Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I think I might have a virus


  • Please log in to reply

#1
hsnyder95

hsnyder95

    Member

  • Member
  • PipPip
  • 36 posts
Okay so I was having these problems with my computer where it got so glitchy and i had to do a system restore and it failed and wouldn't boot. I resolved it on different forum on this site detail on that just follow the link here, but now the computer still slow and a bit glitchy and I want to know if the current and previous problems were because of a virus.
  • 0

Advertisements


#2
hsnyder95

hsnyder95

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
OK here is the OTL report.

OTL logfile created on: 4/14/2012 4:26:36 PM - Run 4
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Hunter\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.53 Mb Total Physical Memory | 214.38 Mb Available Physical Memory | 41.91% Memory free
1.22 Gb Paging File | 0.76 Gb Available in Paging File | 62.78% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 40.21 Gb Free Space | 71.94% Space Free | Partition Type: NTFS
Drive D: | 74.52 Gb Total Space | 74.27 Gb Free Space | 99.67% Space Free | Partition Type: NTFS

Computer Name: VALUED-B8142DE8 | User Name: Hunter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/14 14:49:49 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hunter\Desktop\OTL.exe
PRC - [2012/04/14 13:56:25 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
PRC - [2012/04/12 00:37:36 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/12/14 13:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2011/12/13 17:42:08 | 000,922,976 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2011/11/17 18:03:50 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/05/26 17:11:32 | 000,167,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\giga pocket\GPVSvr.exe
PRC - [2002/11/13 18:21:12 | 000,376,898 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
PRC - [2002/11/06 11:42:26 | 000,585,728 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
PRC - [2002/10/30 18:40:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\htpatch.exe
PRC - [2002/10/30 10:43:30 | 000,462,848 | ---- | M] () -- C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
PRC - [2002/07/18 22:27:26 | 000,045,056 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/12 00:37:34 | 000,444,400 | ---- | M] () -- C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\ppgooglenaclpluginchrome.dll
MOD - [2012/04/12 00:37:33 | 003,915,248 | ---- | M] () -- C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\pdf.dll
MOD - [2012/04/12 00:36:08 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\avutil-51.dll
MOD - [2012/04/12 00:36:06 | 000,220,672 | ---- | M] () -- C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\avformat-53.dll
MOD - [2012/04/12 00:36:05 | 001,747,456 | ---- | M] () -- C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll
MOD - [2007/04/02 05:49:20 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2002/10/30 18:40:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\htpatch.exe
MOD - [2002/10/30 10:43:30 | 000,462,848 | ---- | M] () -- C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2011/12/14 13:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011/11/17 18:03:50 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2004/05/26 17:11:32 | 000,167,936 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\giga pocket\GPVSvr.exe -- (VAIOMediaPlatform-VideoServer-AppServer) VAIO Media Video Server (Application)
SRV - [2002/11/13 18:21:12 | 000,376,898 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe -- (VAIOMediaPlatform-MusicServer-AppServer) VAIO Media Music Server (Application)
SRV - [2002/11/06 11:42:26 | 000,585,728 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe -- (VAIOMediaPlatform-VideoServer-UPnP) VAIO Media Video Server (UPnP)
SRV - [2002/11/06 11:42:26 | 000,585,728 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe -- (VAIOMediaPlatform-PhotoServer-UPnP) VAIO Media Photo Server (UPnP)
SRV - [2002/11/06 11:42:26 | 000,585,728 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe -- (VAIOMediaPlatform-MusicServer-UPnP) VAIO Media Music Server (UPnP)
SRV - [2002/10/30 10:43:30 | 000,462,848 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe -- (VAIOMediaPlatform-PhotoServer-AppServer) VAIO Media Photo Server (Application)
SRV - [2002/07/23 06:45:12 | 000,065,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2002/07/18 22:27:26 | 000,045,056 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe -- (VAIOMediaPlatform-VideoServer-HTTP) VAIO Media Video Server (HTTP)
SRV - [2002/07/18 22:27:26 | 000,045,056 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe -- (VAIOMediaPlatform-PhotoServer-HTTP) VAIO Media Photo Server (HTTP)
SRV - [2002/07/18 22:27:26 | 000,045,056 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe -- (VAIOMediaPlatform-MusicServer-HTTP) VAIO Media Music Server (HTTP)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Hunter\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/04/25 21:06:44 | 000,014,336 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2008/04/13 11:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/07/28 19:19:52 | 000,236,928 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USB55N51.sys -- (USB55N51)
DRV - [2004/05/19 21:56:08 | 000,601,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\soma.sys -- (soma)
DRV - [2002/11/19 01:12:04 | 000,036,184 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyWBMS.sys -- (SONYWBMS) Sony Memory Stick controller(WB)
DRV - [2002/11/14 17:34:48 | 000,224,256 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2002/11/11 12:26:38 | 000,819,408 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002/11/08 11:24:54 | 000,115,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002/11/08 11:24:42 | 000,135,728 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002/11/08 11:24:24 | 000,006,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002/11/08 11:24:20 | 000,113,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002/11/08 11:24:08 | 000,492,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002/11/08 11:22:36 | 000,186,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2002/10/31 12:58:42 | 000,030,848 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (sisagp)
DRV - [2002/10/18 12:07:34 | 001,156,672 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2002/09/19 20:19:56 | 000,205,056 | ---- | M] (YAMAHA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yacxgc.sys -- (WDM_YAMAHAAC97)
DRV - [2002/06/13 12:37:16 | 000,045,568 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/04/03 19:51:34 | 000,005,760 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2001/08/17 13:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT)
DRV - [2000/12/05 17:18:02 | 000,003,952 | R--- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...EIE8HP&PC=DI215
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...EIE8HP&PC=DI215
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 8D AA 65 01 8A FC 79 42 86 C2 7C 89 B6 61 7A 69 [binary data]
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No CLSID value found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {C83A7891-7F69-45D4-B1F5-CE62416F5469}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...9F-3D7708D0F52C
IE - HKCU\..\SearchScopes\{39F2BFE7-B4FA-41F4-813C-5DC817B5E54E}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{5B291E6C-9A74-4034-971B-A4B007A0B315}: "URL" = http://radiobar.tool...Terms}&srch=dsp
IE - HKCU\..\SearchScopes\{79B72A06-E6E0-4330-B4E3-74596731C9FA}: "URL" = http://search.yahoo....=utf-8&fr=b2ie7
IE - HKCU\..\SearchScopes\{7F969AF5-8D5C-4724-8AA3-7E9C969B93AB}: "URL" = http://search.avg.co...}&ychte=us&nt=1
IE - HKCU\..\SearchScopes\{8A8A9381-84C4-475C-B99E-00A234299140}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-01-07 16:11:11&v=9.0.0.23&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80468&lng=en
IE - HKCU\..\SearchScopes\{C83A7891-7F69-45D4-B1F5-CE62416F5469}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..keyword.URL: "http://search.yahoo....type=382950&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.10.826: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1127: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.813: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/14 09:27:49 | 000,000,000 | ---D | M]

[2011/05/18 17:40:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hunter\Application Data\Mozilla\Extensions
[2012/04/14 09:28:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hunter\Application Data\Mozilla\Firefox\Profiles\tibab3hl.default\extensions
[2011/12/17 13:24:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/03 19:11:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/11/04 20:39:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\HUNTER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TIBAB3HL.DEFAULT\EXTENSIONS\[email protected]
[2012/04/14 09:27:48 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/07 16:10:46 | 000,003,747 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/04/14 09:27:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/14 09:27:40 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll
CHR - plugin: RealOne Player Version Plugin (Enabled) = C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Dark Vibe = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj\1.1_1\
CHR - Extension: Gmail = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/10/01 23:19:57 | 000,436,957 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 meetand[bleep]games.com www.meetand[bleep]games.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15054 more lines...
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [HTpatch] C:\WINDOWS\htpatch.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [ZTgServerSwitch] c:\Program Files\support.com\client\lserver\Server.vbs ()
O4 - HKCU..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO File not found
O4 - HKCU..\Run: [chromium] C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane..._2.3.10.115.cab (Reg Error: Key error.)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefi...er_5.0.31.0.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E92CA046-9904-4668-8DAD-00C70FFF4F4F}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/12/04 19:24:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/14 16:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/04/14 15:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/04/14 14:52:22 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Hunter\Desktop\OTL.exe
[2012/04/14 14:03:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hunter\Start Menu\Programs\Google Chrome
[2012/04/14 13:11:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Hunter\Recent
[2012/04/13 20:47:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/14 16:36:34 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012/04/14 16:21:40 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/04/14 16:09:06 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/04/14 16:05:23 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/04/14 16:02:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2538295714-400606955-3558140419-1005UA.job
[2012/04/14 15:41:57 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Hunter\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/14 15:41:37 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2012/04/14 15:41:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/04/14 15:41:28 | 536,449,024 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/14 14:49:49 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hunter\Desktop\OTL.exe
[2012/04/14 14:43:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/14 14:04:28 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\Hunter\Desktop\Google Chrome.lnk
[2012/04/14 14:04:28 | 000,002,273 | ---- | M] () -- C:\Documents and Settings\Hunter\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/14 14:02:05 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2538295714-400606955-3558140419-1005Core.job
[2012/04/14 13:38:51 | 000,000,991 | ---- | M] () -- C:\Documents and Settings\Hunter\Desktop\magicJack.lnk
[2012/04/14 13:08:02 | 000,109,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/04/14 11:38:09 | 000,473,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/04/14 11:38:09 | 000,076,478 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/04/14 09:12:19 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/14 16:07:24 | 000,000,390 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012/04/14 16:05:23 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/04/14 15:59:47 | 000,001,696 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/04/14 14:34:20 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/04/14 14:04:28 | 000,002,273 | ---- | C] () -- C:\Documents and Settings\Hunter\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/14 14:04:26 | 000,002,295 | ---- | C] () -- C:\Documents and Settings\Hunter\Desktop\Google Chrome.lnk
[2012/04/14 13:57:50 | 000,000,982 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2538295714-400606955-3558140419-1005UA.job
[2012/04/14 13:57:49 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2538295714-400606955-3558140419-1005Core.job
[2012/04/14 10:09:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/04/14 10:09:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/04/14 09:40:09 | 001,292,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2012/04/14 09:40:09 | 000,386,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2011/10/23 17:26:21 | 000,000,236 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2011/10/02 14:33:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\exctrlst.INI
[2011/06/05 22:35:21 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/06/05 22:35:21 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/06/05 22:35:21 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/06/05 22:35:21 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/06/05 22:35:21 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/06/03 22:50:54 | 000,000,049 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/05/28 10:22:17 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/11/04 19:16:16 | 000,016,852 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/09/27 21:50:42 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Hunter\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/04 18:30:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/04/26 19:04:52 | 000,138,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/04/26 19:04:51 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Hunter\Application Data\PnkBstrK.sys
[2010/04/26 19:04:33 | 000,189,248 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010/04/26 19:04:32 | 002,427,248 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010/04/26 19:04:32 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe

