Daniel\AppData\Roaming\Malwarebytes
2012-02-27 23:40 . 2012-02-27 23:40 -------- d-----w- c:\programdata\Malwarebytes
2012-02-27 23:40 . 2012-02-27 23:40 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-27 23:40 . 2011-12-10 20:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-27 01:07 . 2012-02-27 01:07 -------- d-----w- c:\program files (x86)\Media Player Classic - Home Cinema
2012-02-26 18:47 . 2012-02-26 18:47 -------- d-----w- c:\users\Daniel\048298C9A4D3490B9FF9AB023A9238F3.TMP
2012-02-15 15:01 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-15 15:01 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-02-15 15:01 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-02-15 15:01 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2012-02-15 15:01 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 15:01 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-12 15:03 . 2012-02-12 15:08 -------- d-----w- c:\users\Daniel\AppData\Roaming\X-Chat 2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-08 07:13 . 2010-11-12 23:51 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-01-31 12:44 . 2010-06-29 12:01 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\dell\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-09-03 137536]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-09-02 13351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-19 494064]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-08-10 421888]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Adobe Photo Downloader"="c:\program files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-12-22 67752]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-31 460872]
.
c:\users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
c:\users\work\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
c:\users\dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
Monitor Apache Servers.lnk - c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2010-10-18 41051]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-23 1436424]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 Apache2.2;Apache2.2;c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [2010-10-18 20549]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-31 652360]
S2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;c:\program files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
S2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-10 86016]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.exe [2010-03-04 658656]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1181968351-368210708-1878507678-1000Core.job
- c:\users\dell\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-03 01:57]
.
2012-03-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1181968351-368210708-1878507678-1000UA.job
- c:\users\dell\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-03 01:57]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-01-23 305664]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-30 365080]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-07-02 3180624]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath - c:\users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\x4vq1cdb.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
Wow6432Node-HKCU-Run-ooVoo.exe - c:\program files (x86)\ooVoo\oovoo.exe
Wow6432Node-HKU-Default-Run-Update - c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Microsoft\klzgc.dll
Wow6432Node-HKU-Default-Run-dplaysvr - c:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Final Fantasy VII - c:\program files (x86)\Square Soft
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files (x86)\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files (x86)\MySQL\MySQL Server 5.1\my.ini\" MySQL"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\MySQL\MySQL Server 5.1\bin\mysqld.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
.
**************************************************************************
.
Completion time: 2012-03-11 19:02:49 - machine was rebooted
ComboFix-quarantined-files.txt 2012-03-11 23:02
.
Pre-Run: 14,823,292,928 bytes free
Post-Run: 34,656,546,816 bytes free
.
- - End Of File - - A27BD418305FF8169ED6D8E77E090098
TDSS:
19:08:03.0155 5100 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
19:08:03.0405 5100 ============================================================
19:08:03.0405 5100 Current date / time: 2012/03/11 19:08:03.0405
19:08:03.0405 5100 SystemInfo:
19:08:03.0405 5100
19:08:03.0405 5100 OS Version: 6.1.7601 ServicePack: 1.0
19:08:03.0405 5100 Product type: Workstation
19:08:03.0406 5100 ComputerName: DELL-LAPTOP
19:08:03.0406 5100 UserName: dell
19:08:03.0406 5100 Windows directory: C:\Windows
19:08:03.0406 5100 System windows directory: C:\Windows
19:08:03.0406 5100 Running under WOW64
19:08:03.0406 5100 Processor architecture: Intel x64
19:08:03.0406 5100 Number of processors: 2
19:08:03.0406 5100 Page size: 0x1000
19:08:03.0406 5100 Boot type: Normal boot
19:08:03.0406 5100 ============================================================
19:08:04.0796 5100 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:08:04.0806 5100 \Device\Harddisk0\DR0:
19:08:04.0806 5100 MBR used
19:08:04.0806 5100 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x95800, BlocksNum 0x25C0000
19:08:04.0806 5100 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2655800, BlocksNum 0x37D30030
19:08:04.0843 5100 Initialize success
19:08:04.0844 5100 ============================================================
