Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Google Redirect Bug/Malware Issues [Solved]

Started by MVV , Jul 29 2012 04:32 AM

This topic is locked

#1
MVV

Posted 29 July 2012 - 04:32 AM

Member

Member
87 posts

The problem I'm having is Google keeps redirecting me to spam sites, and I'm assuming I have plenty of other malware issues going on on top of it. Here's is my OTL log, I ran it in safe mode if that makes any real difference. Thanks in advance for the help.

OTL logfile created on: 7/29/2012 5:38:21 AM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\Mike\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

509.98 Mb Total Physical Memory | 157.23 Mb Available Physical Memory | 30.83% Memory free
1.22 Gb Paging File | 0.94 Gb Available in Paging File | 77.40% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.95 Gb Total Space | 14.41 Gb Free Space | 20.31% Space Free | Partition Type: NTFS

Computer Name: BASEMENT | User Name: Mike | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/29 05:37:59 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\My Documents\Downloads\OTL.exe
PRC - [2012/07/18 18:58:34 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/09 21:05:07 | 001,107,552 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2011/08/17 18:59:02 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2008/11/01 16:31:40 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012/07/27 00:12:09 | 009,465,032 | ---- | M] () -- C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_11_3_300_268.dll
MOD - [2012/07/18 18:58:03 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/07/09 21:05:14 | 000,132,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll
MOD - [2012/07/09 21:05:07 | 001,107,552 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2008/12/19 18:26:06 | 002,625,536 | ---- | M] () -- C:\Program Files\ffdshow\ffdshow.ax
MOD - [2006/08/23 03:33:46 | 000,007,680 | ---- | M] () -- C:\WINDOWS\SYSTEM32\ff_acm.acm
MOD - [2003/08/02 23:20:57 | 000,126,976 | R--- | M] () -- C:\Program Files\SpywareGuard\spywareguard.dll
MOD - [2002/08/29 04:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\SYSTEM32\TSD32.DLL

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/07/27 00:12:26 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/18 18:58:15 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/10 17:15:06 | 004,419,392 | ---- | M] () [Auto | Stopped] -- c:\program files\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/07/09 21:05:13 | 000,935,008 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0)
SRV - [2012/04/04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/11/10 07:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/08/17 18:59:02 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/11/01 16:31:40 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2002/12/17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [File_System | Auto | Stopped] -- -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wATV03nt.sys -- (iAimTV2)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
DRV - [2011/08/17 18:58:59 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/08/17 18:58:59 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/05/27 19:05:44 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys -- (Avgldx86)
DRV - [2010/02/18 21:37:35 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/05/28 13:24:16 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\MP4ConverterAudio.sys -- (MP4ConverterAudio)
DRV - [2008/11/14 11:58:12 | 000,003,768 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SndTVideo.sys -- (SndTVideo)
DRV - [2008/11/14 11:58:08 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SndTAudio.sys -- (SndTAudio)
DRV - [2007/06/05 13:58:06 | 000,008,576 | ---- | M] (Panda Software International) [Unknown (3) | On_Demand | Unknown] -- C:\WINDOWS\SYSTEM32\DRIVERS\fibqtkkxttox.sys -- (fibqtkkxttox)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2004/09/20 10:27:40 | 000,028,352 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2004/08/03 23:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/03 23:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/03 23:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/03 23:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/03 23:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/03 23:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/03 23:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/03 23:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/03 23:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/03 23:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 23:29:26 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2003/11/17 14:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 14:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 14:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2001/08/17 11:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp.../search/ie.html
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...UGO&form=ZGAPHP
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2011-12-10 08:33:40&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3072253
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;127.0.0.1:9421;<local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: avg@toolbar:10.0.0.7
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.4
FF - prefs.js..keyword.URL: "http://isearch.avg.c...3:40&sap=ku&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2379: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1483: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012/02/02 12:39:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/07/20 10:40:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.12\ [2012/07/09 21:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/18 18:58:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/23 23:19:49 | 000,000,000 | ---D | M]

[2008/12/01 23:20:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions
[2012/07/18 20:25:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\w7ntqjtq.default\extensions
[2011/07/10 01:23:53 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\w7ntqjtq.default\searchplugins\bing-zugo.xml
[2012/03/07 12:46:52 | 000,000,935 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\w7ntqjtq.default\searchplugins\conduit.xml
[2012/05/03 11:01:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/09 21:05:28 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\AVG SECURE SEARCH\11.1.0.12
[2012/07/18 20:25:04 | 000,339,888 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MIKE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W7NTQJTQ.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2011/07/20 10:40:45 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/07/18 18:58:39 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/09 21:05:05 | 000,003,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/05/03 01:29:28 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/05/03 01:29:28 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll
CHR - plugin: getPlusPlus for Adobe 16263 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Mike\Application Data\Move Networks\plugins\npqmp071701000002.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
CHR - Extension: Codec-V = C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.17.48_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
CHR - Extension: Gmail = C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/09/13 14:59:01 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (ZeroBar) - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ZeroBar) - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\toolbar.dll ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [Motive SmartBridge] C:\Program Files\SBC Self Support Tool\SmartBridge\MotiveSB.exe (Motive, Inc.)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Mike\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe (Motive Communications, Inc.)
O4 - Startup: C:\Documents and Settings\Mike\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: Display All Images with Full Quality - C:\Program Files\NetZero\qsacc\appres.dll (United Online, Inc.)
O8 - Extra context menu item: Display Image with Full Quality - C:\Program Files\NetZero\qsacc\appres.dll (United Online, Inc.)
O9 - Extra Button: Football For Good Giving Assistant - {40D4D9A0-A298-46EF-8D22-429FDEE9197B} - C:\Program Files\Football For Good Giving Assistant\MojoObjects.dll (Football For Good)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo.walgree...eensActivia.cab (Snapfish Activia)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} https://objects.aol....83/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} https://objects.aol....,20/McGDMgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{764CF3D5-07CE-481C-9746-A512B0797350}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Mike\My Documents\My Pictures\Jasc Paint Shop Photo Album Images\The Guild of Calamitous Intent 2.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mike\My Documents\My Pictures\Jasc Paint Shop Photo Album Images\The Guild of Calamitous Intent 2.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 07:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/28 22:30:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2012/07/28 13:16:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/07/28 13:11:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/07/28 02:22:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\My Documents\New Folder
[2012/07/23 23:47:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mike\Recent
[2012/07/11 21:01:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/07/11 21:00:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Yahoo!
[2012/07/02 23:08:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\New Folder
[2012/05/23 23:13:26 | 000,892,360 | ---- | C] (Oracle Corporation) -- C:\Program Files\jre-7u4-windows-i586-iftw.exe
[2012/02/08 02:36:03 | 002,130,622 | ---- | C] (Kephyr) -- C:\Program Files\freefixersetup.exe
[2012/02/07 22:02:29 | 003,255,248 | ---- | C] (Javacool Software LLC ) -- C:\Program Files\spywareblastersetup46.exe
[2012/01/19 18:13:21 | 004,780,600 | ---- | C] (DivX, Inc.) -- C:\Program Files\DivXWebPlayerInstallerv15.exe
[2012/01/10 22:40:26 | 005,254,256 | ---- | C] (Canneverbe Limited ) -- C:\Program Files\cdbxp_setup_4.4.0.2905.exe
[2012/01/10 21:34:31 | 012,327,040 | ---- | C] (Nullsoft, Inc.) -- C:\Program Files\winamp5623_full_emusic-7plus_en-us.exe
[2012/01/03 21:53:11 | 000,776,152 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flashplayer10x32_mssd_aih.exe
[2011/12/25 23:55:20 | 003,243,768 | ---- | C] (Javacool Software LLC ) -- C:\Program Files\spywareblastersetup45.exe
[2011/12/18 20:06:03 | 118,392,192 | ---- | C] (Sony Creative Software Inc.) -- C:\Program Files\vegaspro80c_enu.exe
[2011/12/18 18:52:28 | 110,627,654 | ---- | C] (Madison Media Software, Inc.) -- C:\Program Files\acidpro60d_enu.exe
[2011/11/22 05:13:46 | 003,511,776 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccsetup312.exe
[2011/09/22 02:48:41 | 000,407,040 | ---- | C] (Jacek Pazera) -- C:\Program Files\mp4toavi.exe
[2011/09/15 22:31:23 | 000,908,576 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jxpiinstall.exe
[2011/09/13 04:19:55 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Program Files\aswMBR.exe
[2011/09/13 01:30:12 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.51.1.1800.exe
[2011/07/26 22:10:06 | 000,424,328 | ---- | C] (Yahoo! Inc.) -- C:\Program Files\msgr11us.exe
[2011/05/17 19:27:13 | 008,613,040 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.6.17.exe
[2011/03/31 15:02:20 | 016,525,088 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jre-6u24-windows-i586.exe
[2011/01/04 01:24:41 | 021,601,896 | ---- | C] (DivX, Inc.) -- C:\Program Files\divxplayer72.exe
[2010/10/20 21:41:07 | 007,462,536 | ---- | C] (AVG ) -- C:\Program Files\avg_pct_stf_all_2011_22_c2.exe
[2010/10/19 18:19:19 | 004,290,744 | ---- | C] (AVG Technologies) -- C:\Program Files\avg_free_stb_all_2011_1136_upgrade.exe
[2010/10/08 21:51:33 | 003,194,296 | ---- | C] (Javacool Software LLC ) -- C:\Program Files\spywareblastersetup44.exe
[2010/08/30 21:39:38 | 096,962,344 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup2.exe
[2010/05/17 21:46:13 | 003,192,422 | ---- | C] (EximiousSoft ) -- C:\Program Files\ECSetup.exe
[2010/03/31 20:15:46 | 008,351,672 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.6.2.exe
[2010/03/04 02:55:35 | 004,728,512 | ---- | C] (Karlis Blumentals) -- C:\Program Files\egifan5.exe
[2009/11/30 00:36:24 | 032,494,896 | ---- | C] (Apple Inc.) -- C:\Program Files\QuickTimeInstaller.exe
[2009/01/18 21:29:14 | 000,128,336 | ---- | C] (Digital River) -- C:\Program Files\Download_SoundTaxi-Download.exe
[2008/12/03 23:05:41 | 002,832,544 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files\install_flash_player.exe
[2008/12/01 23:17:21 | 007,508,624 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.0.4.exe
[2008/10/28 14:49:58 | 000,400,384 | ---- | C] (The RaProducts Team: Paul McLain and Fred de Vries) -- C:\Program Files\JavaRa.exe
[2008/09/25 23:48:15 | 004,730,740 | ---- | C] (ratDVD) -- C:\Program Files\ratDVDSetup-0.78.1444.exe
[2008/08/09 21:20:59 | 000,742,264 | ---- | C] (BitTorrent, Inc.) -- C:\Program Files\uTorrent.exe
[2008/08/05 17:54:58 | 002,869,536 | ---- | C] (Javacool Software LLC ) -- C:\Program Files\spywareblastersetup41.exe
[2008/08/02 22:29:06 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Program Files\ATF-Cleaner.exe
[2008/08/02 21:09:29 | 004,614,888 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[2008/08/02 15:49:19 | 048,367,896 | ---- | C] (AVG Technologies) -- C:\Program Files\avg_free_stf_en_8_138a1332.exe
[2008/07/29 23:00:27 | 006,046,584 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 2.0.0.16.exe
[2008/07/28 18:28:02 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HJTInstall.exe
[2008/06/14 04:39:12 | 000,128,368 | ---- | C] (Digital River) -- C:\Program Files\Download_mbam-setup.exe
[2008/06/12 01:25:44 | 004,257,184 | ---- | C] (Uniblue ) -- C:\Program Files\registryboosteraff.exe
[2008/06/11 16:31:58 | 009,722,720 | ---- | C] (Safer Networking Limited ) -- C:\Program Files\spybotsd152.exe
[2008/05/13 01:19:41 | 486,108,144 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\ADBEPHSPCS3_WWE.exe
[2008/03/26 17:37:52 | 006,104,632 | ---- | C] (Google Inc.) -- C:\Program Files\picasaweb-current-setup.exe
[2008/03/26 17:22:10 | 013,445,041 | ---- | C] (Adobe Systems, Inc) -- C:\Program Files\ps701up.exe
[2007/12/25 17:30:01 | 054,330,664 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe
[2007/09/30 16:01:25 | 006,016,952 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 2.0.0.7.exe
[2007/09/20 23:26:54 | 000,903,520 | ---- | C] (DivX, LLC) -- C:\Program Files\DivXInstaller.exe
[2007/02/12 20:57:39 | 004,964,776 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Windows-KB890830-V1.24.exe
[2006/12/26 07:22:22 | 070,873,480 | ---- | C] (Trend Micro, Inc. ) -- C:\Program Files\tis2007_trial.exe
[2006/12/24 05:50:04 | 004,813,736 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Windows-KB890830-V1.23.exe
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/29 06:04:01 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/07/29 05:32:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/07/29 04:11:09 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/29 04:10:43 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/29 03:19:59 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cd625fc8ee6336.job
[2012/07/28 23:53:19 | 102,391,247 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/07/28 23:51:35 | 000,413,849 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/07/28 05:54:23 | 000,202,240 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/28 02:06:08 | 000,001,531 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\janson_03_white.pdf
[2012/07/28 02:05:08 | 000,001,776 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_06_black.pdf
[2012/07/28 02:04:33 | 000,001,702 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_moors_black.pdf
[2012/07/28 02:03:57 | 000,001,690 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_05_black.pdf
[2012/07/28 02:03:42 | 000,001,760 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_04_black.pdf
[2012/07/28 02:02:57 | 000,001,966 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\zeck_01_black.pdf
[2012/07/28 02:02:43 | 000,001,875 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_02_black.pdf
[2012/07/28 02:02:10 | 000,002,116 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\zeck_02_black.pdf
[2012/07/28 02:01:42 | 000,001,544 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_01_black.pdf
[2012/07/28 02:01:26 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\nguyen_01_black.pdf
[2012/07/28 02:01:12 | 000,001,618 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\dillon_01_black.pdf
[2012/07/28 02:00:39 | 000,001,799 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_mk01_black.pdf
[2012/07/28 02:00:17 | 000,001,388 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\lee_01_black.pdf
[2012/07/28 01:59:47 | 000,001,677 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\janson_02_black.pdf
[2012/07/28 01:59:30 | 000,001,150 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\janson_01_black.pdf
[2012/07/28 01:59:03 | 000,001,677 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_intruder_black.pdf
[2012/07/12 18:12:40 | 000,000,461 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2012/07/12 00:15:26 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/07/11 22:44:41 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/11 12:43:40 | 002,292,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/11 06:11:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/28 02:06:08 | 000,001,531 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\janson_03_white.pdf
[2012/07/28 02:04:33 | 000,001,702 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_moors_black.pdf
[2012/07/28 02:03:57 | 000,001,690 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_05_black.pdf
[2012/07/28 02:03:42 | 000,001,760 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_04_black.pdf
[2012/07/28 02:02:57 | 000,001,966 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\zeck_01_black.pdf
[2012/07/28 02:02:43 | 000,001,875 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_02_black.pdf
[2012/07/28 02:02:10 | 000,002,116 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\zeck_02_black.pdf
[2012/07/28 02:01:42 | 000,001,544 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_01_black.pdf
[2012/07/28 02:01:26 | 000,002,425 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\nguyen_01_black.pdf
[2012/07/28 02:01:12 | 000,001,618 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\dillon_01_black.pdf
[2012/07/28 02:00:39 | 000,001,799 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_mk01_black.pdf
[2012/07/28 02:00:17 | 000,001,388 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\lee_01_black.pdf
[2012/07/28 01:59:47 | 000,001,677 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\janson_02_black.pdf
[2012/07/28 01:59:30 | 000,001,150 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\janson_01_black.pdf
[2012/07/28 01:59:03 | 000,001,677 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_intruder_black.pdf
[2012/07/28 01:58:43 | 000,001,776 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_06_black.pdf
[2012/07/15 01:59:39 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cd625fc8ee6336.job
[2012/07/11 20:50:35 | 000,000,804 | ---- | C] () -- C:\WINDOWS\Installer\{c9bf78ce-07d1-70c8-35e2-624a4faa0991}\L\00000004.@
[2012/04/13 04:44:16 | 022,259,528 | ---- | C] () -- C:\Program Files\vlc-2.0.1-win32.exe
[2012/02/14 15:30:00 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/10 21:55:51 | 000,204,445 | ---- | C] () -- C:\Program Files\FLAC_plugin_with_library_support.exe
[2011/09/22 03:20:05 | 000,000,358 | ---- | C] () -- C:\Program Files\mp4toavi.ini
[2011/09/13 17:16:13 | 000,061,440 | ---- | C] ( ) -- C:\Program Files\VEW.exe
[2011/09/13 04:25:24 | 000,000,512 | ---- | C] () -- C:\Program Files\MBR.dat
[2011/07/26 22:18:09 | 000,001,688 | ---- | C] () -- C:\Program Files\AT&T Yahoo! Messenger.lnk
[2011/06/05 23:56:33 | 004,908,426 | ---- | C] () -- C:\Program Files\Pazera_Free_MP4_to_AVI_Converter.zip
[2011/04/30 15:17:53 | 001,837,224 | ---- | C] () -- C:\Program Files\FSCaptureSetup68.exe
[2011/02/06 14:12:32 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/10/19 19:04:32 | 001,202,303 | ---- | C] () -- C:\Program Files\wrar37b4.exe
[2010/10/19 19:04:14 | 000,043,387 | ---- | C] () -- C:\WINDOWS\browser.exe
[2010/07/21 20:21:00 | 015,052,199 | ---- | C] () -- C:\Program Files\FastAVI2GIF.exe
[2010/05/22 00:52:23 | 004,653,240 | ---- | C] () -- C:\Program Files\flashget196en.exe
[2010/05/09 00:47:05 | 018,222,904 | ---- | C] () -- C:\Program Files\exPressit.exe
[2010/05/09 00:45:00 | 018,131,206 | ---- | C] () -- C:\Program Files\exPressit.zip
[2010/03/03 23:23:30 | 000,210,464 | ---- | C] () -- C:\Program Files\AkamaiDownloadManagerInstaller.exe
[2010/02/08 02:07:15 | 011,014,144 | ---- | C] () -- C:\Program Files\UGA5TBYB_E_USG.exe
[2009/07/20 00:47:58 | 016,895,424 | ---- | C] ( ) -- C:\Program Files\MP4-Converter_3.8.5.exe
[2009/01/23 01:24:48 | 000,562,069 | ---- | C] () -- C:\Program Files\lame3.98.2.zip
[2009/01/23 01:21:21 | 002,594,286 | ---- | C] () -- C:\Program Files\gwave525.exe
[2008/12/04 03:08:07 | 004,998,707 | ---- | C] () -- C:\Program Files\flvplayer_setup.exe
[2008/11/01 16:38:58 | 000,144,852 | ---- | C] () -- C:\Program Files\hosts.zip
[2008/11/01 16:34:34 | 002,062,665 | ---- | C] () -- C:\Program Files\spywareguardsetup.exe
[2008/11/01 16:28:00 | 019,153,264 | ---- | C] () -- C:\Program Files\aaw2008.exe
[2008/11/01 16:11:10 | 035,124,856 | ---- | C] ( ) -- C:\Program Files\AdbeRdr90_en_US.exe
[2008/10/28 14:54:14 | 016,156,056 | ---- | C] () -- C:\Program Files\jre-6u10-windows-i586-p.exe
[2008/10/06 19:45:24 | 010,886,008 | ---- | C] () -- C:\Program Files\dBpoweramp-Codec-WMA10Pro.exe
[2008/08/06 23:39:11 | 000,313,344 | ---- | C] () -- C:\Program Files\hjsplit.exe
[2008/08/03 15:40:44 | 009,346,664 | ---- | C] () -- C:\Program Files\zlsSetup_60_667_000.exe
[2008/07/11 04:17:40 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\AutoGK.ini
[2008/05/04 21:36:42 | 000,304,957 | ---- | C] () -- C:\Program Files\hjsplit.zip
[2008/04/28 22:05:13 | 001,073,528 | ---- | C] () -- C:\Program Files\dBpoweramp-Codec-m4a.exe
[2008/01/17 17:19:29 | 000,001,741 | ---- | C] () -- C:\Program Files\AT&T Help.lnk
[2008/01/17 17:19:24 | 000,001,958 | ---- | C] () -- C:\Program Files\AT&T Self Support Tool.lnk
[2007/12/19 20:08:13 | 005,914,648 | ---- | C] () -- C:\Program Files\SUPERAntiSpyware.exe
[2007/09/21 01:58:59 | 005,651,713 | ---- | C] () -- C:\Program Files\The-Codecs-5.0.zip
[2007/07/05 19:16:45 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\PFP120JPR.{PB
[2007/07/05 19:16:45 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\PFP120JCM.{PB
[2007/06/13 17:46:48 | 000,842,672 | ---- | C] () -- C:\Program Files\slsk156c.exe
[2007/06/11 20:57:52 | 004,044,152 | ---- | C] () -- C:\Program Files\dBpoweramp-encoder-helix.exe
[2007/06/11 20:52:45 | 004,112,760 | ---- | C] () -- C:\Program Files\dMC-r12[1].1.exe
[2007/05/18 17:16:02 | 003,362,502 | ---- | C] () -- C:\Program Files\cxp_free.exe
[2007/05/15 22:44:48 | 001,055,648 | ---- | C] () -- C:\Program Files\qmpsetup_win_ie_07010901.exe
[2007/04/09 23:52:34 | 000,206,039 | ---- | C] () -- C:\Program Files\RAR.zip
[2007/03/17 23:42:59 | 000,877,976 | ---- | C] () -- C:\Program Files\7z444.exe
[2007/02/27 18:06:24 | 000,000,881 | ---- | C] () -- C:\Program Files\fixreg.zip
[2006/12/28 22:29:40 | 040,409,184 | ---- | C] () -- C:\Program Files\MIS_9_0_183_1_trial30OEM_Release.exe
[2006/06/10 20:15:35 | 000,004,120 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2004/11/13 17:53:16 | 000,202,240 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/11/08 17:16:38 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\fusioncache.dat
[2002/08/29 04:00:00 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{c9bf78ce-07d1-70c8-35e2-624a4faa0991}\@
[2002/08/29 04:00:00 | 000,002,048 | -HS- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\{c9bf78ce-07d1-70c8-35e2-624a4faa0991}\@