========== LOP Check ==========

[2011/01/23 20:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/09/05 12:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/04/14 15:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/04/23 15:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/03/14 09:17:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/10/23 19:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/06/03 22:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeApp
[2011/10/23 19:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012/01/07 15:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/04/22 19:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack
[2012/04/14 15:39:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/06/30 21:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2011/09/18 22:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2011/06/30 11:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/10/23 19:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2011/04/07 20:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegInOut
[2011/02/27 11:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2012/04/13 21:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/01/08 22:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2012/01/08 22:53:36 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2010/09/17 18:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/01/08 22:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\AVG
[2012/01/07 16:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\AVG2012
[2002/12/17 16:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\InterTrust
[2011/11/06 21:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\iolo
[2012/04/14 13:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\mjusbsp
[2011/12/17 13:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\Search Settings
[2011/09/30 08:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\SystemRequirementsLab
[2012/01/08 22:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\TuneUp Software
[2011/10/11 20:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\Unity
[2010/03/07 23:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\Vivox
[2012/04/14 16:05:23 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2012/04/14 16:36:34 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2009/06/27 23:50:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 1.job
[2009/07/02 01:35:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 2.job
[2009/07/12 23:50:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 3.job
[2012/04/14 15:41:37 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 60 bytes -> C:\Documents and Settings\All Users\Documents\.TemporaryItems:AFP_AfpInfo
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >
  • 0

#3
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0

#4
hsnyder95

hsnyder95

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Well the problems I have been having is that its extremely slow and a lot of programs I try to run end up becoming unresponsive. i do know part of this could be caused by low ram but I have had this computer for a very long time and it hasn't been this slow.
  • 0

#5
hsnyder95

hsnyder95

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
OTL logfile created on: 4/21/2012 11:06:44 AM - Run 8
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Hunter\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.53 Mb Total Physical Memory | 290.34 Mb Available Physical Memory | 56.76% Memory free
1.22 Gb Paging File | 0.86 Gb Available in Paging File | 70.87% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 37.96 Gb Free Space | 67.93% Space Free | Partition Type: NTFS
Drive D: | 74.52 Gb Total Space | 74.29 Gb Free Space | 99.69% Space Free | Partition Type: NTFS

Computer Name: VALUED-B8142DE8 | User Name: Hunter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/14 14:49:49 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hunter\Desktop\OTL.exe
PRC - [2012/04/14 13:56:25 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
PRC - [2012/04/12 10:39:18 | 000,980,832 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2012/04/12 10:31:34 | 000,784,792 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2012/04/04 14:32:28 | 000,170,824 | ---- | M] (Ginger Software) -- C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe
PRC - [2012/04/04 14:32:08 | 001,642,824 | ---- | M] (Ginger Software) -- C:\Program Files\Ginger\GingerServices\GingerServices.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/05/26 17:11:32 | 000,167,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\giga pocket\GPVSvr.exe
PRC - [2002/11/13 18:21:12 | 000,376,898 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
PRC - [2002/11/06 11:42:26 | 000,585,728 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
PRC - [2002/10/30 18:40:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\htpatch.exe
PRC - [2002/10/30 10:43:30 | 000,462,848 | ---- | M] () -- C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
PRC - [2002/07/18 22:27:26 | 000,045,056 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/17 20:55:35 | 000,166,912 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007/04/02 05:49:20 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2002/10/30 18:40:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\htpatch.exe
MOD - [2002/10/30 10:43:30 | 000,462,848 | ---- | M] () -- C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/04/15 17:14:40 | 000,252,576 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/12 10:31:34 | 000,784,792 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012/04/04 14:32:28 | 000,170,824 | ---- | M] (Ginger Software) [Auto | Running] -- C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe -- (GingerUpdateService)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2004/05/26 17:11:32 | 000,167,936 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\giga pocket\GPVSvr.exe -- (VAIOMediaPlatform-VideoServer-AppServer) VAIO Media Video Server (Application)
SRV - [2002/11/13 18:21:12 | 000,376,898 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe -- (VAIOMediaPlatform-MusicServer-AppServer) VAIO Media Music Server (Application)
SRV - [2002/11/06 11:42:26 | 000,585,728 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe -- (VAIOMediaPlatform-VideoServer-UPnP) VAIO Media Video Server (UPnP)
SRV - [2002/11/06 11:42:26 | 000,585,728 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe -- (VAIOMediaPlatform-PhotoServer-UPnP) VAIO Media Photo Server (UPnP)
SRV - [2002/11/06 11:42:26 | 000,585,728 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe -- (VAIOMediaPlatform-MusicServer-UPnP) VAIO Media Music Server (UPnP)
SRV - [2002/10/30 10:43:30 | 000,462,848 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe -- (VAIOMediaPlatform-PhotoServer-AppServer) VAIO Media Photo Server (Application)
SRV - [2002/07/23 06:45:12 | 000,065,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2002/07/18 22:27:26 | 000,045,056 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe -- (VAIOMediaPlatform-VideoServer-HTTP) VAIO Media Video Server (HTTP)
SRV - [2002/07/18 22:27:26 | 000,045,056 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe -- (VAIOMediaPlatform-PhotoServer-HTTP) VAIO Media Photo Server (HTTP)
SRV - [2002/07/18 22:27:26 | 000,045,056 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe -- (VAIOMediaPlatform-MusicServer-HTTP) VAIO Media Music Server (HTTP)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Hunter\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/04/19 22:13:33 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{13174159-8099-4518-8461-D96A82852096}\MpKsla09ecbff.sys -- (MpKsla09ecbff)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/04/25 21:06:44 | 000,014,336 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2008/04/13 11:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/07/28 19:19:52 | 000,236,928 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USB55N51.sys -- (USB55N51)
DRV - [2004/05/19 21:56:08 | 000,601,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\soma.sys -- (soma)
DRV - [2002/11/19 01:12:04 | 000,036,184 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyWBMS.sys -- (SONYWBMS) Sony Memory Stick controller(WB)
DRV - [2002/11/14 17:34:48 | 000,224,256 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2002/11/11 12:26:38 | 000,819,408 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002/11/08 11:24:54 | 000,115,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002/11/08 11:24:42 | 000,135,728 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002/11/08 11:24:24 | 000,006,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002/11/08 11:24:20 | 000,113,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002/11/08 11:24:08 | 000,492,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002/11/08 11:22:36 | 000,186,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2002/10/31 12:58:42 | 000,030,848 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (sisagp)
DRV - [2002/10/18 12:07:34 | 001,156,672 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2002/09/19 20:19:56 | 000,205,056 | ---- | M] (YAMAHA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yacxgc.sys -- (WDM_YAMAHAAC97)
DRV - [2002/06/13 12:37:16 | 000,045,568 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/04/03 19:51:34 | 000,005,760 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2001/08/17 13:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT)
DRV - [2000/12/05 17:18:02 | 000,003,952 | R--- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 8D AA 65 01 8A FC 79 42 86 C2 7C 89 B6 61 7A 69 [binary data]
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 8D AA 65 01 8A FC 79 42 86 C2 7C 89 B6 61 7A 69 [binary data]
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 8D AA 65 01 8A FC 79 42 86 C2 7C 89 B6 61 7A 69 [binary data]
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 8D AA 65 01 8A FC 79 42 86 C2 7C 89 B6 61 7A 69 [binary data]
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...EIE8HP&PC=DI215
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...EIE8HP&PC=DI215
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 8D AA 65 01 8A FC 79 42 86 C2 7C 89 B6 61 7A 69 [binary data]
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\5.4\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes,DefaultScope = {C83A7891-7F69-45D4-B1F5-CE62416F5469}
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...9F-3D7708D0F52C
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{39F2BFE7-B4FA-41F4-813C-5DC817B5E54E}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{5B291E6C-9A74-4034-971B-A4B007A0B315}: "URL" = http://radiobar.tool...Terms}&srch=dsp
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{79B72A06-E6E0-4330-B4E3-74596731C9FA}: "URL" = http://search.yahoo....=utf-8&fr=b2ie7
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{7F969AF5-8D5C-4724-8AA3-7E9C969B93AB}: "URL" = http://search.avg.co...}&ychte=us&nt=1
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{8A8A9381-84C4-475C-B99E-00A234299140}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-01-07 16:11:11&v=9.0.0.23&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80468&lng=en
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{C83A7891-7F69-45D4-B1F5-CE62416F5469}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..keyword.URL: "http://search.yahoo....type=382950&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.10.826: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1127: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.813: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/14 09:27:49 | 000,000,000 | ---D | M]