19:08:20.0898 2580 ============================================================
19:08:20.0898 2580 Scan started
19:08:20.0898 2580 Mode: Manual; SigCheck; TDLFS;
19:08:20.0898 2580 ============================================================
19:08:22.0026 2580 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:08:22.0205 2580 1394ohci - ok
19:08:22.0365 2580 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:08:22.0417 2580 ACPI - ok
19:08:22.0537 2580 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:08:22.0621 2580 AcpiPmi - ok
19:08:22.0822 2580 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:08:22.0866 2580 adp94xx - ok
19:08:23.0002 2580 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:08:23.0041 2580 adpahci - ok
19:08:23.0170 2580 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:08:23.0201 2580 adpu320 - ok
19:08:23.0453 2580 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:08:23.0548 2580 AFD - ok
19:08:23.0672 2580 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:08:23.0704 2580 agp440 - ok
19:08:23.0835 2580 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:08:23.0863 2580 aliide - ok
19:08:23.0971 2580 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:08:23.0999 2580 amdide - ok
19:08:24.0104 2580 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:08:24.0208 2580 AmdK8 - ok
19:08:24.0304 2580 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:08:24.0426 2580 AmdPPM - ok
19:08:24.0563 2580 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:08:24.0597 2580 amdsata - ok
19:08:24.0700 2580 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:08:24.0736 2580 amdsbs - ok
19:08:24.0848 2580 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:08:24.0875 2580 amdxata - ok
19:08:25.0032 2580 ApfiltrService (1412e9a88fe1f7e35ce6058a2ef03664) C:\Windows\system32\DRIVERS\Apfiltr.sys
19:08:25.0099 2580 ApfiltrService - ok
19:08:25.0261 2580 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:08:25.0478 2580 AppID - ok
19:08:25.0678 2580 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:08:25.0710 2580 arc - ok
19:08:25.0824 2580 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:08:25.0856 2580 arcsas - ok
19:08:25.0990 2580 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:08:26.0149 2580 AsyncMac - ok
19:08:26.0270 2580 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:08:26.0301 2580 atapi - ok
19:08:26.0454 2580 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:08:26.0567 2580 b06bdrv - ok
19:08:26.0683 2580 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:08:26.0760 2580 b57nd60a - ok
19:08:26.0906 2580 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
19:08:26.0933 2580 BCM42RLY - ok
19:08:27.0154 2580 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
19:08:27.0239 2580 BCM43XX - ok
19:08:27.0444 2580 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:08:27.0549 2580 Beep - ok
19:08:27.0722 2580 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:08:27.0782 2580 blbdrive - ok
19:08:28.0036 2580 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:08:28.0100 2580 bowser - ok
19:08:28.0194 2580 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:08:28.0280 2580 BrFiltLo - ok
19:08:28.0373 2580 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:08:28.0408 2580 BrFiltUp - ok
19:08:28.0550 2580 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
19:08:28.0702 2580 BridgeMP - ok
19:08:28.0810 2580 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:08:28.0903 2580 Brserid - ok
19:08:28.0998 2580 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:08:29.0048 2580 BrSerWdm - ok
19:08:29.0197 2580 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:08:29.0271 2580 BrUsbMdm - ok
19:08:29.0433 2580 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:08:29.0473 2580 BrUsbSer - ok
19:08:29.0601 2580 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:08:29.0667 2580 BTHMODEM - ok
19:08:29.0710 2580 catchme - ok
19:08:29.0804 2580 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:08:29.0896 2580 cdfs - ok
19:08:30.0037 2580 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:08:30.0098 2580 cdrom - ok
19:08:30.0251 2580 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:08:30.0321 2580 circlass - ok
19:08:30.0430 2580 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:08:30.0465 2580 CLFS - ok
19:08:30.0619 2580 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:08:30.0661 2580 CmBatt - ok
19:08:30.0784 2580 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:08:30.0813 2580 cmdide - ok
19:08:30.0999 2580 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:08:31.0060 2580 CNG - ok
19:08:31.0192 2580 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:08:31.0234 2580 Compbatt - ok
19:08:31.0458 2580 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:08:31.0529 2580 CompositeBus - ok
19:08:31.0729 2580 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:08:31.0754 2580 crcdisk - ok
19:08:31.0911 2580 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:08:31.0990 2580 CtClsFlt - ok
19:08:32.0188 2580 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:08:32.0261 2580 DfsC - ok
19:08:32.0398 2580 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:08:32.0466 2580 discache - ok
19:08:32.0633 2580 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:08:32.0669 2580 Disk - ok
19:08:32.0834 2580 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:08:32.0887 2580 drmkaud - ok
19:08:33.0066 2580 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:08:33.0118 2580 DXGKrnl - ok