========== LOP Check ==========

[2008/03/12 21:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2008/07/25 01:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACASystems
[2012/07/09 21:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2010/10/19 18:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2012/07/12 05:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2012/01/10 22:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2011/07/10 01:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CodecCheck
[2010/10/19 18:53:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/07/10 01:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/06/02 18:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2006/07/01 15:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2011/07/10 01:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2011/12/28 21:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2008/11/14 18:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2012/06/29 17:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/08 03:51:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2007/02/08 15:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/08/30 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/03/12 21:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Ableton
[2008/07/25 01:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\ACASystems
[2008/07/11 20:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Any Video Converter Professional
[2010/10/20 23:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\AVG
[2012/01/16 15:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\AVG Secure Search
[2010/10/19 18:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\AVG10
[2008/07/11 20:38:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\avidemux
[2012/01/10 22:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Canneverbe Limited
[2007/06/29 18:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\dBpoweramp
[2011/07/28 19:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\DDMSettings
[2012/02/08 03:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\FreeFixer
[2010/03/03 23:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\GeoVid
[2008/07/11 21:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\gtk-2.0
[2005/10/04 18:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Jasc
[2004/11/14 17:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Leadertech
[2012/06/10 21:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\LOVE
[2005/09/26 17:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Musicmatch
[2011/12/18 19:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\NetMedia Providers
[2012/01/10 22:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\OpenCandy
[2012/05/23 23:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Oracle
[2011/12/18 19:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Publish Providers
[2011/12/28 22:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Sony
[2010/02/08 02:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Ulead Systems
[2008/06/12 01:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Uniblue
[2012/07/26 18:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\uTorrent
[2007/02/08 15:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Viewpoint

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:661DFA1C

< End of report >

Here is the extras log.

OTL Extras logfile created on: 7/29/2012 5:38:21 AM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\Mike\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

509.98 Mb Total Physical Memory | 157.23 Mb Available Physical Memory | 30.83% Memory free
1.22 Gb Paging File | 0.94 Gb Available in Paging File | 77.40% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.95 Gb Total Space | 14.41 Gb Free Space | 20.31% Space Free | Partition Type: NTFS

Computer Name: BASEMENT | User Name: Mike | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04410044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Encyclopedia Standard 2004
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{1246FF64-3035-4A92-8FE6-A968275495EB}" = Sony Vegas Pro 8.0
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel® PROSet for Wired Connections
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java™ 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java™ 7 Update 4
"{2956585F-DB2F-45C2-9363-F8CB0BB4F2A7}" = Sony ACID Pro 6.0
"{2B5A75F0-FD85-4094-AB00-94902398D192}" = Sony Media Manager 2.2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6c651250-2eb2-11d5-8e33-0050dad72ac2}" = NetZero
"{6D172D0A-B9F1-4046-AFAB-8599288545BF}" = Safari
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E5DF32-8248-4347-908C-E030EDAE4368}" = DA920EN
"{C8FC7066-4457-4365-9BDF-4E439BF703C8}" = AVG 2011
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E533E637-FB3E-4F28-8B18-449CC9AB7235}" = AVG 2011
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement
"7-Zip" = 7-Zip 4.44 beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Akamai" = Akamai NetSession Interface Service
"Applian FLV and Media Player" = Applian FLV and Media Player 3.1.1.12
"AVG" = AVG 2011
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"coverXP" = coverXP (remove only)
"dBpoweramp m4a Codec" = dBpoweramp m4a Codec
"dBpoweramp Real Audio (Helix) Encoder" = dBpoweramp Real Audio (Helix) Encoder
"dBpoweramp Windows Media Audio 10 Codec" = dBpoweramp Windows Media Audio 10 Codec
"Dell AIO Printer A920" = Dell AIO Printer A920
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FlashGet" = FlashGet 1.9.6.1073
"FLV Player" = FLV Player 2.0 (build 25)
"Football For Good Giving Assistant_is1" = Football For Good Giving Assistant
"FreeFixer0.61" = FreeFixer
"GoldWave v5.25" = GoldWave v5.25
"Google Chrome" = Google Chrome
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MVApplication1" = Memorex exPressit Label Design Studio
"Need2FindBar Uninstall" =
"PROSet" = Intel® PRO Network Adapters and Drivers
"RealPlayer 6.0" = RealPlayer
"SBC.MCCInstall" = AT&T Self Support Tool
"Shockwave" = Shockwave
"Soulseek" = SoulSeek Client 156c
"SpywareBlaster_is1" = SpywareBlaster 4.6
"SpywareGuard_is1" = SpywareGuard v2.2
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 2.0.1
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Yahoo! Applications" = AT&T Yahoo! Applications
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2/24/2012 11:01:00 PM | Computer Name = BASEMENT | Source = Application Error | ID = 1000
Description = Faulting application pspa.exe, version 4.0.0.3, faulting module pspa.exe,
version 4.0.0.3, fault address 0x000b7210.

Error - 2/25/2012 2:02:50 AM | Computer Name = BASEMENT | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.4429, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x0000100b.

Error - 2/25/2012 2:03:54 AM | Computer Name = BASEMENT | Source = Application Hang | ID = 1002
Description = Hanging application iTunes.exe, version 10.1.2.17, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/25/2012 2:03:59 AM | Computer Name = BASEMENT | Source = Application Hang | ID = 1002
Description = Hanging application iTunes.exe, version 10.1.2.17, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/25/2012 2:04:02 AM | Computer Name = BASEMENT | Source = Application Hang | ID = 1002
Description = Hanging application iTunes.exe, version 10.1.2.17, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/25/2012 2:04:23 AM | Computer Name = BASEMENT | Source = Bonjour Service | ID = 100
Description = 244: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 2/25/2012 2:04:24 AM | Computer Name = BASEMENT | Source = Bonjour Service | ID = 100
Description = 232: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 2/25/2012 2:04:24 AM | Computer Name = BASEMENT | Source = Bonjour Service | ID = 100
Description = 392: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 2/25/2012 2:04:24 AM | Computer Name = BASEMENT | Source = Bonjour Service | ID = 100
Description = 384: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

[ System Events ]
Error - 7/28/2012 7:04:11 AM | Computer Name = BASEMENT | Source = DCOM | ID = 10010
Description = The server {2692A9D5-61DF-46D5-A5A1-A6CCA921D578} did not register
with DCOM within the required timeout.

Error - 7/28/2012 3:07:52 PM | Computer Name = BASEMENT | Source = Service Control Manager | ID = 7000
Description = The StarOpen service failed to start due to the following error: %%2

Error - 7/29/2012 12:06:19 AM | Computer Name = BASEMENT | Source = Service Control Manager | ID = 7000
Description = The StarOpen service failed to start due to the following error: %%2

Error - 7/29/2012 12:06:25 AM | Computer Name = BASEMENT | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Apple Mobile Device service
to connect.

Error - 7/29/2012 12:06:25 AM | Computer Name = BASEMENT | Source = Service Control Manager | ID = 7000
Description = The Apple Mobile Device service failed to start due to the following
error: %%1053

Error - 7/29/2012 12:15:52 AM | Computer Name = BASEMENT | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update
Service service to connect.

Error - 7/29/2012 12:15:55 AM | Computer Name = BASEMENT | Source = Service Control Manager | ID = 7000
Description = The Adobe Flash Player Update Service service failed to start due
to the following error: %%1053

Error - 7/29/2012 5:20:48 AM | Computer Name = BASEMENT | Source = Service Control Manager | ID = 7000
Description = The StarOpen service failed to start due to the following error: %%2

Error - 7/29/2012 7:33:25 AM | Computer Name = BASEMENT | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 7/29/2012 7:34:13 AM | Computer Name = BASEMENT | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Avgldx86 Avgmfx86 Fips intelppm SASDIFSV SASKUTIL

< End of report >

#2
Essexboy

Posted 29 July 2012 - 06:31 AM

GeekU Moderator

Retired Staff
69,964 posts

Hi there lets see if we can resolve this

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;127.0.0.1:9421;<local>;*.local
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.

:Files
ipconfig /flushdns /c
C:\WINDOWS\Installer\{c9bf78ce-07d1-70c8-35e2-624a4faa0991}
C:\Documents and Settings\Mike\Local Settings\Application Data\{c9bf78ce-07d1-70c8-35e2-624a4faa0991}

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Double click on ComboFix.exe & follow the prompts.
Accept the disclaimer and allow to update if it asks
When finished, it shall produce a log for you.
Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

#3
MVV

Posted 29 July 2012 - 06:01 PM

Member

Topic Starter
Member
87 posts

Here are the OTL logs.

All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Mike\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Mike\My Documents\Downloads\cmd.txt deleted successfully.
C:\WINDOWS\Installer\{c9bf78ce-07d1-70c8-35e2-624a4faa0991}\U folder moved successfully.
C:\WINDOWS\Installer\{c9bf78ce-07d1-70c8-35e2-624a4faa0991}\L folder moved successfully.
C:\WINDOWS\Installer\{c9bf78ce-07d1-70c8-35e2-624a4faa0991} folder moved successfully.
C:\Documents and Settings\Mike\Local Settings\Application Data\{c9bf78ce-07d1-70c8-35e2-624a4faa0991}\U folder moved successfully.
C:\Documents and Settings\Mike\Local Settings\Application Data\{c9bf78ce-07d1-70c8-35e2-624a4faa0991}\L folder moved successfully.
C:\Documents and Settings\Mike\Local Settings\Application Data\{c9bf78ce-07d1-70c8-35e2-624a4faa0991} folder moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Jen
->Temp folder emptied: 158910690 bytes
->Temporary Internet Files folder emptied: 123654293 bytes
->Java cache emptied: 8331458 bytes
->FireFox cache emptied: 92258753 bytes
->Google Chrome cache emptied: 221343950 bytes
->Apple Safari cache emptied: 37812224 bytes
->Flash cache emptied: 2286513 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 188269425 bytes
->Flash cache emptied: 8330 bytes

User: Lucy63
->Temp folder emptied: 198370679 bytes
->Temporary Internet Files folder emptied: 45317468 bytes
->Java cache emptied: 165470377 bytes
->FireFox cache emptied: 107448956 bytes
->Google Chrome cache emptied: 9127686 bytes
->Apple Safari cache emptied: 14336 bytes
->Flash cache emptied: 173183 bytes

User: Mike
->Temp folder emptied: 54470549 bytes
->Temporary Internet Files folder emptied: 464531 bytes
->Java cache emptied: 100981 bytes
->FireFox cache emptied: 97869677 bytes
->Google Chrome cache emptied: 23032757 bytes
->Apple Safari cache emptied: 83217408 bytes
->Flash cache emptied: 40712 bytes

User: NetworkService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 115991885 bytes
->Java cache emptied: 13 bytes
->Flash cache emptied: 10837 bytes

User: Owner

%systemdrive% .tmp files removed: 6597 bytes
%systemroot% .tmp files removed: 39097 bytes
%systemroot%\System32 .tmp files removed: 2675729 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 64650118 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 196685495 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2685098 bytes

Total Files Cleaned = 1,908.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.55.0 log created on 07292012_175902

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Mike\Local Settings\Temp\Temporary Internet Files\Content.IE5\QBUBI3CB\TTi9zz0DDTL70J09RasgAAAAB%252526_salt%25253D292929732%252526cb%25253D1330735816625212%252526i%25253D140480%252526r%25253D0%252Cd8640664-64ca-11e1-a952-78e7d15f4c20%252C1330735817443 not found!
File\Folder C:\Documents and Settings\Mike\Local Settings\Temp\Temporary Internet Files\Content.IE5\HDG21FD3\TTi9zz1oYTL70J09RaloAAAAB%252526_salt%25253D220402285%252526cb%25253D1330735706447922%252526i%25253D140480%252526r%25253D0%252C99ca3fae-64ca-11e1-b2dd-8b5e341a0c6e%252C1330735712416 not found!
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\61EHQXCH\like[1].php not found!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0DQ3PZX1\x[2].htm moved successfully.
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0DQ3PZX1\_s7SMy8Yf[1] not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_1a8.dat not found!

PendingFileRenameOperations files...
File C:\Documents and Settings\Mike\Local Settings\Temp\Temporary Internet Files\Content.IE5\QBUBI3CB\TTi9zz0DDTL70J09RasgAAAAB%252526_salt%25253D292929732%252526cb%25253D1330735816625212%252526i%25253D140480%252526r%25253D0%252Cd8640664-64ca-11e1-a952-78e7d15f4c20%252C1330735817443 not found!
File C:\Documents and Settings\Mike\Local Settings\Temp\Temporary Internet Files\Content.IE5\HDG21FD3\TTi9zz1oYTL70J09RaloAAAAB%252526_salt%25253D220402285%252526cb%25253D1330735706447922%252526i%25253D140480%252526r%25253D0%252C99ca3fae-64ca-11e1-b2dd-8b5e341a0c6e%252C1330735712416 not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\61EHQXCH\like[1].php not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0DQ3PZX1\x[2].htm not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0DQ3PZX1\_s7SMy8Yf[1] not found!
File C:\WINDOWS\temp\Perflib_Perfdata_1a8.dat not found!

Registry entries deleted on Reboot...

OTL logfile created on: 7/29/2012 6:21:13 PM - Run 2
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\Mike\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

509.98 Mb Total Physical Memory | 94.29 Mb Available Physical Memory | 18.49% Memory free
1.22 Gb Paging File | 0.55 Gb Available in Paging File | 45.45% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.95 Gb Total Space | 15.77 Gb Free Space | 22.23% Space Free | Partition Type: NTFS

Computer Name: BASEMENT | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/29 05:37:59 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\My Documents\Downloads\OTL.exe
PRC - [2012/07/24 18:11:46 | 004,777,856 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012/07/09 21:05:13 | 000,935,008 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
PRC - [2012/07/09 21:05:07 | 001,107,552 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/05/26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Documents and Settings\Mike\Local Settings\Application Data\Akamai\netsession_win.exe
PRC - [2012/04/04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2012/01/17 20:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/09/09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/08/18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/08/17 18:59:02 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/05/23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/21 12:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/11/01 16:31:40 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/21 16:19:46 | 000,129,536 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\browser\ybrwicon.exe
PRC - [2006/03/03 14:18:10 | 000,200,704 | ---- | M] (Yahoo!, Inc.) -- C:\Program Files\Yahoo!\browser\ycommon.exe
PRC - [2005/08/24 07:51:18 | 000,442,455 | ---- | M] (Motive, Inc.) -- C:\Program Files\SBC Self Support Tool\SmartBridge\MotiveSB.exe
PRC - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe

========== Modules (No Company Name) ==========

MOD - [2012/07/29 18:16:37 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/07/29 18:16:34 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/07/09 21:05:14 | 000,132,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll
MOD - [2012/07/09 21:05:13 | 000,935,008 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
MOD - [2012/07/09 21:05:07 | 001,107,552 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/17 20:19:13 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/08/17 20:19:12 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/03/21 12:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 12:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2006/02/23 17:13:02 | 000,038,912 | ---- | M] () -- C:\Program Files\Yahoo!\browser\YCommonPS.dll
MOD - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
MOD - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
MOD - [2003/08/02 23:24:01 | 000,192,512 | R--- | M] () -- C:\Program Files\SpywareGuard\dlprotect.dll
MOD - [2003/08/02 23:20:57 | 000,126,976 | R--- | M] () -- C:\Program Files\SpywareGuard\spywareguard.dll
MOD - [2003/04/30 18:43:32 | 000,078,336 | ---- | M] () -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\DLBKPP5C.DLL
MOD - [2003/02/11 17:56:20 | 000,049,152 | ---- | M] () -- C:\Program Files\Dell AIO Printer A920\ConvDIB.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/07/27 00:12:26 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/18 18:58:15 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/10 17:15:06 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/07/09 21:05:13 | 000,935,008 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0)
SRV - [2012/04/04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/11/10 07:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/08/17 18:59:02 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/11/01 16:31:40 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2002/12/17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [File_System | Auto | Stopped] -- -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wATV03nt.sys -- (iAimTV2)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
DRV - [2011/08/17 18:58:59 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/08/17 18:58:59 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/05/27 19:05:44 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys -- (Avgldx86)
DRV - [2010/02/18 21:37:35 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/05/28 13:24:16 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\MP4ConverterAudio.sys -- (MP4ConverterAudio)
DRV - [2008/11/14 11:58:12 | 000,003,768 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SndTVideo.sys -- (SndTVideo)
DRV - [2008/11/14 11:58:08 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SndTAudio.sys -- (SndTAudio)
DRV - [2007/06/05 13:58:06 | 000,008,576 | ---- | M] (Panda Software International) [Unknown (3) | On_Demand | Unknown] -- C:\WINDOWS\SYSTEM32\DRIVERS\fibqtkkxttox.sys -- (fibqtkkxttox)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2004/09/20 10:27:40 | 000,028,352 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2004/08/03 23:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/03 23:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/03 23:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/03 23:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/03 23:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/03 23:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/03 23:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/03 23:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/03 23:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/03 23:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 23:29:26 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2003/11/17 14:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 14:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 14:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2001/08/17 11:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp.../search/ie.html
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...UGO&form=ZGAPHP
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2011-12-10 08:33:40&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3072253
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: avg@toolbar:10.0.0.7
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.4
FF - prefs.js..keyword.URL: "http://isearch.avg.c...3:40&sap=ku&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2379: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1483: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012/02/02 12:39:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/07/20 10:40:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.12\ [2012/07/09 21:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/18 18:58:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/23 23:19:49 | 000,000,000 | ---D | M]