[2011/05/18 17:40:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hunter\Application Data\Mozilla\Extensions
[2012/04/14 22:18:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hunter\Application Data\Mozilla\Firefox\Profiles\tibab3hl.default\extensions
[2012/04/15 20:26:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/03 19:11:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2012/04/14 20:43:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/04/15 20:26:20 | 000,000,000 | ---D | M] ("Ginger") -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
() (No name found) -- C:\DOCUMENTS AND SETTINGS\HUNTER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TIBAB3HL.DEFAULT\EXTENSIONS\[email protected]
[2012/04/14 22:18:00 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2012/04/14 09:27:48 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/07 16:10:46 | 000,003,747 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/04/14 09:27:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/14 09:27:40 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll
CHR - plugin: RealOne Player Version Plugin (Enabled) = C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Dark Vibe = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj\1.1_1\
CHR - Extension: LastPass = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.5_0\
CHR - Extension: PandoraEnhancer = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ipfamfogncacknldkaoekchdeddmfnlg\1.3.3_0\
CHR - Extension: Ginger = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nacnicbpedmjfagkdhpmbpjlgcgcekka\2.5.14_0\
CHR - Extension: Gmail = C:\Documents and Settings\Hunter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/12/22 16:11:00 | 000,000,732 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Ginger Grammar & Spell Checker) - {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - C:\Program Files\Ginger\GingerIEAddin\adxloader.dll ()
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\5.4\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\5.4\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [HTpatch] C:\WINDOWS\htpatch.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [ZTgServerSwitch] c:\Program Files\support.com\client\lserver\Server.vbs ()
O4 - HKU\S-1-5-21-2538295714-400606955-3558140419-1005..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO File not found
O4 - HKU\S-1-5-21-2538295714-400606955-3558140419-1005..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-2538295714-400606955-3558140419-1005..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [SetDefaultMidi] C:\WINDOWS\mididef.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-18..\RunOnce: [SetDefaultMidi] C:\WINDOWS\mididef.exe (Creative Technology Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ginger.lnk = C:\WINDOWS\Installer\{1A10532B-CC99-415C-A51F-B8418DE7A395}\NewShortcut1_07A8F5336D4F4AA6858FD2E3E66AF10F.exe (Flexera Software, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane..._2.3.10.115.cab (Reg Error: Key error.)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefi...er_5.0.31.0.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E92CA046-9904-4668-8DAD-00C70FFF4F4F}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/12/04 19:24:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/19 22:34:54 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/04/19 22:34:53 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/04/19 22:34:48 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/04/19 22:34:47 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/04/19 22:34:11 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/04/19 22:34:11 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/04/19 22:34:03 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/04/19 22:33:52 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/04/19 22:33:36 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/04/19 22:33:36 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/04/19 22:33:36 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/04/19 22:33:34 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/04/19 22:33:33 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/04/19 22:33:31 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/04/19 22:33:30 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/04/19 22:33:23 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/04/19 22:33:19 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/04/19 22:33:19 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/04/19 22:33:18 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/04/19 22:33:06 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/04/19 22:32:58 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/04/19 22:32:55 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/04/19 22:32:54 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/04/19 22:32:46 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/04/19 22:32:46 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/04/19 22:32:46 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/04/19 22:32:45 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/04/19 22:32:45 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/04/19 22:32:44 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/04/19 22:32:32 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/04/19 22:32:27 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/04/19 22:32:26 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/04/19 22:32:24 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/04/19 22:32:22 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/04/19 22:32:21 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/04/19 22:32:16 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/04/19 22:32:16 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/04/19 22:32:04 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/04/19 22:32:04 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/04/19 22:32:03 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/04/19 22:32:02 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/04/19 22:31:58 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/04/19 22:31:46 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2012/04/19 22:31:33 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/04/19 22:31:32 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/04/19 22:31:31 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/04/19 22:31:30 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/04/19 22:31:30 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/04/19 22:31:16 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/04/19 22:31:15 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/04/19 22:31:15 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/04/19 22:31:12 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/04/19 22:30:58 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/04/19 22:30:58 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/04/19 22:30:57 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/04/19 22:30:57 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/04/19 22:30:46 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/04/19 22:30:44 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/04/19 22:30:43 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/04/19 22:30:37 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/04/19 22:30:36 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/04/19 22:30:36 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/04/19 22:30:35 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/04/19 22:30:35 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/04/19 22:30:35 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/04/19 22:30:34 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/04/19 22:30:33 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/04/19 22:30:33 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/04/19 22:30:31 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/04/19 22:30:31 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/04/19 22:30:30 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/04/19 22:30:30 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/04/19 22:30:29 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/04/19 22:30:28 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/04/19 22:30:19 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/04/19 22:30:15 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/04/19 22:30:14 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/04/19 22:30:12 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/04/19 22:30:00 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/04/19 22:30:00 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/04/19 22:29:47 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/04/19 22:29:46 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/04/19 22:29:46 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/04/19 22:29:39 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/04/19 22:29:14 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/04/19 22:29:13 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/04/19 22:29:09 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/04/19 22:29:08 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/04/19 22:28:57 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/04/19 22:28:57 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/04/19 22:28:56 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/04/19 22:28:55 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/04/19 22:28:40 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/04/19 22:28:34 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/04/19 22:28:34 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/04/19 22:28:27 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/04/19 22:28:15 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/04/19 22:28:14 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/04/19 22:28:10 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/04/19 22:28:09 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/04/19 22:28:09 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/04/19 22:28:09 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/04/19 22:28:08 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/04/19 22:28:08 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/04/19 22:28:06 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/04/19 22:28:05 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/04/19 22:28:05 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/04/19 22:28:04 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/04/19 22:28:03 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/04/19 22:27:10 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2012/04/19 22:26:51 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/04/19 22:26:39 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/04/19 22:26:38 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2012/04/19 22:26:36 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/04/19 22:26:36 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/04/19 22:26:35 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/04/19 22:26:34 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/04/19 22:26:29 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/04/19 22:26:29 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/04/19 22:26:28 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/04/19 22:26:27 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/04/19 22:26:24 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/04/19 22:26:23 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/04/19 22:25:50 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/04/19 22:25:11 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/04/19 22:24:36 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/04/19 22:24:34 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/04/19 22:24:21 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/04/19 22:24:21 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/04/19 22:24:20 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/04/19 22:24:14 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/04/19 22:24:01 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/04/19 22:24:00 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/04/19 22:23:57 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/04/19 22:23:56 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/04/19 22:23:54 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/04/19 22:23:52 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/04/19 22:23:44 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/04/19 22:23:43 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/04/19 22:23:42 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/04/19 22:22:59 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/04/19 22:22:54 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/04/19 22:22:43 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/04/19 22:22:42 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/04/19 22:22:41 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/04/19 22:22:39 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/04/19 22:22:39 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/04/19 22:22:38 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/04/19 22:22:38 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/04/19 22:22:35 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/04/19 22:22:22 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/04/19 22:22:22 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/04/19 22:22:19 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/04/19 22:22:05 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/04/19 22:22:04 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/04/19 22:22:03 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/04/19 22:22:02 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/04/19 22:22:02 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/04/19 22:22:01 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/04/19 22:22:01 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/04/19 22:22:00 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/04/19 22:21:54 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/04/19 22:21:41 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/04/19 22:21:34 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/04/19 22:21:26 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/04/19 22:21:26 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/04/19 22:21:25 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/04/19 22:21:25 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/04/19 22:21:24 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/04/19 22:21:18 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/04/19 22:21:18 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/04/19 22:21:17 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/04/19 22:21:17 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/04/19 22:21:15 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/04/19 22:21:15 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/04/19 22:21:14 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/04/19 22:20:41 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/04/19 22:20:40 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/04/19 22:20:40 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/04/19 22:20:39 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/04/19 22:20:39 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/04/19 22:20:39 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/04/19 22:20:38 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/04/19 22:20:37 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/04/19 22:20:36 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/04/19 22:20:35 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/04/19 22:20:34 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/04/19 22:20:33 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/04/19 22:20:33 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/04/19 22:20:32 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/04/19 22:20:32 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/04/19 22:20:31 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/04/19 22:20:31 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/04/19 22:20:30 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/04/19 22:20:26 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/04/19 22:20:22 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/04/19 22:20:22 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/04/19 22:20:21 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/04/19 22:20:20 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/04/19 22:20:20 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/04/19 22:20:19 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/04/19 22:20:18 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/04/19 22:19:52 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/04/19 22:19:47 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/04/19 22:19:31 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/04/19 22:19:30 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/04/19 22:19:29 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/04/19 22:19:29 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/04/19 22:19:28 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/04/19 22:19:22 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/04/19 22:19:18 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/04/19 22:19:16 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/04/19 22:19:15 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/04/19 22:19:15 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/04/19 22:18:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/04/17 17:32:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hunter\AppData
[2012/04/16 14:30:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hunter\Start Menu\Programs\RuneScape
[2012/04/16 14:28:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hunter\jagexcache
[2012/04/15 20:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hunter\Application Data\Acapela Group
[2012/04/15 20:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hunter\My Documents\Add-in Express
[2012/04/15 20:22:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ginger
[2012/04/15 20:22:03 | 000,000,000 | ---D | C] -- C:\Program Files\Ginger
[2012/04/15 17:20:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/04/15 17:14:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2012/04/15 17:14:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hunter\Start Menu\Programs\WinRAR
[2012/04/14 22:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hunter\Application Data\Search Settings
[2012/04/14 22:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012/04/14 22:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar
[2012/04/14 18:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2012/04/14 17:43:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hunter\Local Settings\Application Data\LastPass
[2012/04/14 15:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/04/14 14:52:22 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Hunter\Desktop\OTL.exe
[2012/04/14 14:03:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hunter\Start Menu\Programs\Google Chrome
[2012/04/14 13:11:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Hunter\Recent
[2012/04/13 20:47:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/21 11:02:02 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2538295714-400606955-3558140419-1005UA.job
[2012/04/21 10:33:03 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/20 14:02:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2538295714-400606955-3558140419-1005Core.job
[2012/04/18 19:16:06 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\Hunter\jagex_cl_runescape_LIVE.dat
[2012/04/17 18:39:41 | 000,000,023 | ---- | M] () -- C:\Documents and Settings\Hunter\jagexappletviewer.preferences
[2012/04/16 14:30:38 | 000,001,857 | ---- | M] () -- C:\Documents and Settings\Hunter\Desktop\RuneScape.lnk
[2012/04/16 11:48:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/04/15 20:22:39 | 000,002,156 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ginger.lnk
[2012/04/15 20:22:39 | 000,002,144 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ginger.lnk
[2012/04/15 19:47:56 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/04/15 19:42:45 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2012/04/15 19:42:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/04/15 19:42:36 | 536,449,024 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/15 03:03:31 | 000,509,234 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/04/15 03:03:31 | 000,083,822 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/04/14 18:56:57 | 000,001,636 | ---- | M] () -- C:\Documents and Settings\Hunter\Desktop\Update Checker.lnk
[2012/04/14 16:21:40 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/04/14 16:09:06 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/04/14 15:41:57 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Hunter\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/14 14:56:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/14 14:49:49 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hunter\Desktop\OTL.exe
[2012/04/14 14:04:28 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\Hunter\Desktop\Google Chrome.lnk
[2012/04/14 14:04:28 | 000,002,273 | ---- | M] () -- C:\Documents and Settings\Hunter\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/14 13:38:51 | 000,000,991 | ---- | M] () -- C:\Documents and Settings\Hunter\Desktop\magicJack.lnk
[2012/04/14 13:08:02 | 000,109,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/04/14 09:12:19 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/19 22:34:52 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/04/19 22:34:51 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/04/19 22:29:42 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/04/19 22:29:40 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/04/19 22:27:18 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/04/19 22:26:20 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/04/19 22:25:19 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/04/19 22:24:35 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/04/19 22:24:35 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/04/19 22:24:34 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/04/19 22:24:33 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/04/19 22:24:31 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/04/19 22:24:23 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/04/19 22:22:41 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/04/19 22:22:40 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/04/19 22:22:40 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/04/19 22:20:11 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/04/19 22:20:11 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/04/19 22:20:09 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/04/19 22:20:08 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/04/19 22:20:08 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/04/19 22:20:07 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/04/19 22:20:07 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/04/19 22:20:06 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/04/19 22:20:05 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/04/19 22:19:57 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/04/16 14:30:40 | 000,001,863 | ---- | C] () -- C:\Documents and Settings\Hunter\Start Menu\Programs\RuneScape.lnk
[2012/04/16 14:30:36 | 000,001,857 | ---- | C] () -- C:\Documents and Settings\Hunter\Desktop\RuneScape.lnk
[2012/04/15 20:22:39 | 000,002,156 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ginger.lnk
[2012/04/15 20:22:39 | 000,002,144 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ginger.lnk
[2012/04/14 20:03:29 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/14 18:56:57 | 000,001,642 | ---- | C] () -- C:\Documents and Settings\Hunter\Start Menu\Programs\Update Checker.lnk
[2012/04/14 18:56:55 | 000,001,636 | ---- | C] () -- C:\Documents and Settings\Hunter\Desktop\Update Checker.lnk
[2012/04/14 16:05:23 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/04/14 15:59:47 | 000,001,696 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/04/14 14:34:20 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/04/14 14:04:28 | 000,002,273 | ---- | C] () -- C:\Documents and Settings\Hunter\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/14 14:04:26 | 000,002,295 | ---- | C] () -- C:\Documents and Settings\Hunter\Desktop\Google Chrome.lnk
[2012/04/14 13:57:50 | 000,000,982 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2538295714-400606955-3558140419-1005UA.job
[2012/04/14 13:57:49 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2538295714-400606955-3558140419-1005Core.job
[2012/04/14 10:09:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/04/14 10:09:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2011/10/23 17:26:21 | 000,000,236 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2011/10/02 14:33:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\exctrlst.INI
[2011/06/05 22:35:21 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/06/05 22:35:21 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/06/05 22:35:21 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/06/05 22:35:21 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/06/05 22:35:21 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/06/03 22:50:54 | 000,000,049 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/05/28 10:22:17 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/11/04 19:16:16 | 000,016,852 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/09/27 21:50:42 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Hunter\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/04 18:30:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/04/26 19:04:52 | 000,138,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/04/26 19:04:51 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Hunter\Application Data\PnkBstrK.sys
[2010/04/26 19:04:33 | 000,189,248 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010/04/26 19:04:32 | 002,427,248 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010/04/26 19:04:32 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe

========== LOP Check ==========

[2002/12/17 16:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.VALUED-B8142DE8\Application Data\InterTrust
[2011/01/23 20:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/09/05 12:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/04/14 15:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/04/23 15:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/03/14 09:17:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/10/23 19:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/06/03 22:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeApp
[2011/10/23 19:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012/01/07 15:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/04/22 19:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack
[2012/04/14 15:39:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/06/30 21:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2011/09/18 22:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2011/06/30 11:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/10/23 19:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2011/04/07 20:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegInOut
[2011/02/27 11:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2012/04/13 21:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/01/08 22:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2012/01/08 22:53:36 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2010/09/17 18:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2002/12/17 16:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\InterTrust
[2012/04/15 20:29:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\Acapela Group
[2012/01/08 22:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\AVG
[2012/01/07 16:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\AVG2012
[2002/12/17 16:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\InterTrust
[2011/11/06 21:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\iolo
[2012/04/14 13:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\mjusbsp
[2012/04/14 22:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\Search Settings
[2011/09/30 08:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\SystemRequirementsLab
[2012/01/08 22:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\TuneUp Software
[2011/10/11 20:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\Unity
[2010/03/07 23:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hunter\Application Data\Vivox
[2012/04/13 20:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2012/04/15 19:47:56 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2009/06/27 23:50:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 1.job
[2009/07/02 01:35:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 2.job
[2009/07/12 23:50:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 3.job
[2012/04/15 19:42:45 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 60 bytes -> C:\Documents and Settings\All Users\Documents\.TemporaryItems:AFP_AfpInfo
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >
  • 0

#6
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    SRV - [2012/04/12 10:31:34 | 000,784,792 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
    IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\5.4\iobitToolbarIE.dll (Spigot, Inc.)
    IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...9F-3D7708D0F52C
    IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{5B291E6C-9A74-4034-971B-A4B007A0B315}: "URL" = http://radiobar.tool...Terms}&srch=dsp
    IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
    IE - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80468&lng=en
    [2012/04/14 22:18:00 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
    O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\5.4\iobitToolbarIE.dll (Spigot, Inc.)
    O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\5.4\iobitToolbarIE.dll (Spigot, Inc.)
    O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
    O7 - HKU\S-1-5-21-2538295714-400606955-3558140419-1005\Software\Policies\Microsoft\Internet Explorer\control panel present
    [2012/04/14 22:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hunter\Application Data\Search Settings
    [2012/04/14 22:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
    [2012/04/14 22:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar
    [6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    
    :Services
    
    :Reg
    
    :Files
    ipconfig /flushdns /c
    C:\Program Files\Common Files\Spigot
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done



Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.



Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#7
hsnyder95

hsnyder95

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Ok its still slow and unresponsive

The log is in an attachment below, it wouldn't load by pasting

Attached Files

  • Attached File  log.txt   476.94KB   19 downloads

  • 0

#8
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
I don't see any malware in your ComboFix. I can try some other tools, but I doubt they'll find anything. :)


Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
  • 0

#9
hsnyder95

hsnyder95

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Alright ill see if anything comes up, if not then I know it is just the RAM
  • 0

#10
hsnyder95

hsnyder95

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.23.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Hunter :: VALUED-B8142DE8 [administrator]

4/22/2012 7:45:42 PM
mbam-log-2012-04-22 (19-45-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217728
Time elapsed: 25 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\Hunter\My Documents\Downloads\SoftonicDownloader_for_game-maker.exe (PUP.OfferBundler.ST) -> Quarantined and deleted successfully.