19:08:33.0285 2580 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:08:33.0447 2580 ebdrv - ok
19:08:33.0597 2580 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:08:33.0641 2580 elxstor - ok
19:08:33.0777 2580 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:08:33.0855 2580 ErrDev - ok
19:08:34.0015 2580 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:08:34.0084 2580 exfat - ok
19:08:34.0172 2580 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:08:34.0235 2580 fastfat - ok
19:08:34.0336 2580 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:08:34.0380 2580 fdc - ok
19:08:34.0481 2580 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:08:34.0518 2580 FileInfo - ok
19:08:34.0610 2580 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:08:34.0697 2580 Filetrace - ok
19:08:34.0836 2580 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:08:34.0865 2580 flpydisk - ok
19:08:34.0990 2580 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:08:35.0039 2580 FltMgr - ok
19:08:35.0144 2580 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:08:35.0172 2580 FsDepends - ok
19:08:35.0305 2580 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:08:35.0338 2580 Fs_Rec - ok
19:08:35.0549 2580 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:08:35.0598 2580 fvevol - ok
19:08:35.0726 2580 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:08:35.0759 2580 gagp30kx - ok
19:08:35.0880 2580 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:08:35.0907 2580 GEARAspiWDM - ok
19:08:36.0015 2580 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:08:36.0078 2580 hcw85cir - ok
19:08:36.0196 2580 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:08:36.0254 2580 HDAudBus - ok
19:08:36.0360 2580 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:08:36.0417 2580 HidBatt - ok
19:08:36.0572 2580 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:08:36.0638 2580 HidBth - ok
19:08:36.0728 2580 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:08:36.0783 2580 HidIr - ok
19:08:36.0960 2580 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:08:37.0023 2580 HidUsb - ok
19:08:37.0209 2580 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:08:37.0236 2580 HpSAMD - ok
19:08:37.0378 2580 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:08:37.0479 2580 HTTP - ok
19:08:37.0674 2580 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:08:37.0704 2580 hwpolicy - ok
19:08:37.0890 2580 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:08:37.0914 2580 i8042prt - ok
19:08:38.0064 2580 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
19:08:38.0096 2580 iaStor - ok
19:08:38.0344 2580 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:08:38.0387 2580 iaStorV - ok
19:08:38.0979 2580 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:08:39.0382 2580 igfx - ok
19:08:39.0536 2580 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:08:39.0566 2580 iirsp - ok
19:08:39.0674 2580 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:08:39.0704 2580 intelide - ok
19:08:39.0863 2580 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:08:39.0920 2580 intelppm - ok
19:08:40.0064 2580 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:08:40.0135 2580 IpFilterDriver - ok
19:08:40.0231 2580 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:08:40.0289 2580 IPMIDRV - ok
19:08:40.0384 2580 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:08:40.0497 2580 IPNAT - ok
19:08:40.0631 2580 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:08:40.0742 2580 IRENUM - ok
19:08:40.0870 2580 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:08:40.0896 2580 isapnp - ok
19:08:41.0277 2580 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:08:41.0363 2580 iScsiPrt - ok
19:08:41.0606 2580 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:08:41.0642 2580 kbdclass - ok
19:08:41.0794 2580 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:08:41.0839 2580 kbdhid - ok
19:08:41.0950 2580 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:08:41.0979 2580 KSecDD - ok
19:08:42.0126 2580 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:08:42.0155 2580 KSecPkg - ok
19:08:42.0284 2580 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:08:42.0360 2580 ksthunk - ok
19:08:42.0603 2580 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:08:42.0708 2580 lltdio - ok
19:08:42.0841 2580 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:08:42.0866 2580 LSI_FC - ok
19:08:42.0976 2580 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:08:43.0001 2580 LSI_SAS - ok
19:08:43.0112 2580 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:08:43.0133 2580 LSI_SAS2 - ok
19:08:43.0280 2580 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:08:43.0320 2580 LSI_SCSI - ok
19:08:43.0436 2580 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:08:43.0527 2580 luafv - ok
19:08:43.0641 2580 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
19:08:43.0666 2580 MBAMProtector - ok
19:08:43.0927 2580 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
19:08:43.0986 2580 mcdbus - ok
19:08:44.0091 2580 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:08:44.0116 2580 megasas - ok
19:08:44.0441 2580 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:08:44.0492 2580 MegaSR - ok
19:08:44.0806 2580 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:08:44.0943 2580 Modem - ok
19:08:45.0393 2580 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:08:45.0563 2580 monitor - ok