[2008/12/01 23:20:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions
[2012/07/18 20:25:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\w7ntqjtq.default\extensions
[2011/07/10 01:23:53 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\w7ntqjtq.default\searchplugins\bing-zugo.xml
[2012/03/07 12:46:52 | 000,000,935 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\w7ntqjtq.default\searchplugins\conduit.xml
[2012/05/03 11:01:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/09 21:05:28 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\AVG SECURE SEARCH\11.1.0.12
[2012/07/18 20:25:04 | 000,339,888 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MIKE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W7NTQJTQ.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2011/07/20 10:40:45 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/07/18 18:58:39 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/09 21:05:05 | 000,003,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/05/03 01:29:28 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/05/03 01:29:28 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll
CHR - plugin: getPlusPlus for Adobe 16263 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Mike\Application Data\Move Networks\plugins\npqmp071701000002.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
CHR - Extension: Codec-V = C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.17.48_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
CHR - Extension: Gmail = C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/29 17:59:50 | 000,000,098 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (ZeroBar) - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ZeroBar) - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\toolbar.dll ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [Motive SmartBridge] C:\Program Files\SBC Self Support Tool\SmartBridge\MotiveSB.exe (Motive, Inc.)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Mike\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe (Motive Communications, Inc.)
O4 - Startup: C:\Documents and Settings\Mike\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: Display All Images with Full Quality - C:\Program Files\NetZero\qsacc\appres.dll (United Online, Inc.)
O8 - Extra context menu item: Display Image with Full Quality - C:\Program Files\NetZero\qsacc\appres.dll (United Online, Inc.)
O9 - Extra Button: Football For Good Giving Assistant - {40D4D9A0-A298-46EF-8D22-429FDEE9197B} - C:\Program Files\Football For Good Giving Assistant\MojoObjects.dll (Football For Good)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo.walgree...eensActivia.cab (Snapfish Activia)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} https://objects.aol....83/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} https://objects.aol....,20/McGDMgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{764CF3D5-07CE-481C-9746-A512B0797350}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Mike\My Documents\My Pictures\Jasc Paint Shop Photo Album Images\The Guild of Calamitous Intent 2.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mike\My Documents\My Pictures\Jasc Paint Shop Photo Album Images\The Guild of Calamitous Intent 2.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 07:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/29 17:59:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/28 22:30:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2012/07/28 13:16:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/07/28 13:11:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/07/28 02:22:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\My Documents\New Folder
[2012/07/23 23:47:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mike\Recent
[2012/07/11 21:01:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/07/11 21:00:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Yahoo!
[2012/07/02 23:08:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\New Folder
[2012/05/23 23:13:26 | 000,892,360 | ---- | C] (Oracle Corporation) -- C:\Program Files\jre-7u4-windows-i586-iftw.exe
[2012/02/08 02:36:03 | 002,130,622 | ---- | C] (Kephyr) -- C:\Program Files\freefixersetup.exe
[2012/02/07 22:02:29 | 003,255,248 | ---- | C] (Javacool Software LLC ) -- C:\Program Files\spywareblastersetup46.exe
[2012/01/19 18:13:21 | 004,780,600 | ---- | C] (DivX, Inc.) -- C:\Program Files\DivXWebPlayerInstallerv15.exe
[2012/01/10 22:40:26 | 005,254,256 | ---- | C] (Canneverbe Limited ) -- C:\Program Files\cdbxp_setup_4.4.0.2905.exe
[2012/01/10 21:34:31 | 012,327,040 | ---- | C] (Nullsoft, Inc.) -- C:\Program Files\winamp5623_full_emusic-7plus_en-us.exe
[2012/01/03 21:53:11 | 000,776,152 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flashplayer10x32_mssd_aih.exe
[2011/12/25 23:55:20 | 003,243,768 | ---- | C] (Javacool Software LLC ) -- C:\Program Files\spywareblastersetup45.exe
[2011/12/18 20:06:03 | 118,392,192 | ---- | C] (Sony Creative Software Inc.) -- C:\Program Files\vegaspro80c_enu.exe
[2011/12/18 18:52:28 | 110,627,654 | ---- | C] (Madison Media Software, Inc.) -- C:\Program Files\acidpro60d_enu.exe
[2011/11/22 05:13:46 | 003,511,776 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccsetup312.exe
[2011/09/22 02:48:41 | 000,407,040 | ---- | C] (Jacek Pazera) -- C:\Program Files\mp4toavi.exe
[2011/09/15 22:31:23 | 000,908,576 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jxpiinstall.exe
[2011/09/13 04:19:55 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Program Files\aswMBR.exe
[2011/09/13 01:30:12 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.51.1.1800.exe
[2011/07/26 22:10:06 | 000,424,328 | ---- | C] (Yahoo! Inc.) -- C:\Program Files\msgr11us.exe
[2011/05/17 19:27:13 | 008,613,040 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.6.17.exe
[2011/03/31 15:02:20 | 016,525,088 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jre-6u24-windows-i586.exe
[2011/01/04 01:24:41 | 021,601,896 | ---- | C] (DivX, Inc.) -- C:\Program Files\divxplayer72.exe
[2010/10/20 21:41:07 | 007,462,536 | ---- | C] (AVG ) -- C:\Program Files\avg_pct_stf_all_2011_22_c2.exe
[2010/10/19 18:19:19 | 004,290,744 | ---- | C] (AVG Technologies) -- C:\Program Files\avg_free_stb_all_2011_1136_upgrade.exe
[2010/10/08 21:51:33 | 003,194,296 | ---- | C] (Javacool Software LLC ) -- C:\Program Files\spywareblastersetup44.exe
[2010/08/30 21:39:38 | 096,962,344 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup2.exe
[2010/05/17 21:46:13 | 003,192,422 | ---- | C] (EximiousSoft ) -- C:\Program Files\ECSetup.exe
[2010/03/31 20:15:46 | 008,351,672 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.6.2.exe
[2010/03/04 02:55:35 | 004,728,512 | ---- | C] (Karlis Blumentals) -- C:\Program Files\egifan5.exe
[2009/11/30 00:36:24 | 032,494,896 | ---- | C] (Apple Inc.) -- C:\Program Files\QuickTimeInstaller.exe
[2009/01/18 21:29:14 | 000,128,336 | ---- | C] (Digital River) -- C:\Program Files\Download_SoundTaxi-Download.exe
[2008/12/03 23:05:41 | 002,832,544 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files\install_flash_player.exe
[2008/12/01 23:17:21 | 007,508,624 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.0.4.exe
[2008/10/28 14:49:58 | 000,400,384 | ---- | C] (The RaProducts Team: Paul McLain and Fred de Vries) -- C:\Program Files\JavaRa.exe
[2008/09/25 23:48:15 | 004,730,740 | ---- | C] (ratDVD) -- C:\Program Files\ratDVDSetup-0.78.1444.exe
[2008/08/09 21:20:59 | 000,742,264 | ---- | C] (BitTorrent, Inc.) -- C:\Program Files\uTorrent.exe
[2008/08/05 17:54:58 | 002,869,536 | ---- | C] (Javacool Software LLC ) -- C:\Program Files\spywareblastersetup41.exe
[2008/08/02 22:29:06 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Program Files\ATF-Cleaner.exe
[2008/08/02 21:09:29 | 004,614,888 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[2008/08/02 15:49:19 | 048,367,896 | ---- | C] (AVG Technologies) -- C:\Program Files\avg_free_stf_en_8_138a1332.exe
[2008/07/29 23:00:27 | 006,046,584 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 2.0.0.16.exe
[2008/07/28 18:28:02 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HJTInstall.exe
[2008/06/14 04:39:12 | 000,128,368 | ---- | C] (Digital River) -- C:\Program Files\Download_mbam-setup.exe
[2008/06/12 01:25:44 | 004,257,184 | ---- | C] (Uniblue ) -- C:\Program Files\registryboosteraff.exe
[2008/06/11 16:31:58 | 009,722,720 | ---- | C] (Safer Networking Limited ) -- C:\Program Files\spybotsd152.exe
[2008/05/13 01:19:41 | 486,108,144 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\ADBEPHSPCS3_WWE.exe
[2008/03/26 17:37:52 | 006,104,632 | ---- | C] (Google Inc.) -- C:\Program Files\picasaweb-current-setup.exe
[2008/03/26 17:22:10 | 013,445,041 | ---- | C] (Adobe Systems, Inc) -- C:\Program Files\ps701up.exe
[2007/12/25 17:30:01 | 054,330,664 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe
[2007/09/30 16:01:25 | 006,016,952 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 2.0.0.7.exe
[2007/09/20 23:26:54 | 000,903,520 | ---- | C] (DivX, LLC) -- C:\Program Files\DivXInstaller.exe
[2007/02/12 20:57:39 | 004,964,776 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Windows-KB890830-V1.24.exe
[2006/12/26 07:22:22 | 070,873,480 | ---- | C] (Trend Micro, Inc. ) -- C:\Program Files\tis2007_trial.exe
[2006/12/24 05:50:04 | 004,813,736 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Windows-KB890830-V1.23.exe

========== Files - Modified Within 30 Days ==========

[2012/07/29 18:12:04 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cd625fc8ee6336.job
[2012/07/29 18:11:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/07/29 18:11:46 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/29 18:10:06 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/29 18:08:15 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/07/29 18:05:13 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/29 17:59:50 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\Hosts
[2012/07/29 17:51:24 | 102,478,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/07/28 23:51:35 | 000,413,849 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/07/28 05:54:23 | 000,202,240 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/28 02:06:08 | 000,001,531 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\janson_03_white.pdf
[2012/07/28 02:05:08 | 000,001,776 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_06_black.pdf
[2012/07/28 02:04:33 | 000,001,702 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_moors_black.pdf
[2012/07/28 02:03:57 | 000,001,690 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_05_black.pdf
[2012/07/28 02:03:42 | 000,001,760 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_04_black.pdf
[2012/07/28 02:02:57 | 000,001,966 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\zeck_01_black.pdf
[2012/07/28 02:02:43 | 000,001,875 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_02_black.pdf
[2012/07/28 02:02:10 | 000,002,116 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\zeck_02_black.pdf
[2012/07/28 02:01:42 | 000,001,544 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_01_black.pdf
[2012/07/28 02:01:26 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\nguyen_01_black.pdf
[2012/07/28 02:01:12 | 000,001,618 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\dillon_01_black.pdf
[2012/07/28 02:00:39 | 000,001,799 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_mk01_black.pdf
[2012/07/28 02:00:17 | 000,001,388 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\lee_01_black.pdf
[2012/07/28 01:59:47 | 000,001,677 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\janson_02_black.pdf
[2012/07/28 01:59:30 | 000,001,150 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\janson_01_black.pdf
[2012/07/28 01:59:03 | 000,001,677 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\marvel_intruder_black.pdf
[2012/07/12 18:12:40 | 000,000,461 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2012/07/12 00:15:26 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/07/11 22:44:41 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/11 12:43:40 | 002,292,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/11 06:11:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012/07/29 17:34:29 | 534,827,008 | -HS- | C] () -- C:\hiberfil.sys
[2012/07/28 02:06:08 | 000,001,531 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\janson_03_white.pdf
[2012/07/28 02:04:33 | 000,001,702 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_moors_black.pdf
[2012/07/28 02:03:57 | 000,001,690 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_05_black.pdf
[2012/07/28 02:03:42 | 000,001,760 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_04_black.pdf
[2012/07/28 02:02:57 | 000,001,966 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\zeck_01_black.pdf
[2012/07/28 02:02:43 | 000,001,875 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_02_black.pdf
[2012/07/28 02:02:10 | 000,002,116 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\zeck_02_black.pdf
[2012/07/28 02:01:42 | 000,001,544 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_01_black.pdf
[2012/07/28 02:01:26 | 000,002,425 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\nguyen_01_black.pdf
[2012/07/28 02:01:12 | 000,001,618 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\dillon_01_black.pdf
[2012/07/28 02:00:39 | 000,001,799 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_mk01_black.pdf
[2012/07/28 02:00:17 | 000,001,388 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\lee_01_black.pdf
[2012/07/28 01:59:47 | 000,001,677 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\janson_02_black.pdf
[2012/07/28 01:59:30 | 000,001,150 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\janson_01_black.pdf
[2012/07/28 01:59:03 | 000,001,677 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_intruder_black.pdf
[2012/07/28 01:58:43 | 000,001,776 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\marvel_06_black.pdf
[2012/07/15 01:59:39 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cd625fc8ee6336.job
[2012/04/13 04:44:16 | 022,259,528 | ---- | C] () -- C:\Program Files\vlc-2.0.1-win32.exe
[2012/02/14 15:30:00 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/10 21:55:51 | 000,204,445 | ---- | C] () -- C:\Program Files\FLAC_plugin_with_library_support.exe
[2011/09/22 03:20:05 | 000,000,358 | ---- | C] () -- C:\Program Files\mp4toavi.ini
[2011/09/13 17:16:13 | 000,061,440 | ---- | C] ( ) -- C:\Program Files\VEW.exe
[2011/09/13 04:25:24 | 000,000,512 | ---- | C] () -- C:\Program Files\MBR.dat
[2011/07/26 22:18:09 | 000,001,688 | ---- | C] () -- C:\Program Files\AT&T Yahoo! Messenger.lnk
[2011/06/05 23:56:33 | 004,908,426 | ---- | C] () -- C:\Program Files\Pazera_Free_MP4_to_AVI_Converter.zip
[2011/04/30 15:17:53 | 001,837,224 | ---- | C] () -- C:\Program Files\FSCaptureSetup68.exe
[2011/02/06 14:12:32 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/10/19 19:04:32 | 001,202,303 | ---- | C] () -- C:\Program Files\wrar37b4.exe
[2010/10/19 19:04:14 | 000,043,387 | ---- | C] () -- C:\WINDOWS\browser.exe
[2010/07/21 20:21:00 | 015,052,199 | ---- | C] () -- C:\Program Files\FastAVI2GIF.exe
[2010/05/22 00:52:23 | 004,653,240 | ---- | C] () -- C:\Program Files\flashget196en.exe
[2010/05/09 00:47:05 | 018,222,904 | ---- | C] () -- C:\Program Files\exPressit.exe
[2010/05/09 00:45:00 | 018,131,206 | ---- | C] () -- C:\Program Files\exPressit.zip
[2010/03/03 23:23:30 | 000,210,464 | ---- | C] () -- C:\Program Files\AkamaiDownloadManagerInstaller.exe
[2010/02/08 02:07:15 | 011,014,144 | ---- | C] () -- C:\Program Files\UGA5TBYB_E_USG.exe
[2009/07/20 00:47:58 | 016,895,424 | ---- | C] ( ) -- C:\Program Files\MP4-Converter_3.8.5.exe
[2009/01/23 01:24:48 | 000,562,069 | ---- | C] () -- C:\Program Files\lame3.98.2.zip
[2009/01/23 01:21:21 | 002,594,286 | ---- | C] () -- C:\Program Files\gwave525.exe
[2008/12/04 03:08:07 | 004,998,707 | ---- | C] () -- C:\Program Files\flvplayer_setup.exe
[2008/11/01 16:38:58 | 000,144,852 | ---- | C] () -- C:\Program Files\hosts.zip
[2008/11/01 16:34:34 | 002,062,665 | ---- | C] () -- C:\Program Files\spywareguardsetup.exe
[2008/11/01 16:28:00 | 019,153,264 | ---- | C] () -- C:\Program Files\aaw2008.exe
[2008/11/01 16:11:10 | 035,124,856 | ---- | C] ( ) -- C:\Program Files\AdbeRdr90_en_US.exe
[2008/10/28 14:54:14 | 016,156,056 | ---- | C] () -- C:\Program Files\jre-6u10-windows-i586-p.exe
[2008/10/06 19:45:24 | 010,886,008 | ---- | C] () -- C:\Program Files\dBpoweramp-Codec-WMA10Pro.exe
[2008/08/06 23:39:11 | 000,313,344 | ---- | C] () -- C:\Program Files\hjsplit.exe
[2008/08/03 15:40:44 | 009,346,664 | ---- | C] () -- C:\Program Files\zlsSetup_60_667_000.exe
[2008/07/11 04:17:40 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\AutoGK.ini
[2008/05/04 21:36:42 | 000,304,957 | ---- | C] () -- C:\Program Files\hjsplit.zip
[2008/04/28 22:05:13 | 001,073,528 | ---- | C] () -- C:\Program Files\dBpoweramp-Codec-m4a.exe
[2008/01/17 17:19:29 | 000,001,741 | ---- | C] () -- C:\Program Files\AT&T Help.lnk
[2008/01/17 17:19:24 | 000,001,958 | ---- | C] () -- C:\Program Files\AT&T Self Support Tool.lnk
[2007/12/19 20:08:13 | 005,914,648 | ---- | C] () -- C:\Program Files\SUPERAntiSpyware.exe
[2007/09/21 01:58:59 | 005,651,713 | ---- | C] () -- C:\Program Files\The-Codecs-5.0.zip
[2007/07/05 19:16:45 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\PFP120JPR.{PB
[2007/07/05 19:16:45 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\PFP120JCM.{PB
[2007/06/13 17:46:48 | 000,842,672 | ---- | C] () -- C:\Program Files\slsk156c.exe
[2007/06/11 20:57:52 | 004,044,152 | ---- | C] () -- C:\Program Files\dBpoweramp-encoder-helix.exe
[2007/06/11 20:52:45 | 004,112,760 | ---- | C] () -- C:\Program Files\dMC-r12[1].1.exe
[2007/05/18 17:16:02 | 003,362,502 | ---- | C] () -- C:\Program Files\cxp_free.exe
[2007/05/15 22:44:48 | 001,055,648 | ---- | C] () -- C:\Program Files\qmpsetup_win_ie_07010901.exe
[2007/04/09 23:52:34 | 000,206,039 | ---- | C] () -- C:\Program Files\RAR.zip
[2007/03/17 23:42:59 | 000,877,976 | ---- | C] () -- C:\Program Files\7z444.exe
[2007/02/27 18:06:24 | 000,000,881 | ---- | C] () -- C:\Program Files\fixreg.zip
[2006/12/28 22:29:40 | 040,409,184 | ---- | C] () -- C:\Program Files\MIS_9_0_183_1_trial30OEM_Release.exe
[2006/06/10 20:15:35 | 000,004,120 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2004/11/13 17:53:16 | 000,202,240 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/11/08 17:16:38 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\fusioncache.dat

========== LOP Check ==========

[2008/03/12 21:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2008/07/25 01:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACASystems
[2012/07/09 21:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2010/10/19 18:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2012/07/12 05:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2012/01/10 22:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2011/07/10 01:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CodecCheck
[2010/10/19 18:53:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/07/10 01:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/06/02 18:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2006/07/01 15:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2011/07/10 01:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2011/12/28 21:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2008/11/14 18:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2012/06/29 17:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/08 03:51:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2007/02/08 15:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/08/30 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/03/12 21:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Ableton
[2008/07/25 01:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\ACASystems
[2008/07/11 20:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Any Video Converter Professional
[2010/10/20 23:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\AVG
[2012/01/16 15:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\AVG Secure Search
[2010/10/19 18:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\AVG10
[2008/07/11 20:38:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\avidemux
[2012/01/10 22:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Canneverbe Limited
[2007/06/29 18:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\dBpoweramp
[2011/07/28 19:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\DDMSettings
[2012/02/08 03:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\FreeFixer
[2010/03/03 23:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\GeoVid
[2008/07/11 21:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\gtk-2.0
[2005/10/04 18:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Jasc
[2004/11/14 17:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Leadertech
[2012/06/10 21:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\LOVE
[2005/09/26 17:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Musicmatch
[2011/12/18 19:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\NetMedia Providers
[2012/01/10 22:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\OpenCandy
[2012/05/23 23:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Oracle
[2011/12/18 19:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Publish Providers
[2011/12/28 22:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Sony
[2010/02/08 02:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Ulead Systems
[2008/06/12 01:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Uniblue
[2012/07/26 18:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\uTorrent
[2007/02/08 15:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Viewpoint

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:661DFA1C

< End of report >

#4
MVV

Posted 29 July 2012 - 06:03 PM

Member

Topic Starter
Member
87 posts

Here's the ComboFix log, though I ran into a slight problem running this. Even though I deactivated my AVG, I still got a warning that they were active. So I'm really sure what to make of that. Also, there is a definite improvement to how my computer is running now.