(end)
  • 0

#11
hsnyder95

hsnyder95

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
20:24:38.0546 0564 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
20:24:39.0187 0564 ============================================================
20:24:39.0187 0564 Current date / time: 2012/04/22 20:24:39.0187
20:24:39.0187 0564 SystemInfo:
20:24:39.0187 0564
20:24:39.0187 0564 OS Version: 5.1.2600 ServicePack: 3.0
20:24:39.0187 0564 Product type: Workstation
20:24:39.0187 0564 ComputerName: VALUED-B8142DE8
20:24:39.0187 0564 UserName: Hunter
20:24:39.0187 0564 Windows directory: C:\WINDOWS
20:24:39.0187 0564 System windows directory: C:\WINDOWS
20:24:39.0187 0564 Processor architecture: Intel x86
20:24:39.0187 0564 Number of processors: 1
20:24:39.0187 0564 Page size: 0x1000
20:24:39.0187 0564 Boot type: Normal boot
20:24:39.0187 0564 ============================================================
20:24:46.0890 0564 Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:24:46.0921 0564 Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:24:47.0000 0564 \Device\Harddisk0\DR0:
20:24:47.0390 0564 MBR partitions:
20:24:47.0390 0564 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6FC7C41
20:24:47.0390 0564 \Device\Harddisk1\DR1:
20:24:47.0406 0564 MBR partitions:
20:24:47.0406 0564 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
20:24:47.0921 0564 C: <-> \Device\Harddisk0\DR0\Partition0
20:24:47.0953 0564 D: <-> \Device\Harddisk1\DR1\Partition0
20:24:48.0031 0564 Initialize success
20:24:48.0031 0564 ============================================================
20:26:23.0781 1224 ============================================================
20:26:23.0781 1224 Scan started
20:26:23.0781 1224 Mode: Manual; SigCheck; TDLFS;
20:26:23.0781 1224 ============================================================
20:26:24.0734 1224 Abiosdsk - ok
20:26:24.0968 1224 abp480n5 - ok
20:26:25.0125 1224 ACDaemon (35f57598f0589feb3c3abc1621bf329f) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:26:28.0140 1224 ACDaemon - ok
20:26:28.0296 1224 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:26:30.0312 1224 ACPI - ok
20:26:30.0484 1224 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:26:30.0890 1224 ACPIEC - ok
20:26:31.0078 1224 AdobeFlashPlayerUpdateSvc (ce69495274108997d29bcddf034e2fc5) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:26:33.0359 1224 AdobeFlashPlayerUpdateSvc - ok
20:26:33.0437 1224 adpu160m - ok
20:26:33.0531 1224 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:26:33.0968 1224 aec - ok
20:26:34.0078 1224 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
20:26:34.0312 1224 Afc - ok
20:26:34.0437 1224 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:26:34.0875 1224 AFD - ok
20:26:35.0031 1224 AgereSoftModem (ed5c8b22de2021339a7c7fccfe5c5d7e) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
20:26:35.0750 1224 AgereSoftModem - ok
20:26:35.0812 1224 Aha154x - ok
20:26:35.0859 1224 aic78u2 - ok
20:26:35.0890 1224 aic78xx - ok
20:26:35.0953 1224 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
20:26:36.0390 1224 Alerter - ok
20:26:36.0531 1224 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
20:26:37.0734 1224 ALG - ok
20:26:38.0578 1224 AliIde - ok
20:26:38.0625 1224 amsint - ok
20:26:38.0765 1224 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:26:40.0000 1224 Apple Mobile Device - ok
20:26:40.0078 1224 AppMgmt - ok
20:26:40.0156 1224 ArcSoftKsUFilter (35a6a419d7526f5cf824afb23afa08d6) C:\WINDOWS\system32\DRIVERS\ArcSoftKsUFilter.sys
20:26:40.0328 1224 ArcSoftKsUFilter - ok
20:26:40.0453 1224 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:26:40.0937 1224 Arp1394 - ok
20:26:41.0015 1224 asc - ok
20:26:41.0093 1224 asc3350p - ok
20:26:41.0125 1224 asc3550 - ok
20:26:41.0281 1224 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:26:41.0734 1224 aspnet_state - ok
20:26:41.0828 1224 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:26:42.0218 1224 AsyncMac - ok
20:26:42.0359 1224 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:26:42.0781 1224 atapi - ok
20:26:42.0906 1224 Atdisk - ok
20:26:43.0046 1224 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:26:43.0437 1224 Atmarpc - ok
20:26:43.0593 1224 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
20:26:44.0062 1224 AudioSrv - ok
20:26:44.0187 1224 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:26:44.0562 1224 audstub - ok
20:26:44.0671 1224 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:26:45.0062 1224 Beep - ok
20:26:45.0171 1224 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
20:26:45.0859 1224 BITS - ok
20:26:45.0984 1224 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
20:26:46.0875 1224 Bonjour Service - ok
20:26:47.0015 1224 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
20:26:47.0406 1224 Browser - ok
20:26:47.0546 1224 catchme - ok
20:26:47.0656 1224 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:26:47.0890 1224 cbidf2k - ok
20:26:47.0984 1224 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:26:48.0250 1224 CCDECODE - ok
20:26:48.0312 1224 cd20xrnt - ok
20:26:48.0390 1224 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:26:48.0734 1224 Cdaudio - ok
20:26:48.0843 1224 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:26:49.0187 1224 Cdfs - ok
20:26:49.0359 1224 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:26:49.0718 1224 Cdrom - ok
20:26:49.0796 1224 Changer - ok
20:26:49.0875 1224 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
20:26:50.0281 1224 CiSvc - ok
20:26:50.0406 1224 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
20:26:50.0968 1224 ClipSrv - ok
20:26:51.0140 1224 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:26:51.0515 1224 clr_optimization_v2.0.50727_32 - ok
20:26:51.0812 1224 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:26:52.0703 1224 clr_optimization_v4.0.30319_32 - ok
20:26:52.0875 1224 CmdIde - ok
20:26:52.0968 1224 COMSysApp - ok
20:26:53.0031 1224 Cpqarray - ok
20:26:53.0140 1224 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
20:26:53.0578 1224 CryptSvc - ok
20:26:53.0750 1224 ctac32k (c2eae43e39fd5b0908819bfb81f19d85) C:\WINDOWS\system32\drivers\ctac32k.sys
20:26:54.0078 1224 ctac32k - ok
20:26:54.0281 1224 ctaud2k (19a6ca6f8f5fee718996bd0d756d0582) C:\WINDOWS\system32\drivers\ctaud2k.sys
20:26:55.0078 1224 ctaud2k - ok
20:26:55.0484 1224 ctprxy2k (76f7f27e2df96daa0c9b91942ab43893) C:\WINDOWS\system32\drivers\ctprxy2k.sys
20:26:55.0750 1224 ctprxy2k - ok
20:26:55.0984 1224 ctsfm2k (96ab6fd19e28e74b89a55c98d5d22291) C:\WINDOWS\system32\drivers\ctsfm2k.sys
20:26:56.0296 1224 ctsfm2k - ok
20:26:56.0437 1224 dac2w2k - ok
20:26:56.0531 1224 dac960nt - ok
20:26:56.0890 1224 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
20:26:57.0296 1224 DcomLaunch - ok
20:26:57.0546 1224 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
20:26:58.0046 1224 Dhcp - ok
20:26:58.0203 1224 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:26:58.0484 1224 Disk - ok
20:26:58.0562 1224 dmadmin - ok
20:26:58.0781 1224 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
20:26:59.0890 1224 dmboot - ok
20:27:00.0015 1224 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys
20:27:00.0312 1224 DMICall - ok
20:27:00.0484 1224 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
20:27:00.0796 1224 dmio - ok
20:27:01.0031 1224 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:27:01.0328 1224 dmload - ok
20:27:01.0531 1224 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
20:27:01.0828 1224 dmserver - ok
20:27:02.0125 1224 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:27:02.0406 1224 DMusic - ok
20:27:02.0812 1224 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
20:27:03.0234 1224 Dnscache - ok
20:27:03.0593 1224 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
20:27:04.0890 1224 Dot3svc - ok
20:27:05.0625 1224 dpti2o - ok
20:27:06.0187 1224 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:27:06.0703 1224 drmkaud - ok
20:27:07.0328 1224 EagleNT - ok
20:27:07.0859 1224 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
20:27:08.0656 1224 EapHost - ok
20:27:09.0390 1224 emupia (8955251ce7cc14913693165fb25a155f) C:\WINDOWS\system32\drivers\emupia2k.sys
20:27:09.0687 1224 emupia - ok
20:27:10.0671 1224 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
20:27:11.0015 1224 ERSvc - ok
20:27:11.0687 1224 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
20:27:12.0000 1224 Eventlog - ok
20:27:12.0375 1224 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
20:27:12.0750 1224 EventSystem - ok
20:27:13.0140 1224 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:27:13.0468 1224 Fastfat - ok
20:27:13.0734 1224 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:27:14.0109 1224 FastUserSwitchingCompatibility - ok
20:27:14.0421 1224 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:27:14.0734 1224 Fdc - ok
20:27:14.0984 1224 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
20:27:15.0453 1224 Fips - ok
20:27:15.0921 1224 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:27:16.0234 1224 Flpydisk - ok
20:27:16.0437 1224 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:27:16.0859 1224 FltMgr - ok
20:27:17.0109 1224 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:27:17.0562 1224 FontCache3.0.0.0 - ok
20:27:17.0875 1224 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:27:18.0218 1224 Fs_Rec - ok
20:27:18.0500 1224 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:27:18.0984 1224 Ftdisk - ok
20:27:19.0265 1224 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
20:27:19.0562 1224 gameenum - ok
20:27:19.0828 1224 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:27:20.0046 1224 GEARAspiWDM - ok
20:27:20.0312 1224 GingerUpdateService (1e5d19b59f95f2ad9ec7f95365db8801) C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe
20:27:21.0734 1224 GingerUpdateService - ok
20:27:22.0390 1224 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:27:23.0078 1224 Gpc - ok
20:27:24.0250 1224 ha10kx2k (5295ee59854289800320eab6c6464147) C:\WINDOWS\system32\drivers\ha10kx2k.sys
20:27:25.0468 1224 ha10kx2k - ok
20:27:26.0171 1224 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
20:27:26.0234 1224 hamachi - ok
20:27:26.0406 1224 HCF_MSFT (4236e014632f4163f53ebb717f41594c) C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys
20:27:27.0187 1224 HCF_MSFT - ok
20:27:27.0703 1224 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:27:28.0000 1224 helpsvc - ok
20:27:28.0218 1224 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
20:27:28.0531 1224 HidServ - ok
20:27:28.0640 1224 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:27:28.0984 1224 HidUsb - ok
20:27:29.0078 1224 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
20:27:29.0468 1224 hkmsvc - ok
20:27:29.0546 1224 hpn - ok
20:27:29.0656 1224 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:27:29.0921 1224 HTTP - ok
20:27:30.0062 1224 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
20:27:30.0406 1224 HTTPFilter - ok
20:27:30.0484 1224 i2omgmt - ok
20:27:30.0546 1224 i2omp - ok
20:27:30.0625 1224 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:27:30.0890 1224 i8042prt - ok
20:27:31.0015 1224 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:27:31.0375 1224 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:27:31.0375 1224 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:27:31.0625 1224 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:27:31.0937 1224 idsvc - ok
20:27:32.0062 1224 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:27:32.0343 1224 Imapi - ok
20:27:32.0453 1224 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
20:27:32.0875 1224 ImapiService - ok
20:27:32.0953 1224 ini910u - ok
20:27:33.0250 1224 IntelIde - ok
20:27:33.0390 1224 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:27:33.0671 1224 intelppm - ok
20:27:33.0781 1224 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:27:34.0140 1224 ip6fw - ok
20:27:34.0265 1224 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:27:34.0609 1224 IpFilterDriver - ok
20:27:34.0718 1224 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:27:35.0031 1224 IpInIp - ok
20:27:35.0156 1224 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:27:35.0437 1224 IpNat - ok
20:27:35.0593 1224 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
20:27:36.0000 1224 iPod Service - ok
20:27:36.0109 1224 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:27:36.0500 1224 IPSec - ok
20:27:36.0593 1224 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:27:36.0750 1224 IRENUM - ok