19:08:45.0860 2580 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:08:45.0896 2580 mouclass - ok
19:08:46.0137 2580 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:08:46.0181 2580 mouhid - ok
19:08:46.0471 2580 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:08:46.0503 2580 mountmgr - ok
19:08:46.0919 2580 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\Windows\system32\DRIVERS\MpFilter.sys
19:08:46.0958 2580 MpFilter - ok
19:08:47.0273 2580 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:08:47.0309 2580 mpio - ok
19:08:47.0880 2580 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\Windows\system32\DRIVERS\MpNWMon.sys
19:08:47.0913 2580 MpNWMon - ok
19:08:48.0202 2580 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:08:48.0287 2580 mpsdrv - ok
19:08:48.0402 2580 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:08:48.0503 2580 MRxDAV - ok
19:08:48.0623 2580 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:08:48.0690 2580 mrxsmb - ok
19:08:48.0871 2580 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:08:48.0948 2580 mrxsmb10 - ok
19:08:49.0060 2580 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:08:49.0092 2580 mrxsmb20 - ok
19:08:49.0177 2580 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:08:49.0200 2580 msahci - ok
19:08:49.0308 2580 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:08:49.0332 2580 msdsm - ok
19:08:49.0448 2580 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:08:49.0502 2580 Msfs - ok
19:08:49.0606 2580 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:08:49.0693 2580 mshidkmdf - ok
19:08:49.0849 2580 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:08:49.0867 2580 msisadrv - ok
19:08:49.0992 2580 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:08:50.0067 2580 MSKSSRV - ok
19:08:50.0217 2580 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:08:50.0289 2580 MSPCLOCK - ok
19:08:50.0386 2580 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:08:50.0486 2580 MSPQM - ok
19:08:50.0596 2580 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:08:50.0644 2580 MsRPC - ok
19:08:50.0737 2580 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:08:50.0766 2580 mssmbios - ok
19:08:50.0917 2580 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:08:50.0978 2580 MSTEE - ok
19:08:51.0060 2580 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:08:51.0130 2580 MTConfig - ok
19:08:51.0236 2580 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:08:51.0269 2580 Mup - ok
19:08:51.0429 2580 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:08:51.0485 2580 NativeWifiP - ok
19:08:51.0613 2580 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:08:51.0667 2580 NDIS - ok
19:08:51.0772 2580 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:08:51.0853 2580 NdisCap - ok
19:08:51.0948 2580 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:08:52.0031 2580 NdisTapi - ok
19:08:52.0154 2580 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:08:52.0240 2580 Ndisuio - ok
19:08:52.0373 2580 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:08:52.0456 2580 NdisWan - ok
19:08:52.0605 2580 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:08:52.0685 2580 NDProxy - ok
19:08:52.0803 2580 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:08:52.0883 2580 NetBIOS - ok
19:08:52.0989 2580 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:08:53.0100 2580 NetBT - ok
19:08:53.0304 2580 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:08:53.0336 2580 nfrd960 - ok
19:08:53.0495 2580 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:08:53.0523 2580 NisDrv - ok
19:08:53.0644 2580 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:08:53.0703 2580 Npfs - ok
19:08:53.0818 2580 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:08:53.0904 2580 nsiproxy - ok
19:08:54.0092 2580 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:08:54.0167 2580 Ntfs - ok
19:08:54.0338 2580 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:08:54.0436 2580 Null - ok
19:08:54.0545 2580 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:08:54.0588 2580 nvraid - ok
19:08:54.0615 2580 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:08:54.0642 2580 nvstor - ok
19:08:54.0747 2580 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:08:54.0787 2580 nv_agp - ok
19:08:54.0825 2580 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:08:54.0886 2580 ohci1394 - ok
19:08:54.0991 2580 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:08:55.0027 2580 Parport - ok
19:08:55.0131 2580 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:08:55.0166 2580 partmgr - ok
19:08:55.0277 2580 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:08:55.0320 2580 pci - ok
19:08:55.0423 2580 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:08:55.0453 2580 pciide - ok
19:08:55.0497 2580 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:08:55.0535 2580 pcmcia - ok
19:08:55.0638 2580 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:08:55.0672 2580 pcw - ok
19:08:55.0845 2580 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:08:55.0937 2580 PEAUTH - ok
19:08:56.0111 2580 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:08:56.0170 2580 PptpMiniport - ok
19:08:56.0252 2580 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:08:56.0305 2580 Processor - ok
19:08:56.0428 2580 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:08:56.0504 2580 Psched - ok
19:08:56.0591 2580 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:08:56.0621 2580 PxHlpa64 - ok