ComboFix 12-07-29.02 - Mike 07/29/2012 19:04:57.11.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.253 [GMT -6:00]
Running from: c:\documents and settings\Mike\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Mike\Application Data\Love
c:\documents and settings\Mike\Application Data\Mozilla\Firefox\Profiles\w7ntqjtq.default\searchplugins\bing-zugo.xml
c:\program files\aaw2008.exe
c:\program files\avg_free_stb_all_2011_1136_upgrade.exe
c:\program files\avg_free_stf_en_8_138a1332.exe
c:\program files\avg_pct_stf_all_2011_22_c2.exe
c:\program files\cdbxp_setup_4.4.0.2905.exe
c:\program files\mbam-setup-1.51.1.1800.exe
c:\program files\qmpsetup_win_ie_07010901.exe
c:\program files\ratDVDSetup-0.78.1444.exe
c:\program files\tis2007_trial.exe
c:\program files\winamp5623_full_emusic-7plus_en-us.exe
c:\program files\Windows-KB890830-V1.23.exe
c:\program files\Windows-KB890830-V1.24.exe
c:\program files\Windows Media Player\Windows Media Player.exe
c:\program files\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
c:\windows\dasetup.log
c:\windows\EventSystem.log
c:\windows\system32\Cache
c:\windows\system32\Cache\213ff36ec30faf62.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\441775050dd6f339.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\75255ee45c6a7014.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\ea4def20f792dd2e.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-06-28 to 2012-07-30 )))))))))))))))))))))))))))))))
.
.
2012-07-29 23:59 . 2012-07-29 23:59 -------- d-----w- C:\_OTL
2012-07-29 04:05 . 2012-07-29 04:05 -------- d-s---w- c:\documents and settings\NetworkService\UserData
2012-07-12 03:02 . 2012-07-12 03:02 -------- d-s---w- c:\documents and settings\LocalService\UserData
2012-07-12 03:00 . 2012-07-12 03:00 -------- d-----w- c:\documents and settings\LocalService\Application Data\Yahoo!
2012-07-02 17:36 . 2012-07-02 17:36 -------- d-----w- c:\documents and settings\Jen\Local Settings\Application Data\Sun
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 06:12 . 2012-05-24 05:08 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-27 06:12 . 2011-07-27 04:19 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-03 19:46 . 2011-09-13 07:31 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-13 13:19 . 2003-07-15 21:01 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:50 . 2009-08-19 23:07 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2006-09-13 05:09 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-03-30 01:48 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 21:19 . 2007-06-19 21:39 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 21:19 . 2007-06-19 21:39 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 21:19 . 2004-11-08 03:54 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 21:19 . 2004-11-08 03:54 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 21:19 . 2004-11-08 03:54 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 21:19 . 2007-06-19 21:39 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 21:19 . 2005-05-26 10:16 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 21:19 . 2004-11-08 03:54 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 21:19 . 2002-08-29 10:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 21:19 . 2002-08-29 10:00 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 21:19 . 2007-06-19 21:39 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 21:19 . 2004-11-08 03:54 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 21:19 . 2002-08-29 10:00 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-05-31 13:22 . 2004-09-20 16:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-24 05:13 . 2012-05-24 05:13 892360 ----a-w- c:\program files\jre-7u4-windows-i586-iftw.exe
2012-05-16 07:58 . 2006-06-23 17:33 667136 ----a-w- c:\windows\system32\wininet.dll
2012-05-04 13:12 . 1980-01-01 05:00 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32 . 1980-01-01 05:00 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2002-08-29 10:00 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-13 10:44 . 2012-04-13 10:44 22259528 ----a-w- c:\program files\vlc-2.0.1-win32.exe
2012-04-09 10:24 . 2008-08-10 03:20 742264 ----a-w- c:\program files\uTorrent.exe
2012-02-08 08:36 . 2012-02-08 08:36 2130622 ----a-w- c:\program files\freefixersetup.exe
2012-02-08 04:02 . 2012-02-08 04:02 3255248 ----a-w- c:\program files\spywareblastersetup46.exe
2012-01-20 00:13 . 2012-01-20 00:13 4780600 ----a-w- c:\program files\DivXWebPlayerInstallerv15.exe
2012-01-11 03:55 . 2012-01-11 03:55 204445 ----a-w- c:\program files\FLAC_plugin_with_library_support.exe
2012-01-04 03:53 . 2012-01-04 03:53 776152 ----a-w- c:\program files\install_flashplayer10x32_mssd_aih.exe
2011-12-26 05:55 . 2011-12-26 05:55 3243768 ----a-w- c:\program files\spywareblastersetup45.exe
2011-12-19 02:06 . 2011-12-19 02:06 118392192 ----a-w- c:\program files\vegaspro80c_enu.exe
2011-12-12 22:10 . 2011-12-19 00:52 110627654 ----a-w- c:\program files\acidpro60d_enu.exe
2011-11-22 11:13 . 2011-11-22 11:13 3511776 ----a-w- c:\program files\ccsetup312.exe
2011-09-16 05:12 . 2011-09-16 04:31 908576 ----a-w- c:\program files\jxpiinstall.exe
2011-09-13 23:16 . 2011-09-13 23:16 61440 ----a-w- c:\program files\VEW.exe
2011-09-13 10:19 . 2011-09-13 10:19 1916416 ----a-w- c:\program files\aswMBR.exe
2011-07-27 04:10 . 2011-07-27 04:10 424328 ----a-w- c:\program files\msgr11us.exe
2011-05-18 01:27 . 2011-05-18 01:27 8613040 ----a-w- c:\program files\Firefox Setup 3.6.17.exe
2011-05-07 06:13 . 2011-09-22 08:48 407040 ----a-w- c:\program files\mp4toavi.exe
2011-04-30 21:17 . 2011-04-30 21:17 1837224 ----a-w- c:\program files\FSCaptureSetup68.exe
2011-03-31 21:02 . 2011-03-31 21:02 16525088 ----a-w- c:\program files\jre-6u24-windows-i586.exe
2011-03-20 04:29 . 2008-12-04 05:05 2832544 ----a-w- c:\program files\install_flash_player.exe
2011-01-04 07:25 . 2011-01-04 07:24 21601896 ----a-w- c:\program files\divxplayer72.exe
2011-01-04 07:11 . 2007-09-21 05:26 903520 ----a-w- c:\program files\DivXInstaller.exe
2010-12-28 01:23 . 2008-10-28 20:49 400384 ----a-w- c:\program files\JavaRa.exe
2010-10-20 01:04 . 2010-10-20 01:04 1202303 ----a-w- c:\program files\wrar37b4.exe
2010-10-09 03:51 . 2010-10-09 03:51 3194296 ----a-w- c:\program files\spywareblastersetup44.exe
2010-08-31 03:53 . 2010-08-31 03:39 96962344 ----a-w- c:\program files\iTunesSetup2.exe
2010-07-22 02:21 . 2010-07-22 02:21 15052199 ----a-w- c:\program files\FastAVI2GIF.exe
2010-07-22 01:54 . 2010-05-18 03:46 3192422 ----a-w- c:\program files\ECSetup.exe
2010-05-22 06:53 . 2010-05-22 06:52 4653240 ----a-w- c:\program files\flashget196en.exe
2010-04-01 02:15 . 2010-04-01 02:15 8351672 ----a-w- c:\program files\Firefox Setup 3.6.2.exe
2010-03-04 08:55 . 2010-03-04 08:55 4728512 ----a-w- c:\program files\egifan5.exe
2010-03-04 05:23 . 2010-03-04 05:23 210464 ----a-w- c:\program files\AkamaiDownloadManagerInstaller.exe
2010-02-08 08:07 . 2010-02-08 08:07 11014144 ----a-w- c:\program files\UGA5TBYB_E_USG.exe
2009-11-30 06:36 . 2009-11-30 06:36 32494896 ----a-w- c:\program files\QuickTimeInstaller.exe
2009-07-20 06:49 . 2009-07-20 06:47 16895424 ----a-w- c:\program files\MP4-Converter_3.8.5.exe
2009-01-23 07:21 . 2009-01-23 07:21 2594286 ----a-w- c:\program files\gwave525.exe
2009-01-19 03:29 . 2009-01-19 03:29 128336 ----a-w- c:\program files\Download_SoundTaxi-Download.exe
2008-12-04 09:08 . 2008-12-04 09:08 4998707 ----a-w- c:\program files\flvplayer_setup.exe
2008-12-02 05:19 . 2008-12-02 05:17 7508624 ----a-w- c:\program files\Firefox Setup 3.0.4.exe
2008-11-05 23:25 . 2008-04-29 04:05 1073528 ----a-w- c:\program files\dBpoweramp-Codec-m4a.exe
2008-11-01 22:34 . 2008-11-01 22:34 2062665 ----a-w- c:\program files\spywareguardsetup.exe
2008-11-01 22:14 . 2008-11-01 22:11 35124856 ----a-w- c:\program files\AdbeRdr90_en_US.exe
2008-10-28 20:55 . 2008-10-28 20:54 16156056 ----a-w- c:\program files\jre-6u10-windows-i586-p.exe
2008-10-07 01:46 . 2008-10-07 01:45 10886008 ----a-w- c:\program files\dBpoweramp-Codec-WMA10Pro.exe
2008-08-05 23:55 . 2008-08-05 23:54 2869536 ----a-w- c:\program files\spywareblastersetup41.exe
2008-08-03 21:41 . 2008-08-03 21:40 9346664 ----a-w- c:\program files\zlsSetup_60_667_000.exe
2008-08-03 04:28 . 2008-08-03 04:29 50688 ----a-w- c:\program files\ATF-Cleaner.exe
2008-07-30 05:01 . 2008-07-30 05:00 6046584 ----a-w- c:\program files\Firefox Setup 2.0.0.16.exe
2008-07-29 00:28 . 2008-07-29 00:28 812344 ----a-w- c:\program files\HJTInstall.exe
2008-06-14 10:39 . 2008-06-14 10:39 128368 ----a-w- c:\program files\Download_mbam-setup.exe
2008-06-12 07:26 . 2008-06-12 07:25 4257184 ----a-w- c:\program files\registryboosteraff.exe
2008-06-11 22:33 . 2008-06-11 22:31 9722720 ----a-w- c:\program files\spybotsd152.exe
2008-05-13 08:13 . 2008-05-13 07:19 486108144 ----a-w- c:\program files\ADBEPHSPCS3_WWE.exe
2008-03-26 23:37 . 2008-03-26 23:37 6104632 ----a-w- c:\program files\picasaweb-current-setup.exe
2008-03-26 23:23 . 2008-03-26 23:22 13445041 ----a-w- c:\program files\ps701up.exe
2007-12-25 23:35 . 2007-12-25 23:30 54330664 ----a-w- c:\program files\iTunesSetup.exe
2007-12-20 02:08 . 2007-12-20 02:08 5914648 ----a-w- c:\program files\SUPERAntiSpyware.exe
2007-10-05 03:35 . 2007-06-13 23:46 842672 ----a-w- c:\program files\slsk156c.exe
2007-09-30 22:01 . 2007-09-30 22:01 6016952 ----a-w- c:\program files\Firefox Setup 2.0.0.7.exe
2007-06-12 02:57 . 2007-06-12 02:57 4044152 ----a-w- c:\program files\dBpoweramp-encoder-helix.exe
2007-06-12 02:52 . 2007-06-12 02:52 4112760 ----a-w- c:\program files\dMC-r12[1].1.exe
2007-05-18 23:16 . 2007-05-18 23:16 3362502 ----a-w- c:\program files\cxp_free.exe
2007-03-18 05:43 . 2007-03-18 05:42 877976 ----a-w- c:\program files\7z444.exe
2007-02-02 00:02 . 2008-08-07 05:39 313344 ----a-w- c:\program files\hjsplit.exe
2006-12-29 04:29 . 2006-12-29 04:29 40409184 ----a-w- c:\program files\MIS_9_0_183_1_trial30OEM_Release.exe
2006-01-06 18:25 . 2010-05-09 06:47 18222904 ----a-w- c:\program files\exPressit.exe
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2012-07-19 00:58 . 2012-05-03 07:29 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-10 2074208]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-25 4777856]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2011-06-16 6276408]
"Akamai NetSession Interface"="c:\documents and settings\Mike\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-05-26 4327744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxpers"="c:\windows\System32\igfxpers.exe" [2005-09-20 114688]
"Motive SmartBridge"="c:\progra~1\SBCSEL~1\SMARTB~1\MotiveSB.exe" [2005-08-24 442455]
"YBrowser"="c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 129536]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-01-18 2339168]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-07-10 1107552]
"ROC_roc_dec12"="c:\program files\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-16 928096]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"HF_G_Jul"="c:\program files\AVG Secure Search\HF_G_Jul.exe" [2012-07-19 36960]
.
c:\documents and settings\Mike\Start Menu\Programs\Startup\
SpywareGuard.lnk - c:\program files\SpywareGuard\sgmain.exe [2003-8-29 360448]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
AT&T Self Support Tool.lnk - c:\program files\SBC Self Support Tool\bin\matcli.exe [2008-1-17 217088]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2004-9-20 24576]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-18 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-04 21:05 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\SYSTEM32\DRIVERS\AVGIDSEH.sys [9/13/2010 4:27 PM 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\SYSTEM32\DRIVERS\avgrkx86.sys [9/7/2010 3:48 AM 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [9/7/2010 3:48 AM 248656]
R1 Avgtdix;AVG TDI Driver;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [9/7/2010 3:49 AM 297168]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [10/10/2006 1:53 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/27/2007 12:39 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [7/1/2010 9:47 PM 116608]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/29/2002 4:00 AM 14336]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [1/31/2012 3:02 PM 7391072]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2/8/2011 5:33 AM 269520]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [7/9/2012 9:05 PM 935008]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\SYSTEM32\DRIVERS\AVGIDSDriver.sys [8/19/2010 9:42 PM 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\SYSTEM32\DRIVERS\AVGIDSFilter.sys [8/19/2010 9:42 PM 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\SYSTEM32\DRIVERS\AVGIDSShim.sys [8/19/2010 9:42 PM 27216]
S2 gupdate1ca89cb40c13250;Google Update Service (gupdate1ca89cb40c13250);c:\program files\Google\Update\GoogleUpdate.exe [12/30/2009 9:42 PM 133104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe [5/23/2012 11:09 PM 250056]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [5/12/2011 1:59 PM 167264]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/30/2009 9:42 PM 133104]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [5/3/2012 1:30 AM 113120]
S3 MP4ConverterAudio;MP4ConverterAudio;c:\windows\SYSTEM32\DRIVERS\MP4ConverterAudio.sys [7/20/2009 12:51 AM 23096]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/16/2006 5:51 PM 12872]
S3 SndTAudio;SndTAudio;c:\windows\SYSTEM32\DRIVERS\SndTAudio.sys [1/18/2009 9:33 PM 23096]
S3 SndTVideo;SndTVideo;c:\windows\SYSTEM32\DRIVERS\SndTVideo.sys [1/18/2009 9:33 PM 3768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-24 06:12]
.
2012-06-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]
.
2012-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd625fc8ee6336.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-31 03:41]
.
2012-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-31 03:41]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.bing.com/?pc=ZUGO&form=ZGAPHP
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Display All Images with Full Quality - "c:\program files\NetZero\qsacc\appres.dll/228"
IE: Display Image with Full Quality - "c:\program files\NetZero\qsacc\appres.dll/227"
IE: {{40D4D9A0-A298-46EF-8D22-429FDEE9197B} - {40D4D9A0-A298-46EF-8D22-429FDEE9197B} - c:\program files\Football For Good Giving Assistant\MojoObjects.dll
TCP: DhcpNameServer = 192.168.1.254
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Mike\Application Data\Mozilla\Firefox\Profiles\w7ntqjtq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bddd284d6-1955-4373-9ddd-5b0cc19749a7%7D&mid=031ebd89e53584bc66adf9b96bba1c5f-f387fb62ff0ba321afaa556b98b1d702f61e7c58&ds=AVG&v=11.1.0.12&lang=us&pr=fr&d=2011-12-10%2008%3A33%3A40&sap=ku&q=
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-BarSize - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-29 19:44
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\docume~1\Mike\LOCALS~1\Temp\RGI8F.tmp 7075 bytes
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST380011A rev.8.16 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
.
device: opened successfully
user: MBR read successfully
error: Read A device attached to the system is not functioning.
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x824EA2E2
user & kernel MBR OK
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_4f7fccd.dll"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(780)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
Completion time: 2012-07-29 19:57:49
ComboFix-quarantined-files.txt 2012-07-30 01:57
.
Pre-Run: 16,882,110,464 bytes free
Post-Run: 17,770,065,920 bytes free
.
- - End Of File - - A1CC4D4613C3C108466C52E3FD5A6012

Edited by MVV, 29 July 2012 - 08:07 PM.

#5
Essexboy

Posted 30 July 2012 - 07:12 AM

GeekU Moderator

Retired Staff
69,964 posts

OK lets now check the MBR out

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application
Then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Get the report by selecting Reports
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.