20:27:36.0875 1224 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:27:37.0140 1224 isapnp - ok
20:27:37.0406 1224 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
20:27:37.0843 1224 JavaQuickStarterService - ok
20:27:37.0953 1224 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:27:38.0265 1224 Kbdclass - ok
20:27:38.0406 1224 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:27:38.0656 1224 kbdhid - ok
20:27:38.0781 1224 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:27:39.0093 1224 kmixer - ok
20:27:39.0234 1224 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:27:39.0484 1224 KSecDD - ok
20:27:39.0625 1224 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
20:27:39.0812 1224 lanmanserver - ok
20:27:39.0968 1224 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
20:27:40.0171 1224 lanmanworkstation - ok
20:27:40.0250 1224 lbrtfdc - ok
20:27:40.0390 1224 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
20:27:40.0671 1224 LmHosts - ok
20:27:40.0781 1224 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
20:27:40.0937 1224 MBAMSwissArmy - ok
20:27:41.0015 1224 mcdbus - ok
20:27:41.0093 1224 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
20:27:41.0406 1224 Messenger - ok
20:27:41.0531 1224 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:27:41.0781 1224 mnmdd - ok
20:27:41.0906 1224 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
20:27:42.0359 1224 mnmsrvc - ok
20:27:42.0453 1224 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
20:27:42.0703 1224 Modem - ok
20:27:42.0812 1224 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:27:43.0062 1224 Mouclass - ok
20:27:43.0203 1224 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:27:43.0484 1224 mouhid - ok
20:27:43.0609 1224 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:27:43.0921 1224 MountMgr - ok
20:27:44.0062 1224 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
20:27:44.0171 1224 MpFilter - ok
20:27:44.0343 1224 MpKslf914d46b (a69630d039c38018689190234f866d77) C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{43A15369-AD9A-4DF6-8C14-9CC4A87DA429}\MpKslf914d46b.sys
20:27:44.0453 1224 MpKslf914d46b - ok
20:27:44.0531 1224 mraid35x - ok
20:27:44.0640 1224 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:27:44.0953 1224 MRxDAV - ok
20:27:45.0093 1224 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:27:45.0406 1224 MRxSmb - ok
20:27:45.0515 1224 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
20:27:45.0906 1224 MSDTC - ok
20:27:46.0015 1224 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:27:46.0421 1224 Msfs - ok
20:27:46.0484 1224 MSIServer - ok
20:27:46.0562 1224 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:27:46.0796 1224 MSKSSRV - ok
20:27:46.0937 1224 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
20:27:47.0000 1224 MsMpSvc - ok
20:27:47.0109 1224 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:27:47.0359 1224 MSPCLOCK - ok
20:27:47.0468 1224 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:27:47.0718 1224 MSPQM - ok
20:27:47.0843 1224 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:27:48.0093 1224 mssmbios - ok
20:27:48.0203 1224 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:27:48.0515 1224 MSTEE - ok
20:27:48.0640 1224 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:27:48.0750 1224 Mup - ok
20:27:48.0875 1224 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:27:49.0156 1224 NABTSFEC - ok
20:27:49.0296 1224 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
20:27:49.0796 1224 napagent - ok
20:27:49.0921 1224 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:27:50.0343 1224 NDIS - ok
20:27:50.0968 1224 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:27:51.0265 1224 NdisIP - ok
20:27:52.0968 1224 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:27:53.0250 1224 NdisTapi - ok
20:27:54.0078 1224 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:27:54.0359 1224 Ndisuio - ok
20:27:54.0531 1224 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:27:55.0031 1224 NdisWan - ok
20:27:55.0578 1224 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:27:55.0796 1224 NDProxy - ok
20:27:56.0109 1224 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:27:56.0421 1224 NetBIOS - ok
20:27:56.0781 1224 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:27:57.0250 1224 NetBT - ok
20:27:57.0812 1224 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
20:27:59.0281 1224 NetDDE - ok
20:27:59.0406 1224 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
20:27:59.0750 1224 NetDDEdsdm - ok
20:28:00.0468 1224 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:28:00.0765 1224 Netlogon - ok
20:28:01.0515 1224 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
20:28:02.0109 1224 Netman - ok
20:28:02.0390 1224 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:28:02.0468 1224 NetTcpPortSharing - ok
20:28:02.0578 1224 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:28:02.0875 1224 NIC1394 - ok
20:28:02.0984 1224 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
20:28:03.0187 1224 Nla - ok
20:28:03.0328 1224 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:28:03.0656 1224 Npfs - ok
20:28:03.0859 1224 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:28:04.0656 1224 Ntfs - ok
20:28:04.0765 1224 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
20:28:04.0984 1224 NtLmSsp - ok
20:28:05.0093 1224 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
20:28:05.0421 1224 NtmsSvc - ok
20:28:05.0531 1224 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:28:05.0765 1224 Null - ok
20:28:05.0937 1224 nv (16e3095560cb731edd9966b9294fce18) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:28:06.0171 1224 nv - ok
20:28:06.0406 1224 NVSvc (3a6d465cb1a5ec430293281d17d24b16) C:\WINDOWS\System32\nvsvc32.exe
20:28:06.0578 1224 NVSvc - ok
20:28:06.0703 1224 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:28:06.0968 1224 NwlnkFlt - ok
20:28:07.0093 1224 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:28:07.0375 1224 NwlnkFwd - ok
20:28:07.0468 1224 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:28:07.0796 1224 ohci1394 - ok
20:28:07.0906 1224 ossrv (efa821d3e0bd123dc7d78714179c43f5) C:\WINDOWS\system32\drivers\ctoss2k.sys
20:28:08.0062 1224 ossrv - ok
20:28:08.0218 1224 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
20:28:08.0546 1224 Parport - ok
20:28:08.0656 1224 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:28:08.0921 1224 PartMgr - ok
20:28:09.0015 1224 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:28:09.0281 1224 ParVdm - ok
20:28:09.0390 1224 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
20:28:09.0671 1224 PCI - ok
20:28:09.0750 1224 PCIDump - ok
20:28:09.0843 1224 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:28:10.0078 1224 PCIIde - ok
20:28:10.0171 1224 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:28:10.0484 1224 Pcmcia - ok
20:28:10.0546 1224 PDCOMP - ok
20:28:10.0609 1224 PDFRAME - ok
20:28:10.0656 1224 PDRELI - ok
20:28:10.0703 1224 PDRFRAME - ok
20:28:10.0750 1224 perc2 - ok
20:28:10.0796 1224 perc2hib - ok
20:28:10.0921 1224 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
20:28:11.0078 1224 PlugPlay - ok
20:28:11.0203 1224 PnkBstrA (a1dd33d16f277ce34124ee52ab2c0f14) C:\WINDOWS\system32\PnkBstrA.exe
20:28:11.0859 1224 PnkBstrA - ok
20:28:11.0984 1224 PnkBstrB (27f1be4a53441c9f1f48b9adc145b0a5) C:\WINDOWS\system32\PnkBstrB.exe
20:28:12.0125 1224 PnkBstrB - ok
20:28:12.0265 1224 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:28:12.0484 1224 PolicyAgent - ok
20:28:12.0593 1224 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:28:12.0859 1224 PptpMiniport - ok
20:28:12.0968 1224 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
20:28:13.0218 1224 Processor - ok
20:28:13.0312 1224 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:28:13.0531 1224 ProtectedStorage - ok
20:28:13.0687 1224 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:28:14.0015 1224 PSched - ok
20:28:14.0140 1224 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:28:14.0375 1224 Ptilink - ok
20:28:14.0484 1224 PxHelp20 (951d4769ba5b8a3c58404b5cef4a65ca) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
20:28:14.0593 1224 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
20:28:14.0593 1224 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
20:28:14.0734 1224 ql1080 - ok
20:28:14.0781 1224 Ql10wnt - ok
20:28:14.0875 1224 ql12160 - ok
20:28:14.0921 1224 ql1240 - ok
20:28:14.0968 1224 ql1280 - ok
20:28:15.0093 1224 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:28:15.0359 1224 RasAcd - ok
20:28:15.0531 1224 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
20:28:15.0921 1224 RasAuto - ok
20:28:16.0046 1224 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:28:16.0328 1224 Rasl2tp - ok
20:28:16.0484 1224 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
20:28:16.0781 1224 RasMan - ok
20:28:16.0906 1224 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:28:17.0203 1224 RasPppoe - ok
20:28:17.0328 1224 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:28:17.0609 1224 Raspti - ok
20:28:17.0718 1224 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:28:18.0125 1224 Rdbss - ok
20:28:18.0250 1224 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:28:18.0500 1224 RDPCDD - ok
20:28:18.0625 1224 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:28:18.0812 1224 RDPWD - ok
20:28:18.0921 1224 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
20:28:19.0500 1224 RDSessMgr - ok
20:28:19.0671 1224 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:28:19.0921 1224 redbook - ok
20:28:20.0015 1224 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
20:28:20.0359 1224 RemoteAccess - ok
20:28:20.0468 1224 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
20:28:20.0812 1224 RpcLocator - ok
20:28:20.0968 1224 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
20:28:21.0140 1224 RpcSs - ok
20:28:21.0250 1224 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
20:28:21.0578 1224 RSVP - ok
20:28:21.0687 1224 rtl8139 (d0ac0b0355a3ffb85eb77b083cd0627c) C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
20:28:21.0796 1224 rtl8139 - ok
20:28:21.0906 1224 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:28:22.0156 1224 SamSs - ok
20:28:22.0312 1224 SBRE - ok
20:28:22.0453 1224 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
20:28:22.0812 1224 SCardSvr - ok
20:28:22.0937 1224 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
20:28:23.0250 1224 Schedule - ok
20:28:23.0406 1224 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:28:23.0546 1224 Secdrv - ok
20:28:23.0671 1224 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
20:28:23.0953 1224 seclogon - ok
20:28:25.0750 1224 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
20:28:26.0031 1224 SENS - ok
20:28:26.0656 1224 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
20:28:27.0046 1224 Serial - ok
20:28:27.0250 1224 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:28:27.0531 1224 Sfloppy - ok
20:28:27.0671 1224 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
20:28:28.0093 1224 SharedAccess - ok
20:28:28.0234 1224 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:28:28.0359 1224 ShellHWDetection - ok
20:28:28.0437 1224 Simbad - ok
20:28:28.0515 1224 SiS315 (80ca473eebd2bbaeab7e62b1b03cbe03) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
20:28:28.0640 1224 SiS315 - ok
20:28:28.0765 1224 sisagp (1630fbdbcb0cf3a60c02b6f140bab98b) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
20:28:28.0859 1224 sisagp - ok
20:28:28.0968 1224 SiSkp (0ba1bc20204db877236eb5f674879ed5) C:\WINDOWS\system32\drivers\srvkp.sys
20:28:29.0015 1224 SiSkp ( UnsignedFile.Multi.Generic ) - warning
20:28:29.0015 1224 SiSkp - detected UnsignedFile.Multi.Generic (1)
20:28:29.0156 1224 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:28:29.0390 1224 SLIP - ok
20:28:29.0546 1224 soma (63cb2a3593104470f9a6fe9df1579762) C:\WINDOWS\system32\DRIVERS\soma.sys
20:28:29.0718 1224 soma - ok
20:28:29.0875 1224 SONYWBMS (e6320f02dc53402bbff34f0d0a5fee51) C:\WINDOWS\system32\DRIVERS\SonyWBMS.SYS
20:28:30.0000 1224 SONYWBMS - ok
20:28:30.0328 1224 Sparrow - ok
20:28:30.0437 1224 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:28:30.0718 1224 splitter - ok
20:28:30.0828 1224 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:28:30.0984 1224 Spooler - ok
20:28:31.0125 1224 SPTISRV (f12215976bc6fa7da26d277ed8cbc024) C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
20:28:31.0265 1224 SPTISRV ( UnsignedFile.Multi.Generic ) - warning
20:28:31.0265 1224 SPTISRV - detected UnsignedFile.Multi.Generic (1)