19:08:56.0693 2580 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:08:56.0778 2580 ql2300 - ok
19:08:56.0972 2580 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:08:57.0002 2580 ql40xx - ok
19:08:57.0102 2580 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:08:57.0170 2580 QWAVEdrv - ok
19:08:57.0260 2580 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:08:57.0336 2580 RasAcd - ok
19:08:57.0454 2580 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:08:57.0522 2580 RasAgileVpn - ok
19:08:57.0692 2580 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:08:57.0804 2580 Rasl2tp - ok
19:08:57.0926 2580 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:08:57.0989 2580 RasPppoe - ok
19:08:58.0091 2580 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:08:58.0166 2580 RasSstp - ok
19:08:58.0269 2580 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:08:58.0349 2580 rdbss - ok
19:08:58.0449 2580 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:08:58.0530 2580 rdpbus - ok
19:08:58.0670 2580 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:08:58.0789 2580 RDPCDD - ok
19:08:58.0919 2580 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:08:58.0999 2580 RDPENCDD - ok
19:08:59.0095 2580 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:08:59.0152 2580 RDPREFMP - ok
19:08:59.0248 2580 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:08:59.0311 2580 RDPWD - ok
19:08:59.0456 2580 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:08:59.0494 2580 rdyboost - ok
19:08:59.0696 2580 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:08:59.0848 2580 rspndr - ok
19:08:59.0959 2580 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
19:09:00.0049 2580 RSUSBSTOR - ok
19:09:00.0141 2580 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:09:00.0177 2580 sbp2port - ok
19:09:00.0229 2580 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:09:00.0310 2580 scfilter - ok
19:09:00.0447 2580 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:09:00.0525 2580 secdrv - ok
19:09:00.0677 2580 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:09:00.0709 2580 Serenum - ok
19:09:00.0834 2580 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:09:00.0857 2580 Serial - ok
19:09:00.0963 2580 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:09:01.0018 2580 sermouse - ok
19:09:01.0140 2580 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:09:01.0200 2580 sffdisk - ok
19:09:01.0284 2580 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:09:01.0332 2580 sffp_mmc - ok
19:09:01.0453 2580 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:09:01.0502 2580 sffp_sd - ok
19:09:01.0623 2580 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:09:01.0671 2580 sfloppy - ok
19:09:01.0802 2580 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:09:01.0831 2580 SiSRaid2 - ok
19:09:01.0958 2580 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:09:01.0985 2580 SiSRaid4 - ok
19:09:02.0126 2580 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:09:02.0242 2580 Smb - ok
19:09:02.0383 2580 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:09:02.0408 2580 spldr - ok
19:09:02.0603 2580 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:09:02.0731 2580 srv - ok
19:09:02.0835 2580 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:09:02.0884 2580 srv2 - ok
19:09:02.0980 2580 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:09:03.0078 2580 srvnet - ok
19:09:03.0260 2580 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:09:03.0291 2580 stexstor - ok
19:09:03.0446 2580 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
19:09:03.0713 2580 STHDA - ok
19:09:03.0827 2580 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:09:03.0856 2580 swenum - ok
19:09:04.0032 2580 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:09:04.0112 2580 Tcpip - ok
19:09:04.0261 2580 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:09:04.0336 2580 TCPIP6 - ok
19:09:04.0442 2580 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:09:04.0521 2580 tcpipreg - ok
19:09:04.0626 2580 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:09:04.0685 2580 TDPIPE - ok
19:09:04.0782 2580 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:09:04.0855 2580 TDTCP - ok
19:09:04.0999 2580 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:09:05.0052 2580 tdx - ok
19:09:05.0202 2580 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:09:05.0231 2580 TermDD - ok
19:09:05.0363 2580 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:09:05.0439 2580 tssecsrv - ok
19:09:05.0582 2580 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:09:05.0672 2580 TsUsbFlt - ok
19:09:05.0786 2580 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:09:05.0856 2580 tunnel - ok
19:09:06.0038 2580 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:09:06.0091 2580 uagp35 - ok
19:09:06.0202 2580 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:09:06.0280 2580 udfs - ok
19:09:06.0412 2580 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:09:06.0442 2580 uliagpkx - ok
19:09:06.0571 2580 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:09:06.0601 2580 umbus - ok
19:09:06.0700 2580 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:09:06.0741 2580 UmPass - ok
19:09:06.0861 2580 USBAAPL64 (5cf1ead086176dd3348e920a40bed03d) C:\Windows\system32\Drivers\usbaapl64.sys
19:09:06.0898 2580 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
19:09:06.0899 2580 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
19:09:06.0992 2580 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:09:07.0036 2580 usbccgp - ok