#6
MVV

Posted 30 July 2012 - 08:32 PM

Member

Topic Starter
Member
87 posts

22:13:29.0203 3508 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
22:13:29.0765 3508 ============================================================
22:13:29.0765 3508 Current date / time: 2012/07/30 22:13:29.0765
22:13:29.0765 3508 SystemInfo:
22:13:29.0765 3508
22:13:29.0765 3508 OS Version: 5.1.2600 ServicePack: 3.0
22:13:29.0765 3508 Product type: Workstation
22:13:29.0765 3508 ComputerName: BASEMENT
22:13:29.0765 3508 UserName: Mike
22:13:29.0765 3508 Windows directory: C:\WINDOWS
22:13:29.0765 3508 System windows directory: C:\WINDOWS
22:13:29.0765 3508 Processor architecture: Intel x86
22:13:29.0765 3508 Number of processors: 1
22:13:29.0765 3508 Page size: 0x1000
22:13:29.0765 3508 Boot type: Normal boot
22:13:29.0765 3508 ============================================================
22:13:34.0234 3508 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:13:34.0250 3508 ============================================================
22:13:34.0250 3508 \Device\Harddisk0\DR0:
22:13:34.0250 3508 MBR partitions:
22:13:34.0250 3508 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x8DE6AAE
22:13:34.0250 3508 ============================================================
22:13:34.0312 3508 C: <-> \Device\Harddisk0\DR0\Partition0
22:13:34.0312 3508 ============================================================
22:13:34.0312 3508 Initialize success
22:13:34.0312 3508 ============================================================
22:14:09.0062 2476 ============================================================
22:14:09.0062 2476 Scan started
22:14:09.0062 2476 Mode: Manual; SigCheck; TDLFS;
22:14:09.0062 2476 ============================================================
22:14:14.0156 2476 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:14:15.0046 2476 !SASCORE - ok
22:14:15.0656 2476 aawservice (17067069b9a7865028c1f2e6971d0ccc) C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
22:14:16.0171 2476 aawservice - ok
22:14:20.0640 2476 Abiosdsk - ok
22:14:20.0718 2476 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
22:14:27.0265 2476 abp480n5 - ok
22:14:27.0546 2476 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:14:27.0875 2476 ACPI - ok
22:14:27.0921 2476 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:14:28.0187 2476 ACPIEC - ok
22:14:28.0203 2476 adfs - ok
22:14:28.0296 2476 Adobe LM Service (c1eb9968ec89fba5f3a264e2e57923ab) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:14:28.0453 2476 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
22:14:28.0453 2476 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
22:14:28.0546 2476 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:14:28.0609 2476 AdobeFlashPlayerUpdateSvc - ok
22:14:28.0656 2476 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
22:14:28.0890 2476 adpu160m - ok
22:14:28.0921 2476 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
22:14:29.0015 2476 aeaudio - ok
22:14:29.0093 2476 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:14:29.0296 2476 aec - ok
22:14:29.0343 2476 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:14:30.0671 2476 AFD - ok
22:14:30.0703 2476 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\System32\DRIVERS\agp440.sys
22:14:30.0984 2476 agp440 - ok
22:14:31.0031 2476 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
22:14:31.0265 2476 agpCPQ - ok
22:14:31.0328 2476 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
22:14:31.0421 2476 Aha154x - ok
22:14:31.0437 2476 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
22:14:31.0640 2476 aic78u2 - ok
22:14:31.0671 2476 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
22:14:31.0921 2476 aic78xx - ok
22:14:32.0203 2476 Akamai (29584f02a43e427c4227e3b1d9ff1b22) c:\program files\common files\akamai/netsession_win_4f7fccd.dll
22:14:32.0203 2476 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
22:14:32.0218 2476 Akamai ( HiddenFile.Multi.Generic ) - warning
22:14:32.0218 2476 Akamai - detected HiddenFile.Multi.Generic (1)
22:14:32.0359 2476 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
22:14:32.0609 2476 Alerter - ok
22:14:32.0625 2476 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
22:14:32.0750 2476 ALG - ok
22:14:32.0828 2476 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
22:14:33.0031 2476 AliIde - ok
22:14:33.0062 2476 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
22:14:33.0265 2476 alim1541 - ok
22:14:33.0296 2476 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
22:14:33.0703 2476 amdagp - ok
22:14:33.0750 2476 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
22:14:33.0875 2476 amsint - ok
22:14:34.0031 2476 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:14:34.0062 2476 Apple Mobile Device - ok
22:14:34.0062 2476 AppMgmt - ok
22:14:34.0109 2476 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
22:14:34.0328 2476 asc - ok
22:14:34.0406 2476 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
22:14:34.0531 2476 asc3350p - ok
22:14:34.0546 2476 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
22:14:34.0750 2476 asc3550 - ok
22:14:34.0890 2476 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:14:35.0109 2476 aspnet_state - ok
22:14:35.0140 2476 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:14:35.0375 2476 AsyncMac - ok
22:14:35.0421 2476 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:14:35.0625 2476 atapi - ok
22:14:35.0625 2476 Atdisk - ok
22:14:35.0734 2476 ati2mtag (8759322ffc1a50569c1e5528ee8026b7) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:14:36.0046 2476 ati2mtag - ok
22:14:36.0078 2476 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:14:36.0328 2476 Atmarpc - ok
22:14:36.0375 2476 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
22:14:36.0812 2476 AudioSrv - ok
22:14:37.0031 2476 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:14:37.0234 2476 audstub - ok
22:14:37.0390 2476 AVG Security Toolbar Service (d45b7995761253a92ab071d576114f28) C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
22:14:37.0515 2476 AVG Security Toolbar Service - ok
22:14:38.0000 2476 AVGIDSAgent (7a0f6a3e0e41425b9ba54616b482668a) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
22:14:38.0625 2476 AVGIDSAgent - ok
22:14:38.0765 2476 AVGIDSDriver (2d18221aab3db2d408d6c55c0f23090a) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
22:14:39.0093 2476 AVGIDSDriver - ok
22:14:39.0109 2476 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
22:14:39.0171 2476 AVGIDSEH - ok
22:14:39.0250 2476 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
22:14:39.0265 2476 AVGIDSFilter - ok
22:14:39.0296 2476 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
22:14:39.0312 2476 AVGIDSShim - ok
22:14:39.0359 2476 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
22:14:39.0437 2476 Avgldx86 - ok
22:14:39.0468 2476 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
22:14:39.0531 2476 Avgmfx86 - ok
22:14:39.0546 2476 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
22:14:39.0578 2476 Avgrkx86 - ok
22:14:39.0640 2476 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
22:14:39.0718 2476 Avgtdix - ok
22:14:39.0968 2476 avgwd (fc2bc51120a945f7c70376495e4e7737) C:\Program Files\AVG\AVG10\avgwdsvc.exe
22:14:40.0062 2476 avgwd - ok
22:14:40.0109 2476 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:14:40.0328 2476 Beep - ok
22:14:40.0390 2476 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
22:14:40.0703 2476 BITS - ok
22:14:40.0781 2476 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:14:40.0843 2476 Bonjour Service - ok
22:14:40.0875 2476 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
22:14:41.0109 2476 Browser - ok
22:14:41.0125 2476 bvrp_pci - ok
22:14:41.0265 2476 catchme - ok
22:14:41.0312 2476 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
22:14:41.0531 2476 cbidf - ok
22:14:41.0531 2476 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:14:41.0718 2476 cbidf2k - ok
22:14:41.0750 2476 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
22:14:41.0859 2476 cd20xrnt - ok
22:14:41.0890 2476 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:14:42.0109 2476 Cdaudio - ok
22:14:42.0140 2476 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:14:42.0328 2476 Cdfs - ok
22:14:42.0375 2476 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:14:42.0578 2476 Cdrom - ok
22:14:42.0578 2476 Changer - ok
22:14:42.0625 2476 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
22:14:42.0828 2476 CiSvc - ok
22:14:42.0875 2476 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
22:14:43.0234 2476 ClipSrv - ok
22:14:43.0343 2476 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:14:43.0453 2476 clr_optimization_v2.0.50727_32 - ok
22:14:43.0515 2476 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
22:14:43.0750 2476 CmdIde - ok
22:14:43.0765 2476 COMSysApp - ok
22:14:43.0812 2476 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
22:14:44.0046 2476 Cpqarray - ok
22:14:44.0093 2476 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
22:14:44.0296 2476 CryptSvc - ok
22:14:44.0328 2476 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
22:14:44.0562 2476 dac2w2k - ok
22:14:44.0593 2476 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
22:14:44.0796 2476 dac960nt - ok
22:14:44.0843 2476 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
22:14:44.0937 2476 DcomLaunch - ok
22:14:44.0984 2476 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
22:14:45.0171 2476 Dhcp - ok
22:14:45.0218 2476 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:14:45.0421 2476 Disk - ok
22:14:45.0437 2476 dmadmin - ok
22:14:45.0515 2476 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:14:45.0812 2476 dmboot - ok
22:14:45.0843 2476 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:14:46.0203 2476 dmio - ok
22:14:46.0234 2476 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:14:46.0421 2476 dmload - ok
22:14:46.0468 2476 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
22:14:46.0703 2476 dmserver - ok
22:14:46.0750 2476 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:14:46.0953 2476 DMusic - ok
22:14:47.0000 2476 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
22:14:47.0140 2476 Dnscache - ok
22:14:47.0187 2476 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
22:14:47.0437 2476 Dot3svc - ok
22:14:47.0484 2476 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
22:14:47.0671 2476 dpti2o - ok
22:14:47.0718 2476 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:14:47.0875 2476 drmkaud - ok
22:14:47.0921 2476 drvmcdb (049177996e5e33b5faf40cad2b82098c) C:\WINDOWS\system32\drivers\drvmcdb.sys
22:14:48.0531 2476 drvmcdb ( UnsignedFile.Multi.Generic ) - warning
22:14:48.0531 2476 drvmcdb - detected UnsignedFile.Multi.Generic (1)
22:14:48.0546 2476 drvnddm (2f4134d073f972575c174e3d621f0107) C:\WINDOWS\system32\drivers\drvnddm.sys
22:14:49.0187 2476 drvnddm ( UnsignedFile.Multi.Generic ) - warning
22:14:49.0187 2476 drvnddm - detected UnsignedFile.Multi.Generic (1)
22:14:49.0312 2476 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
22:14:49.0406 2476 DSBrokerService - ok
22:14:49.0468 2476 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
22:14:49.0843 2476 DSproct ( UnsignedFile.Multi.Generic ) - warning
22:14:49.0843 2476 DSproct - detected UnsignedFile.Multi.Generic (1)
22:14:49.0890 2476 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
22:14:49.0937 2476 dsunidrv - ok
22:14:49.0984 2476 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:14:50.0125 2476 E100B - ok
22:14:50.0156 2476 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
22:14:50.0406 2476 EapHost - ok
22:14:50.0453 2476 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
22:14:50.0656 2476 EL90XBC - ok
22:14:50.0687 2476 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
22:14:50.0890 2476 ERSvc - ok
22:14:50.0921 2476 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
22:14:51.0000 2476 Eventlog - ok
22:14:51.0062 2476 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
22:14:51.0171 2476 EventSystem - ok
22:14:51.0218 2476 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:14:51.0437 2476 Fastfat - ok
22:14:51.0484 2476 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:14:51.0609 2476 FastUserSwitchingCompatibility - ok
22:14:51.0687 2476 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
22:14:51.0875 2476 Fax - ok
22:14:51.0906 2476 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:14:52.0109 2476 Fdc - ok
22:14:52.0140 2476 fibqtkkxttox (843cb965b5d3b7c4dbb477bf3a179c0e) C:\WINDOWS\system32\drivers\fibqtkkxttox.sys
22:14:52.0546 2476 fibqtkkxttox ( UnsignedFile.Multi.Generic ) - warning
22:14:52.0546 2476 fibqtkkxttox - detected UnsignedFile.Multi.Generic (1)
22:14:52.0578 2476 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:14:52.0765 2476 Fips - ok
22:14:52.0812 2476 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:14:53.0203 2476 Flpydisk - ok
22:14:53.0250 2476 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:14:53.0468 2476 FltMgr - ok
22:14:53.0578 2476 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:14:53.0625 2476 FontCache3.0.0.0 - ok
22:14:53.0656 2476 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:14:53.0859 2476 Fs_Rec - ok
22:14:53.0890 2476 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:14:54.0093 2476 Ftdisk - ok
22:14:54.0140 2476 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
22:14:54.0187 2476 GEARAspiWDM - ok
22:14:54.0312 2476 getPlusHelper (0879dc7444a201df84e69c5dd5083d61) C:\Program Files\NOS\bin\getPlus_Helper.dll
22:14:54.0390 2476 getPlusHelper - ok
22:14:54.0421 2476 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:14:54.0640 2476 Gpc - ok
22:14:54.0828 2476 gupdate1ca89cb40c13250 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
22:14:54.0859 2476 gupdate1ca89cb40c13250 - ok
22:14:54.0875 2476 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
22:14:54.0906 2476 gupdatem - ok
22:14:54.0968 2476 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:14:55.0156 2476 helpsvc - ok
22:14:55.0156 2476 HidServ - ok
22:14:55.0203 2476 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:14:55.0390 2476 HidUsb - ok
22:14:55.0453 2476 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
22:14:55.0703 2476 hkmsvc - ok
22:14:55.0750 2476 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
22:14:55.0906 2476 hpn - ok
22:14:55.0953 2476 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
22:14:56.0062 2476 HSFHWBS2 - ok
22:14:56.0171 2476 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
22:14:56.0421 2476 HSF_DP - ok
22:14:56.0468 2476 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:14:56.0625 2476 HTTP - ok
22:14:56.0687 2476 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
22:14:56.0968 2476 HTTPFilter - ok
22:14:57.0000 2476 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:14:57.0171 2476 i2omgmt - ok
22:14:57.0203 2476 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
22:14:57.0390 2476 i2omp - ok
22:14:57.0437 2476 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:14:57.0640 2476 i8042prt - ok
22:14:57.0687 2476 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
22:14:57.0968 2476 i81x - ok
22:14:58.0000 2476 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
22:14:58.0218 2476 iAimFP0 - ok
22:14:58.0250 2476 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
22:14:58.0421 2476 iAimFP1 - ok
22:14:58.0453 2476 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
22:14:58.0625 2476 iAimFP2 - ok
22:14:58.0671 2476 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
22:14:58.0921 2476 iAimFP3 - ok
22:14:58.0968 2476 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
22:14:59.0203 2476 iAimFP4 - ok
22:14:59.0312 2476 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
22:14:59.0500 2476 iAimTV0 - ok
22:14:59.0531 2476 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
22:14:59.0718 2476 iAimTV1 - ok
22:14:59.0734 2476 iAimTV2 - ok
22:14:59.0750 2476 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
22:14:59.0968 2476 iAimTV3 - ok
22:14:59.0984 2476 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
22:15:00.0187 2476 iAimTV4 - ok
22:15:00.0296 2476 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
22:15:00.0609 2476 ialm - ok
22:15:00.0796 2476 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:15:00.0968 2476 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:15:00.0968 2476 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:15:01.0187 2476 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:15:01.0328 2476 idsvc - ok
22:15:01.0453 2476 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:15:01.0671 2476 Imapi - ok
22:15:01.0718 2476 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
22:15:01.0937 2476 ImapiService - ok
22:15:01.0968 2476 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
22:15:02.0187 2476 ini910u - ok
22:15:02.0218 2476 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
22:15:02.0421 2476 IntelIde - ok
22:15:02.0468 2476 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:15:02.0640 2476 intelppm - ok
22:15:02.0671 2476 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:15:02.0890 2476 ip6fw - ok
22:15:02.0937 2476 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:15:03.0109 2476 IpFilterDriver - ok
22:15:03.0140 2476 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:15:03.0328 2476 IpInIp - ok
22:15:03.0375 2476 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:15:03.0562 2476 IpNat - ok
22:15:03.0687 2476 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
22:15:03.0843 2476 iPod Service - ok
22:15:03.0906 2476 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:15:04.0250 2476 IPSec - ok
22:15:04.0281 2476 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:15:04.0390 2476 IRENUM - ok
22:15:04.0437 2476 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:15:04.0640 2476 isapnp - ok
22:15:04.0750 2476 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
22:15:04.0812 2476 JavaQuickStarterService - ok
22:15:04.0843 2476 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:15:05.0031 2476 Kbdclass - ok
22:15:05.0078 2476 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:15:05.0281 2476 kmixer - ok
22:15:05.0328 2476 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:15:05.0484 2476 KSecDD - ok
22:15:05.0531 2476 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
22:15:05.0593 2476 lanmanserver - ok
22:15:05.0640 2476 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
22:15:05.0718 2476 lanmanworkstation - ok
22:15:05.0734 2476 lbrtfdc - ok
22:15:05.0796 2476 LexBceS (a249f60c0ebfa1941ed0e486700d3228) C:\WINDOWS\system32\LEXBCES.EXE
22:15:05.0906 2476 LexBceS - ok
22:15:05.0953 2476 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
22:15:06.0140 2476 LmHosts - ok
22:15:06.0187 2476 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:15:06.0218 2476 mdmxsdk - ok
22:15:06.0265 2476 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
22:15:06.0468 2476 Messenger - ok
22:15:06.0500 2476 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:15:06.0687 2476 mnmdd - ok
22:15:06.0718 2476 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
22:15:06.0968 2476 mnmsrvc - ok
22:15:07.0015 2476 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:15:07.0187 2476 Modem - ok
22:15:07.0234 2476 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
22:15:07.0453 2476 MODEMCSA - ok
22:15:07.0500 2476 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:15:07.0765 2476 Mouclass - ok
22:15:07.0812 2476 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:15:08.0015 2476 mouhid - ok
22:15:08.0046 2476 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:15:08.0234 2476 MountMgr - ok
22:15:08.0359 2476 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:15:08.0468 2476 MozillaMaintenance - ok
22:15:08.0515 2476 MP4ConverterAudio (3e102e8fbbc59c91f52be2cc6b4c3b4c) C:\WINDOWS\system32\drivers\MP4ConverterAudio.sys
22:15:08.0578 2476 MP4ConverterAudio ( UnsignedFile.Multi.Generic ) - warning
22:15:08.0578 2476 MP4ConverterAudio - detected UnsignedFile.Multi.Generic (1)
22:15:08.0625 2476 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
22:15:08.0812 2476 mraid35x - ok
22:15:08.0859 2476 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:15:09.0062 2476 MRxDAV - ok
22:15:09.0125 2476 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:15:09.0703 2476 MRxSmb - ok
22:15:09.0750 2476 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
22:15:09.0984 2476 MSDTC - ok
22:15:10.0015 2476 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:15:10.0203 2476 Msfs - ok
22:15:10.0218 2476 MSIServer - ok
22:15:10.0250 2476 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:15:10.0437 2476 MSKSSRV - ok
22:15:10.0453 2476 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:15:10.0640 2476 MSPCLOCK - ok
22:15:10.0656 2476 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:15:11.0000 2476 MSPQM - ok
22:15:11.0031 2476 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:15:11.0265 2476 mssmbios - ok
22:15:11.0328 2476 MSSQL$SONY_MEDIAMGR - ok
22:15:11.0390 2476 MSSQLServerADHelper (cb7524c21727404bd3140dca32deb7de) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
22:15:11.0562 2476 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - warning
22:15:11.0562 2476 MSSQLServerADHelper - detected UnsignedFile.Multi.Generic (1)
22:15:11.0609 2476 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:15:11.0703 2476 Mup - ok
22:15:11.0734 2476 MxlW2k (a1520761f42dbb06db7929d6fa9753ea) C:\WINDOWS\system32\drivers\MxlW2k.sys
22:15:12.0140 2476 MxlW2k ( UnsignedFile.Multi.Generic ) - warning
22:15:12.0140 2476 MxlW2k - detected UnsignedFile.Multi.Generic (1)
22:15:12.0218 2476 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
22:15:12.0468 2476 napagent - ok
22:15:12.0500 2476 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:15:12.0703 2476 NDIS - ok
22:15:12.0734 2476 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:15:13.0156 2476 NdisTapi - ok
22:15:13.0203 2476 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:15:13.0375 2476 Ndisuio - ok
22:15:13.0421 2476 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:15:13.0609 2476 NdisWan - ok
22:15:13.0656 2476 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:15:13.0765 2476 NDProxy - ok
22:15:13.0812 2476 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:15:14.0031 2476 NetBIOS - ok
22:15:14.0062 2476 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:15:14.0265 2476 NetBT - ok
22:15:14.0296 2476 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
22:15:14.0703 2476 NetDDE - ok