20:28:31.0453 1224 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
20:28:31.0671 1224 sr - ok
20:28:31.0781 1224 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
20:28:31.0953 1224 srservice - ok
20:28:32.0078 1224 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:28:32.0281 1224 Srv - ok
20:28:32.0421 1224 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
20:28:32.0562 1224 SSDPSRV - ok
20:28:32.0890 1224 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
20:28:33.0546 1224 stisvc - ok
20:28:34.0359 1224 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:28:34.0609 1224 streamip - ok
20:28:35.0500 1224 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:28:35.0796 1224 swenum - ok
20:28:36.0750 1224 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:28:37.0062 1224 swmidi - ok
20:28:37.0609 1224 SwPrv - ok
20:28:38.0078 1224 symc810 - ok
20:28:38.0125 1224 symc8xx - ok
20:28:38.0156 1224 sym_hi - ok
20:28:38.0203 1224 sym_u3 - ok
20:28:38.0343 1224 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:28:38.0656 1224 sysaudio - ok
20:28:38.0765 1224 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
20:28:39.0093 1224 SysmonLog - ok
20:28:39.0234 1224 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
20:28:39.0500 1224 TapiSrv - ok
20:28:39.0875 1224 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:28:40.0031 1224 Tcpip - ok
20:28:40.0125 1224 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:28:40.0484 1224 TDPIPE - ok
20:28:40.0578 1224 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:28:40.0843 1224 TDTCP - ok
20:28:40.0953 1224 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:28:41.0250 1224 TermDD - ok
20:28:41.0421 1224 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
20:28:41.0734 1224 TermService - ok
20:28:41.0859 1224 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:28:41.0953 1224 Themes - ok
20:28:42.0046 1224 TosIde - ok
20:28:42.0125 1224 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
20:28:42.0453 1224 TrkWks - ok
20:28:42.0562 1224 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:28:42.0843 1224 Udfs - ok
20:28:42.0921 1224 ultra - ok
20:28:43.0031 1224 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:28:43.0343 1224 Update - ok
20:28:43.0500 1224 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
20:28:43.0671 1224 upnphost - ok
20:28:43.0812 1224 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
20:28:44.0125 1224 UPS - ok
20:28:44.0265 1224 USB55N51 (87a1966ce8380814204f75845afb6739) C:\WINDOWS\system32\DRIVERS\USB55N51.sys
20:28:44.0546 1224 USB55N51 ( UnsignedFile.Multi.Generic ) - warning
20:28:44.0546 1224 USB55N51 - detected UnsignedFile.Multi.Generic (1)
20:28:44.0656 1224 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:28:44.0781 1224 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
20:28:44.0781 1224 USBAAPL - detected UnsignedFile.Multi.Generic (1)
20:28:44.0890 1224 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
20:28:45.0203 1224 usbaudio - ok
20:28:45.0328 1224 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:28:45.0593 1224 usbccgp - ok
20:28:45.0765 1224 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:28:46.0046 1224 usbehci - ok
20:28:46.0187 1224 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:28:46.0468 1224 usbhub - ok
20:28:46.0578 1224 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:28:46.0828 1224 usbohci - ok
20:28:46.0937 1224 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:28:47.0171 1224 USBSTOR - ok
20:28:47.0296 1224 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
20:28:47.0562 1224 usbvideo - ok
20:28:47.0750 1224 VAIOMediaPlatform-MusicServer-AppServer (e6ba6fcddbf3fa64942083cf38a4925d) C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
20:28:48.0609 1224 VAIOMediaPlatform-MusicServer-AppServer ( UnsignedFile.Multi.Generic ) - warning
20:28:48.0609 1224 VAIOMediaPlatform-MusicServer-AppServer - detected UnsignedFile.Multi.Generic (1)
20:28:48.0796 1224 VAIOMediaPlatform-MusicServer-HTTP (ed43b1087ef4809fed05cff3f49adc55) C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
20:28:48.0890 1224 VAIOMediaPlatform-MusicServer-HTTP ( UnsignedFile.Multi.Generic ) - warning
20:28:48.0890 1224 VAIOMediaPlatform-MusicServer-HTTP - detected UnsignedFile.Multi.Generic (1)
20:28:49.0078 1224 VAIOMediaPlatform-MusicServer-UPnP (6a5d5387810696b27f5fab09b249c9e3) C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
20:28:49.0843 1224 VAIOMediaPlatform-MusicServer-UPnP ( UnsignedFile.Multi.Generic ) - warning
20:28:49.0843 1224 VAIOMediaPlatform-MusicServer-UPnP - detected UnsignedFile.Multi.Generic (1)
20:28:49.0968 1224 VAIOMediaPlatform-PhotoServer-AppServer (f8b1538325361d3037339e0c7854ab43) C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
20:28:50.0453 1224 VAIOMediaPlatform-PhotoServer-AppServer ( UnsignedFile.Multi.Generic ) - warning
20:28:50.0453 1224 VAIOMediaPlatform-PhotoServer-AppServer - detected UnsignedFile.Multi.Generic (1)
20:28:50.0625 1224 VAIOMediaPlatform-PhotoServer-HTTP (ed43b1087ef4809fed05cff3f49adc55) C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
20:28:50.0656 1224 VAIOMediaPlatform-PhotoServer-HTTP ( UnsignedFile.Multi.Generic ) - warning
20:28:50.0656 1224 VAIOMediaPlatform-PhotoServer-HTTP - detected UnsignedFile.Multi.Generic (1)
20:28:50.0718 1224 VAIOMediaPlatform-PhotoServer-UPnP (6a5d5387810696b27f5fab09b249c9e3) C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
20:28:51.0015 1224 VAIOMediaPlatform-PhotoServer-UPnP ( UnsignedFile.Multi.Generic ) - warning
20:28:51.0015 1224 VAIOMediaPlatform-PhotoServer-UPnP - detected UnsignedFile.Multi.Generic (1)
20:28:51.0125 1224 VAIOMediaPlatform-VideoServer-AppServer (7dac7d2d0ebfaec382bcbbe570beb39a) C:\Program Files\Sony\giga pocket\GPVSvr.exe
20:28:51.0500 1224 VAIOMediaPlatform-VideoServer-AppServer ( UnsignedFile.Multi.Generic ) - warning
20:28:51.0500 1224 VAIOMediaPlatform-VideoServer-AppServer - detected UnsignedFile.Multi.Generic (1)
20:28:51.0656 1224 VAIOMediaPlatform-VideoServer-HTTP (ed43b1087ef4809fed05cff3f49adc55) C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
20:28:51.0687 1224 VAIOMediaPlatform-VideoServer-HTTP ( UnsignedFile.Multi.Generic ) - warning
20:28:51.0687 1224 VAIOMediaPlatform-VideoServer-HTTP - detected UnsignedFile.Multi.Generic (1)
20:28:51.0890 1224 VAIOMediaPlatform-VideoServer-UPnP (6a5d5387810696b27f5fab09b249c9e3) C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
20:28:52.0171 1224 VAIOMediaPlatform-VideoServer-UPnP ( UnsignedFile.Multi.Generic ) - warning
20:28:52.0171 1224 VAIOMediaPlatform-VideoServer-UPnP - detected UnsignedFile.Multi.Generic (1)
20:28:52.0312 1224 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:28:52.0578 1224 VgaSave - ok
20:28:52.0656 1224 ViaIde - ok
20:28:52.0765 1224 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
20:28:53.0109 1224 VolSnap - ok
20:28:53.0296 1224 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
20:28:53.0562 1224 VSS - ok
20:28:53.0718 1224 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
20:28:54.0000 1224 W32Time - ok
20:28:54.0125 1224 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:28:54.0375 1224 Wanarp - ok
20:28:54.0468 1224 WDICA - ok
20:28:54.0546 1224 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:28:54.0859 1224 wdmaud - ok
20:28:55.0171 1224 WDM_YAMAHAAC97 (ca4d9ade72b8e5a1802a452c4c0a5170) C:\WINDOWS\system32\drivers\yacxgc.sys
20:28:55.0343 1224 WDM_YAMAHAAC97 - ok
20:28:55.0578 1224 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
20:28:55.0859 1224 WebClient - ok
20:28:55.0984 1224 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:28:56.0312 1224 winmgmt - ok
20:28:56.0500 1224 WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
20:28:56.0828 1224 WinRM - ok
20:28:57.0000 1224 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:28:57.0140 1224 WmdmPmSN - ok
20:28:57.0312 1224 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
20:28:57.0671 1224 WmiApSrv - ok
20:28:57.0859 1224 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
20:28:58.0531 1224 WMPNetworkSvc - ok
20:28:58.0765 1224 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:28:58.0953 1224 WPFFontCache_v0400 - ok
20:28:59.0078 1224 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:28:59.0359 1224 WS2IFSL - ok
20:28:59.0484 1224 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
20:28:59.0875 1224 wscsvc - ok
20:29:00.0000 1224 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:29:00.0281 1224 WSTCODEC - ok
20:29:00.0390 1224 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
20:29:00.0656 1224 wuauserv - ok
20:29:00.0765 1224 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:29:00.0953 1224 WudfPf - ok
20:29:01.0046 1224 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:29:01.0218 1224 WudfRd - ok
20:29:01.0312 1224 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:29:01.0406 1224 WudfSvc - ok
20:29:01.0546 1224 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
20:29:01.0984 1224 WZCSVC - ok
20:29:02.0109 1224 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
20:29:02.0390 1224 xmlprov - ok
20:29:02.0500 1224 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:29:02.0593 1224 \Device\Harddisk0\DR0 - ok
20:29:02.0640 1224 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
20:29:02.0718 1224 \Device\Harddisk1\DR1 - ok
20:29:02.0734 1224 Boot (0x1200) (ad60b3b5f7ac919e8eec31b3d5a579af) \Device\Harddisk0\DR0\Partition0
20:29:02.0734 1224 \Device\Harddisk0\DR0\Partition0 - ok
20:29:02.0750 1224 Boot (0x1200) (33f87215695f0cebb59999d9b987ad4c) \Device\Harddisk1\DR1\Partition0
20:29:02.0750 1224 \Device\Harddisk1\DR1\Partition0 - ok
20:29:02.0750 1224 ============================================================
20:29:02.0750 1224 Scan finished
20:29:02.0750 1224 ============================================================
20:29:02.0921 3532 Detected object count: 15
20:29:02.0921 3532 Actual detected object count: 15
20:29:36.0765 3532 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0765 3532 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0765 3532 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0765 3532 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0765 3532 SiSkp ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0765 3532 SiSkp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0781 3532 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0781 3532 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0781 3532 USB55N51 ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0781 3532 USB55N51 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0781 3532 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0781 3532 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0781 3532 VAIOMediaPlatform-MusicServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0781 3532 VAIOMediaPlatform-MusicServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0796 3532 VAIOMediaPlatform-MusicServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0796 3532 VAIOMediaPlatform-MusicServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0796 3532 VAIOMediaPlatform-MusicServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0796 3532 VAIOMediaPlatform-MusicServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0796 3532 VAIOMediaPlatform-PhotoServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0796 3532 VAIOMediaPlatform-PhotoServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0812 3532 VAIOMediaPlatform-PhotoServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0812 3532 VAIOMediaPlatform-PhotoServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0812 3532 VAIOMediaPlatform-PhotoServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0812 3532 VAIOMediaPlatform-PhotoServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0812 3532 VAIOMediaPlatform-VideoServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0812 3532 VAIOMediaPlatform-VideoServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0812 3532 VAIOMediaPlatform-VideoServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0812 3532 VAIOMediaPlatform-VideoServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:36.0828 3532 VAIOMediaPlatform-VideoServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:36.0828 3532 VAIOMediaPlatform-VideoServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#12
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Your logs appear to be clean now. There is only a bit of cleanup that we will deal with in this post, as well as prevention from future infections. ^_^