19:09:07.0136 2580 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:09:07.0201 2580 usbcir - ok
19:09:07.0287 2580 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:09:07.0346 2580 usbehci - ok
19:09:07.0487 2580 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:09:07.0545 2580 usbhub - ok
19:09:07.0718 2580 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:09:07.0748 2580 usbohci - ok
19:09:07.0852 2580 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:09:07.0909 2580 usbprint - ok
19:09:08.0004 2580 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:09:08.0082 2580 USBSTOR - ok
19:09:08.0194 2580 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
19:09:08.0233 2580 usbuhci - ok
19:09:08.0347 2580 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
19:09:08.0389 2580 usbvideo - ok
19:09:08.0534 2580 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:09:08.0566 2580 vdrvroot - ok
19:09:08.0700 2580 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:09:08.0730 2580 vga - ok
19:09:08.0830 2580 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:09:08.0899 2580 VgaSave - ok
19:09:08.0999 2580 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:09:09.0030 2580 vhdmp - ok
19:09:09.0165 2580 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:09:09.0184 2580 viaide - ok
19:09:09.0362 2580 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:09:09.0393 2580 volmgr - ok
19:09:09.0543 2580 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:09:09.0585 2580 volmgrx - ok
19:09:09.0697 2580 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:09:09.0744 2580 volsnap - ok
19:09:09.0838 2580 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:09:09.0862 2580 vsmraid - ok
19:09:09.0951 2580 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:09:10.0008 2580 vwifibus - ok
19:09:10.0101 2580 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:09:10.0151 2580 vwififlt - ok
19:09:10.0271 2580 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:09:10.0306 2580 vwifimp - ok
19:09:10.0416 2580 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:09:10.0486 2580 WacomPen - ok
19:09:10.0607 2580 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:09:10.0696 2580 WANARP - ok
19:09:10.0741 2580 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:09:10.0800 2580 Wanarpv6 - ok
19:09:10.0983 2580 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:09:11.0012 2580 Wd - ok
19:09:11.0150 2580 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:09:11.0198 2580 Wdf01000 - ok
19:09:11.0331 2580 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:09:11.0391 2580 WfpLwf - ok
19:09:11.0490 2580 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
19:09:11.0529 2580 WimFltr - ok
19:09:11.0628 2580 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:09:11.0661 2580 WIMMount - ok
19:09:11.0875 2580 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:09:11.0933 2580 WinUsb - ok
19:09:12.0094 2580 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:09:12.0121 2580 WmiAcpi - ok
19:09:12.0290 2580 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:09:12.0351 2580 ws2ifsl - ok
19:09:12.0458 2580 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:09:12.0536 2580 WudfPf - ok
19:09:12.0651 2580 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:09:12.0740 2580 WUDFRd - ok
19:09:12.0877 2580 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
19:09:12.0957 2580 yukonw7 - ok
19:09:12.0997 2580 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
19:09:13.0624 2580 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:09:13.0624 2580 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:09:13.0646 2580 Boot (0x1200) (9025f5f50a56850b1f101cd31fc80309) \Device\Harddisk0\DR0\Partition0
19:09:13.0647 2580 \Device\Harddisk0\DR0\Partition0 - ok
19:09:13.0681 2580 Boot (0x1200) (45e1dc5f68aa56a619c7427965da6aac) \Device\Harddisk0\DR0\Partition1
19:09:13.0682 2580 \Device\Harddisk0\DR0\Partition1 - ok
19:09:13.0683 2580 ============================================================
19:09:13.0683 2580 Scan finished
19:09:13.0683 2580 ============================================================
19:09:13.0702 0784 Detected object count: 2
19:09:13.0702 0784 Actual detected object count: 2
19:09:28.0705 0784 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
19:09:28.0706 0784 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:09:29.0096 0784 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
19:09:29.0189 0784 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
19:09:29.0226 0784 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
19:09:29.0249 0784 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
19:09:29.0358 0784 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
19:09:31.0857 0784 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
19:09:31.0894 0784 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
19:09:31.0898 0784 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
19:09:31.0902 0784 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
19:09:31.0910 0784 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
19:09:31.0967 0784 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
19:09:31.0998 0784 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
19:09:32.0003 0784 \Device\Harddisk0\DR0\TDLFS - deleted
19:09:32.0003 0784 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
The redirect is NOT solved, it randomly moved me to happili.com
Edited by dzk87, 11 March 2012 - 07:08 PM.