22:15:14.0718 2476 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
22:15:14.0890 2476 NetDDEdsdm - ok
22:15:14.0937 2476 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:15:15.0109 2476 Netlogon - ok
22:15:15.0156 2476 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
22:15:15.0328 2476 Netman - ok
22:15:15.0484 2476 NetSvc (02d0798f376fcbd0210eda58476d0b1b) C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
22:15:16.0218 2476 NetSvc ( UnsignedFile.Multi.Generic ) - warning
22:15:16.0218 2476 NetSvc - detected UnsignedFile.Multi.Generic (1)
22:15:16.0328 2476 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:15:16.0406 2476 NetTcpPortSharing - ok
22:15:16.0453 2476 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
22:15:16.0515 2476 Nla - ok
22:15:16.0546 2476 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:15:16.0734 2476 Npfs - ok
22:15:16.0875 2476 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:15:17.0140 2476 Ntfs - ok
22:15:17.0171 2476 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
22:15:17.0343 2476 NtLmSsp - ok
22:15:17.0406 2476 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
22:15:17.0671 2476 NtmsSvc - ok
22:15:17.0718 2476 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:15:17.0890 2476 Null - ok
22:15:18.0015 2476 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:15:18.0359 2476 nv - ok
22:15:18.0515 2476 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:15:18.0843 2476 NwlnkFlt - ok
22:15:18.0859 2476 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:15:19.0062 2476 NwlnkFwd - ok
22:15:19.0109 2476 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
22:15:19.0296 2476 P3 - ok
22:15:19.0343 2476 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:15:19.0531 2476 Parport - ok
22:15:19.0562 2476 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:15:19.0718 2476 PartMgr - ok
22:15:19.0765 2476 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:15:19.0937 2476 ParVdm - ok
22:15:19.0968 2476 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:15:20.0156 2476 PCI - ok
22:15:20.0156 2476 PCIDump - ok
22:15:20.0203 2476 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:15:20.0390 2476 PCIIde - ok
22:15:20.0437 2476 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:15:20.0671 2476 Pcmcia - ok
22:15:20.0687 2476 PDCOMP - ok
22:15:20.0687 2476 PDFRAME - ok
22:15:20.0703 2476 PDRELI - ok
22:15:20.0718 2476 PDRFRAME - ok
22:15:20.0750 2476 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
22:15:20.0953 2476 perc2 - ok
22:15:20.0968 2476 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
22:15:21.0156 2476 perc2hib - ok
22:15:21.0218 2476 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
22:15:21.0265 2476 PlugPlay - ok
22:15:21.0312 2476 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:15:21.0468 2476 PolicyAgent - ok
22:15:21.0515 2476 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:15:21.0718 2476 PptpMiniport - ok
22:15:21.0765 2476 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
22:15:21.0968 2476 Processor - ok
22:15:21.0984 2476 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:15:22.0125 2476 ProtectedStorage - ok
22:15:22.0171 2476 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:15:22.0500 2476 PSched - ok
22:15:22.0562 2476 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:15:22.0734 2476 Ptilink - ok
22:15:22.0765 2476 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:15:22.0859 2476 PxHelp20 - ok
22:15:22.0890 2476 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
22:15:23.0078 2476 ql1080 - ok
22:15:23.0125 2476 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
22:15:23.0343 2476 Ql10wnt - ok
22:15:23.0375 2476 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
22:15:23.0593 2476 ql12160 - ok
22:15:23.0609 2476 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
22:15:23.0812 2476 ql1240 - ok
22:15:23.0843 2476 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
22:15:24.0015 2476 ql1280 - ok
22:15:24.0031 2476 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:15:24.0218 2476 RasAcd - ok
22:15:24.0265 2476 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
22:15:24.0468 2476 RasAuto - ok
22:15:24.0515 2476 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:15:24.0687 2476 Rasl2tp - ok
22:15:24.0750 2476 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
22:15:24.0984 2476 RasMan - ok
22:15:25.0000 2476 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:15:25.0171 2476 RasPppoe - ok
22:15:25.0187 2476 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:15:25.0406 2476 Raspti - ok
22:15:25.0546 2476 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:15:25.0718 2476 Rdbss - ok
22:15:25.0765 2476 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:15:25.0937 2476 RDPCDD - ok
22:15:25.0984 2476 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:15:26.0187 2476 rdpdr - ok
22:15:26.0234 2476 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
22:15:26.0390 2476 RDPWD - ok
22:15:26.0421 2476 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
22:15:26.0671 2476 RDSessMgr - ok
22:15:26.0703 2476 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:15:26.0906 2476 redbook - ok
22:15:26.0984 2476 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
22:15:27.0171 2476 RemoteAccess - ok
22:15:27.0218 2476 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
22:15:27.0406 2476 RpcLocator - ok
22:15:27.0468 2476 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
22:15:27.0500 2476 RpcSs - ok
22:15:27.0546 2476 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
22:15:27.0734 2476 RSVP - ok
22:15:27.0765 2476 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:15:27.0937 2476 SamSs - ok
22:15:28.0031 2476 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:15:28.0437 2476 SASDIFSV - ok
22:15:28.0484 2476 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
22:15:28.0546 2476 SASENUM - ok
22:15:28.0578 2476 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
22:15:28.0906 2476 SASKUTIL - ok
22:15:28.0968 2476 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
22:15:29.0234 2476 SCardSvr - ok
22:15:29.0281 2476 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
22:15:29.0468 2476 Schedule - ok
22:15:29.0515 2476 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:15:29.0640 2476 Secdrv - ok
22:15:29.0687 2476 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
22:15:29.0859 2476 seclogon - ok
22:15:29.0890 2476 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
22:15:30.0046 2476 SENS - ok
22:15:30.0078 2476 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:15:30.0265 2476 serenum - ok
22:15:30.0312 2476 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:15:30.0500 2476 Serial - ok
22:15:30.0546 2476 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:15:30.0718 2476 Sfloppy - ok
22:15:30.0796 2476 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
22:15:31.0000 2476 SharedAccess - ok
22:15:31.0046 2476 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:15:31.0109 2476 ShellHWDetection - ok
22:15:31.0109 2476 Simbad - ok
22:15:31.0156 2476 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
22:15:31.0390 2476 sisagp - ok
22:15:31.0453 2476 smwdm (4aa922332433cdeb8b82c072c212e32e) C:\WINDOWS\system32\drivers\smwdm.sys
22:15:31.0546 2476 smwdm - ok
22:15:31.0593 2476 SndTAudio (9b6771c9451d8009a70a776bd5a3758f) C:\WINDOWS\system32\drivers\SndTAudio.sys
22:15:31.0625 2476 SndTAudio ( UnsignedFile.Multi.Generic ) - warning
22:15:31.0625 2476 SndTAudio - detected UnsignedFile.Multi.Generic (1)
22:15:31.0656 2476 SndTVideo (de155a93101b1a0e590ab8d6c795b872) C:\WINDOWS\system32\DRIVERS\SndTVideo.sys
22:15:31.0703 2476 SndTVideo ( UnsignedFile.Multi.Generic ) - warning
22:15:31.0703 2476 SndTVideo - detected UnsignedFile.Multi.Generic (1)
22:15:31.0750 2476 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
22:15:31.0906 2476 Sparrow - ok
22:15:31.0937 2476 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:15:32.0125 2476 splitter - ok
22:15:32.0156 2476 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
22:15:32.0265 2476 Spooler - ok
22:15:32.0375 2476 SQLAgent$SONY_MEDIAMGR - ok
22:15:32.0421 2476 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:15:32.0546 2476 sr - ok
22:15:32.0687 2476 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
22:15:32.0796 2476 srservice - ok
22:15:32.0843 2476 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:15:32.0968 2476 Srv - ok
22:15:33.0015 2476 sscdbhk5 (7c0c9bdca2d351ff3b4f9b69f99aa995) C:\WINDOWS\system32\drivers\sscdbhk5.sys
22:15:33.0343 2476 sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning
22:15:33.0343 2476 sscdbhk5 - detected UnsignedFile.Multi.Generic (1)
22:15:33.0390 2476 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
22:15:33.0500 2476 SSDPSRV - ok
22:15:33.0531 2476 ssrtln (31726706d54894d5059f7471111a87bb) C:\WINDOWS\system32\drivers\ssrtln.sys
22:15:33.0750 2476 ssrtln ( UnsignedFile.Multi.Generic ) - warning
22:15:33.0750 2476 ssrtln - detected UnsignedFile.Multi.Generic (1)
22:15:33.0765 2476 StarOpen - ok
22:15:33.0859 2476 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
22:15:34.0140 2476 stisvc - ok
22:15:34.0171 2476 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:15:34.0359 2476 swenum - ok
22:15:34.0390 2476 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:15:34.0562 2476 swmidi - ok
22:15:34.0578 2476 SwPrv - ok
22:15:34.0625 2476 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
22:15:34.0796 2476 symc810 - ok
22:15:34.0859 2476 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
22:15:35.0046 2476 symc8xx - ok
22:15:35.0078 2476 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
22:15:35.0265 2476 sym_hi - ok
22:15:35.0312 2476 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
22:15:35.0468 2476 sym_u3 - ok
22:15:35.0500 2476 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:15:35.0671 2476 sysaudio - ok
22:15:35.0718 2476 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
22:15:36.0078 2476 SysmonLog - ok
22:15:36.0125 2476 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
22:15:36.0296 2476 TapiSrv - ok
22:15:36.0359 2476 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:15:36.0468 2476 Tcpip - ok
22:15:36.0515 2476 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:15:36.0687 2476 TDPIPE - ok
22:15:36.0718 2476 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:15:36.0921 2476 TDTCP - ok
22:15:36.0953 2476 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:15:37.0156 2476 TermDD - ok
22:15:37.0218 2476 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
22:15:37.0453 2476 TermService - ok
22:15:37.0515 2476 tfsnboio (b0d311f33c5b4a5858e4e6c965a79267) C:\WINDOWS\system32\dla\tfsnboio.sys
22:15:37.0718 2476 tfsnboio ( UnsignedFile.Multi.Generic ) - warning
22:15:37.0718 2476 tfsnboio - detected UnsignedFile.Multi.Generic (1)
22:15:37.0750 2476 tfsncofs (250f74fce5d1eccb29ad9abeb55f35d8) C:\WINDOWS\system32\dla\tfsncofs.sys
22:15:38.0156 2476 tfsncofs ( UnsignedFile.Multi.Generic ) - warning
22:15:38.0156 2476 tfsncofs - detected UnsignedFile.Multi.Generic (1)
22:15:38.0203 2476 tfsndrct (e23291934c59e1741ba83582e7a209c0) C:\WINDOWS\system32\dla\tfsndrct.sys
22:15:38.0484 2476 tfsndrct ( UnsignedFile.Multi.Generic ) - warning
22:15:38.0484 2476 tfsndrct - detected UnsignedFile.Multi.Generic (1)
22:15:38.0531 2476 tfsndres (0d863d020633025f1e4ad3e0e325d503) C:\WINDOWS\system32\dla\tfsndres.sys
22:15:38.0765 2476 tfsndres ( UnsignedFile.Multi.Generic ) - warning
22:15:38.0765 2476 tfsndres - detected UnsignedFile.Multi.Generic (1)
22:15:38.0828 2476 tfsnifs (e3e10696663e35062851a376299198bd) C:\WINDOWS\system32\dla\tfsnifs.sys
22:15:39.0125 2476 tfsnifs ( UnsignedFile.Multi.Generic ) - warning
22:15:39.0125 2476 tfsnifs - detected UnsignedFile.Multi.Generic (1)
22:15:39.0156 2476 tfsnopio (00cc366bdcbd8a9a1c95c1c59900dd9b) C:\WINDOWS\system32\dla\tfsnopio.sys
22:15:39.0625 2476 tfsnopio ( UnsignedFile.Multi.Generic ) - warning
22:15:39.0625 2476 tfsnopio - detected UnsignedFile.Multi.Generic (1)
22:15:39.0640 2476 tfsnpool (84a91d08f49831e8c24e4d25ddefae87) C:\WINDOWS\system32\dla\tfsnpool.sys
22:15:39.0921 2476 tfsnpool ( UnsignedFile.Multi.Generic ) - warning
22:15:39.0921 2476 tfsnpool - detected UnsignedFile.Multi.Generic (1)
22:15:39.0984 2476 tfsnudf (55b761c6e2d4fcedac3b46b6c0724830) C:\WINDOWS\system32\dla\tfsnudf.sys
22:15:40.0281 2476 tfsnudf ( UnsignedFile.Multi.Generic ) - warning
22:15:40.0281 2476 tfsnudf - detected UnsignedFile.Multi.Generic (1)
22:15:40.0296 2476 tfsnudfa (64c6e8c217e30ee595120c66f6e783ba) C:\WINDOWS\system32\dla\tfsnudfa.sys
22:15:40.0578 2476 tfsnudfa ( UnsignedFile.Multi.Generic ) - warning
22:15:40.0578 2476 tfsnudfa - detected UnsignedFile.Multi.Generic (1)
22:15:40.0625 2476 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:15:40.0671 2476 Themes - ok
22:15:40.0718 2476 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
22:15:40.0890 2476 TosIde - ok
22:15:40.0921 2476 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
22:15:41.0093 2476 TrkWks - ok
22:15:41.0140 2476 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:15:41.0343 2476 Udfs - ok
22:15:41.0406 2476 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
22:15:41.0500 2476 ultra - ok
22:15:41.0562 2476 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:15:41.0765 2476 Update - ok
22:15:41.0812 2476 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
22:15:41.0953 2476 upnphost - ok
22:15:41.0984 2476 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
22:15:42.0171 2476 UPS - ok
22:15:42.0218 2476 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:15:42.0421 2476 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
22:15:42.0421 2476 USBAAPL - detected UnsignedFile.Multi.Generic (1)
22:15:42.0453 2476 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:15:42.0625 2476 usbehci - ok
22:15:42.0671 2476 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:15:43.0062 2476 usbhub - ok
22:15:43.0093 2476 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:15:43.0265 2476 usbprint - ok
22:15:43.0312 2476 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:15:43.0500 2476 usbscan - ok
22:15:43.0531 2476 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:15:43.0703 2476 USBSTOR - ok
22:15:43.0750 2476 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:15:43.0937 2476 usbuhci - ok
22:15:43.0968 2476 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:15:44.0187 2476 VgaSave - ok
22:15:44.0218 2476 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
22:15:44.0406 2476 viaagp - ok
22:15:44.0453 2476 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
22:15:44.0640 2476 ViaIde - ok
22:15:44.0671 2476 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:15:44.0859 2476 VolSnap - ok
22:15:44.0937 2476 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
22:15:45.0046 2476 VSS - ok
22:15:45.0265 2476 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
22:15:45.0375 2476 vToolbarUpdater11.2.0 - ok
22:15:45.0421 2476 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
22:15:45.0640 2476 w32time - ok
22:15:45.0718 2476 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:15:45.0906 2476 Wanarp - ok
22:15:45.0921 2476 wanatw - ok
22:15:45.0921 2476 WDICA - ok
22:15:45.0968 2476 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:15:46.0171 2476 wdmaud - ok
22:15:46.0218 2476 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
22:15:46.0390 2476 WebClient - ok
22:15:46.0484 2476 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:15:46.0765 2476 winachsf - ok
22:15:46.0984 2476 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
22:15:47.0187 2476 winmgmt - ok
22:15:47.0250 2476 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
22:15:47.0390 2476 WmdmPmSN - ok
22:15:47.0437 2476 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
22:15:47.0703 2476 WmiApSrv - ok
22:15:47.0906 2476 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
22:15:48.0078 2476 WMPNetworkSvc - ok
22:15:48.0171 2476 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:15:48.0343 2476 WS2IFSL - ok
22:15:48.0390 2476 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
22:15:48.0562 2476 wscsvc - ok
22:15:48.0593 2476 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
22:15:48.0781 2476 wuauserv - ok
22:15:48.0812 2476 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:15:48.0984 2476 WudfPf - ok
22:15:49.0031 2476 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:15:49.0109 2476 WudfRd - ok
22:15:49.0156 2476 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
22:15:49.0234 2476 WudfSvc - ok
22:15:49.0296 2476 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
22:15:49.0500 2476 WZCSVC - ok
22:15:49.0546 2476 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
22:15:49.0781 2476 xmlprov - ok
22:15:49.0921 2476 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
22:15:50.0046 2476 YahooAUService - ok
22:15:50.0093 2476 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
22:15:50.0109 2476 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
22:15:50.0109 2476 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
22:15:50.0250 2476 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:15:50.0250 2476 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:15:50.0265 2476 Boot (0x1200) (9c207d97e79b09475077b4b491c3225b) \Device\Harddisk0\DR0\Partition0
22:15:50.0265 2476 \Device\Harddisk0\DR0\Partition0 - ok
22:15:50.0281 2476 ============================================================
22:15:50.0281 2476 Scan finished
22:15:50.0281 2476 ============================================================
22:15:50.0406 3976 Detected object count: 27
22:15:50.0406 3976 Actual detected object count: 27
22:17:36.0609 3976 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0609 3976 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0609 3976 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
22:17:36.0609 3976 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
22:17:36.0609 3976 drvmcdb ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0609 3976 drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0609 3976 drvnddm ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0609 3976 drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0625 3976 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0625 3976 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0625 3976 fibqtkkxttox ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0625 3976 fibqtkkxttox ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0625 3976 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0625 3976 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0625 3976 MP4ConverterAudio ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0625 3976 MP4ConverterAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0625 3976 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0625 3976 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0640 3976 MxlW2k ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0640 3976 MxlW2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0640 3976 NetSvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0640 3976 NetSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0640 3976 SndTAudio ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0640 3976 SndTAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0640 3976 SndTVideo ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0640 3976 SndTVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0640 3976 sscdbhk5 ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0640 3976 sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0656 3976 ssrtln ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0656 3976 ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0656 3976 tfsnboio ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0656 3976 tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0656 3976 tfsncofs ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0656 3976 tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0656 3976 tfsndrct ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0656 3976 tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0656 3976 tfsndres ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0656 3976 tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0656 3976 tfsnifs ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0656 3976 tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0671 3976 tfsnopio ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0671 3976 tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0671 3976 tfsnpool ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0671 3976 tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0671 3976 tfsnudf ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0671 3976 tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0671 3976 tfsnudfa ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0671 3976 tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:36.0671 3976 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:36.0671 3976 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:37.0984 3976 \Device\Harddisk0\DR0\# - copied to quarantine
22:17:37.0984 3976 \Device\Harddisk0\DR0 - copied to quarantine
22:17:38.0046 3976 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
22:17:38.0078 3976 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
22:17:38.0078 3976 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
22:17:38.0125 3976 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
22:17:38.0140 3976 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
22:17:38.0203 3976 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
22:17:38.0281 3976 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
22:17:38.0281 3976 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
22:17:38.0296 3976 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
22:17:38.0296 3976 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
22:17:38.0312 3976 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
22:17:38.0343 3976 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
22:17:38.0343 3976 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
22:17:38.0359 3976 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
22:17:38.0375 3976 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
22:17:38.0421 3976 \Device\Harddisk0\DR0 - ok
22:17:38.0437 3976 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
22:17:38.0437 3976 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
22:17:38.0437 3976 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
22:19:00.0515 2656 Deinitialize success

#7
Essexboy

Posted 31 July 2012 - 08:57 AM

GeekU Moderator

Retired Staff
69,964 posts

Could you now run TDSSKiller once more with the same parameters, when you get the following select delete:

\Device\Harddisk0\DR0 ( TDSS File System )

How is the computer now any problems ?

#8
MVV

Posted 31 July 2012 - 01:39 PM

Member

Topic Starter
Member
87 posts

The computer is running fine.

Here's the log.

15:34:34.0156 2488 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
15:34:34.0468 2488 ============================================================
15:34:34.0468 2488 Current date / time: 2012/07/31 15:34:34.0468
15:34:34.0468 2488 SystemInfo:
15:34:34.0468 2488
15:34:34.0468 2488 OS Version: 5.1.2600 ServicePack: 3.0
15:34:34.0468 2488 Product type: Workstation
15:34:34.0468 2488 ComputerName: BASEMENT
15:34:34.0484 2488 UserName: Mike
15:34:34.0484 2488 Windows directory: C:\WINDOWS
15:34:34.0484 2488 System windows directory: C:\WINDOWS
15:34:34.0484 2488 Processor architecture: Intel x86
15:34:34.0484 2488 Number of processors: 1
15:34:34.0484 2488 Page size: 0x1000
15:34:34.0484 2488 Boot type: Normal boot
15:34:34.0484 2488 ============================================================
15:34:42.0218 2488 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:34:42.0343 2488 ============================================================
15:34:42.0343 2488 \Device\Harddisk0\DR0:
15:34:42.0359 2488 MBR partitions:
15:34:42.0359 2488 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x8DE6AAE
15:34:42.0359 2488 ============================================================
15:34:42.0593 2488 C: <-> \Device\Harddisk0\DR0\Partition0
15:34:42.0609 2488 ============================================================
15:34:42.0609 2488 Initialize success
15:34:42.0609 2488 ============================================================
15:34:52.0031 3680 ============================================================
15:34:52.0031 3680 Scan started
15:34:52.0031 3680 Mode: Manual; SigCheck; TDLFS;
15:34:52.0031 3680 ============================================================
15:34:52.0328 3680 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
15:34:52.0671 3680 !SASCORE - ok
15:34:52.0796 3680 aawservice (17067069b9a7865028c1f2e6971d0ccc) C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
15:34:52.0953 3680 aawservice - ok
15:34:53.0062 3680 Abiosdsk - ok
15:34:53.0125 3680 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
15:34:58.0515 3680 abp480n5 - ok
15:34:58.0578 3680 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:34:58.0859 3680 ACPI - ok
15:34:58.0906 3680 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:34:59.0187 3680 ACPIEC - ok
15:34:59.0203 3680 adfs - ok
15:34:59.0265 3680 Adobe LM Service (c1eb9968ec89fba5f3a264e2e57923ab) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:34:59.0421 3680 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
15:34:59.0421 3680 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
15:34:59.0546 3680 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:34:59.0609 3680 AdobeFlashPlayerUpdateSvc - ok
15:34:59.0656 3680 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
15:34:59.0890 3680 adpu160m - ok
15:34:59.0937 3680 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
15:35:00.0109 3680 aeaudio - ok
15:35:00.0140 3680 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:35:00.0328 3680 aec - ok
15:35:00.0375 3680 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:35:01.0343 3680 AFD - ok
15:35:01.0390 3680 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\System32\DRIVERS\agp440.sys
15:35:01.0609 3680 agp440 - ok
15:35:01.0640 3680 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
15:35:01.0890 3680 agpCPQ - ok
15:35:01.0953 3680 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
15:35:02.0078 3680 Aha154x - ok
15:35:02.0093 3680 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
15:35:02.0343 3680 aic78u2 - ok
15:35:02.0359 3680 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
15:35:02.0578 3680 aic78xx - ok
15:35:02.0859 3680 Akamai (29584f02a43e427c4227e3b1d9ff1b22) c:\program files\common files\akamai/netsession_win_4f7fccd.dll
15:35:02.0859 3680 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
15:35:02.0875 3680 Akamai ( HiddenFile.Multi.Generic ) - warning
15:35:02.0875 3680 Akamai - detected HiddenFile.Multi.Generic (1)
15:35:02.0984 3680 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
15:35:03.0265 3680 Alerter - ok
15:35:03.0281 3680 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
15:35:03.0484 3680 ALG - ok
15:35:03.0562 3680 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
15:35:03.0750 3680 AliIde - ok
15:35:03.0781 3680 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
15:35:04.0031 3680 alim1541 - ok
15:35:04.0062 3680 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
15:35:04.0312 3680 amdagp - ok
15:35:04.0359 3680 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
15:35:04.0531 3680 amsint - ok
15:35:04.0687 3680 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:35:04.0750 3680 Apple Mobile Device - ok
15:35:04.0765 3680 AppMgmt - ok
15:35:04.0796 3680 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
15:35:04.0984 3680 asc - ok
15:35:05.0015 3680 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
15:35:05.0109 3680 asc3350p - ok
15:35:05.0125 3680 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
15:35:05.0328 3680 asc3550 - ok
15:35:05.0437 3680 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:35:05.0609 3680 aspnet_state - ok
15:35:05.0640 3680 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:35:05.0875 3680 AsyncMac - ok
15:35:05.0890 3680 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:35:06.0093 3680 atapi - ok
15:35:06.0109 3680 Atdisk - ok
15:35:06.0171 3680 ati2mtag (8759322ffc1a50569c1e5528ee8026b7) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:35:06.0500 3680 ati2mtag - ok
15:35:06.0515 3680 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:35:06.0812 3680 Atmarpc - ok
15:35:06.0875 3680 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
15:35:07.0109 3680 AudioSrv - ok
15:35:07.0140 3680 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:35:07.0343 3680 audstub - ok
15:35:07.0515 3680 AVG Security Toolbar Service (d45b7995761253a92ab071d576114f28) C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
15:35:07.0578 3680 AVG Security Toolbar Service - ok
15:35:08.0000 3680 AVGIDSAgent (7a0f6a3e0e41425b9ba54616b482668a) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
15:35:08.0500 3680 AVGIDSAgent - ok
15:35:08.0640 3680 AVGIDSDriver (2d18221aab3db2d408d6c55c0f23090a) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
15:35:08.0765 3680 AVGIDSDriver - ok
15:35:08.0796 3680 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
15:35:08.0843 3680 AVGIDSEH - ok
15:35:08.0875 3680 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
15:35:08.0906 3680 AVGIDSFilter - ok
15:35:08.0921 3680 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
15:35:08.0937 3680 AVGIDSShim - ok
15:35:08.0968 3680 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
15:35:09.0000 3680 Avgldx86 - ok
15:35:09.0046 3680 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
15:35:09.0062 3680 Avgmfx86 - ok
15:35:09.0078 3680 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
15:35:09.0093 3680 Avgrkx86 - ok
15:35:09.0125 3680 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
15:35:09.0203 3680 Avgtdix - ok
15:35:09.0343 3680 avgwd (fc2bc51120a945f7c70376495e4e7737) C:\Program Files\AVG\AVG10\avgwdsvc.exe
15:35:09.0421 3680 avgwd - ok
15:35:09.0468 3680 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:35:09.0750 3680 Beep - ok
15:35:09.0812 3680 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
15:35:10.0078 3680 BITS - ok
15:35:10.0156 3680 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:35:10.0234 3680 Bonjour Service - ok
15:35:10.0281 3680 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
15:35:10.0484 3680 Browser - ok
15:35:10.0484 3680 bvrp_pci - ok
15:35:10.0640 3680 catchme - ok
15:35:10.0703 3680 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
15:35:10.0906 3680 cbidf - ok
15:35:10.0921 3680 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:35:11.0078 3680 cbidf2k - ok
15:35:11.0125 3680 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
15:35:11.0265 3680 cd20xrnt - ok
15:35:11.0312 3680 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:35:11.0500 3680 Cdaudio - ok
15:35:11.0546 3680 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:35:11.0718 3680 Cdfs - ok
15:35:11.0734 3680 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:35:11.0953 3680 Cdrom - ok
15:35:11.0968 3680 Changer - ok
15:35:12.0000 3680 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
15:35:12.0203 3680 CiSvc - ok
15:35:12.0234 3680 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
15:35:12.0453 3680 ClipSrv - ok
15:35:12.0593 3680 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:35:12.0718 3680 clr_optimization_v2.0.50727_32 - ok
15:35:12.0750 3680 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
15:35:12.0953 3680 CmdIde - ok
15:35:12.0953 3680 COMSysApp - ok
15:35:13.0015 3680 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
15:35:13.0234 3680 Cpqarray - ok
15:35:13.0281 3680 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
15:35:13.0484 3680 CryptSvc - ok
15:35:13.0515 3680 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
15:35:13.0750 3680 dac2w2k - ok
15:35:13.0796 3680 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
15:35:14.0046 3680 dac960nt - ok
15:35:14.0109 3680 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
15:35:14.0203 3680 DcomLaunch - ok
15:35:14.0250 3680 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
15:35:14.0453 3680 Dhcp - ok
15:35:14.0500 3680 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:35:14.0687 3680 Disk - ok
15:35:14.0687 3680 dmadmin - ok
15:35:14.0765 3680 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
15:35:15.0046 3680 dmboot - ok
15:35:15.0078 3680 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
15:35:15.0296 3680 dmio - ok
15:35:15.0328 3680 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:35:15.0515 3680 dmload - ok
15:35:15.0546 3680 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
15:35:15.0781 3680 dmserver - ok
15:35:15.0828 3680 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:35:15.0984 3680 DMusic - ok
15:35:16.0015 3680 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
15:35:16.0156 3680 Dnscache - ok
15:35:16.0203 3680 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
15:35:16.0500 3680 Dot3svc - ok
15:35:16.0531 3680 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
15:35:16.0734 3680 dpti2o - ok
15:35:16.0765 3680 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:35:16.0921 3680 drmkaud - ok
15:35:17.0062 3680 drvmcdb (049177996e5e33b5faf40cad2b82098c) C:\WINDOWS\system32\drivers\drvmcdb.sys
15:35:17.0187 3680 drvmcdb ( UnsignedFile.Multi.Generic ) - warning
15:35:17.0187 3680 drvmcdb - detected UnsignedFile.Multi.Generic (1)
15:35:17.0203 3680 drvnddm (2f4134d073f972575c174e3d621f0107) C:\WINDOWS\system32\drivers\drvnddm.sys
15:35:17.0281 3680 drvnddm ( UnsignedFile.Multi.Generic ) - warning
15:35:17.0281 3680 drvnddm - detected UnsignedFile.Multi.Generic (1)
15:35:17.0406 3680 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
15:35:17.0468 3680 DSBrokerService - ok
15:35:17.0546 3680 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
15:35:17.0859 3680 DSproct ( UnsignedFile.Multi.Generic ) - warning
15:35:17.0859 3680 DSproct - detected UnsignedFile.Multi.Generic (1)
15:35:17.0890 3680 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
15:35:18.0046 3680 dsunidrv - ok
15:35:18.0109 3680 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
15:35:18.0171 3680 E100B - ok
15:35:18.0218 3680 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
15:35:18.0468 3680 EapHost - ok
15:35:18.0500 3680 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
15:35:18.0703 3680 EL90XBC - ok
15:35:18.0750 3680 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
15:35:18.0953 3680 ERSvc - ok
15:35:19.0015 3680 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:35:19.0125 3680 Eventlog - ok
15:35:19.0187 3680 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
15:35:19.0375 3680 EventSystem - ok
15:35:19.0421 3680 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:35:19.0625 3680 Fastfat - ok
15:35:19.0671 3680 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:35:19.0828 3680 FastUserSwitchingCompatibility - ok
15:35:19.0875 3680 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
15:35:20.0093 3680 Fax - ok
15:35:20.0125 3680 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:35:20.0359 3680 Fdc - ok
15:35:20.0406 3680 fibqtkkxttox (843cb965b5d3b7c4dbb477bf3a179c0e) C:\WINDOWS\system32\drivers\fibqtkkxttox.sys
15:35:20.0875 3680 fibqtkkxttox ( UnsignedFile.Multi.Generic ) - warning
15:35:20.0875 3680 fibqtkkxttox - detected UnsignedFile.Multi.Generic (1)
15:35:20.0921 3680 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
15:35:21.0109 3680 Fips - ok
15:35:21.0156 3680 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:35:21.0406 3680 Flpydisk - ok
15:35:21.0437 3680 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:35:21.0609 3680 FltMgr - ok
15:35:21.0718 3680 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:35:21.0750 3680 FontCache3.0.0.0 - ok
15:35:21.0796 3680 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:35:22.0000 3680 Fs_Rec - ok
15:35:22.0015 3680 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:35:22.0203 3680 Ftdisk - ok
15:35:22.0250 3680 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
15:35:22.0265 3680 GEARAspiWDM - ok
15:35:22.0390 3680 getPlusHelper (0879dc7444a201df84e69c5dd5083d61) C:\Program Files\NOS\bin\getPlus_Helper.dll
15:35:22.0453 3680 getPlusHelper - ok
15:35:22.0484 3680 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:35:22.0718 3680 Gpc - ok
15:35:22.0828 3680 gupdate1ca89cb40c13250 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
15:35:22.0859 3680 gupdate1ca89cb40c13250 - ok
15:35:22.0859 3680 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
15:35:22.0890 3680 gupdatem - ok
15:35:22.0953 3680 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:35:23.0218 3680 helpsvc - ok
15:35:23.0234 3680 HidServ - ok
15:35:23.0265 3680 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:35:23.0437 3680 HidUsb - ok
15:35:23.0484 3680 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
15:35:23.0734 3680 hkmsvc - ok
15:35:23.0781 3680 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
15:35:23.0921 3680 hpn - ok
15:35:23.0953 3680 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
15:35:24.0093 3680 HSFHWBS2 - ok
15:35:24.0187 3680 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
15:35:24.0312 3680 HSF_DP - ok
15:35:24.0375 3680 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:35:24.0484 3680 HTTP - ok
15:35:24.0515 3680 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
15:35:24.0734 3680 HTTPFilter - ok
15:35:24.0781 3680 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
15:35:24.0953 3680 i2omgmt - ok
15:35:24.0968 3680 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
15:35:25.0203 3680 i2omp - ok
15:35:25.0250 3680 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:35:25.0468 3680 i8042prt - ok
15:35:25.0500 3680 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
15:35:25.0765 3680 i81x - ok
15:35:25.0796 3680 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
15:35:25.0984 3680 iAimFP0 - ok
15:35:26.0000 3680 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
15:35:26.0218 3680 iAimFP1 - ok
15:35:26.0234 3680 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
15:35:26.0421 3680 iAimFP2 - ok
15:35:26.0468 3680 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
15:35:26.0718 3680 iAimFP3 - ok
15:35:26.0750 3680 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
15:35:26.0937 3680 iAimFP4 - ok
15:35:26.0968 3680 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
15:35:27.0156 3680 iAimTV0 - ok
15:35:27.0171 3680 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
15:35:27.0375 3680 iAimTV1 - ok
15:35:27.0375 3680 iAimTV2 - ok
15:35:27.0406 3680 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
15:35:27.0578 3680 iAimTV3 - ok
15:35:27.0609 3680 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
15:35:27.0859 3680 iAimTV4 - ok
15:35:27.0968 3680 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
15:35:28.0171 3680 ialm - ok
15:35:28.0359 3680 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:35:28.0484 3680 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:35:28.0484 3680 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:35:28.0671 3680 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:35:28.0828 3680 idsvc - ok
15:35:28.0953 3680 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:35:29.0171 3680 Imapi - ok
15:35:29.0218 3680 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
15:35:29.0468 3680 ImapiService - ok
15:35:29.0515 3680 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
15:35:29.0718 3680 ini910u - ok
15:35:29.0750 3680 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
15:35:29.0953 3680 IntelIde - ok
15:35:29.0984 3680 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:35:30.0156 3680 intelppm - ok
15:35:30.0187 3680 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:35:30.0375 3680 ip6fw - ok
15:35:30.0421 3680 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:35:30.0593 3680 IpFilterDriver - ok
15:35:30.0609 3680 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:35:30.0781 3680 IpInIp - ok
15:35:30.0828 3680 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:35:31.0046 3680 IpNat - ok
15:35:31.0171 3680 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
15:35:31.0265 3680 iPod Service - ok
15:35:31.0281 3680 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:35:31.0500 3680 IPSec - ok
15:35:31.0531 3680 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:35:31.0687 3680 IRENUM - ok
15:35:31.0718 3680 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:35:31.0906 3680 isapnp - ok
15:35:32.0015 3680 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
15:35:32.0062 3680 JavaQuickStarterService - ok
15:35:32.0078 3680 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:35:32.0265 3680 Kbdclass - ok
15:35:32.0296 3680 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:35:32.0500 3680 kmixer - ok
15:35:32.0546 3680 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:35:32.0703 3680 KSecDD - ok
15:35:32.0734 3680 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
15:35:32.0859 3680 lanmanserver - ok
15:35:32.0906 3680 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
15:35:33.0125 3680 lanmanworkstation - ok
15:35:33.0125 3680 lbrtfdc - ok
15:35:33.0312 3680 LexBceS (a249f60c0ebfa1941ed0e486700d3228) C:\WINDOWS\system32\LEXBCES.EXE
15:35:33.0500 3680 LexBceS - ok
15:35:33.0625 3680 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
15:35:33.0828 3680 LmHosts - ok
15:35:33.0875 3680 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:35:33.0953 3680 mdmxsdk - ok
15:35:34.0000 3680 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
15:35:34.0218 3680 Messenger - ok
15:35:34.0265 3680 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:35:34.0437 3680 mnmdd - ok
15:35:34.0468 3680 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
15:35:34.0687 3680 mnmsrvc - ok
15:35:34.0718 3680 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
15:35:34.0906 3680 Modem - ok
15:35:34.0953 3680 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
15:35:35.0140 3680 MODEMCSA - ok
15:35:35.0234 3680 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:35:35.0421 3680 Mouclass - ok
15:35:35.0468 3680 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:35:35.0671 3680 mouhid - ok
15:35:35.0703 3680 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:35:35.0859 3680 MountMgr - ok
15:35:35.0968 3680 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:35:36.0078 3680 MozillaMaintenance - ok
15:35:36.0125 3680 MP4ConverterAudio (3e102e8fbbc59c91f52be2cc6b4c3b4c) C:\WINDOWS\system32\drivers\MP4ConverterAudio.sys
15:35:36.0218 3680 MP4ConverterAudio ( UnsignedFile.Multi.Generic ) - warning
15:35:36.0218 3680 MP4ConverterAudio - detected UnsignedFile.Multi.Generic (1)
15:35:36.0250 3680 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
15:35:36.0437 3680 mraid35x - ok
15:35:36.0468 3680 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:35:36.0640 3680 MRxDAV - ok
15:35:36.0687 3680 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:35:36.0828 3680 MRxSmb - ok
15:35:36.0859 3680 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
15:35:37.0046 3680 MSDTC - ok
15:35:37.0093 3680 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:35:37.0250 3680 Msfs - ok
15:35:37.0265 3680 MSIServer - ok
15:35:37.0281 3680 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:35:37.0453 3680 MSKSSRV - ok
15:35:37.0484 3680 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:35:37.0687 3680 MSPCLOCK - ok
15:35:37.0734 3680 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:35:37.0906 3680 MSPQM - ok
15:35:37.0937 3680 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:35:38.0109 3680 mssmbios - ok
15:35:38.0171 3680 MSSQL$SONY_MEDIAMGR - ok
15:35:38.0250 3680 MSSQLServerADHelper (cb7524c21727404bd3140dca32deb7de) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
15:35:38.0328 3680 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - warning
15:35:38.0328 3680 MSSQLServerADHelper - detected UnsignedFile.Multi.Generic (1)
15:35:38.0375 3680 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:35:38.0484 3680 Mup - ok
15:35:38.0531 3680 MxlW2k (a1520761f42dbb06db7929d6fa9753ea) C:\WINDOWS\system32\drivers\MxlW2k.sys
15:35:39.0000 3680 MxlW2k ( UnsignedFile.Multi.Generic ) - warning
15:35:39.0000 3680 MxlW2k - detected UnsignedFile.Multi.Generic (1)
15:35:39.0046 3680 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
15:35:39.0265 3680 napagent - ok
15:35:39.0296 3680 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:35:39.0468 3680 NDIS - ok
15:35:39.0500 3680 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:35:39.0890 3680 NdisTapi - ok
15:35:39.0937 3680 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:35:40.0140 3680 Ndisuio - ok
15:35:40.0171 3680 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:35:40.0359 3680 NdisWan - ok
15:35:40.0406 3680 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:35:40.0468 3680 NDProxy - ok
15:35:40.0515 3680 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:35:40.0687 3680 NetBIOS - ok
15:35:40.0718 3680 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:35:40.0953 3680 NetBT - ok
15:35:40.0984 3680 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:35:41.0218 3680 NetDDE - ok
15:35:41.0234 3680 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:35:41.0390 3680 NetDDEdsdm - ok
15:35:41.0421 3680 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:35:41.0625 3680 Netlogon - ok
15:35:41.0656 3680 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
15:35:41.0859 3680 Netman - ok
15:35:42.0000 3680 NetSvc (02d0798f376fcbd0210eda58476d0b1b) C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
15:35:42.0671 3680 NetSvc ( UnsignedFile.Multi.Generic ) - warning
15:35:42.0671 3680 NetSvc - detected UnsignedFile.Multi.Generic (1)
15:35:42.0796 3680 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:35:42.0859 3680 NetTcpPortSharing - ok
15:35:42.0921 3680 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
15:35:42.0968 3680 Nla - ok
15:35:43.0015 3680 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:35:43.0187 3680 Npfs - ok
15:35:43.0234 3680 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:35:43.0437 3680 Ntfs - ok
15:35:43.0468 3680 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
15:35:43.0640 3680 NtLmSsp - ok
15:35:43.0703 3680 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
15:35:43.0921 3680 NtmsSvc - ok
15:35:43.0968 3680 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:35:44.0125 3680 Null - ok
15:35:44.0234 3680 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:35:44.0546 3680 nv - ok
15:35:44.0703 3680 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:35:44.0937 3680 NwlnkFlt - ok
15:35:44.0968 3680 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:35:45.0140 3680 NwlnkFwd - ok
15:35:45.0187 3680 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
15:35:45.0359 3680 P3 - ok
15:35:45.0406 3680 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
15:35:45.0593 3680 Parport - ok
15:35:45.0625 3680 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:35:45.0781 3680 PartMgr - ok
15:35:45.0843 3680 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
15:35:46.0000 3680 ParVdm - ok
15:35:46.0046 3680 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
15:35:46.0203 3680 PCI - ok
15:35:46.0218 3680 PCIDump - ok
15:35:46.0265 3680 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:35:46.0406 3680 PCIIde - ok
15:35:46.0453 3680 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:35:46.0687 3680 Pcmcia - ok
15:35:46.0703 3680 PDCOMP - ok
15:35:46.0718 3680 PDFRAME - ok
15:35:46.0718 3680 PDRELI - ok
15:35:46.0734 3680 PDRFRAME - ok
15:35:46.0765 3680 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
15:35:46.0921 3680 perc2 - ok
15:35:46.0953 3680 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
15:35:47.0125 3680 perc2hib - ok
15:35:47.0187 3680 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:35:47.0234 3680 PlugPlay - ok
15:35:47.0265 3680 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:35:47.0406 3680 PolicyAgent - ok
15:35:47.0453 3680 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:35:47.0640 3680 PptpMiniport - ok
15:35:47.0687 3680 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
15:35:47.0875 3680 Processor - ok
15:35:47.0875 3680 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:35:48.0046 3680 ProtectedStorage - ok
15:35:48.0093 3680 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:35:48.0281 3680 PSched - ok
15:35:48.0328 3680 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:35:48.0531 3680 Ptilink - ok
15:35:48.0578 3680 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:35:48.0609 3680 PxHelp20 - ok
15:35:48.0656 3680 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
15:35:48.0859 3680 ql1080 - ok
15:35:48.0890 3680 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
15:35:49.0046 3680 Ql10wnt - ok
15:35:49.0078 3680 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
15:35:49.0250 3680 ql12160 - ok
15:35:49.0281 3680 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
15:35:49.0468 3680 ql1240 - ok
15:35:49.0515 3680 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
15:35:49.0687 3680 ql1280 - ok
15:35:49.0734 3680 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:35:49.0906 3680 RasAcd - ok
15:35:49.0937 3680 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
15:35:50.0171 3680 RasAuto - ok
15:35:50.0203 3680 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:35:50.0406 3680 Rasl2tp - ok
15:35:50.0468 3680 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
15:35:50.0687 3680 RasMan - ok
15:35:50.0703 3680 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:35:50.0906 3680 RasPppoe - ok
15:35:50.0937 3680 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:35:51.0125 3680 Raspti - ok
15:35:51.0171 3680 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:35:51.0343 3680 Rdbss - ok
15:35:51.0390 3680 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:35:51.0546 3680 RDPCDD - ok
15:35:51.0593 3680 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:35:51.0812 3680 rdpdr - ok
15:35:51.0875 3680 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
15:35:51.0968 3680 RDPWD - ok
15:35:52.0015 3680 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
15:35:52.0218 3680 RDSessMgr - ok
15:35:52.0250 3680 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:35:52.0437 3680 redbook - ok
15:35:52.0484 3680 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
15:35:52.0703 3680 RemoteAccess - ok
15:35:52.0734 3680 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
15:35:52.0906 3680 RpcLocator - ok
15:35:52.0968 3680 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
15:35:53.0015 3680 RpcSs - ok
15:35:53.0156 3680 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
15:35:53.0312 3680 RSVP - ok
15:35:53.0359 3680 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:35:53.0500 3680 SamSs - ok
15:35:53.0609 3680 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:35:53.0718 3680 SASDIFSV - ok
15:35:53.0750 3680 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
15:35:53.0781 3680 SASENUM - ok
15:35:53.0812 3680 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
15:35:53.0875 3680 SASKUTIL - ok
15:35:53.0921 3680 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
15:35:54.0140 3680 SCardSvr - ok
15:35:54.0187 3680 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
15:35:54.0375 3680 Schedule - ok
15:35:54.0421 3680 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:35:54.0546 3680 Secdrv - ok
15:35:54.0593 3680 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
15:35:54.0796 3680 seclogon - ok
15:35:54.0828 3680 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
15:35:55.0031 3680 SENS - ok
15:35:55.0078 3680 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:35:55.0265 3680 serenum - ok
15:35:55.0312 3680 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
15:35:55.0515 3680 Serial - ok
15:35:55.0562 3680 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:35:55.0765 3680 Sfloppy - ok
15:35:55.0828 3680 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
15:35:56.0046 3680 SharedAccess - ok
15:35:56.0078 3680 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:35:56.0125 3680 ShellHWDetection - ok
15:35:56.0140 3680 Simbad - ok
15:35:56.0187 3680 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
15:35:56.0359 3680 sisagp - ok
15:35:56.0437 3680 smwdm (4aa922332433cdeb8b82c072c212e32e) C:\WINDOWS\system32\drivers\smwdm.sys
15:35:56.0546 3680 smwdm - ok
15:35:56.0640 3680 SndTAudio (9b6771c9451d8009a70a776bd5a3758f) C:\WINDOWS\system32\drivers\SndTAudio.sys
15:35:56.0687 3680 SndTAudio ( UnsignedFile.Multi.Generic ) - warning
15:35:56.0687 3680 SndTAudio - detected UnsignedFile.Multi.Generic (1)
15:35:56.0718 3680 SndTVideo (de155a93101b1a0e590ab8d6c795b872) C:\WINDOWS\system32\DRIVERS\SndTVideo.sys
15:35:56.0765 3680 SndTVideo ( UnsignedFile.Multi.Generic ) - warning
15:35:56.0765 3680 SndTVideo - detected UnsignedFile.Multi.Generic (1)
15:35:56.0796 3680 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
15:35:56.0921 3680 Sparrow - ok
15:35:56.0953 3680 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:35:57.0109 3680 splitter - ok
15:35:57.0140 3680 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:35:57.0296 3680 Spooler - ok
15:35:57.0406 3680 SQLAgent$SONY_MEDIAMGR - ok
15:35:57.0453 3680 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
15:35:57.0546 3680 sr - ok
15:35:57.0593 3680 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
15:35:57.0718 3680 srservice - ok
15:35:57.0781 3680 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:35:57.0875 3680 Srv - ok
15:35:57.0937 3680 sscdbhk5 (7c0c9bdca2d351ff3b4f9b69f99aa995) C:\WINDOWS\system32\drivers\sscdbhk5.sys
15:35:57.0984 3680 sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning
15:35:57.0984 3680 sscdbhk5 - detected UnsignedFile.Multi.Generic (1)
15:35:58.0031 3680 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
15:35:58.0125 3680 SSDPSRV - ok
15:35:58.0156 3680 ssrtln (31726706d54894d5059f7471111a87bb) C:\WINDOWS\system32\drivers\ssrtln.sys
15:35:58.0203 3680 ssrtln ( UnsignedFile.Multi.Generic ) - warning
15:35:58.0203 3680 ssrtln - detected UnsignedFile.Multi.Generic (1)
15:35:58.0218 3680 StarOpen - ok
15:35:58.0265 3680 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
15:35:58.0468 3680 stisvc - ok
15:35:58.0515 3680 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:35:58.0671 3680 swenum - ok
15:35:58.0703 3680 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:35:58.0859 3680 swmidi - ok
15:35:58.0875 3680 SwPrv - ok
15:35:58.0921 3680 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
15:35:59.0078 3680 symc810 - ok
15:35:59.0125 3680 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
15:35:59.0312 3680 symc8xx - ok
15:35:59.0328 3680 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
15:35:59.0531 3680 sym_hi - ok
15:35:59.0578 3680 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
15:35:59.0750 3680 sym_u3 - ok
15:35:59.0781 3680 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:35:59.0937 3680 sysaudio - ok
15:35:59.0984 3680 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
15:36:00.0140 3680 SysmonLog - ok
15:36:00.0187 3680 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
15:36:00.0375 3680 TapiSrv - ok
15:36:00.0437 3680 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:36:00.0500 3680 Tcpip - ok
15:36:00.0546 3680 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:36:00.0750 3680 TDPIPE - ok
15:36:00.0796 3680 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:36:00.0968 3680 TDTCP - ok
15:36:01.0015 3680 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:36:01.0203 3680 TermDD - ok
15:36:01.0281 3680 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
15:36:01.0484 3680 TermService - ok
15:36:01.0562 3680 tfsnboio (b0d311f33c5b4a5858e4e6c965a79267) C:\WINDOWS\system32\dla\tfsnboio.sys
15:36:01.0625 3680 tfsnboio ( UnsignedFile.Multi.Generic ) - warning
15:36:01.0625 3680 tfsnboio - detected UnsignedFile.Multi.Generic (1)
15:36:01.0656 3680 tfsncofs (250f74fce5d1eccb29ad9abeb55f35d8) C:\WINDOWS\system32\dla\tfsncofs.sys
15:36:01.0718 3680 tfsncofs ( UnsignedFile.Multi.Generic ) - warning
15:36:01.0718 3680 tfsncofs - detected UnsignedFile.Multi.Generic (1)
15:36:01.0734 3680 tfsndrct (e23291934c59e1741ba83582e7a209c0) C:\WINDOWS\system32\dla\tfsndrct.sys
15:36:01.0781 3680 tfsndrct ( UnsignedFile.Multi.Generic ) - warning
15:36:01.0781 3680 tfsndrct - detected UnsignedFile.Multi.Generic (1)
15:36:01.0812 3680 tfsndres (0d863d020633025f1e4ad3e0e325d503) C:\WINDOWS\system32\dla\tfsndres.sys
15:36:01.0875 3680 tfsndres ( UnsignedFile.Multi.Generic ) - warning
15:36:01.0875 3680 tfsndres - detected UnsignedFile.Multi.Generic (1)
15:36:01.0906 3680 tfsnifs (e3e10696663e35062851a376299198bd) C:\WINDOWS\system32\dla\tfsnifs.sys
15:36:01.0953 3680 tfsnifs ( UnsignedFile.Multi.Generic ) - warning
15:36:01.0953 3680 tfsnifs - detected UnsignedFile.Multi.Generic (1)
15:36:01.0984 3680 tfsnopio (00cc366bdcbd8a9a1c95c1c59900dd9b) C:\WINDOWS\system32\dla\tfsnopio.sys
15:36:02.0046 3680 tfsnopio ( UnsignedFile.Multi.Generic ) - warning
15:36:02.0046 3680 tfsnopio - detected UnsignedFile.Multi.Generic (1)
15:36:02.0078 3680 tfsnpool (84a91d08f49831e8c24e4d25ddefae87) C:\WINDOWS\system32\dla\tfsnpool.sys
15:36:02.0140 3680 tfsnpool ( UnsignedFile.Multi.Generic ) - warning
15:36:02.0140 3680 tfsnpool - detected UnsignedFile.Multi.Generic (1)
15:36:02.0187 3680 tfsnudf (55b761c6e2d4fcedac3b46b6c0724830) C:\WINDOWS\system32\dla\tfsnudf.sys
15:36:02.0250 3680 tfsnudf ( UnsignedFile.Multi.Generic ) - warning
15:36:02.0250 3680 tfsnudf - detected UnsignedFile.Multi.Generic (1)
15:36:02.0265 3680 tfsnudfa (64c6e8c217e30ee595120c66f6e783ba) C:\WINDOWS\system32\dla\tfsnudfa.sys
15:36:02.0328 3680 tfsnudfa ( UnsignedFile.Multi.Generic ) - warning
15:36:02.0328 3680 tfsnudfa - detected UnsignedFile.Multi.Generic (1)
15:36:02.0375 3680 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:36:02.0421 3680 Themes - ok
15:36:02.0453 3680 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
15:36:02.0609 3680 TosIde - ok
15:36:02.0656 3680 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
15:36:02.0843 3680 TrkWks - ok
15:36:02.0890 3680 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:36:03.0093 3680 Udfs - ok
15:36:03.0140 3680 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
15:36:03.0265 3680 ultra - ok
15:36:03.0312 3680 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:36:03.0531 3680 Update - ok
15:36:03.0578 3680 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
15:36:03.0687 3680 upnphost - ok
15:36:03.0718 3680 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
15:36:03.0921 3680 UPS - ok
15:36:03.0953 3680 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
15:36:04.0296 3680 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
15:36:04.0296 3680 USBAAPL - detected UnsignedFile.Multi.Generic (1)
15:36:04.0343 3680 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:36:04.0515 3680 usbehci - ok
15:36:04.0562 3680 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:36:04.0781 3680 usbhub - ok
15:36:04.0812 3680 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:36:04.0984 3680 usbprint - ok
15:36:05.0031 3680 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:36:05.0234 3680 usbscan - ok
15:36:05.0265 3680 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:36:05.0484 3680 USBSTOR - ok
15:36:05.0531 3680 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:36:05.0734 3680 usbuhci - ok
15:36:05.0765 3680 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:36:05.0953 3680 VgaSave - ok
15:36:06.0000 3680 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
15:36:06.0218 3680 viaagp - ok
15:36:06.0265 3680 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
15:36:06.0437 3680 ViaIde - ok
15:36:06.0468 3680 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
15:36:06.0640 3680 VolSnap - ok
15:36:06.0687 3680 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
15:36:06.0828 3680 VSS - ok
15:36:07.0046 3680 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
15:36:07.0156 3680 vToolbarUpdater11.2.0 - ok
15:36:07.0203 3680 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
15:36:07.0406 3680 w32time - ok
15:36:07.0500 3680 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:36:07.0703 3680 Wanarp - ok
15:36:07.0703 3680 wanatw - ok
15:36:07.0718 3680 WDICA - ok
15:36:07.0750 3680 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:36:07.0921 3680 wdmaud - ok
15:36:07.0968 3680 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
15:36:08.0171 3680 WebClient - ok
15:36:08.0250 3680 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:36:08.0359 3680 winachsf - ok
15:36:08.0437 3680 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:36:08.0640 3680 winmgmt - ok
15:36:08.0703 3680 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:36:08.0859 3680 WmdmPmSN - ok
15:36:08.0906 3680 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
15:36:09.0125 3680 WmiApSrv - ok
15:36:09.0296 3680 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
15:36:09.0421 3680 WMPNetworkSvc - ok
15:36:09.0531 3680 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:36:09.0718 3680 WS2IFSL - ok
15:36:09.0781 3680 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
15:36:09.0984 3680 wscsvc - ok
15:36:10.0031 3680 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
15:36:10.0234 3680 wuauserv - ok
15:36:10.0281 3680 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:36:10.0421 3680 WudfPf - ok
15:36:10.0468 3680 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:36:10.0546 3680 WudfRd - ok
15:36:10.0609 3680 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:36:10.0687 3680 WudfSvc - ok
15:36:10.0750 3680 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
15:36:10.0984 3680 WZCSVC - ok
15:36:11.0140 3680 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
15:36:11.0359 3680 xmlprov - ok
15:36:11.0500 3680 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
15:36:11.0593 3680 YahooAUService - ok
15:36:11.0625 3680 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
15:36:12.0125 3680 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:36:12.0125 3680 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:36:12.0140 3680 Boot (0x1200) (9c207d97e79b09475077b4b491c3225b) \Device\Harddisk0\DR0\Partition0
15:36:12.0140 3680 \Device\Harddisk0\DR0\Partition0 - ok
15:36:12.0156 3680 ============================================================
15:36:12.0156 3680 Scan finished
15:36:12.0156 3680 ============================================================
15:36:12.0265 3152 Detected object count: 26
15:36:12.0265 3152 Actual detected object count: 26
15:37:01.0265 3152 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0265 3152 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0265 3152 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
15:37:01.0265 3152 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
15:37:01.0265 3152 drvmcdb ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0265 3152 drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0265 3152 drvnddm ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0265 3152 drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0265 3152 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0281 3152 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0281 3152 fibqtkkxttox ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0281 3152 fibqtkkxttox ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0281 3152 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0281 3152 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0281 3152 MP4ConverterAudio ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0281 3152 MP4ConverterAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0281 3152 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0281 3152 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0281 3152 MxlW2k ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0281 3152 MxlW2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0296 3152 NetSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0296 3152 NetSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0296 3152 SndTAudio ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0296 3152 SndTAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0296 3152 SndTVideo ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0296 3152 SndTVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0296 3152 sscdbhk5 ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0296 3152 sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0312 3152 ssrtln ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0312 3152 ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0312 3152 tfsnboio ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0312 3152 tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0312 3152 tfsncofs ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0312 3152 tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0312 3152 tfsndrct ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0312 3152 tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0312 3152 tfsndres ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0312 3152 tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0328 3152 tfsnifs ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0328 3152 tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0328 3152 tfsnopio ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0328 3152 tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0328 3152 tfsnpool ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0328 3152 tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0328 3152 tfsnudf ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0328 3152 tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0328 3152 tfsnudfa ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0328 3152 tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0343 3152 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
15:37:01.0343 3152 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0687 3152 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
15:37:01.0843 3152 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
15:37:01.0875 3152 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
15:37:01.0906 3152 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
15:37:01.0921 3152 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
15:37:01.0937 3152 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
15:37:01.0984 3152 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
15:37:02.0000 3152 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
15:37:02.0000 3152 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
15:37:02.0015 3152 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
15:37:02.0031 3152 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
15:37:02.0078 3152 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
15:37:02.0078 3152 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
15:37:02.0078 3152 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
15:37:02.0078 3152 \Device\Harddisk0\DR0\TDLFS - deleted
15:37:02.0078 3152 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
15:37:29.0234 1588 Deinitialize success

#9
Essexboy

Posted 31 July 2012 - 01:44 PM

GeekU Moderator

Retired Staff
69,964 posts

Subject to no further problems

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:Commands
[resethosts]
[emptytemp]
[CLEARALLRESTOREPOINTS]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done

Remove ComboFix

Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
In the Run box, type in ComboFix /Uninstall
(Notice the space between the "x" and "/")
then click OK
Follow the prompts on the screen
A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that

Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab.
Under the Hidden files and folders heading select Do not show hidden files and folders.
Click Yes to confirm.
Click OK.

Your Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:

Go to this site and click Do I have Java
It will check your current version and then offer to update to the latest version

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image

Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

Microsoft Windows Update

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:

#10
Essexboy

Posted 02 August 2012 - 08:55 AM

GeekU Moderator

Retired Staff
69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.