Remove Combofix now that we're done with it.
  • Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
  • Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
    Posted Image
  • Please follow the prompts to uninstall Combofix.
  • You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • Download OTC to your desktop and run it
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep a backup of your important files
Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Make proper use of your anti-virus and firewall
You should keep your anti-virus and firewall guard enabled at all times, don't shut them off unless there's a specific reason to do so.

Also, regularly performing a full system scan with your anti-virus program is a good idea to make sure nothing has slipped through your protection. Once every two weeks works well for many people. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.

Keep in mind that anti-virus programs are far from perfect. They don't protect you against every piece of malware that's out there, so don't trust them blindly. If an anti-virus reports a file as 'clean' then it's doesn't necessarily has to mean it is.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep all your software updated
It is important to keep up on system updates from Microsoft by regularly checking their website at: http://windowsupdate.microsoft.com/, as these patch critical security vulnerabilities and help to keep you safe.

It's also important to keep programs up to date so that malware doesn't exploit any old security flaws. FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Java and Adobe Reader are two of the main security vulnerabilities. You can find the latest version of Java here, you will want the Java SE Runtime Environment (JRE) one. You can find the latest version of Adobe Reader here.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Use a safer web browser
Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a couple good free alternatives: Google Chrome and Opera. Both are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these.

The WOT add-on will nicely help to enhance your security, no matter which web browser you use. This add-on tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Some other security programs

It is wise these days to have a few security programs installed and running on your machine except from just an anti-virus and a firewall. I will list some of them.
  • A good anti-spyware program installed on your pc is very important to help remove any spyware that may have gotten on your computer. I highly recommend Malwarebytes' Anti-Malware.
  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites in the future.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Be careful
Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to exercise common sense. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully to make sure that you know what you're getting.

Using peer-to-peer programs (eg: LimeWire, BitTorrent, uTorrent, Kazaa) or downloading cracks and keygens is something else to avoid. These are the most common way to get infected. Malware writers use these programs to spread infections as it is the easiest way for them. The majority of infections we see in the Malware Removal forum are due to people using p2p programs to download cracks/keygens/warez. These are not only illegal, but will always contain some form of malware. You have no way of verifying that the things you download are legitimate or that they don't contain malware. Even with an up to date anti-virus and firewall, some of these things will still infect you. It is highly recommend that you uninstall all peer-to-peer programs. It just isn't worth it.

Other common ways of getting infected are dis-reputable sites forcing you to download and install a codec. Or viruses using Instant Messaging programs (Windows Live Messenger, MSN Messenger, AIM) to send a file claiming it to be "photos" from a friend, only for it to turn out to be a virus.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Slow computer?
If your computer begins to slow down in the future for no particular reason, your first step should not be to come to the malware forum. As your computer ages and is used, it's parts wear, files and programs accumulate, and its performance can decrease. To restore your computer's performance to its best possible level, follow the steps in this page written by malware expert Miekiemoes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'll leave this thread open for a couple days in case you come across any lingering problems that need fixing, then I'll close it up. If you need it reopened for any reason just shoot me a PM. It's been a pleasure working with you, now best of luck!

Cheers,
Gammo :cool:
  • 0

#13
hsnyder95

hsnyder95

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Thank you everything seems to be good
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP